diff --git a/profiles/matrix.nix b/profiles/matrix.nix index 2379762..de5a222 100644 --- a/profiles/matrix.nix +++ b/profiles/matrix.nix @@ -17,61 +17,64 @@ services = { matrix-synapse = { enable = true; # Enable the synapse server - server_name = "mcwhirter.io"; # Server's public domain name - public_baseurl = "https://synapse.mcwhirter.io:443/"; # Matrix target URL - enable_registration = true; # Toggle user registration - listeners = [ - { - # federation - bind_address = ""; - port = 8448; - resources = [ - { - compress = true; - names = ["client"]; - } - { - compress = false; - names = ["federation"]; - } - ]; - tls = true; - type = "http"; - x_forwarded = false; - } - { - # client - bind_address = "::1"; # Listen on localhost only - port = 8008; # Port to listen on - resources = [ - { - compress = true; - names = ["client"]; - } - { - compress = false; - names = ["federation"]; - } - ]; - tls = true; - type = "http"; - x_forwarded = true; - } - ]; - max_upload_size = "200M"; # Also set client_max_body_size to at least this - tls_certificate_path = "/var/lib/acme/mcwhirter.io/fullchain.pem"; - tls_private_key_path = "/var/lib/acme/mcwhirter.io/key.pem"; - turn_shared_secret = "IZI43ylg6aJdMwy5MyhUPqT8SJD4C3P1vDcIFMzqGvTXJiCjAEvnPcDCBZfig5Q6"; - turn_uris = [ - "turn:turn.mcwhirter.io:5349?transport=udp" - "turn:turn.mcwhirter.io:5350?transport=udp" - "turn:turn.mcwhirter.io:5349?transport=tcp" - "turn:turn.mcwhirter.io:5350?transport=tcp" - ]; - url_preview_enabled = true; - extraConfig = '' - enable_group_creation: true # Allow users to create communities - ''; + settings = { + enable_registration = true; # Toggle user registration + enable_registration_without_verification = true; + extraConfig = '' + enable_group_creation: true # Allow users to create communities + ''; + listeners = [ + { + # federation + bind_addresses = []; + port = 8448; + resources = [ + { + compress = true; + names = ["client"]; + } + { + compress = false; + names = ["federation"]; + } + ]; + tls = true; + type = "http"; + x_forwarded = false; + } + { + # client + bind_addresses = ["::1"]; # Listen on localhost only + port = 8008; # Port to listen on + resources = [ + { + compress = true; + names = ["client"]; + } + { + compress = false; + names = ["federation"]; + } + ]; + tls = true; + type = "http"; + x_forwarded = true; + } + ]; + max_upload_size = "200M"; # Also set client_max_body_size to at least this + public_baseurl = "https://synapse.mcwhirter.io:443/"; # Matrix target URL + server_name = "mcwhirter.io"; # Server's public domain name + tls_certificate_path = "/var/lib/acme/mcwhirter.io/fullchain.pem"; + tls_private_key_path = "/var/lib/acme/mcwhirter.io/key.pem"; + turn_shared_secret = "IZI43ylg6aJdMwy5MyhUPqT8SJD4C3P1vDcIFMzqGvTXJiCjAEvnPcDCBZfig5Q6"; + turn_uris = [ + "turn:turn.mcwhirter.io:5349?transport=udp" + "turn:turn.mcwhirter.io:5350?transport=udp" + "turn:turn.mcwhirter.io:5349?transport=tcp" + "turn:turn.mcwhirter.io:5350?transport=tcp" + ]; + url_preview_enabled = true; + }; }; nginx = { @@ -122,7 +125,6 @@ postgresql = { enable = true; - package = pkgs.postgresql_10; ensureDatabases = ["matrix-synapse"]; # Ensure the database persists ensureUsers = [ {