Commit 724fb2b83efa0c3f74328440ef8a3a2bb7bac26e - nixrc

containers(xmpp): make functional Tony Olagbaiye a month ago

2 changed file(s) with 83 addition(s) and 65 deletion(s). Raw diff Collapse all Expand all

+16

-3

containers/xmpp.nix less more

36	36	''}";
37	37	};
38	38
	39	services.biboumi.enable = false;
39	40	services.prosody = rec {
40	41	enable = true;
41	42	admins = [ "bqv@jix.im" ];
42	43	allowRegistration = true;
	44	extraConfig = ''
	45	local_interfaces = { "*", "::" }
	46	'';
43	47	httpPorts = [ 5280 ];
44	48	httpsPorts = [ 5281 ];
45	49	group = "keys";

50	54	modules.legacyauth = true;
51	55	modules.websocket = true;
52	56	muc = [{
53		domain = "xa0.uk";
	57	domain = "muc.xa0.uk";
54	58	maxHistoryMessages = 10000;
55	59	name = "Zeta Prosody";
56	60	}];
57		ssl.cert = "/var/lib/acme/${usr.secrets.domains.srvc}/fullchain.pem";
58		ssl.key = "/var/lib/acme/${usr.secrets.domains.srvc}/key.pem";
	61	ssl = {
	62	cert = "/var/lib/acme/${usr.secrets.domains.srvc}/fullchain.pem";
	63	key = "/var/lib/acme/${usr.secrets.domains.srvc}/key.pem";
	64	};
59	65	uploadHttp = {
	66	domain = "xmpp.xa0.uk";
	67	};
	68	#disco_items = [{
	69	# url = "xmpp.xa0.uk";
	70	#}];
	71	virtualHosts.srvc = {
	72	enabled = true;
60	73	domain = "xa0.uk";
61	74	};
62	75	};

+67

-62

profiles/networking/traefik/default.nix less more

86	86	entryPoints = [ "https" ];
87	87	tls.domains = [{ main = "tw.${domains.srvc}"; }];
88	88	};
89		dendrite-http = {
90		entryPoints = [ "http" ];
91		rule = "(Host(`matrix.${domains.srvc}`) \|\| Host(`m.${domains.srvc}`)) && PathPrefix(`/_matrix`)";
92		service = "dendrite";
93		};
94		dendrite-https = dendrite-http // {
95		entryPoints = [ "https" ];
96		tls.domains = [
97		{ main = "matrix.${domains.srvc}"; }
98		{ main = "m.${domains.srvc}"; }
99		];
100		};
101		dendrite-http-wellknown = dendrite-http // {
102		rule = "(Host(`matrix.${domains.srvc}`) \|\| Host(`m.${domains.srvc}`) \|\| Host(`${domains.srvc}`)) && PathPrefix(`/.well-known/matrix`)";
103		service = "dendrite-wellknown";
104		middlewares = [ "matrix-wellknown" "no-cors" ];
105		};
106		dendrite-https-wellknown = dendrite-https // {
107		rule = "(Host(`matrix.${domains.srvc}`) \|\| Host(`m.${domains.srvc}`) \|\| Host(`${domains.srvc}`)) && PathPrefix(`/.well-known/matrix`)";
108		service = "dendrite-wellknown";
109		middlewares = [ "matrix-wellknown" "no-cors" ];
	89	prosody-http = {
	90	entryPoints = [ "http" "xmpp-http" ];
	91	rule = "(Host(`xmpp.${domains.srvc}`) \|\| Host(`x.${domains.srvc}`) \|\|"
	92	+ " Host(`jabber.${domains.srvc}`) \|\| Host(`j.${domains.srvc}`))";
	93	service = "prosody-http";
	94	};
	95	prosody-https = prosody-http // {
	96	entryPoints = [ "https" "xmpp-https" ];
	97	service = "prosody-https";
	98	tls.domains = [
	99	{ main = "xmpp.${domains.srvc}"; }
	100	{ main = "x.${domains.srvc}"; }
	101	{ main = "jabber.${domains.srvc}"; }
	102	{ main = "j.${domains.srvc}"; }
	103	];
110	104	};
111	105	certauth = {
112	106	entryPoints = [ "http" "https" ];

233	227	replacement = "\${1}://dev.${domains.home}/nixrc/\${2}";
234	228	};
235	229	};
236		matrix-wellknown = {
237		stripPrefix.prefixes = [ "/.well-known/matrix" ];
238		};
239	230	no-cors = {
240	231	headers.accesscontrolalloworigin = "*";
241	232	};

289	280	{ url = "https://10.6.0.2:443"; }
290	281	];
291	282	};
292		dendrite.loadBalancer = {
293		passHostHeader = true;
294		servers = [
295		{ url = "http://10.7.0.2:8008"; }
296		];
297		};
298		dendrite-wellknown.loadBalancer = {
299		servers = [
300		{ url = "http://10.7.0.2:80"; }
301		];
302		};
303		construct.loadBalancer = {
304		servers = [
305		{ url = "https://10.7.0.2:4004"; }
	283	prosody-http.loadBalancer = {
	284	servers = [
	285	{ url = "http://10.7.0.2:5280"; }
	286	];
	287	};
	288	prosody-https.loadBalancer = {
	289	servers = [
	290	{ url = "https://10.7.0.2:5281"; }
306	291	];
307	292	};
308	293	certauth.loadBalancer = {

397	382	rule = "HostSNI(`*`)";
398	383	service = "klaus";
399	384	};
400		dendrite = {
401		entryPoints = [ "dendrite" ];
	385	prosody-files = {
	386	entryPoints = [ "xmpp-files" ];
402	387	rule = "HostSNI(`*`)";
403		service = "dendrite";
404		};
405		dendrite-tls = {
406		entryPoints = [ "dendrite-tls" ];
	388	service = "prosody-files";
	389	};
	390	prosody-client = {
	391	entryPoints = [ "xmpp-client" ];
407	392	rule = "HostSNI(`*`)";
408		service = "dendrite-tls";
	393	service = "prosody-client";
	394	};
	395	prosody-server = {
	396	entryPoints = [ "xmpp-server" ];
	397	rule = "HostSNI(`*`)";
	398	service = "prosody-server";
409	399	};
410	400	transmission-dht-tcp = {
411	401	entryPoints = [ "transmission-dht-tcp" ];

452	442	];
453	443	terminationDelay = 100;
454	444	};
455		#dendrite.loadBalancer = {
456		# servers = [
457		# { address = "10.7.0.2:8008"; }
458		# ];
459		# terminationDelay = 100;
460		#};
461		#dendrite-tls.loadBalancer = {
462		# servers = [
463		# { address = "10.7.0.2:8448"; }
464		# ];
465		# terminationDelay = 100;
466		#};
	445	prosody-files.loadBalancer = {
	446	servers = [
	447	{ address = "10.7.0.2:5000"; }
	448	];
	449	terminationDelay = 100;
	450	};
	451	prosody-client.loadBalancer = {
	452	servers = [
	453	{ address = "10.7.0.2:5222"; }
	454	];
	455	terminationDelay = 100;
	456	};
	457	prosody-server.loadBalancer = {
	458	servers = [
	459	{ address = "10.7.0.2:5269"; }
	460	];
	461	terminationDelay = 100;
	462	};
467	463	transmission-dht.loadBalancer = {
468	464	servers = [
469	465	{ address = "10.11.0.2:51413"; }

627	623	yacy = {
628	624	address = ":8090/tcp";
629	625	};
630		dendrite = {
631		address = ":8008/tcp";
632		};
633		dendrite-tls = {
634		address = ":8448/tcp";
	626	xmpp-files = {
	627	address = ":5000/tcp";
	628	};
	629	xmpp-client = {
	630	address = ":5222/tcp";
	631	};
	632	xmpp-server = {
	633	address = ":5269/tcp";
	634	};
	635	xmpp-http = {
	636	address = ":5280/tcp";
	637	};
	638	xmpp-https = {
	639	address = ":5281/tcp";
635	640	};
636	641	jellyfin = {
637	642	address = ":8096/tcp";