diff --git a/home/apps/matrix.nix b/home/apps/matrix.nix index be590ef9..3545f8f3 100644 --- a/home/apps/matrix.nix +++ b/home/apps/matrix.nix @@ -1,5 +1,7 @@ {pkgs, ...}: { home.packages = [ pkgs.fluffychat + pkgs.fractal + # pkgs.quaternion ]; } diff --git a/home/services/hyprpaper.nix b/home/services/hyprpaper.nix index d8ee5db4..faac773c 100644 --- a/home/services/hyprpaper.nix +++ b/home/services/hyprpaper.nix @@ -9,6 +9,7 @@ nextcloudWallpapers = name: config.home.homeDirectory + "/Nextcloud/Wallpapers/" + name; # silksongFleas = nextcloudWallpapers "silksong-fleas.jpg"; bocchiVertical = nextcloudWallpapers "bocchi-vertical.jpg"; + silksongShadeLord = nextcloudWallpapers "silksong-shadelord.jpg"; in { enable = device.is "ryu"; settings = { @@ -16,7 +17,7 @@ wallpaper = [ { monitor = device.monitors.primary; - path = wallpapers.skull; + path = silksongShadeLord; fit_mode = "cover"; } { diff --git a/nixos/tako/services/default.nix b/nixos/tako/services/default.nix index e6c2afeb..adc6791b 100644 --- a/nixos/tako/services/default.nix +++ b/nixos/tako/services/default.nix @@ -24,7 +24,7 @@ ./searxng.nix ./tailscale.nix ./kellnr.nix - ./tuwunel.nix + ./matrix ]; services = { nix-serve = { diff --git a/nixos/tako/services/matrix/default.nix b/nixos/tako/services/matrix/default.nix new file mode 100644 index 00000000..97ae9d9e --- /dev/null +++ b/nixos/tako/services/matrix/default.nix @@ -0,0 +1,7 @@ +{...}: { + imports = [ + ./tuwunel.nix + # ./signal.nix // libolm deprecated + # ./discord.nix + ]; +} diff --git a/nixos/tako/services/matrix/discord.nix b/nixos/tako/services/matrix/discord.nix new file mode 100644 index 00000000..c38f4a6e --- /dev/null +++ b/nixos/tako/services/matrix/discord.nix @@ -0,0 +1,19 @@ +{...}: { + services.mautrix-discord = { + enable = true; + settings = { + homeserver = { + address = "http://localhost:6167"; + domain = "darksailor.dev"; + }; + appservice.public = { + prefix = "/public"; + external = "https://matrix.darksailor.dev/public"; + }; + bridge.permissions = { + "darksailor.dev" = "user"; + "@servius:darksailor.dev" = "admin"; + }; + }; + }; +} diff --git a/nixos/tako/services/matrix/signal.nix b/nixos/tako/services/matrix/signal.nix new file mode 100644 index 00000000..9b912c28 --- /dev/null +++ b/nixos/tako/services/matrix/signal.nix @@ -0,0 +1,5 @@ +{...}: { + services.mautrix-signal = { + enable = true; + }; +} diff --git a/nixos/tako/services/tuwunel.nix b/nixos/tako/services/matrix/tuwunel.nix similarity index 69% rename from nixos/tako/services/tuwunel.nix rename to nixos/tako/services/matrix/tuwunel.nix index e5d30231..6d73164b 100644 --- a/nixos/tako/services/tuwunel.nix +++ b/nixos/tako/services/matrix/tuwunel.nix @@ -13,9 +13,9 @@ }; }; sso_redirect_options = { - # immediate = false; - # on_welcome_page = true; - # on_login_page = true; + immediate = false; + on_welcome_page = true; + on_login_page = true; }; }; elementConfigFile = pkgs.writeText "element-config.json" elementConfig; @@ -53,18 +53,31 @@ in { callback_url = "https://matrix.${base_domain}/_matrix/client/unstable/login/sso/callback/${client_id}"; } ]; + well_known = { + client = "https://matrix.${base_domain}"; + server = "matrix.${base_domain}:443"; + }; }; package = pkgs.matrix-tuwunel; }; - services.caddy.virtualHosts."matrix.${base_domain}, matrix.${base_domain}:8448".extraConfig = '' - reverse_proxy /_matrix/* localhost:${toString port} - handle_path /config.json { - root ${elementConfigFile} + services.caddy.virtualHosts = { + "matrix.${base_domain}".extraConfig = '' + reverse_proxy /_matrix/* localhost:${toString port} + handle_path /config.json { file_server - } - root * ${pkgs.element-web} - file_server - ''; + root ${elementConfigFile} + } + root * ${pkgs.element-web} + file_server + ''; + "${base_domain}".extraConfig = '' + reverse_proxy /.well-known/* localhost:${toString port} + ''; + # "matrix.${base_domain}:8448".extraConfig = '' + # reverse_proxy /_matrix/* localhost:${toString port} + # ''; + }; + networking.firewall.allowedTCPPorts = [8448]; users.users.${config.services.caddy.user}.extraGroups = [config.services.matrix-tuwunel.group]; @@ -94,14 +107,13 @@ in { require_pkce = false; # pkce_challenge_method = "S256"; redirect_uris = [ - # "https://auth.${base_domain}/user/oauth2/authelia/callback" - "https://matrix.${base_domain}/_matrix/client/v3/login/sso/redirect/${client_id}" + "https://matrix.${base_domain}/_matrix/client/unstable/login/sso/callback/${client_id}" ]; scopes = [ - "email" - "name" + "openid" "groups" - "preferred_username" + "email" + "profile" ]; response_types = ["code"]; response_modes = ["form_post"]; @@ -117,24 +129,3 @@ in { }; }; } -# templates = { -# "tuwunel-auth.toml" = { -# content = '' -# [[global.identity_provider]] -# brand = "Authelia" -# name = "Authelia" -# default = true -# issuer_url = "https://auth.${base_domain}" -# client_id = "${config.sops.placeholder."tuwunel/client_id"}" -# client_secret = "${config.sops.placeholder."tuwunel/client_secret"}" -# callback_url = "https://matrix.${base_domain}/_matrix/client/v3/login/sso/redirect/${config.sops.placeholder."tuwunel/client_id"}" -# ''; -# # callback_url = "https://auth.${base_domain}/_matrix/client/unstable/login/sso/callback/${config.sops.placeholder."tuwunel/client_id"}" -# owner = config.services.matrix-tuwunel.user; -# group = config.services.matrix-tuwunel.group; -# }; -# }; -# extraEnvironment = { -# CONDUIT_CONFIG = config.sops.templates."tuwunel-auth.toml".path; -# }; -