servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Matrix server fix
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Servius
2026-02-11 03:55:29 +05:30
parent 66b7a31943
commit 3a97de6af2
7 changed files with 64 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
home/apps/matrix.nix
View File

@@ -1,5 +1,7 @@
{pkgs, ...}: { {pkgs, ...}: {
home.packages = [ home.packages = [
pkgs.fluffychat pkgs.fluffychat
pkgs.fractal
# pkgs.quaternion
]; ];
} }

3
home/services/hyprpaper.nix
View File

@@ -9,6 +9,7 @@
nextcloudWallpapers = name: config.home.homeDirectory + "/Nextcloud/Wallpapers/" + name; nextcloudWallpapers = name: config.home.homeDirectory + "/Nextcloud/Wallpapers/" + name;
# silksongFleas = nextcloudWallpapers "silksong-fleas.jpg"; # silksongFleas = nextcloudWallpapers "silksong-fleas.jpg";
bocchiVertical = nextcloudWallpapers "bocchi-vertical.jpg"; bocchiVertical = nextcloudWallpapers "bocchi-vertical.jpg";
silksongShadeLord = nextcloudWallpapers "silksong-shadelord.jpg";
in { in {
enable = device.is "ryu"; enable = device.is "ryu";
settings = { settings = {
@@ -16,7 +17,7 @@
wallpaper = [ wallpaper = [
{ {
monitor = device.monitors.primary; monitor = device.monitors.primary;
path = wallpapers.skull; path = silksongShadeLord;
fit_mode = "cover"; fit_mode = "cover";
} }
{ {

2
nixos/tako/services/default.nix
View File

@@ -24,7 +24,7 @@
./searxng.nix ./searxng.nix
./tailscale.nix ./tailscale.nix
./kellnr.nix ./kellnr.nix
./tuwunel.nix ./matrix
]; ];
services = { services = {
nix-serve = { nix-serve = {

7
nixos/tako/services/matrix/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{...}: {
imports = [
./tuwunel.nix
# ./signal.nix // libolm deprecated
# ./discord.nix
];
}

19
nixos/tako/services/matrix/discord.nix Normal file
View File

@@ -0,0 +1,19 @@
{...}: {
services.mautrix-discord = {
enable = true;
settings = {
homeserver = {
address = "http://localhost:6167";
domain = "darksailor.dev";
};
appservice.public = {
prefix = "/public";
external = "https://matrix.darksailor.dev/public";
};
bridge.permissions = {
"darksailor.dev" = "user";
"@servius:darksailor.dev" = "admin";
};
};
};
}

5
nixos/tako/services/matrix/signal.nix Normal file
View File

@@ -0,0 +1,5 @@
{...}: {
services.mautrix-signal = {
enable = true;
};
}

65
nixos/tako/services/tuwunel.nix → nixos/tako/services/matrix/tuwunel.nix
View File

@@ -13,9 +13,9 @@
}; };
}; };
sso_redirect_options = { sso_redirect_options = {
# immediate = false; immediate = false;
# on_welcome_page = true; on_welcome_page = true;
# on_login_page = true; on_login_page = true;
}; };
}; };
elementConfigFile = pkgs.writeText "element-config.json" elementConfig; elementConfigFile = pkgs.writeText "element-config.json" elementConfig;
@@ -53,18 +53,31 @@ in {
callback_url = "https://matrix.${base_domain}/_matrix/client/unstable/login/sso/callback/${client_id}"; callback_url = "https://matrix.${base_domain}/_matrix/client/unstable/login/sso/callback/${client_id}";
} }
]; ];
well_known = {
client = "https://matrix.${base_domain}";
server = "matrix.${base_domain}:443";
};
}; };
package = pkgs.matrix-tuwunel; package = pkgs.matrix-tuwunel;
}; };
services.caddy.virtualHosts."matrix.${base_domain}, matrix.${base_domain}:8448".extraConfig = '' services.caddy.virtualHosts = {
reverse_proxy /_matrix/* localhost:${toString port} "matrix.${base_domain}".extraConfig = ''
handle_path /config.json { reverse_proxy /_matrix/* localhost:${toString port}
root ${elementConfigFile} handle_path /config.json {
file_server file_server
} root ${elementConfigFile}
root * ${pkgs.element-web} }
file_server root * ${pkgs.element-web}
''; file_server
'';
"${base_domain}".extraConfig = ''
reverse_proxy /.well-known/* localhost:${toString port}
'';
# "matrix.${base_domain}:8448".extraConfig = ''
# reverse_proxy /_matrix/* localhost:${toString port}
# '';
};
networking.firewall.allowedTCPPorts = [8448];
users.users.${config.services.caddy.user}.extraGroups = [config.services.matrix-tuwunel.group]; users.users.${config.services.caddy.user}.extraGroups = [config.services.matrix-tuwunel.group];
@@ -94,14 +107,13 @@ in {
require_pkce = false; require_pkce = false;
# pkce_challenge_method = "S256"; # pkce_challenge_method = "S256";
redirect_uris = [ redirect_uris = [
# "https://auth.${base_domain}/user/oauth2/authelia/callback" "https://matrix.${base_domain}/_matrix/client/unstable/login/sso/callback/${client_id}"
"https://matrix.${base_domain}/_matrix/client/v3/login/sso/redirect/${client_id}"
]; ];
scopes = [ scopes = [
"email" "openid"
"name"
"groups" "groups"
"preferred_username" "email"
"profile"
]; ];
response_types = ["code"]; response_types = ["code"];
response_modes = ["form_post"]; response_modes = ["form_post"];
@@ -117,24 +129,3 @@ in {
}; };
}; };
} }
# templates = {
# "tuwunel-auth.toml" = {
# content = ''
# [[global.identity_provider]]
# brand = "Authelia"
# name = "Authelia"
# default = true
# issuer_url = "https://auth.${base_domain}"
# client_id = "${config.sops.placeholder."tuwunel/client_id"}"
# client_secret = "${config.sops.placeholder."tuwunel/client_secret"}"
# callback_url = "https://matrix.${base_domain}/_matrix/client/v3/login/sso/redirect/${config.sops.placeholder."tuwunel/client_id"}"
# '';
# # callback_url = "https://auth.${base_domain}/_matrix/client/unstable/login/sso/callback/${config.sops.placeholder."tuwunel/client_id"}"
# owner = config.services.matrix-tuwunel.user;
# group = config.services.matrix-tuwunel.group;
# };
# };
# extraEnvironment = {
# CONDUIT_CONFIG = config.sops.templates."tuwunel-auth.toml".path;
# };