RuJect/nixos-infra
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initial commit
Some checks failed
Nix CI / build (push) Failing after 31s
Details

Browse source
This commit is contained in:
Rustam Efimov 2026-04-01 08:50:01 +03:00
commit 30ce0dafc2
No known key found for this signature in database
195 changed files with 8902 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

94
services/synapse/synapse.nix Normal file
View file

@ -0,0 +1,94 @@
{
config,
lib,
sec,
...
}:
let
inherit (config.machine.synapse)
domain
enable
port
metrics
;
in
with lib; mkIf enable {
services.matrix-synapse = {
inherit enable;
enableRegistrationScript = true;
settings = {
server_name = domain;
public_baseurl = "https://${domain}";
signing_key_path = sec."matrix/signingKey".path;
listeners = [
{
inherit port;
bind_addresses = [ "127.0.0.1" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
compress = true;
names = [
"client"
"federation"
];
}
];
}
]
++ (optionals metrics.enable [
{
inherit (metrics) port;
bind_addresses = [ "127.0.0.1" ];
type = "metrics";
tls = false;
resources = [
{
names = [ "metrics" ];
}
];
}
]);
enable_metrics = metrics.enable;
enable_registration = true;
enable_registration_without_verification = false;
allow_public_rooms_over_federation = true;
federation_domain_whitelist = [ ];
allow_public_rooms_without_auth = true;
url_preview_enabled = true;
url_preview_ip_range_blacklist = [
"127.0.0.0/8"
"10.0.0.0/8"
"172.16.0.0/12"
"192.168.0.0/16"
"100.64.0.0/10"
"169.254.0.0/16"
"::1/128"
"fe80::/10"
"fc00::/7"
];
dynamic_thumbnails = true;
max_upload_size = "50M";
media_retention = {
local_media_lifetime = "90d";
remote_media_lifetime = "14d";
};
retention = {
enabled = true;
default_policy.max_lifetime = "180d";
purge_jobs = [
{ interval = "1d"; }
];
};
};
};
}