nixos-config/machines/neo/dendrite/default.nix

{
  pkgs,
  lib,
  config,
  ...
}:
let

  settingsFormat = pkgs.formats.yaml { };
  configurationYaml = settingsFormat.generate "dendrite.yaml" settings;
  workingDir = "/var/lib/dendrite";

  environmentFile = config.sops.secrets.dendrite-env.path;

  httpPort = 8008;

  settings = {
    global = {
      server_name = "matrix.boskma.frl";
      private_key = config.sops.secrets.dendrite-private-key.path;

      database = {
        connection_string = "postgresql://%2Frun%2Fpostgresql/dendrite";
        max_open_conns = 100;
        max_idle_conns = 5;
        conn_max_lifetime = -1;
      };

      trusted_third_party_id_servers = [
        "matrix.org"
        "vector.im"
      ];
      disable_federation = false;
      presence = {
        inbound = true;
        outbound = true;
      };

      server_notices = {
        enabled = true;
        local_part = "_server";
        display_part = "Tidingen";
        room_name = "Tidingen";
      };

      metrics = {
        enabled = true;
        basic_auth = {
          username = "metrics";
          password = "metrics";
        };
      };
    };
    client_api = {
      registration_shared_secret = "$REGISTRATION_SECRET";
    };
    federation_api = {
      key_perspectives = [
        {
          server_name = "matrix.org";
          keys = [
            {
              key_id = "ed25519:auto";
              public_key = "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw";
            }
            {
              key_id = "ed25519:a_RXGa";
              public_key = "l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ";
            }
          ];
        }
      ];
    };
    media_api = {
      max_file_size_bytes = 25 * 1024 * 1024;
      thumbnail_sizes = [
        {
          height = 32;
          method = "crop";
          width = 32;
        }
        {
          height = 96;
          method = "crop";
          width = 96;
        }
        {
          height = 480;
          method = "scale";
          width = 640;
        }
      ];
    };

    logging = [
      {
        type = "std";
        level = "info";
      }
    ];
  };
in
{
  systemd.services.dendrite = {
    description = "Dendrite Matrix homeserver";
    after = [ "network.target" ];
    wantedBy = [ "multi-user.target" ];
    serviceConfig = {
      Type = "simple";
      DynamicUser = true;
      StateDirectory = "dendrite";
      WorkingDirectory = workingDir;
      RuntimeDirectory = "dendrite";
      RuntimeDirectoryMode = "0700";
      LimitNOFILE = 65535;
      EnvironmentFile = environmentFile;
      ExecStartPre = [
        ''
          ${pkgs.envsubst}/bin/envsubst \
            -i ${configurationYaml} \
            -o /run/dendrite/dendrite.yaml
        ''
      ];
      ExecStart = lib.strings.concatStringsSep " " ([
        "${pkgs.dendrite}/bin/dendrite"
        "--config /run/dendrite/dendrite.yaml"
        "--http-bind-address :${builtins.toString httpPort}"
      ]);
      ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
      Restart = "on-failure";
    };
  };
}
Add neo, a Matrix server 2024-04-24 14:17:04 +02:00			`{`
			`pkgs,`
			`lib,`
			`config,`
			`...`
			`}:`
			`let`

			`settingsFormat = pkgs.formats.yaml { };`
			`configurationYaml = settingsFormat.generate "dendrite.yaml" settings;`
			`workingDir = "/var/lib/dendrite";`

			`environmentFile = config.sops.secrets.dendrite-env.path;`

			`httpPort = 8008;`

			`settings = {`
			`global = {`
			`server_name = "matrix.boskma.frl";`
			`private_key = config.sops.secrets.dendrite-private-key.path;`

			`database = {`
			`connection_string = "postgresql://%2Frun%2Fpostgresql/dendrite";`
			`max_open_conns = 100;`
			`max_idle_conns = 5;`
			`conn_max_lifetime = -1;`
			`};`

			`trusted_third_party_id_servers = [`
			`"matrix.org"`
			`"vector.im"`
			`];`
			`disable_federation = false;`
			`presence = {`
			`inbound = true;`
			`outbound = true;`
			`};`

			`server_notices = {`
			`enabled = true;`
			`local_part = "_server";`
			`display_part = "Tidingen";`
			`room_name = "Tidingen";`
			`};`

			`metrics = {`
			`enabled = true;`
			`basic_auth = {`
			`username = "metrics";`
			`password = "metrics";`
			`};`
			`};`
			`};`
			`client_api = {`
			`registration_shared_secret = "$REGISTRATION_SECRET";`
			`};`
			`federation_api = {`
			`key_perspectives = [`
			`{`
			`server_name = "matrix.org";`
			`keys = [`
			`{`
			`key_id = "ed25519:auto";`
			`public_key = "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw";`
			`}`
			`{`
			`key_id = "ed25519:a_RXGa";`
			`public_key = "l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ";`
			`}`
			`];`
			`}`
			`];`
			`};`
			`media_api = {`
			`max_file_size_bytes = 25 * 1024 * 1024;`
			`thumbnail_sizes = [`
			`{`
			`height = 32;`
			`method = "crop";`
			`width = 32;`
			`}`
			`{`
			`height = 96;`
			`method = "crop";`
			`width = 96;`
			`}`
			`{`
			`height = 480;`
			`method = "scale";`
			`width = 640;`
			`}`
			`];`
			`};`

			`logging = [`
			`{`
			`type = "std";`
			`level = "info";`
			`}`
			`];`
			`};`
			`in`
			`{`
			`systemd.services.dendrite = {`
			`description = "Dendrite Matrix homeserver";`
			`after = [ "network.target" ];`
			`wantedBy = [ "multi-user.target" ];`
			`serviceConfig = {`
			`Type = "simple";`
			`DynamicUser = true;`
			`StateDirectory = "dendrite";`
			`WorkingDirectory = workingDir;`
			`RuntimeDirectory = "dendrite";`
			`RuntimeDirectoryMode = "0700";`
			`LimitNOFILE = 65535;`
			`EnvironmentFile = environmentFile;`
			`ExecStartPre = [`
			`''`
			`${pkgs.envsubst}/bin/envsubst \`
			`-i ${configurationYaml} \`
			`-o /run/dendrite/dendrite.yaml`
			`''`
			`];`
			`ExecStart = lib.strings.concatStringsSep " " ([`
			`"${pkgs.dendrite}/bin/dendrite"`
			`"--config /run/dendrite/dendrite.yaml"`
			`"--http-bind-address :${builtins.toString httpPort}"`
			`]);`
			`ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";`
			`Restart = "on-failure";`
			`};`
			`};`
			`}`