diff options
Diffstat (limited to 'tw/services/matrix.scm')
-rw-r--r-- | tw/services/matrix.scm | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/tw/services/matrix.scm b/tw/services/matrix.scm new file mode 100644 index 00000000..db21f172 --- /dev/null +++ b/tw/services/matrix.scm @@ -0,0 +1,40 @@ +(define-module (tw services matrix) + #:use-module (gnu services) + #:use-module (gnu services certbot) + #:use-module (gnu services web) + #:use-module (tw services)) + +(define-public %matrix-services + (list (simple-service 'synapse-certificates certbot-service-type + (list (certificate-configuration + (domains '("matrix.twilken.net")) + (deploy-hook %httpd-cert-deploy-hook)))) + + (simple-service 'synapse-https-proxy httpd-service-type + ;; Synapse can't access certbot certs, but Apache/httpd + ;; can, so proxy HTTPS access through. It's good to have + ;; Synapse available on port 443 anyway. + (list (httpd-virtualhost "*:443" (list "\ +# Redirect to Synapse, to avoid having to specify its port number in Matrix clients. +ServerName matrix.twilken.net +SSLEngine on +SSLCertificateFile \"/etc/letsencrypt/live/matrix.twilken.net/fullchain.pem\" +SSLCertificateKeyFile \"/etc/letsencrypt/live/matrix.twilken.net/privkey.pem\" +ProxyPass \"/\" \"https://127.0.0.1:48448/\" +")))) + + ;; TODO: Postgres for Synapse + ;; (service postgresql-service-type + ;; (postgresql-configuration + ;; (postgresql postgresql-15) + ;; (data-directory "/var/lib/postgresql/data"))) + + ;; (service postgresql-role-service-type + ;; (postgresql-role-configuration + ;; (roles (list (postgresql-role + ;; (name "synapse") ; TODO + ;; (create-database? #t)))))) + + ;; TODO: Matrix/Synapse + ;; TODO: Matrix bridges + )) |