From 7044c9b52f9c6b7aa2a006f09198fe98addcfc9d Mon Sep 17 00:00:00 2001
From: Timo Wilken
Date: Sat, 18 Feb 2023 00:27:17 +0100
Subject: Extract common service sets into separate modules

Common service sets (NextCloud, Matrix, WireGuard) should be in their
own modules to make things neater, instead of being interleaved with
operating system declarations.
---
 tw/services/matrix.scm | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 tw/services/matrix.scm

(limited to 'tw/services/matrix.scm')

diff --git a/tw/services/matrix.scm b/tw/services/matrix.scm
new file mode 100644
index 00000000..db21f172
--- /dev/null
+++ b/tw/services/matrix.scm
@@ -0,0 +1,40 @@
+(define-module (tw services matrix)
+  #:use-module (gnu services)
+  #:use-module (gnu services certbot)
+  #:use-module (gnu services web)
+  #:use-module (tw services))
+
+(define-public %matrix-services
+  (list (simple-service 'synapse-certificates certbot-service-type
+          (list (certificate-configuration
+                 (domains '("matrix.twilken.net"))
+                 (deploy-hook %httpd-cert-deploy-hook))))
+
+        (simple-service 'synapse-https-proxy httpd-service-type
+          ;; Synapse can't access certbot certs, but Apache/httpd
+          ;; can, so proxy HTTPS access through. It's good to have
+          ;; Synapse available on port 443 anyway.
+          (list (httpd-virtualhost "*:443" (list "\
+# Redirect to Synapse, to avoid having to specify its port number in Matrix clients.
+ServerName matrix.twilken.net
+SSLEngine on
+SSLCertificateFile \"/etc/letsencrypt/live/matrix.twilken.net/fullchain.pem\"
+SSLCertificateKeyFile \"/etc/letsencrypt/live/matrix.twilken.net/privkey.pem\"
+ProxyPass \"/\" \"https://127.0.0.1:48448/\"
+"))))
+
+        ;; TODO: Postgres for Synapse
+        ;; (service postgresql-service-type
+        ;;   (postgresql-configuration
+        ;;    (postgresql postgresql-15)
+        ;;    (data-directory "/var/lib/postgresql/data")))
+
+        ;; (service postgresql-role-service-type
+        ;;   (postgresql-role-configuration
+        ;;    (roles (list (postgresql-role
+        ;;                  (name "synapse")  ; TODO
+        ;;                  (create-database? #t))))))
+
+        ;; TODO: Matrix/Synapse
+        ;; TODO: Matrix bridges
+        ))
-- 
cgit v1.2.3