dev.fron.io nixrc / 724fb2b
containers(xmpp): make functional Tony Olagbaiye a month ago
2 changed file(s) with 83 addition(s) and 65 deletion(s). Raw diff Collapse all Expand all
3636 ''}";
3737 };
3838
39 services.biboumi.enable = false;
3940 services.prosody = rec {
4041 enable = true;
4142 admins = [ "bqv@jix.im" ];
4243 allowRegistration = true;
44 extraConfig = ''
45 local_interfaces = { "*", "::" }
46 '';
4347 httpPorts = [ 5280 ];
4448 httpsPorts = [ 5281 ];
4549 group = "keys";
5054 modules.legacyauth = true;
5155 modules.websocket = true;
5256 muc = [{
53 domain = "xa0.uk";
57 domain = "muc.xa0.uk";
5458 maxHistoryMessages = 10000;
5559 name = "Zeta Prosody";
5660 }];
57 ssl.cert = "/var/lib/acme/${usr.secrets.domains.srvc}/fullchain.pem";
58 ssl.key = "/var/lib/acme/${usr.secrets.domains.srvc}/key.pem";
61 ssl = {
62 cert = "/var/lib/acme/${usr.secrets.domains.srvc}/fullchain.pem";
63 key = "/var/lib/acme/${usr.secrets.domains.srvc}/key.pem";
64 };
5965 uploadHttp = {
66 domain = "xmpp.xa0.uk";
67 };
68 #disco_items = [{
69 # url = "xmpp.xa0.uk";
70 #}];
71 virtualHosts.srvc = {
72 enabled = true;
6073 domain = "xa0.uk";
6174 };
6275 };
8686 entryPoints = [ "https" ];
8787 tls.domains = [{ main = "tw.${domains.srvc}"; }];
8888 };
89 dendrite-http = {
90 entryPoints = [ "http" ];
91 rule = "(Host(`matrix.${domains.srvc}`) || Host(`m.${domains.srvc}`)) && PathPrefix(`/_matrix`)";
92 service = "dendrite";
93 };
94 dendrite-https = dendrite-http // {
95 entryPoints = [ "https" ];
96 tls.domains = [
97 { main = "matrix.${domains.srvc}"; }
98 { main = "m.${domains.srvc}"; }
99 ];
100 };
101 dendrite-http-wellknown = dendrite-http // {
102 rule = "(Host(`matrix.${domains.srvc}`) || Host(`m.${domains.srvc}`) || Host(`${domains.srvc}`)) && PathPrefix(`/.well-known/matrix`)";
103 service = "dendrite-wellknown";
104 middlewares = [ "matrix-wellknown" "no-cors" ];
105 };
106 dendrite-https-wellknown = dendrite-https // {
107 rule = "(Host(`matrix.${domains.srvc}`) || Host(`m.${domains.srvc}`) || Host(`${domains.srvc}`)) && PathPrefix(`/.well-known/matrix`)";
108 service = "dendrite-wellknown";
109 middlewares = [ "matrix-wellknown" "no-cors" ];
89 prosody-http = {
90 entryPoints = [ "http" "xmpp-http" ];
91 rule = "(Host(`xmpp.${domains.srvc}`) || Host(`x.${domains.srvc}`) ||"
92 + " Host(`jabber.${domains.srvc}`) || Host(`j.${domains.srvc}`))";
93 service = "prosody-http";
94 };
95 prosody-https = prosody-http // {
96 entryPoints = [ "https" "xmpp-https" ];
97 service = "prosody-https";
98 tls.domains = [
99 { main = "xmpp.${domains.srvc}"; }
100 { main = "x.${domains.srvc}"; }
101 { main = "jabber.${domains.srvc}"; }
102 { main = "j.${domains.srvc}"; }
103 ];
110104 };
111105 certauth = {
112106 entryPoints = [ "http" "https" ];
233227 replacement = "\${1}://dev.${domains.home}/nixrc/\${2}";
234228 };
235229 };
236 matrix-wellknown = {
237 stripPrefix.prefixes = [ "/.well-known/matrix" ];
238 };
239230 no-cors = {
240231 headers.accesscontrolalloworigin = "*";
241232 };
289280 { url = "https://10.6.0.2:443"; }
290281 ];
291282 };
292 dendrite.loadBalancer = {
293 passHostHeader = true;
294 servers = [
295 { url = "http://10.7.0.2:8008"; }
296 ];
297 };
298 dendrite-wellknown.loadBalancer = {
299 servers = [
300 { url = "http://10.7.0.2:80"; }
301 ];
302 };
303 construct.loadBalancer = {
304 servers = [
305 { url = "https://10.7.0.2:4004"; }
283 prosody-http.loadBalancer = {
284 servers = [
285 { url = "http://10.7.0.2:5280"; }
286 ];
287 };
288 prosody-https.loadBalancer = {
289 servers = [
290 { url = "https://10.7.0.2:5281"; }
306291 ];
307292 };
308293 certauth.loadBalancer = {
397382 rule = "HostSNI(`*`)";
398383 service = "klaus";
399384 };
400 dendrite = {
401 entryPoints = [ "dendrite" ];
385 prosody-files = {
386 entryPoints = [ "xmpp-files" ];
402387 rule = "HostSNI(`*`)";
403 service = "dendrite";
404 };
405 dendrite-tls = {
406 entryPoints = [ "dendrite-tls" ];
388 service = "prosody-files";
389 };
390 prosody-client = {
391 entryPoints = [ "xmpp-client" ];
407392 rule = "HostSNI(`*`)";
408 service = "dendrite-tls";
393 service = "prosody-client";
394 };
395 prosody-server = {
396 entryPoints = [ "xmpp-server" ];
397 rule = "HostSNI(`*`)";
398 service = "prosody-server";
409399 };
410400 transmission-dht-tcp = {
411401 entryPoints = [ "transmission-dht-tcp" ];
452442 ];
453443 terminationDelay = 100;
454444 };
455 #dendrite.loadBalancer = {
456 # servers = [
457 # { address = "10.7.0.2:8008"; }
458 # ];
459 # terminationDelay = 100;
460 #};
461 #dendrite-tls.loadBalancer = {
462 # servers = [
463 # { address = "10.7.0.2:8448"; }
464 # ];
465 # terminationDelay = 100;
466 #};
445 prosody-files.loadBalancer = {
446 servers = [
447 { address = "10.7.0.2:5000"; }
448 ];
449 terminationDelay = 100;
450 };
451 prosody-client.loadBalancer = {
452 servers = [
453 { address = "10.7.0.2:5222"; }
454 ];
455 terminationDelay = 100;
456 };
457 prosody-server.loadBalancer = {
458 servers = [
459 { address = "10.7.0.2:5269"; }
460 ];
461 terminationDelay = 100;
462 };
467463 transmission-dht.loadBalancer = {
468464 servers = [
469465 { address = "10.11.0.2:51413"; }
627623 yacy = {
628624 address = ":8090/tcp";
629625 };
630 dendrite = {
631 address = ":8008/tcp";
632 };
633 dendrite-tls = {
634 address = ":8448/tcp";
626 xmpp-files = {
627 address = ":5000/tcp";
628 };
629 xmpp-client = {
630 address = ":5222/tcp";
631 };
632 xmpp-server = {
633 address = ":5269/tcp";
634 };
635 xmpp-http = {
636 address = ":5280/tcp";
637 };
638 xmpp-https = {
639 address = ":5281/tcp";
635640 };
636641 jellyfin = {
637642 address = ":8096/tcp";