Add workers with matrix-synapse-next, various fixes and updates

2023-08-14 08:37:20 +02:00
parent 687ce3604a
commit 1ec9c08e22
7 changed files with 166 additions and 41 deletions
--- a/hosts/voyager/services/matrix/synapse.nix
+++ b/hosts/voyager/services/matrix/synapse.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
 let
  main_ip = "127.0.1.2";
 in
@@ -9,9 +9,19 @@ in
    group = "matrix-synapse";
  };

-  services.matrix-synapse = {
+  services.matrix-synapse-next = {
    enable = true;
-    package = pkgs.matrix-synapse;
+    enableNginx = true;
+
+    workers = {
+      federationSenders = 1;
+      federationReceivers = 2;
+      initialSyncers = 1;
+      normalSyncers = 1;
+      eventPersisters = 1;
+      useUserDirectoryWorker = true;
+    };
+

    extraConfigFiles = [
      config.sops.secrets."matrix/synapse/registrationsecret".path
@@ -63,42 +73,50 @@ in
      tls_certificate_path = "/etc/ssl-snakeoil/matrix_feal_no.crt";
      tls_private_key_path = "/etc/ssl-snakeoil/matrix_feal_no.key";

-      listeners = [
-        { port = 8008;
-          bind_addresses = [ main_ip ];
-          type = "http";
-          tls = false;
-          x_forwarded = true;
-          resources = [
-            { names = [ "client" ]; compress = true; }
-            { names = [ "federation" ]; compress = true; }
-          ];
-        }
-      ];
+      /* listeners = [ */
+      /*   { port = 8008; */
+      /*     bind_addresses = [ main_ip ]; */
+      /*     type = "http"; */
+      /*     tls = false; */
+      /*     x_forwarded = true; */
+      /*     resources = [ */
+      /*       { names = [ "client" ]; compress = true; } */
+      /*       { names = [ "federation" ]; compress = true; } */
+      /*     ]; */
+      /*   } */
+      /* ]; */
    };
  };

+  services.redis.servers."".enable = true;
  networking.firewall.allowedTCPPorts = [ 80 443 ];

-  services.nginx = {
-    enable = true;
-    enableReload = true;
-
-    recommendedOptimisation = true;
-    recommendedGzipSettings = true;
-    recommendedProxySettings = true;
-
-    virtualHosts."matrix.feal.no" = {
-      locations."/_matrix" = {
-        proxyPass = "http://${main_ip}:8008";
-        extraConfig = ''
-          client_max_body_size 50M;
-        '';
-      };
-      # locations."/_synapse/client".proxyPass = "http://${main_ip}:8008";
-      locations."/" = {
-        proxyPass = "http://${main_ip}:8008";
-      };
-    };
+  services.nginx.virtualHosts."matrix.feal.no" = {
+    enableACME = lib.mkForce false;
+    forceSSL = lib.mkForce false;
+    /* sslCertificate = "/etc/ssl-snakeoil/matrix_feal_no.crt"; */
+    /* sslKey = "/etc/ssl-snakeoil/matrix_feal_no.key"; */
  };
+
+  /* services.nginx = { */
+  /*   enable = true; */
+  /*   enableReload = true; */
+
+  /*   recommendedOptimisation = true; */
+  /*   recommendedGzipSettings = true; */
+  /*   recommendedProxySettings = true; */
+
+  /*   virtualHosts."matrix.feal.no" = { */
+  /*     locations."/_matrix" = { */
+  /*       proxyPass = "http://${main_ip}:8008"; */
+  /*       extraConfig = '' */
+  /*         client_max_body_size 50M; */
+  /*       ''; */
+  /*     }; */
+  /*     # locations."/_synapse/client".proxyPass = "http://${main_ip}:8008"; */
+  /*     locations."/" = { */
+  /*       proxyPass = "http://${main_ip}:8008"; */
+  /*     }; */
+  /*   }; */
+  /* }; */
 }