89 lines
2.4 KiB
Nix
89 lines
2.4 KiB
Nix
{ config, ... }:
|
|
{
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts = {
|
|
"matrix.nekover.se" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
listen = [
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 80;
|
|
}
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 8448;
|
|
ssl = true;
|
|
}
|
|
];
|
|
locations = {
|
|
"~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
|
|
proxyPass = "http://localhost:8009";
|
|
priority = 998;
|
|
};
|
|
"~ ^/_matrix/client/(.*)/(login|logout|refresh)" = {
|
|
proxyPass = "http://localhost:8080";
|
|
priority = 999;
|
|
};
|
|
"~ ^(/_matrix|/_synapse/client)" = {
|
|
proxyPass = "http://localhost:8008";
|
|
extraConfig = ''
|
|
# Nginx by default only allows file uploads up to 1M in size
|
|
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
|
|
client_max_body_size ${config.services.matrix-synapse.settings.max_upload_size};
|
|
'';
|
|
};
|
|
};
|
|
extraConfig = ''
|
|
listen 0.0.0.0:8443 http2 ssl proxy_protocol;
|
|
|
|
set_real_ip_from 10.202.41.100;
|
|
real_ip_header proxy_protocol;
|
|
'';
|
|
};
|
|
"mas.nekover.se" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
listen = [
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 80;
|
|
}
|
|
];
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:8080";
|
|
};
|
|
extraConfig = ''
|
|
listen 0.0.0.0:8443 http2 ssl proxy_protocol;
|
|
|
|
set_real_ip_from 10.202.41.100;
|
|
real_ip_header proxy_protocol;
|
|
'';
|
|
};
|
|
"matrix-rtc.nekover.se" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
listen = [
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 80;
|
|
}
|
|
];
|
|
locations."^~ /livekit/jwt/" = {
|
|
proxyPass = "http://localhost:8082/";
|
|
};
|
|
locations."^~ /livekit/sfu/" = {
|
|
proxyPass = "http://localhost:7880/";
|
|
proxyWebsockets = true;
|
|
};
|
|
extraConfig = ''
|
|
listen 0.0.0.0:8443 http2 ssl proxy_protocol;
|
|
|
|
set_real_ip_from 10.202.41.100;
|
|
real_ip_header proxy_protocol;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
}
|