From 75c52f63cc4ee3b2ec766053df58a78cd5214d6b Mon Sep 17 00:00:00 2001 From: h7x4 Date: Wed, 21 Jan 2026 09:53:45 +0900 Subject: [PATCH] bicep/matrix: add module for adding stuff to well-known --- hosts/bicep/services/matrix/default.nix | 1 + hosts/bicep/services/matrix/element.nix | 7 ++++ hosts/bicep/services/matrix/synapse.nix | 13 +------ hosts/bicep/services/matrix/well-known.nix | 44 ++++++++++++++++++++++ 4 files changed, 54 insertions(+), 11 deletions(-) create mode 100644 hosts/bicep/services/matrix/well-known.nix diff --git a/hosts/bicep/services/matrix/default.nix b/hosts/bicep/services/matrix/default.nix index 36b8cfc..0c22204 100644 --- a/hosts/bicep/services/matrix/default.nix +++ b/hosts/bicep/services/matrix/default.nix @@ -8,6 +8,7 @@ ./element.nix ./coturn.nix ./mjolnir.nix + ./well-known.nix # ./discord.nix ./out-of-your-element.nix diff --git a/hosts/bicep/services/matrix/element.nix b/hosts/bicep/services/matrix/element.nix index 5963148..bb70e2e 100644 --- a/hosts/bicep/services/matrix/element.nix +++ b/hosts/bicep/services/matrix/element.nix @@ -2,6 +2,13 @@ let synapse-cfg = config.services.matrix-synapse-next; in { + services.pvv-matrix-well-known.client = { + "m.homeserver" = { + base_url = "https://matrix.pvv.ntnu.no"; + server_name = "pvv.ntnu.no"; + }; + }; + services.nginx.virtualHosts."chat.pvv.ntnu.no" = { enableACME = true; forceSSL = true; diff --git a/hosts/bicep/services/matrix/synapse.nix b/hosts/bicep/services/matrix/synapse.nix index 9bc4454..6cbdce5 100644 --- a/hosts/bicep/services/matrix/synapse.nix +++ b/hosts/bicep/services/matrix/synapse.nix @@ -132,21 +132,12 @@ in { services.redis.servers."".enable = true; + services.pvv-matrix-well-known.server."m.server" = "matrix.pvv.ntnu.no:443"; + services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [ { kTLS = true; } - { - locations."/.well-known/matrix/server" = { - return = '' - 200 '{"m.server": "matrix.pvv.ntnu.no:443"}' - ''; - extraConfig = '' - default_type application/json; - add_header Access-Control-Allow-Origin *; - ''; - }; - } { locations."/_synapse/admin" = { proxyPass = "http://$synapse_backend"; diff --git a/hosts/bicep/services/matrix/well-known.nix b/hosts/bicep/services/matrix/well-known.nix new file mode 100644 index 0000000..64eacfe --- /dev/null +++ b/hosts/bicep/services/matrix/well-known.nix @@ -0,0 +1,44 @@ +{ config, pkgs, lib, ... }: +let + cfg = config.services.pvv-matrix-well-known; + format = pkgs.formats.json { }; + matrixDomain = "matrix.pvv.ntnu.no"; +in +{ + options.services.pvv-matrix-well-known = { + client = lib.mkOption { + type = lib.types.submodule { freeformType = format.type; }; + default = { }; + example = { + "m.homeserver".base_url = "https://${matrixDomain}/"; + }; + }; + + server = lib.mkOption { + type = lib.types.submodule { freeformType = format.type; }; + default = { }; + example = { + "m.server" = "https://${matrixDomain}/"; + }; + }; + }; + + config = { + services.nginx.virtualHosts.${matrixDomain} = { + locations."= /.well-known/matrix/client" = lib.mkIf (cfg.client != { }) { + alias = format.generate "nginx-well-known-matrix-server.json" cfg.client; + extraConfig = '' + default_type application/json; + add_header Access-Control-Allow-Origin *; + ''; + }; + locations."= /.well-known/matrix/server" = lib.mkIf (cfg.server != { }) { + alias = format.generate "nginx-well-known-matrix-server.json" cfg.server; + extraConfig = '' + default_type application/json; + add_header Access-Control-Allow-Origin *; + ''; + }; + }; + }; +}