diff options
author | Rory& <root@rory.gay> | 2024-08-04 05:08:05 +0200 |
---|---|---|
committer | Rory& <root@rory.gay> | 2024-08-04 05:08:05 +0200 |
commit | 4402873891edace4b678af537236ff1d81bba585 (patch) | |
tree | 343f32b070b98eaba7e11ab77bd27ce98a464bc7 /host/Rory-nginx/services/nginx | |
parent | Update flake lock (diff) | |
download | Rory-Open-Architecture-4402873891edace4b678af537236ff1d81bba585.tar.xz |
Server config cleanup
Diffstat (limited to 'host/Rory-nginx/services/nginx')
4 files changed, 1 insertions, 339 deletions
diff --git a/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix b/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix deleted file mode 100644 index 73c22b6..0000000 --- a/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix +++ /dev/null @@ -1,280 +0,0 @@ -{ - enableACME = false; - addSSL = false; - # locations."/_matrix" = { - # proxyPass = "http://192.168.1.5:8008"; - # extraConfig = '' - # if ($request_method = 'OPTIONS') { - # more_set_headers 'Access-Control-Allow-Origin: *'; - # more_set_headers 'Access-Control-Allow-Methods: *'; - # # - # # Custom headers and headers various browsers *should* be OK with but aren't - # # - # more_set_headers 'Access-Control-Allow-Headers: *'; - # # - # # Tell client that this pre-flight info is valid for 20 days - # # - # more_set_headers 'Access-Control-Max-Age' 1728000; - # more_set_headers 'Content-Type: text/plain; charset=utf-8'; - # more_set_headers 'Content-Length' 0; - # return 204; - # }; - # ''; - # }; - - # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker - locations."~ ^/_matrix/client/(r0|v3)/sync$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - extraConfig = '' - # We want to wait for 15 minutes here... - proxy_read_timeout 54000; - proxy_connect_timeout 54000; - proxy_send_timeout 54000; - ''; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3)/events$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/v1/rooms/.*/hierarchy$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/v1/rooms/.*/threads$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/account/whoami$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/devices$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/versions$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/query$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/changes$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/claim$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/room_keys/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/upload/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/register$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/v1/register/m.login.registration_token/validity$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - - # https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing" = { - proxyPass = "http://stream_writer_typing_stream_workers_upstream$request_uri"; - }; - - # https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream - locations."~ ^/_matrix/client/(r0|v3|unstable)/sendToDevice/" = { - proxyPass = "http://stream_writer_to_device_stream_workers_upstream$request_uri"; - }; - - # https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream - locations."~ ^/_matrix/client/(r0|v3|unstable)/.*/tags" = { - proxyPass = "http://stream_writer_account_data_stream_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/.*/account_data" = { - proxyPass = "http://stream_writer_account_data_stream_workers_upstream$request_uri"; - }; - # https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream - locations."~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt" = { - proxyPass = "http://stream_writer_receipts_stream_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers" = { - proxyPass = "http://stream_writer_receipts_stream_workers_upstream$request_uri"; - }; - # https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/" = { - proxyPass = "http://stream_writer_presence_stream_workers_upstream$request_uri"; - }; - - ### DUPLICATES???? - # https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory - locations."~ ^/_matrix/client/(r0|v3|unstable)/user_directory/search$" = { - proxyPass = "http://user_dir_workers_upstream$request_uri"; - }; - - # ??? - locations."/" = { - #resolver 127.0.0.11 valid=5s; - #set $backend "matrix-synapse:8008"; - #proxyPass = "http://$backend"; - proxyPass = "http://127.0.0.1:8008"; - }; - - locations."~ ^/_matrix/federation/v1/event/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/state/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/state_ids/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/backfill/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/get_missing_events/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/publicRooms" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/query/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/make_join/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/make_leave/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/(v1|v2)/send_join/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/(v1|v2)/send_leave/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/(v1|v2)/invite/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/event_auth/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/timestamp_to_event/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/exchange_third_party_invite/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/user/devices/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/key/v2/query" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/hierarchy/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/send/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - - ##### media repo - - # https://matrix-org.github.io/synapse/latest/workers.html#synapseappmedia_repository - locations."~ ^/_matrix/media/" = { - proxyPass = "http://media_repository_workers_upstream$request_uri"; - }; - locations."~ ^/_synapse/admin/v1/purge_media_cache$" = { - proxyPass = "http://media_repository_workers_upstream$request_uri"; - }; - locations."~ ^/_synapse/admin/v1/room/.*/media.*$" = { - proxyPass = "http://media_repository_workers_upstream$request_uri"; - }; - locations."~ ^/_synapse/admin/v1/user/.*/media.*$" = { - proxyPass = "http://media_repository_workers_upstream$request_uri"; - }; - locations."~ ^/_synapse/admin/v1/media/.*$" = { - proxyPass = "http://media_repository_workers_upstream$request_uri"; - }; - locations."~ ^/_synapse/admin/v1/quarantine_media/.*$" = { - proxyPass = "http://media_repository_workers_upstream$request_uri"; - }; - locations."~ ^/_synapse/admin/v1/users/.*/media$" = { - proxyPass = "http://media_repository_workers_upstream$request_uri"; - }; - - #locations."/" = { - #resolver 127.0.0.11 valid=5s; - #set $backend "matrix-synapse:8048"; - #proxyPass = "http://$backend"; - #}; - - locations."/_synapse/client".proxyPass = "http://127.0.0.1:8008"; -} diff --git a/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix b/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix deleted file mode 100644 index cdf3c92..0000000 --- a/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - generic_workers_upstream.servers = { - "127.0.0.1:18111" = { }; - }; - stream_writer_typing_stream_workers_upstream.servers = { - "127.0.0.1:20012" = { }; - }; - stream_writer_to_device_stream_workers_upstream.servers = { - "127.0.0.1:20013" = { }; - }; - stream_writer_account_data_stream_workers_upstream.servers = { - "127.0.0.1:20014" = { }; - }; - stream_writer_receipts_stream_workers_upstream.servers = { - "127.0.0.1:20015" = { }; - }; - stream_writer_presence_stream_workers_upstream.servers = { - "127.0.0.1:20016" = { }; - }; - media_repository_workers_upstream.servers = { - "127.0.0.1:18551" = { }; - }; - user_dir_workers_upstream.servers = { - "127.0.0.1:18661" = { }; - }; -} diff --git a/host/Rory-nginx/services/nginx/matrix-upstreams.nix b/host/Rory-nginx/services/nginx/matrix-upstreams.nix deleted file mode 100644 index 5dd2fe8..0000000 --- a/host/Rory-nginx/services/nginx/matrix-upstreams.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - generic_workers_upstream.servers = { - "127.0.0.1:8008" = { }; - }; - stream_writer_typing_stream_workers_upstream.servers = { - "127.0.0.1:8008" = { }; - }; - stream_writer_to_device_stream_workers_upstream.servers = { - "127.0.0.1:8008" = { }; - }; - stream_writer_account_data_stream_workers_upstream.servers = { - "127.0.0.1:8008" = { }; - }; - stream_writer_receipts_stream_workers_upstream.servers = { - "127.0.0.1:8008" = { }; - }; - stream_writer_presence_stream_workers_upstream.servers = { - "127.0.0.1:8008" = { }; - }; - media_repository_workers_upstream.servers = { - "127.0.0.1:8008" = { }; - }; - user_dir_workers_upstream.servers = { - "127.0.0.1:8008" = { }; - }; -} diff --git a/host/Rory-nginx/services/nginx/nginx.nix b/host/Rory-nginx/services/nginx/nginx.nix index 0b53a28..d210fb1 100755 --- a/host/Rory-nginx/services/nginx/nginx.nix +++ b/host/Rory-nginx/services/nginx/nginx.nix @@ -41,7 +41,6 @@ in log_format combined_vhosts '$remote_addr - $remote_user [$time_local] {host="$host",server_name="$server_name"} "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'; access_log /var/log/nginx/access.log combined_vhosts; ''; - upstreams = import ./matrix-upstreams.nix; additionalModules = with pkgs.nginxModules; [ moreheaders ]; virtualHosts = { "boorunav.com" = serveDir { path = "/data/nginx/html_boorunav"; }; @@ -63,7 +62,6 @@ in "search.thearcanebrony.net" = import ./thearcanebrony.net/search.nix; "rory.gay" = import ./rory.gay/root.nix; - #"rory.boo" = import ./rory.gay/root.nix; "lfs.rory.gay" = serveDir { path = "/data/nginx/html_lfs"; }; "awooradio.thearcanebrony.net" = import ./thearcanebrony.net/awooradio.nix; @@ -73,7 +71,6 @@ in #matrix... "conduit.rory.gay" = import ./rory.gay/conduit.nix; "matrix.rory.gay" = import ./rory.gay/matrix.nix; - "matrix-rory-gay.localhost" = import ./localhost/matrix-rory-gay.nix; "pcpoc.rory.gay" = import ./rory.gay/pcpoc.nix; "matrixunittests.rory.gay" = import ./rory.gay/matrixunittests.nix; "conduit.matrixunittests.rory.gay" = import ./rory.gay/conduit.matrixunittests.nix; @@ -109,8 +106,5 @@ in security.acme.acceptTerms = true; security.acme.defaults.email = "root@thearcanebrony.net"; - environment.systemPackages = with pkgs; [ - #gitfs - ]; - + networking.hosts."127.0.0.1" = builtins.attrNames config.services.nginx.virtualHosts; } |