summary refs log tree commit diff
path: root/host/Rory-nginx/services/nginx
diff options
context:
space:
mode:
authorRory& <root@rory.gay>2024-08-04 05:08:05 +0200
committerRory& <root@rory.gay>2024-08-04 05:08:05 +0200
commit4402873891edace4b678af537236ff1d81bba585 (patch)
tree343f32b070b98eaba7e11ab77bd27ce98a464bc7 /host/Rory-nginx/services/nginx
parentUpdate flake lock (diff)
downloadRory-Open-Architecture-4402873891edace4b678af537236ff1d81bba585.tar.xz
Server config cleanup
Diffstat (limited to 'host/Rory-nginx/services/nginx')
-rw-r--r--host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix280
-rw-r--r--host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix26
-rw-r--r--host/Rory-nginx/services/nginx/matrix-upstreams.nix26
-rwxr-xr-xhost/Rory-nginx/services/nginx/nginx.nix8
4 files changed, 1 insertions, 339 deletions
diff --git a/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix b/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix
deleted file mode 100644
index 73c22b6..0000000
--- a/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix
+++ /dev/null
@@ -1,280 +0,0 @@
-{
-  enableACME = false;
-  addSSL = false;
-  # locations."/_matrix" = {
-  #   proxyPass = "http://192.168.1.5:8008"; 
-  #   extraConfig = ''
-  #     if ($request_method = 'OPTIONS') {
-  #       more_set_headers 'Access-Control-Allow-Origin: *';
-  #       more_set_headers 'Access-Control-Allow-Methods: *';
-  #       #
-  #       # Custom headers and headers various browsers *should* be OK with but aren't
-  #       #
-  #       more_set_headers 'Access-Control-Allow-Headers: *';
-  #       #
-  #       # Tell client that this pre-flight info is valid for 20 days
-  #       #
-  #       more_set_headers 'Access-Control-Max-Age' 1728000;
-  #       more_set_headers 'Content-Type: text/plain; charset=utf-8';
-  #       more_set_headers 'Content-Length' 0;
-  #       return 204;
-  #     };
-  #   '';
-  # };
-
-  # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker
-  locations."~ ^/_matrix/client/(r0|v3)/sync$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-    extraConfig = ''
-      # We want to wait for 15 minutes here...
-      proxy_read_timeout 54000;
-      proxy_connect_timeout 54000;
-      proxy_send_timeout 54000;
-    '';
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3)/events$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/v1/rooms/.*/hierarchy$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/v1/rooms/.*/threads$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/account/whoami$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/devices$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/versions$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/query$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/changes$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/claim$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/room_keys/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/upload/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/register$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/v1/register/m.login.registration_token/validity$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-
-  # https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing" = {
-    proxyPass = "http://stream_writer_typing_stream_workers_upstream$request_uri";
-  };
-
-  # https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/sendToDevice/" = {
-    proxyPass = "http://stream_writer_to_device_stream_workers_upstream$request_uri";
-  };
-
-  # https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/.*/tags" = {
-    proxyPass = "http://stream_writer_account_data_stream_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/.*/account_data" = {
-    proxyPass = "http://stream_writer_account_data_stream_workers_upstream$request_uri";
-  };
-  # https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt" = {
-    proxyPass = "http://stream_writer_receipts_stream_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers" = {
-    proxyPass = "http://stream_writer_receipts_stream_workers_upstream$request_uri";
-  };
-  # https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream
-  locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/" = {
-    proxyPass = "http://stream_writer_presence_stream_workers_upstream$request_uri";
-  };
-
-  ### DUPLICATES????
-  # https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory
-  locations."~ ^/_matrix/client/(r0|v3|unstable)/user_directory/search$" = {
-    proxyPass = "http://user_dir_workers_upstream$request_uri";
-  };
-
-  # ???
-  locations."/" = {
-    #resolver 127.0.0.11 valid=5s;
-    #set $backend "matrix-synapse:8008";
-    #proxyPass = "http://$backend";
-    proxyPass = "http://127.0.0.1:8008";
-  };
-
-  locations."~ ^/_matrix/federation/v1/event/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/state/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/state_ids/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/backfill/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/get_missing_events/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/publicRooms" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/query/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/make_join/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/make_leave/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/(v1|v2)/send_join/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/(v1|v2)/send_leave/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/(v1|v2)/invite/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/event_auth/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/timestamp_to_event/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/exchange_third_party_invite/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/user/devices/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/key/v2/query" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/hierarchy/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-  locations."~ ^/_matrix/federation/v1/send/" = {
-    proxyPass = "http://generic_workers_upstream$request_uri";
-  };
-
-  ##### media repo
-
-  # https://matrix-org.github.io/synapse/latest/workers.html#synapseappmedia_repository
-  locations."~ ^/_matrix/media/" = {
-    proxyPass = "http://media_repository_workers_upstream$request_uri";
-  };
-  locations."~ ^/_synapse/admin/v1/purge_media_cache$" = {
-    proxyPass = "http://media_repository_workers_upstream$request_uri";
-  };
-  locations."~ ^/_synapse/admin/v1/room/.*/media.*$" = {
-    proxyPass = "http://media_repository_workers_upstream$request_uri";
-  };
-  locations."~ ^/_synapse/admin/v1/user/.*/media.*$" = {
-    proxyPass = "http://media_repository_workers_upstream$request_uri";
-  };
-  locations."~ ^/_synapse/admin/v1/media/.*$" = {
-    proxyPass = "http://media_repository_workers_upstream$request_uri";
-  };
-  locations."~ ^/_synapse/admin/v1/quarantine_media/.*$" = {
-    proxyPass = "http://media_repository_workers_upstream$request_uri";
-  };
-  locations."~ ^/_synapse/admin/v1/users/.*/media$" = {
-    proxyPass = "http://media_repository_workers_upstream$request_uri";
-  };
-
-  #locations."/" = {
-  #resolver 127.0.0.11 valid=5s;
-  #set $backend "matrix-synapse:8048";
-  #proxyPass = "http://$backend";
-  #};
-
-  locations."/_synapse/client".proxyPass = "http://127.0.0.1:8008";
-}
diff --git a/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix b/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix
deleted file mode 100644
index cdf3c92..0000000
--- a/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{
-  generic_workers_upstream.servers = {
-    "127.0.0.1:18111" = { };
-  };
-  stream_writer_typing_stream_workers_upstream.servers = {
-    "127.0.0.1:20012" = { };
-  };
-  stream_writer_to_device_stream_workers_upstream.servers = {
-    "127.0.0.1:20013" = { };
-  };
-  stream_writer_account_data_stream_workers_upstream.servers = {
-    "127.0.0.1:20014" = { };
-  };
-  stream_writer_receipts_stream_workers_upstream.servers = {
-    "127.0.0.1:20015" = { };
-  };
-  stream_writer_presence_stream_workers_upstream.servers = {
-    "127.0.0.1:20016" = { };
-  };
-  media_repository_workers_upstream.servers = {
-    "127.0.0.1:18551" = { };
-  };
-  user_dir_workers_upstream.servers = {
-    "127.0.0.1:18661" = { };
-  };
-}
diff --git a/host/Rory-nginx/services/nginx/matrix-upstreams.nix b/host/Rory-nginx/services/nginx/matrix-upstreams.nix
deleted file mode 100644
index 5dd2fe8..0000000
--- a/host/Rory-nginx/services/nginx/matrix-upstreams.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{
-  generic_workers_upstream.servers = {
-    "127.0.0.1:8008" = { };
-  };
-  stream_writer_typing_stream_workers_upstream.servers = {
-    "127.0.0.1:8008" = { };
-  };
-  stream_writer_to_device_stream_workers_upstream.servers = {
-    "127.0.0.1:8008" = { };
-  };
-  stream_writer_account_data_stream_workers_upstream.servers = {
-    "127.0.0.1:8008" = { };
-  };
-  stream_writer_receipts_stream_workers_upstream.servers = {
-    "127.0.0.1:8008" = { };
-  };
-  stream_writer_presence_stream_workers_upstream.servers = {
-    "127.0.0.1:8008" = { };
-  };
-  media_repository_workers_upstream.servers = {
-    "127.0.0.1:8008" = { };
-  };
-  user_dir_workers_upstream.servers = {
-    "127.0.0.1:8008" = { };
-  };
-}
diff --git a/host/Rory-nginx/services/nginx/nginx.nix b/host/Rory-nginx/services/nginx/nginx.nix
index 0b53a28..d210fb1 100755
--- a/host/Rory-nginx/services/nginx/nginx.nix
+++ b/host/Rory-nginx/services/nginx/nginx.nix
@@ -41,7 +41,6 @@ in
         log_format combined_vhosts '$remote_addr - $remote_user [$time_local] {host="$host",server_name="$server_name"} "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
         access_log /var/log/nginx/access.log combined_vhosts;
       '';
-      upstreams = import ./matrix-upstreams.nix;
       additionalModules = with pkgs.nginxModules; [ moreheaders ];
       virtualHosts = {
         "boorunav.com" = serveDir { path = "/data/nginx/html_boorunav"; };
@@ -63,7 +62,6 @@ in
         "search.thearcanebrony.net" = import ./thearcanebrony.net/search.nix;
 
         "rory.gay" = import ./rory.gay/root.nix;
-        #"rory.boo" = import ./rory.gay/root.nix;
         "lfs.rory.gay" = serveDir { path = "/data/nginx/html_lfs"; };
 
         "awooradio.thearcanebrony.net" = import ./thearcanebrony.net/awooradio.nix;
@@ -73,7 +71,6 @@ in
         #matrix...
         "conduit.rory.gay" = import ./rory.gay/conduit.nix;
         "matrix.rory.gay" = import ./rory.gay/matrix.nix;
-        "matrix-rory-gay.localhost" = import ./localhost/matrix-rory-gay.nix;
         "pcpoc.rory.gay" = import ./rory.gay/pcpoc.nix;
         "matrixunittests.rory.gay" = import ./rory.gay/matrixunittests.nix;
         "conduit.matrixunittests.rory.gay" = import ./rory.gay/conduit.matrixunittests.nix;
@@ -109,8 +106,5 @@ in
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "root@thearcanebrony.net";
 
-  environment.systemPackages = with pkgs; [
-    #gitfs
-  ];
-
+  networking.hosts."127.0.0.1" = builtins.attrNames config.services.nginx.virtualHosts;
 }