summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/auth.nix31
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix103
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix37
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix85
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix29
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix28
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/pusher.nix30
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/sync.nix47
8 files changed, 255 insertions, 135 deletions
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/auth.nix b/host/Rory-nginx/services/matrix/synapse/workers/auth.nix
index 2313a4d..6b9e250 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/auth.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/auth.nix
@@ -3,8 +3,6 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "solo";
-  hasClientResource = false;
-  hasFederationResource = false;
   workers = lib.range 0 (cfg.authWorkers - 1);
   workerName = "auth";
   workerRoutes = {
@@ -89,13 +87,26 @@ in
       );
     };
 
-    services.nginx.virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
-      lib.map (route: {
-        name = route;
-        value = {
-          proxyPass = "http://${workerName}";
-        };
-      }) workerRoutes
-    );
+    services.nginx = {
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach
+            [
+              "client"
+              "federation"
+              "media"
+            ]
+            (
+              type:
+              lib.map (route: {
+                name = route;
+                value = {
+                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                };
+              }) workerRoutes.${type}
+            )
+        )
+      );
+    };
   };
 }
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix b/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix
index 5f3acbc..937fabc 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix
@@ -3,45 +3,47 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "small";
-  hasClientResource = false;
-  hasFederationResource = false;
   workers = lib.range 0 (cfg.clientReaders - 1);
   workerName = "client_reader";
-  routes =
-    [
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$"
-      "~ ^/_matrix/client/v1/rooms/.*/hierarchy$"
-      "~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/"
-      "~ ^/_matrix/client/v1/rooms/.*/threads$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable/.*)/rooms/.*/aliases"
-      "~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search"
-      "~ ^/_matrix/client/(r0|v3|unstable)/user/.*/filter(/|$)"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/directory/room/.*$"
-      "~ ^/_matrix/client/(r0|v3|unstable)/notifications$"
+  workerRoutes = {
+    client =
+      [
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$"
+        "~ ^/_matrix/client/v1/rooms/.*/hierarchy$"
+        "~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/"
+        "~ ^/_matrix/client/v1/rooms/.*/threads$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable/.*)/rooms/.*/aliases"
+        "~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search"
+        "~ ^/_matrix/client/(r0|v3|unstable)/user/.*/filter(/|$)"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/directory/room/.*$"
+        "~ ^/_matrix/client/(r0|v3|unstable)/notifications$"
 
-      # unstable
-      "~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$"
-    ]
-    ++ lib.optionals (cfg.authWorkers == 0) [
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/whoami$"
-      "~ ^/_matrix/client/versions$"
-      "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$"
-      "~ ^/_matrix/client/(r0|v3|unstable)/register$"
-      "~ ^/_matrix/client/(r0|v3|unstable)/register/available$"
-      "~ ^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$"
-      "~ ^/_matrix/client/(r0|v3|unstable)/password_policy$"
-      "~ ^/_matrix/client/(r0|v3|unstable)/capabilities$"
-    ];
+        # unstable
+        "~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$"
+      ]
+      ++ lib.optionals (cfg.authWorkers == 0) [
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/whoami$"
+        "~ ^/_matrix/client/versions$"
+        "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$"
+        "~ ^/_matrix/client/(r0|v3|unstable)/register$"
+        "~ ^/_matrix/client/(r0|v3|unstable)/register/available$"
+        "~ ^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$"
+        "~ ^/_matrix/client/(r0|v3|unstable)/password_policy$"
+        "~ ^/_matrix/client/(r0|v3|unstable)/capabilities$"
+      ];
+    federation = [ ];
+    media = [ ];
+  };
 in
 {
   config = lib.mkIf (cfg.clientReaders > 0) {
@@ -110,13 +112,26 @@ in
       );
     };
 
-    services.nginx.virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
-      lib.map (route: {
-        name = route;
-        value = {
-          proxyPass = "http://${workerName}";
-        };
-      }) routes
-    );
+    services.nginx = {
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach
+            [
+              "client"
+              "federation"
+              "media"
+            ]
+            (
+              type:
+              lib.map (route: {
+                name = route;
+                value = {
+                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                };
+              }) workerRoutes.${type}
+            )
+        )
+      );
+    };
   };
 }
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix
index 03f5576..4ea5aa2 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix
@@ -3,11 +3,13 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "medium";
-  hasClientResource = false;
-  hasFederationResource = false;
   workers = lib.range 0 (cfg.federationReaders - 1);
   workerName = "federation_inbound";
-  workerRoutes = [ "~ /_matrix/federation/(v1|v2)/send/" ];
+  workerRoutes = {
+    client = [ ];
+    federation = [ "~ /_matrix/federation/(v1|v2)/send/" ];
+    media = [ ];
+  };
 in
 {
   config = lib.mkIf (cfg.federationInboundWorkers > 0) {
@@ -77,13 +79,26 @@ in
       );
     };
 
-    services.nginx.virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
-      lib.map (route: {
-        name = route;
-        value = {
-          proxyPass = "http://${workerName}";
-        };
-      }) workerRoutes
-    );
+    services.nginx = {
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach
+            [
+              "client"
+              "federation"
+              "media"
+            ]
+            (
+              type:
+              lib.map (route: {
+                name = route;
+                value = {
+                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                };
+              }) workerRoutes.${type}
+            )
+        )
+      );
+    };
   };
 }
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
index ceefefb..29223d7 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
@@ -3,35 +3,37 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "medium";
-  hasClientResource = false;
-  hasFederationResource = false;
   workers = lib.range 0 (cfg.federationReaders - 1);
   workerName = "federation_reader";
-  workerRoutes = [
-    "~ ^/_matrix/federation/(v1|v2)/event/"
-    "~ ^/_matrix/federation/(v1|v2)/state/"
-    "~ ^/_matrix/federation/(v1|v2)/state_ids/"
-    "~ ^/_matrix/federation/(v1|v2)/backfill/"
-    "~ ^/_matrix/federation/(v1|v2)/get_missing_events/"
-    "~ ^/_matrix/federation/(v1|v2)/publicRooms"
-    "~ ^/_matrix/federation/(v1|v2)/query/"
-    "~ ^/_matrix/federation/(v1|v2)/make_join/"
-    "~ ^/_matrix/federation/(v1|v2)/make_leave/"
-    "~ ^/_matrix/federation/(v1|v2)/send_join/"
-    "~ ^/_matrix/federation/(v1|v2)/send_leave/"
-    "~ ^/_matrix/federation/v1/make_knock/"
-    "~ ^/_matrix/federation/v1/send_knock/"
-    "~ ^/_matrix/federation/(v1|v2)/invite/"
-    "~ ^/_matrix/federation/(v1|v2)/query_auth/"
-    "~ ^/_matrix/federation/(v1|v2)/event_auth/"
-    "~ ^/_matrix/federation/v1/timestamp_to_event/"
-    "~ ^/_matrix/federation/(v1|v2)/exchange_third_party_invite/"
-    "~ ^/_matrix/federation/(v1|v2)/user/devices/"
-    "~ ^/_matrix/federation/(v1|v2)/get_groups_publicised$"
-    "~ ^/_matrix/key/v2/query"
-    # extra
-    "~ ^/_matrix/key/v2/server$"
-  ];
+  workerRoutes = {
+    client = [ ];
+    federation = [
+      "~ ^/_matrix/federation/(v1|v2)/event/"
+      "~ ^/_matrix/federation/(v1|v2)/state/"
+      "~ ^/_matrix/federation/(v1|v2)/state_ids/"
+      "~ ^/_matrix/federation/(v1|v2)/backfill/"
+      "~ ^/_matrix/federation/(v1|v2)/get_missing_events/"
+      "~ ^/_matrix/federation/(v1|v2)/publicRooms"
+      "~ ^/_matrix/federation/(v1|v2)/query/"
+      "~ ^/_matrix/federation/(v1|v2)/make_join/"
+      "~ ^/_matrix/federation/(v1|v2)/make_leave/"
+      "~ ^/_matrix/federation/(v1|v2)/send_join/"
+      "~ ^/_matrix/federation/(v1|v2)/send_leave/"
+      "~ ^/_matrix/federation/v1/make_knock/"
+      "~ ^/_matrix/federation/v1/send_knock/"
+      "~ ^/_matrix/federation/(v1|v2)/invite/"
+      "~ ^/_matrix/federation/(v1|v2)/query_auth/"
+      "~ ^/_matrix/federation/(v1|v2)/event_auth/"
+      "~ ^/_matrix/federation/v1/timestamp_to_event/"
+      "~ ^/_matrix/federation/(v1|v2)/exchange_third_party_invite/"
+      "~ ^/_matrix/federation/(v1|v2)/user/devices/"
+      "~ ^/_matrix/federation/(v1|v2)/get_groups_publicised$"
+      "~ ^/_matrix/key/v2/query"
+      # extra
+      "~ ^/_matrix/key/v2/server$"
+    ];
+    media = [ ];
+  };
 in
 {
   config = lib.mkIf (cfg.federationReaders > 0) {
@@ -101,13 +103,26 @@ in
       );
     };
 
-    services.nginx.virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
-      lib.map (route: {
-        name = route;
-        value = {
-          proxyPass = "http://${workerName}";
-        };
-      }) workerRoutes
-    );
+    services.nginx = {
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach
+            [
+              "client"
+              "federation"
+              "media"
+            ]
+            (
+              type:
+              lib.map (route: {
+                name = route;
+                value = {
+                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                };
+              }) workerRoutes.${type}
+            )
+        )
+      );
+    };
   };
 }
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix
index 931d6a4..598c028 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix
@@ -2,11 +2,13 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "solo";
-  hasClientResource = false;
-  hasFederationResource = false;
   federationSenders = lib.range 0 (cfg.federationSenders - 1);
   workerName = "federation_sender";
-  workerRoutes = [ ];
+  workerRoutes = {
+    client = [ ];
+    federation = [ ];
+    media = [ ];
+  };
 in
 {
   config = lib.mkIf (cfg.federationSenders > 0) {
@@ -53,5 +55,26 @@ in
         }) federationSenders
       );
     };
+    services.nginx = {
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach
+            [
+              "client"
+              "federation"
+              "media"
+            ]
+            (
+              type:
+              lib.map (route: {
+                name = route;
+                value = {
+                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                };
+              }) workerRoutes.${type}
+            )
+        )
+      );
+    };
   };
 }
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix b/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix
index 4309a9f..2cccbf5 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix
@@ -3,20 +3,22 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "solo";
-  hasClientResource = false;
-  hasFederationResource = false;
   workers = lib.range 0 (cfg.mediaRepoWorkers - 1);
   workerName = "media_repo";
-  routes = [
-    "~ ^/_matrix/media/"
-    "~ ^/_matrix/client/v1/media/"
-    "~ ^/_matrix/federation/v1/media/"
-    "~ ^/_synapse/admin/v1/purge_media_cache$"
-    "~ ^/_synapse/admin/v1/room/.*/media.*$"
-    "~ ^/_synapse/admin/v1/user/.*/media.*$"
-    "~ ^/_synapse/admin/v1/media/.*$"
-    "~ ^/_synapse/admin/v1/quarantine_media/.*$"
-  ];
+  workerRoutes = {
+    client = [ ];
+    federation = [ ];
+    media = [
+      "~ ^/_matrix/client/v1/media/"
+      "~ ^/_matrix/federation/v1/media/"
+      "~ ^/_synapse/admin/v1/purge_media_cache$"
+      "~ ^/_synapse/admin/v1/room/.*/media.*$"
+      "~ ^/_synapse/admin/v1/user/.*/media.*$"
+      "~ ^/_synapse/admin/v1/media/.*$"
+      "~ ^/_synapse/admin/v1/quarantine_media/.*$"
+      "~ ^/_matrix/media/"
+    ];
+  };
 in
 {
   config = lib.mkIf (cfg.mediaRepoWorkers > 0) {
@@ -108,7 +110,7 @@ in
             client_max_body_size 500M;
           '';
         };
-      }) routes
+      }) workerRoutes.media
     );
   };
 }
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix b/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix
index ad0d5d6..64d40b2 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix
@@ -2,11 +2,13 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "small";
-  hasClientResource = false;
-  hasFederationResource = false;
   pushers = lib.range 0 (cfg.pushers - 1);
   workerName = "pusher";
-  workerRoutes = [ ];
+  workerRoutes = {
+    client = [ ];
+    federation = [ ];
+    media = [ ];
+  };
 in
 {
   config = lib.mkIf (cfg.pushers > 0) {
@@ -51,5 +53,27 @@ in
         }) pushers
       );
     };
+
+    services.nginx = {
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach
+            [
+              "client"
+              "federation"
+              "media"
+            ]
+            (
+              type:
+              lib.map (route: {
+                name = route;
+                value = {
+                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                };
+              }) workerRoutes.${type}
+            )
+        )
+      );
+    };
   };
 }
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/sync.nix b/host/Rory-nginx/services/matrix/synapse/workers/sync.nix
index 2655ff3..645e550 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/sync.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/sync.nix
@@ -3,16 +3,18 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "small";
-  hasClientResource = false;
-  hasFederationResource = false;
   workers = lib.range 0 (cfg.syncWorkers - 1);
   workerName = "sync";
-  workerRoutes = [
-    "~ ^/_matrix/client/(v2_alpha|r0|v3)/sync$"
-    "~ ^/_matrix/client/(api/v1|v2_alpha|r0|v3)/events$"
-    "~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$"
-    "~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$"
-  ];
+  workerRoutes = {
+    client = [
+      "~ ^/_matrix/client/(v2_alpha|r0|v3)/sync$"
+      "~ ^/_matrix/client/(api/v1|v2_alpha|r0|v3)/events$"
+      "~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$"
+      "~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$"
+    ];
+    federation = [ ];
+    media = [ ];
+  };
 in
 {
   config = lib.mkIf (cfg.syncWorkers > 0) {
@@ -81,13 +83,26 @@ in
       );
     };
 
-    services.nginx.virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
-      lib.map (route: {
-        name = route;
-        value = {
-          proxyPass = "http://${workerName}";
-        };
-      }) workerRoutes
-    );
+    services.nginx = {
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach
+            [
+              "client"
+              "federation"
+              "media"
+            ]
+            (
+              type:
+              lib.map (route: {
+                name = route;
+                value = {
+                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                };
+              }) workerRoutes.${type}
+            )
+        )
+      );
+    };
   };
 }