4 files changed, 217 insertions, 0 deletions

diff --git a/host/Rory-nginx/services/matrix/synapse/synapse-main.nix b/host/Rory-nginx/services/matrix/synapse/synapse-main.nix
index cdbb6b7..42a880d 100755
--- a/host/Rory-nginx/services/matrix/synapse/synapse-main.nix
+++ b/host/Rory-nginx/services/matrix/synapse/synapse-main.nix
@@ -20,6 +20,9 @@
     mediaRepoWorkers = 8;
     clientReaders = 16;
 
+    federationReaders = 16;
+    federationInboundWorkers = 16;
+
     enableAppserviceWorker = true;
     enableBackgroundWorker = true;
     enableUserDirWorker = true;
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix
new file mode 100644
index 0000000..c2c84ec
--- /dev/null
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix
@@ -0,0 +1,91 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+
+let
+  cfg = config.services.matrix-synapse;
+  workers = lib.range 0 (cfg.federationReaders - 1);
+  routes = [
+    "~ /_matrix/federation/(v1|v2)/send/"
+  ];
+in
+{
+  config = lib.mkIf (cfg.federationInboundWorkers > 0) {
+    services.matrix-synapse = {
+      settings = {
+        instance_map = lib.listToAttrs (
+          lib.map (index: {
+            name = "federation_inbound-${toString index}";
+            value = {
+              path = "/run/matrix-synapse/federation_inbound-${toString index}.sock";
+            };
+          }) workers
+        );
+      };
+
+      workers = lib.listToAttrs (
+        lib.map (index: {
+          name = "federation_inbound-${toString index}";
+          value = {
+            worker_app = "synapse.app.generic_worker";
+            worker_listeners = [
+              {
+                type = "http";
+                path = "/run/matrix-synapse/federation_inbound-${toString index}.sock";
+                resources = [
+                  {
+                    names = [ "replication" ];
+                    compress = false;
+                  }
+                ];
+              }
+              {
+                type = "http";
+                path = "/run/matrix-synapse/federation_inbound-federation-${toString index}.sock";
+                mode = "666";
+                resources = [
+                  {
+                    names = [ "federation" ];
+                    compress = false;
+                  }
+                ];
+              }
+            ];
+            database = (
+              import ../db.nix {
+                workerName = "federation_inbound-${toString index}";
+                dbGroup = "medium";
+              }
+            );
+          };
+        }) workers
+      );
+    };
+
+    services.nginx.upstreams."federation_inbound" = {
+      extraConfig = ''
+        keepalive 32;
+      '';
+      servers = lib.listToAttrs (
+        lib.map (index: {
+          name = "unix:/run/matrix-synapse/federation_inbound-federation-${toString index}.sock";
+          value = {
+            max_fails = 0;
+          };
+        }) workers
+      );
+    };
+
+    services.nginx.virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+      lib.map (route: {
+        name = route;
+        value = {
+          proxyPass = "http://federation_inbound";
+        };
+      }) routes
+    );
+  };
+}
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
new file mode 100644
index 0000000..e48ba05
--- /dev/null
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
@@ -0,0 +1,111 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+
+let
+  cfg = config.services.matrix-synapse;
+  workers = lib.range 0 (cfg.federationReaders - 1);
+  routes = [
+    "~ ^/_matrix/federation/(v1|v2)/event/"
+    "~ ^/_matrix/federation/(v1|v2)/state/"
+    "~ ^/_matrix/federation/(v1|v2)/state_ids/"
+    "~ ^/_matrix/federation/(v1|v2)/backfill/"
+    "~ ^/_matrix/federation/(v1|v2)/get_missing_events/"
+    "~ ^/_matrix/federation/(v1|v2)/publicRooms"
+    "~ ^/_matrix/federation/(v1|v2)/query/"
+    "~ ^/_matrix/federation/(v1|v2)/make_join/"
+    "~ ^/_matrix/federation/(v1|v2)/make_leave/"
+    "~ ^/_matrix/federation/(v1|v2)/send_join/"
+    "~ ^/_matrix/federation/(v1|v2)/send_leave/"
+    "~ ^/_matrix/federation/v1/make_knock/"
+    "~ ^/_matrix/federation/v1/send_knock/"
+    "~ ^/_matrix/federation/(v1|v2)/invite/"
+    "~ ^/_matrix/federation/(v1|v2)/query_auth/"
+    "~ ^/_matrix/federation/(v1|v2)/event_auth/"
+    "~ ^/_matrix/federation/v1/timestamp_to_event/"
+    "~ ^/_matrix/federation/(v1|v2)/exchange_third_party_invite/"
+    "~ ^/_matrix/federation/(v1|v2)/user/devices/"
+    "~ ^/_matrix/federation/(v1|v2)/get_groups_publicised$"
+    "~ ^/_matrix/key/v2/query"
+  ];
+in
+{
+  config = lib.mkIf (cfg.federationReaders > 0) {
+    services.matrix-synapse = {
+      settings = {
+        instance_map = lib.listToAttrs (
+          lib.map (index: {
+            name = "federation_reader-${toString index}";
+            value = {
+              path = "/run/matrix-synapse/federation_reader-${toString index}.sock";
+            };
+          }) workers
+        );
+      };
+
+      workers = lib.listToAttrs (
+        lib.map (index: {
+          name = "federation_reader-${toString index}";
+          value = {
+            worker_app = "synapse.app.generic_worker";
+            worker_listeners = [
+              {
+                type = "http";
+                path = "/run/matrix-synapse/federation_reader-${toString index}.sock";
+                resources = [
+                  {
+                    names = [ "replication" ];
+                    compress = false;
+                  }
+                ];
+              }
+              {
+                type = "http";
+                path = "/run/matrix-synapse/federation_reader-federation-${toString index}.sock";
+                mode = "666";
+                resources = [
+                  {
+                    names = [ "federation" ];
+                    compress = false;
+                  }
+                ];
+              }
+            ];
+            database = (
+              import ../db.nix {
+                workerName = "federation_reader-${toString index}";
+                dbGroup = "medium";
+              }
+            );
+          };
+        }) workers
+      );
+    };
+
+    services.nginx.upstreams."federation_reader" = {
+      extraConfig = ''
+        keepalive 32;
+      '';
+      servers = lib.listToAttrs (
+        lib.map (index: {
+          name = "unix:/run/matrix-synapse/federation_reader-federation-${toString index}.sock";
+          value = {
+            max_fails = 0;
+          };
+        }) workers
+      );
+    };
+
+    services.nginx.virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+      lib.map (route: {
+        name = route;
+        value = {
+          proxyPass = "http://federation_reader";
+        };
+      }) routes
+    );
+  };
+}
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/module.nix b/host/Rory-nginx/services/matrix/synapse/workers/module.nix
index ebe4732..1450d52 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/module.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/module.nix
@@ -19,6 +19,8 @@ in
     ./appservice.nix
     ./background.nix
     ./client-reader.nix
+    ./federation-inbound.nix
+    ./federation-reader.nix
     ./federation-sender.nix
     ./media-repo.nix
     ./pusher.nix
@@ -79,6 +81,16 @@ in
         default = 0;
         description = "Number of client readers";
       };
+      federationReaders = lib.mkOption {
+        type = lib.types.int;
+        default = 0;
+        description = "Number of federation readers";
+      };
+      federationInboundWorkers = lib.mkOption {
+        type = lib.types.int;
+        default = 0;
+        description = "Number of federation inbound workers";
+      };
 
       nginxVirtualHostName = lib.mkOption {
         type = lib.types.str;