Add matrix (tuwunel) to nimbus

2026-03-26 11:56:00 +01:00 · 2026-03-26 11:56:00 +01:00 · f3bb93c783
commit f3bb93c783
parent 6413bbefba
5 changed files with 67 additions and 1 deletions
--- a/modules/nixos/matrix.nix
+++ b/modules/nixos/matrix.nix
@ -0,0 +1,52 @@
+{ config, ... }:
+{
+  age.secrets."matrix-registration-token" = {
+    file = ../secrets/matrix-registration-token.age;
+    mode = "400";
+    owner = "tuwunel";
+  };
+
+  services.matrix-tuwunel = {
+    enable = true;
+    settings = {
+      global = {
+        server_name = "jankremer.de";
+        allow_registration = true;
+        registration_token_file = config.age.secrets.matrix-registration-token.path;
+        # trusted_servers = [ "matrix.org" ];
+      };
+    };
+  };
+
+  services.caddy = {
+    enable = true;
+    ## Matrix federation
+    virtualHosts = {
+      "jankremer.de:8448" = {
+        extraConfig = ''
+          reverse_proxy localhost:6167
+        '';
+      };
+      "jankremer.de" = {
+        extraConfig = ''
+          handle /_matrix/* {
+            reverse_proxy localhost:6167
+          }
+
+          handle /.well-known/matrix/server {
+            respond `{"m.server": "jankremer.de:443"}` 200 {
+              header Content-Type application/json
+            }
+          }
+
+          handle /.well-known/matrix/client {
+            respond `{"m.homeserver": {"base_url": "https://jankremer.de"}}` 200 {
+              header Content-Type application/json
+              header Access-Control-Allow-Origin *
+            }
+          }
+        '';
+      };
+    };
+  };
+}