caspervk/nixos
1
0
Fork 0
Code Actions Activity

matrix sliding sync

Browse source
This commit is contained in:
Casper V. Kristensen 2024-05-31 14:19:29 +02:00
parent de401a9e5c
commit 1289e3dc3b
2 changed files with 42 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
hosts/sigma/matrix.nix
View file

@ -1,4 +1,8 @@
{...}: { {
config,
secrets,
...
}: {
# https://element-hq.github.io/synapse/latest/ # https://element-hq.github.io/synapse/latest/
# https://nixos.org/manual/nixos/stable/#module-services-matrix # https://nixos.org/manual/nixos/stable/#module-services-matrix
# https://wiki.nixos.org/wiki/Matrix # https://wiki.nixos.org/wiki/Matrix
@ -44,6 +48,36 @@
}; };
}; };
# https://github.com/matrix-org/sliding-sync
services.matrix-synapse.sliding-sync = {
# Unlike matrix-synapse, sliding-sync has createDatabase=true by default,
# which means we don't have to configure the database in the postgres
# service manually.
enable = true;
settings.SYNCV3_SERVER = config.services.matrix-synapse.settings.public_baseurl;
environmentFile = config.age.secrets.matrix-sliding-sync-environment-file.path;
};
services.postgresql = {
ensureDatabases = [
# matrix-synapse expects the database to have the options `LC_COLLATE`
# and `LC_CTYPE` set to `C`, which basically instructs postgres to
# ignore any locale-based preferences. Do this manually.
# https://github.com/NixOS/nixpkgs/commit/8be61f7a36f403c15e1a242e129be7375aafaa85
"matrix-synapse"
];
ensureUsers = [
# If the database user name equals the connecting system user name,
# postgres by default will accept a passwordless connection via unix
# domain socket. This makes it possible to run many postgres-backed
# services without creating any database secrets at all.
{
name = "matrix-synapse";
ensureDBOwnership = true;
}
];
};
environment.persistence."/nix/persist" = { environment.persistence."/nix/persist" = {
directories = [ directories = [
{ {
@ -54,4 +88,11 @@
} }
]; ];
}; };
age.secrets.matrix-sliding-sync-environment-file = {
file = "${secrets}/secrets/matrix-sliding-sync-environment-file.age";
mode = "400";
owner = "root";
group = "root";
};
} }

20
hosts/sigma/postgresql.nix
View file

@ -6,26 +6,6 @@
enable = true; enable = true;
# https://nixos.org/manual/nixos/stable/#module-services-postgres-upgrading # https://nixos.org/manual/nixos/stable/#module-services-postgres-upgrading
package = pkgs.postgresql_16; package = pkgs.postgresql_16;
ensureDatabases = [
"matrix-synapse"
];
ensureUsers = [
# If the database user name equals the connecting system user name,
# postgres by default will accept a passwordless connection via unix
# domain socket. This makes it possible to run many postgres-backed
# services without creating any database secrets at all.
{
name = "matrix-synapse";
ensureDBOwnership = true;
}
];
initialScript = pkgs.writeText "init.sql" ''
# https://github.com/NixOS/nixpkgs/commit/8be61f7a36f403c15e1a242e129be7375aafaa85
CREATE DATABASE "matrix-synapse"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
'';
}; };
services.postgresqlBackup = { services.postgresqlBackup = {