hosts/weird-row-server/tuwunel.nix at main · wiro.world/dotfiles

wiro.world / dotfiles

yep, more dotfiles

dotfiles / hosts / weird-row-server / tuwunel.nix

at main 1.1 kB view raw

 1{ config
 2, ...
 3}:
 4
 5let
 6  matrix-port = 3009;
 7  matrix-hostname = "matrix.wiro.world";
 8
 9  website-hostname = "wiro.world";
10in
11{
12  config = {
13    age.secrets.tuwunel-registration-tokens = { file = secrets/tuwunel-registration-tokens.age; owner = config.services.matrix-tuwunel.user; };
14    services.matrix-tuwunel = {
15      enable = true;
16
17      settings.global = {
18        address = [ "127.0.0.1" ];
19        port = [ matrix-port ];
20
21        server_name = "wiro.world";
22        well_known = {
23          client = "https://matrix.wiro.world";
24          server = "matrix.wiro.world:443";
25        };
26
27        grant_admin_to_first_user = true;
28        new_user_displayname_suffix = "";
29
30        allow_registration = true;
31        registration_token_file = config.age.secrets.tuwunel-registration-tokens.path;
32      };
33    };
34
35    services.caddy = {
36      virtualHosts.${matrix-hostname}.extraConfig = ''
37        reverse_proxy /_matrix/* http://localhost:${toString matrix-port}
38      '';
39
40      virtualHosts.${website-hostname}.extraConfig = ''
41        reverse_proxy /.well-known/matrix/* http://localhost:${toString matrix-port}
42      '';
43    };
44  };
45}