server/services/matrix-synapse.nix
2024-10-07 15:32:17 +01:00

73 lines
2.0 KiB
Nix
Executable File

{ config, pkgs, domains, ... }:
{
services.matrix-synapse = {
enable = true;
withJemalloc = true;
extras = [ "oidc" ];
settings = {
# General settings
server_name = "${domains.root}";
public_baseurl = "https://${domains.root}";
enable_registration = false;
max_upload_size = "100M";
presence.enabled = true;
auto_join_rooms = [ "#general:${domains.root}" "#announcements:${domains.root}" ];
database = {
name = "psycopg2";
allow_unsafe_locale = true;
};
# Performance
caches = {
global_factor = 2.0;
};
limit_remote_rooms = {
enabled = true;
complexity = 5.0;
complexity_error = "This room is too complex for the server to handle, and you have been blocked from joining.";
};
# Messages from the server
server_notices = {
system_mxid_display_name = "Server";
system_mxid_localpart = "server";
system_mxid_avatar_url = "mxc://${domains.root}/yLgywrxwQkdHpWAnICJGmJjs";
room_name = "Server Notice";
room_avatar_url = "mxc://${domains.root}/ImyaGvtWLaPtacVEQWcDiEoC";
auto_join = false;
};
};
# Listeners
settings.listeners = [{
bind_addresses = [ "::1" ];
port = 8008;
type = "http";
tls = false;
x_forwarded = true;
resources = [{
names = [ "client" "federation" ];
compress = true;
}];
}];
# Experimental features and secrets
extraConfigFiles = [ config.age.secrets.matrix-synapse.path ];
};
# Ensure a PostgreSQL database for synapse
services.postgresql = {
enable = true;
ensureDatabases = [ "matrix-synapse" ];
ensureUsers = [ { name = "matrix-synapse"; ensureDBOwnership = true; } ];
};
# Increase the file descriptor limit for synapse
systemd.services.matrix-synapse.serviceConfig.LimitNOFILE = 20000;
# Authlib is required for OIDC support
environment.systemPackages = with pkgs; [ python312Packages.authlib ];
}