diff options
Diffstat (limited to 'host/Rory-nginx/services/matrix')
24 files changed, 129 insertions, 591 deletions
diff --git a/host/Rory-nginx/services/matrix/appsettings.conduit-rory-gay.json b/host/Rory-nginx/services/matrix/appsettings.conduit-rory-gay.json deleted file mode 100644 index f1e8d6a..0000000 --- a/host/Rory-nginx/services/matrix/appsettings.conduit-rory-gay.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft.AspNetCore": "Information", - "Microsoft.AspNetCore.Routing": "Warning", - "Microsoft.AspNetCore.Mvc": "Warning" - } - }, - "ProxyConfiguration": { - "Upstream": "http://127.0.0.1:6167", - "Host": "conduit.rory.gay", - "TrustedServers": [ - "conduit.rory.gay" - ] - } -} \ No newline at end of file diff --git a/host/Rory-nginx/services/matrix/appsettings.matrix-rory-gay.json b/host/Rory-nginx/services/matrix/appsettings.matrix-rory-gay.json deleted file mode 100644 index 5240676..0000000 --- a/host/Rory-nginx/services/matrix/appsettings.matrix-rory-gay.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft.AspNetCore": "Information", - "Microsoft.AspNetCore.Routing": "Warning", - "Microsoft.AspNetCore.Mvc": "Warning" - } - }, - "ProxyConfiguration": { - "Upstream": "http://matrix-rory-gay.localhost", - "Host": "matrix-rory-gay.localhost", - "TrustedServers": [ - "rory.gay" - ] - } -} \ No newline at end of file diff --git a/host/Rory-nginx/services/matrix/coturn.nix b/host/Rory-nginx/services/matrix/coturn.nix index 1fed755..805faa9 100755 --- a/host/Rory-nginx/services/matrix/coturn.nix +++ b/host/Rory-nginx/services/matrix/coturn.nix @@ -1,13 +1,8 @@ -{ - config, - pkgs, - lib, - ... -}: +{ ... }: { # coturn (WebRTC) - services.coturn = rec { + services.coturn = { enable = false; # Alicia - figure out secret first... no-cli = true; no-tcp-relay = true; diff --git a/host/Rory-nginx/services/matrix/draupnir.nix b/host/Rory-nginx/services/matrix/draupnir.nix index f2a8357..9f48e6d 100755 --- a/host/Rory-nginx/services/matrix/draupnir.nix +++ b/host/Rory-nginx/services/matrix/draupnir.nix @@ -1,22 +1,17 @@ -{ - config, - pkgs, - lib, - ... -}: +{ ... }: { - # Alicia - doesnt work yet... until in nixpkgs... services.draupnir = { enable = true; + homeserverUrl = "https://matrix.rory.gay"; pantalaimon = { enable = true; username = "draupnir"; passwordFile = "/etc/draupnir-password"; options = { - homeserver = "http://localhost:8008"; - ssl = false; + #homeserver = "http://localhost:8008"; + #ssl = false; }; }; settings = { @@ -30,8 +25,6 @@ backgroundDelayMS = 10; # delay isn't needed, I don't mind the performance hit pollReports = false; # this is a single person homeserver... let's save ourself the work - #homeserverUrl = "yes"; - admin.enableMakeRoomAdminCommand = true; commands.ban.defaultReasons = [ "spam" @@ -52,10 +45,4 @@ }; }; }; - - # services.pantalaimon-headless.instances.draupnir = { - # homeserver = "http://localhost:8008"; - # ssl = false; - # }; - } diff --git a/host/Rory-nginx/services/matrix/grapevine.nix b/host/Rory-nginx/services/matrix/grapevine.nix index 1cb2e19..0f0006b 100755 --- a/host/Rory-nginx/services/matrix/grapevine.nix +++ b/host/Rory-nginx/services/matrix/grapevine.nix @@ -1,18 +1,12 @@ -{ - config, - pkgs, - lib, - ... -}: +{ ... }: { services.grapevine = { - #package = conduit.packages.${pkgs.system}.default; enable = true; settings = { conduit_compat = true; - # address = "127.0.0.1"; server_name = "conduit.rory.gay"; + trusted_servers = [ "rory.gay" ]; listen = [ { @@ -31,7 +25,7 @@ #log = "info"; #log_format = "full"; - #log = "debug"; + log = "debug"; }; }; } diff --git a/host/Rory-nginx/services/matrix/matrix-appservice-discord.nix b/host/Rory-nginx/services/matrix/matrix-appservice-discord.nix index 43c26ca..3041aaa 100755 --- a/host/Rory-nginx/services/matrix/matrix-appservice-discord.nix +++ b/host/Rory-nginx/services/matrix/matrix-appservice-discord.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ ... }: { # Discord bridge diff --git a/host/Rory-nginx/services/matrix/matrix-media-gate.nix b/host/Rory-nginx/services/matrix/matrix-media-gate.nix deleted file mode 100755 index 7eb599c..0000000 --- a/host/Rory-nginx/services/matrix/matrix-media-gate.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ - config, - pkgs, - lib, - MatrixMediaGate, - ... -}: - -{ - systemd.services = { - "MatrixMediaGate-matrix-rory-gay" = { - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${MatrixMediaGate.packages.x86_64-linux.default}/bin/MatrixMediaGate"; - ExecStartPre = "${pkgs.busybox}/bin/cp ${./appsettings.matrix-rory-gay.json} ./appsettings.matrix-rory-gay.json"; - Restart = "always"; - RestartSec = "5"; - Type = "notify"; - DynamicUser = true; - StateDirectory = "matrix-media-gate"; - WorkingDirectory = "/var/lib/matrix-media-gate"; - }; - environment = { - "DOTNET_ENVIRONMENT" = "matrix-rory-gay"; - "DOTNET_URLS" = "http://localhost:9001"; - }; - }; - "MatrixMediaGate-conduit-rory-gay" = { - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${MatrixMediaGate.packages.x86_64-linux.default}/bin/MatrixMediaGate"; - ExecStartPre = "${pkgs.busybox}/bin/cp ${./appsettings.conduit-rory-gay.json} ./appsettings.conduit-rory-gay.json"; - Restart = "always"; - RestartSec = "5"; - Type = "notify"; - DynamicUser = true; - StateDirectory = "matrix-media-gate"; - WorkingDirectory = "/var/lib/matrix-media-gate"; - }; - environment = { - "DOTNET_ENVIRONMENT" = "conduit-rory-gay"; - "DOTNET_URLS" = "http://localhost:9002"; - }; - }; - }; -} diff --git a/host/Rory-nginx/services/matrix/root.nix b/host/Rory-nginx/services/matrix/root.nix index 87b5cc9..968a14a 100755 --- a/host/Rory-nginx/services/matrix/root.nix +++ b/host/Rory-nginx/services/matrix/root.nix @@ -14,7 +14,6 @@ ./draupnir.nix ./grapevine.nix ./sliding-sync.nix - #./matrix-media-gate.nix ]; } diff --git a/host/Rory-nginx/services/matrix/sliding-sync.nix b/host/Rory-nginx/services/matrix/sliding-sync.nix index 9de4958..e66d325 100644 --- a/host/Rory-nginx/services/matrix/sliding-sync.nix +++ b/host/Rory-nginx/services/matrix/sliding-sync.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ ... }: { services.matrix-sliding-sync = { enable = true; diff --git a/host/Rory-nginx/services/matrix/synapse/_synapse.monolith.nix b/host/Rory-nginx/services/matrix/synapse/_synapse.monolith.nix deleted file mode 100755 index 8bdaf19..0000000 --- a/host/Rory-nginx/services/matrix/synapse/_synapse.monolith.nix +++ /dev/null @@ -1,224 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -{ - services.matrix-synapse = { - enable = true; - withJemalloc = true; - - # https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html - settings = { - server_name = "rory.gay"; - - enable_registration = true; - registration_requires_token = true; - - require_membership_for_aliases = false; - redaction_retention_period = null; - user_ips_max_age = null; - allow_device_name_lookup_over_federation = true; - - federation = { - client_timeout = "60s"; - max_short_retries = 6; - max_short_retry_delay = "10s"; - max_long_retries = 5; - max_long_retry_delay = "30s"; - }; - - event_cache_size = "1200K"; # defaults to 10K - caches = { - global_factor = 5000.0; - cache_entry_ttl = "12h"; - expire_caches = true; - sync_response_cache_duration = "6h"; - cache_autotuning = { - max_cache_memory_usage = "65536M"; - target_cache_memory_usage = "32768M"; - min_cache_ttl = "6h"; - }; - }; - - # Alicia - figure this out later... - #registration_shared_secret = builtins.exec ["cat" "/dev/urandom" "|" "tr" "-dc" "a-zA-Z0-9" "|" "fold" "-w" "256" "|" "head" "-n" "1"]; - registration_shared_secret_path = "/var/lib/matrix-synapse/registration_shared_secret.txt"; - - listeners = [ - { - port = 8008; - bind_addresses = [ - "192.168.1.2" - "127.0.0.1" - ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ - "client" - "federation" - ]; - compress = true; - } - ]; - } - ]; - dynamic_thumbnails = true; - presence = { - enable = true; - update_interval = 60; - }; - url_preview_enabled = true; - database = { - name = "psycopg2"; - args = { - user = "matrix-synapse-rory-gay"; - #passwordFile = "/run/secrets/matrix-synapse-password"; - password = "somepassword"; - database = "matrix-synapse-rory-gay"; - host = "127.0.0.1"; - application_name = "matrix-synapse (rory.gay)"; - cp_min = 5; - cp_max = 50; - #cp_reconnect_interval = "True"; - }; - }; - app_service_config_files = [ - #"/etc/matrix-synapse/appservice-registration.yaml" - "/var/lib/matrix-synapse/modas-registration.yaml" - ]; - - rc_message = { - per_second = 1000; - burst_count = 1000; - }; - rc_login = { - address = { - per_second = 1000; - burst_count = 1000; - }; - account = { - per_second = 1000; - burst_count = 1000; - }; - failed_attempts = { - per_second = 0.1; - burst_count = 3; - }; - }; - rc_joins = { - local = { - per_second = 1000; - burst_count = 1000; - }; - remote = { - per_second = 1000; - burst_count = 1000; - }; - }; - rc_joins_per_room = { - per_second = 1000; - burst_count = 1000; - }; - rc_invites = { - per_room = { - per_second = 1000; - burst_count = 1000; - }; - per_user = { - per_second = 1000; - burst_count = 1000; - }; - per_issuer = { - per_second = 1000; - burst_count = 1000; - }; - }; - rc_federation = { - window_size = 10; - sleep_limit = 1000; - sleep_delay = 100; - reject_limit = 1000; - concurrent = 100; - }; - federation_rr_transactions_per_room_per_second = 1; - - max_image_pixels = "100M"; - - ui_auth = { - session_timeout = "1m"; - }; - - login_via_existing_session = { - enabled = true; - require_ui_auth = true; - token_timeout = "1y"; - }; - - #sentry = { - # dsn = "https://77c8de07855d4e0c90dbcf0945a04f01@sentry.thearcanebrony.net/14"; - #}; - - report_stats = false; - - user_directory = { - enabled = true; - search_all_users = true; - prefer_local_users = true; - }; - - experimental_features = { - "org.matrix.msc3026.busy_presence" = true; - "fi.mau.msc2815" = true; - "org.matrix.msc3881" = true; - "org.matrix.msc3874" = true; - "org.matrix.msc3912" = true; - }; - }; - - plugins = with pkgs.matrix-synapse-plugins; [ - # Alicia - need to port draupnir... - #matrix-synapse-mjolnir-antispam - # matrix-synapse-pam - ]; - # extraConfigFiles = [ - # (pkgs.writeTextFile { - # name = "matrix-synapse-extra-config.yml"; - # text = '' - # modules: - # - module: "pam_auth_provider.PAMAuthProvider" - # config: - # create_users: true - # skip_user_check: false - # ''; - # }) - # ]; - }; - - systemd.services.matrix-synapse-reg-token = { - description = "Random registration token for Synapse."; - before = [ "matrix-synapse.service" ]; # So the registration can be used by Synapse - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - - script = '' - - if [ ! -f "registration_shared_secret.txt" ] - then - cat /dev/urandom | tr -dc a-zA-Z0-9 | fold -w 256 | head -n 1 > registration_shared_secret.txt - else - echo Not generating key, key exists; - fi''; - serviceConfig = { - User = "matrix-synapse"; - Group = "matrix-synapse"; - WorkingDirectory = "/var/lib/matrix-synapse"; - }; - }; - -} diff --git a/host/Rory-nginx/services/matrix/synapse/synapse-main.nix b/host/Rory-nginx/services/matrix/synapse/synapse-main.nix index 4f3256f..5202ac1 100755 --- a/host/Rory-nginx/services/matrix/synapse/synapse-main.nix +++ b/host/Rory-nginx/services/matrix/synapse/synapse-main.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ pkgs, ... }: { # Worker plumbing examples: https://github.com/element-hq/synapse/blob/master/docker/configure_workers_and_start.py @@ -15,6 +10,8 @@ withJemalloc = true; nginxVirtualHostName = "matrix.rory.gay"; + enableWorkers = true; + federationSenders = 16; pushers = 1; mediaRepoWorkers = 4; diff --git a/host/Rory-nginx/services/matrix/synapse/workers/appservice.nix b/host/Rory-nginx/services/matrix/synapse/workers/appservice.nix index d259edd..e3b07bc 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/appservice.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/appservice.nix @@ -1,23 +1,20 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; + workerName = "appservice"; + workerRoutes = [ ]; in { services.matrix-synapse = lib.mkIf cfg.enableAppserviceWorker { settings = { instance_map = { appservice = { - path = "/run/matrix-synapse/appservice.sock"; + path = "/run/matrix-synapse/${workerName}.sock"; }; }; - notify_appservices_from_worker = "appservice"; + notify_appservices_from_worker = workerName; }; workers = { @@ -26,7 +23,7 @@ in worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/appservice.sock"; + path = "/run/matrix-synapse/${workerName}.sock"; resources = [ { names = [ "replication" ]; diff --git a/host/Rory-nginx/services/matrix/synapse/workers/background.nix b/host/Rory-nginx/services/matrix/synapse/workers/background.nix index 501299a..611f6eb 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/background.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/background.nix @@ -1,23 +1,20 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; + workerName = "background"; + workerRoutes = [ ]; in { services.matrix-synapse = lib.mkIf cfg.enableBackgroundWorker { settings = { instance_map = { background = { - path = "/run/matrix-synapse/background.sock"; + path = "/run/matrix-synapse/${workerName}.sock"; }; }; - run_background_tasks_on = "background"; + run_background_tasks_on = workerName; }; workers = { @@ -26,7 +23,7 @@ in worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/background.sock"; + path = "/run/matrix-synapse/${workerName}.sock"; resources = [ { names = [ "replication" ]; diff --git a/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix b/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix index ff7352b..c89b147 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix @@ -1,13 +1,9 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; workers = lib.range 0 (cfg.clientReaders - 1); + workerName = "client_reader"; routes = [ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$" "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$" @@ -44,9 +40,9 @@ in settings = { instance_map = lib.listToAttrs ( lib.map (index: { - name = "client_reader-${toString index}"; + name = "${workerName}-${toString index}"; value = { - path = "/run/matrix-synapse/client_reader-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; }; }) workers ); @@ -54,13 +50,13 @@ in workers = lib.listToAttrs ( lib.map (index: { - name = "client_reader-${toString index}"; + name = "${workerName}-${toString index}"; value = { worker_app = "synapse.app.generic_worker"; worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/client_reader-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; resources = [ { names = [ "replication" ]; @@ -70,7 +66,7 @@ in } { type = "http"; - path = "/run/matrix-synapse/client_reader-client-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-client-${toString index}.sock"; mode = "666"; resources = [ { @@ -82,7 +78,7 @@ in ]; database = ( import ../db.nix { - workerName = "client_reader-${toString index}"; + workerName = "${workerName}-${toString index}"; dbGroup = "medium"; } ); @@ -91,13 +87,13 @@ in ); }; - services.nginx.upstreams."client_reader" = { + services.nginx.upstreams."${workerName}" = { extraConfig = '' keepalive 32; ''; servers = lib.listToAttrs ( lib.map (index: { - name = "unix:/run/matrix-synapse/client_reader-client-${toString index}.sock"; + name = "unix:/run/matrix-synapse/${workerName}-client-${toString index}.sock"; value = { max_fails = 0; }; @@ -109,7 +105,7 @@ in lib.map (route: { name = route; value = { - proxyPass = "http://client_reader"; + proxyPass = "http://${workerName}"; }; }) routes ); diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix index 9853601..2e3574f 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix @@ -1,16 +1,10 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; workers = lib.range 0 (cfg.federationReaders - 1); - routes = [ - "~ /_matrix/federation/(v1|v2)/send/" - ]; + workerName = "federation_inbound"; + workerRoutes = [ "~ /_matrix/federation/(v1|v2)/send/" ]; in { config = lib.mkIf (cfg.federationInboundWorkers > 0) { @@ -18,9 +12,9 @@ in settings = { instance_map = lib.listToAttrs ( lib.map (index: { - name = "federation_inbound-${toString index}"; + name = "${workerName}-${toString index}"; value = { - path = "/run/matrix-synapse/federation_inbound-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; }; }) workers ); @@ -28,13 +22,13 @@ in workers = lib.listToAttrs ( lib.map (index: { - name = "federation_inbound-${toString index}"; + name = "${workerName}-${toString index}"; value = { worker_app = "synapse.app.generic_worker"; worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/federation_inbound-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; resources = [ { names = [ "replication" ]; @@ -44,7 +38,7 @@ in } { type = "http"; - path = "/run/matrix-synapse/federation_inbound-federation-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-federation-${toString index}.sock"; mode = "666"; resources = [ { @@ -56,7 +50,7 @@ in ]; database = ( import ../db.nix { - workerName = "federation_inbound-${toString index}"; + workerName = "${workerName}-${toString index}"; dbGroup = "medium"; } ); @@ -65,14 +59,14 @@ in ); }; - services.nginx.upstreams."federation_inbound" = { + services.nginx.upstreams."${workerName}" = { extraConfig = '' keepalive 32; ip_hash; ''; servers = lib.listToAttrs ( lib.map (index: { - name = "unix:/run/matrix-synapse/federation_inbound-federation-${toString index}.sock"; + name = "unix:/run/matrix-synapse/${workerName}-federation-${toString index}.sock"; value = { max_fails = 0; }; @@ -84,9 +78,9 @@ in lib.map (route: { name = route; value = { - proxyPass = "http://federation_inbound"; + proxyPass = "http://${workerName}"; }; - }) routes + }) workerRoutes ); }; } diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix index 9aafb28..762f82c 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix @@ -1,14 +1,10 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; workers = lib.range 0 (cfg.federationReaders - 1); - routes = [ + workerName = "federation_reader"; + workerRoutes = [ "~ ^/_matrix/federation/(v1|v2)/event/" "~ ^/_matrix/federation/(v1|v2)/state/" "~ ^/_matrix/federation/(v1|v2)/state_ids/" @@ -38,9 +34,9 @@ in settings = { instance_map = lib.listToAttrs ( lib.map (index: { - name = "federation_reader-${toString index}"; + name = "${workerName}-${toString index}"; value = { - path = "/run/matrix-synapse/federation_reader-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; }; }) workers ); @@ -48,13 +44,13 @@ in workers = lib.listToAttrs ( lib.map (index: { - name = "federation_reader-${toString index}"; + name = "${workerName}-${toString index}"; value = { worker_app = "synapse.app.generic_worker"; worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/federation_reader-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; resources = [ { names = [ "replication" ]; @@ -64,7 +60,7 @@ in } { type = "http"; - path = "/run/matrix-synapse/federation_reader-federation-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-federation-${toString index}.sock"; mode = "666"; resources = [ { @@ -76,7 +72,7 @@ in ]; database = ( import ../db.nix { - workerName = "federation_reader-${toString index}"; + workerName = "${workerName}-${toString index}"; dbGroup = "medium"; } ); @@ -85,14 +81,14 @@ in ); }; - services.nginx.upstreams."federation_reader" = { + services.nginx.upstreams."${workerName}" = { extraConfig = '' keepalive 32; hash $request_uri consistent; ''; servers = lib.listToAttrs ( lib.map (index: { - name = "unix:/run/matrix-synapse/federation_reader-federation-${toString index}.sock"; + name = "unix:/run/matrix-synapse/${workerName}-federation-${toString index}.sock"; value = { max_fails = 0; }; @@ -104,9 +100,9 @@ in lib.map (route: { name = route; value = { - proxyPass = "http://federation_reader"; + proxyPass = "http://${workerName}"; }; - }) routes + }) workerRoutes ); }; } diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix index 4cb137a..391e046 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix @@ -1,46 +1,36 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; federationSenders = lib.range 0 (cfg.federationSenders - 1); + workerName = "federation_sender"; + workerRoutes = [ ]; in { services.matrix-synapse = lib.mkIf (cfg.federationSenders > 0) { settings = { instance_map = lib.listToAttrs ( lib.map (index: { - name = "federation_sender-${toString index}"; + name = "${workerName}-${toString index}"; value = { - path = "/run/matrix-synapse/federation_sender-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; }; }) federationSenders ); send_federation = false; - federation_sender_instances = lib.map (index: "federation_sender-${toString index}") federationSenders; - outbound_federation_restricted_to = lib.map (index: "federation_sender-${toString index}") federationSenders; - worker_replication_secret = "federation_sender_secret"; - - database = ( - import ../db.nix { - workerName = "federation_sender"; - dbGroup = "solo"; - } - ); + federation_sender_instances = lib.map (index: "${workerName}-${toString index}") federationSenders; + outbound_federation_restricted_to = lib.map (index: "${workerName}-${toString index}") federationSenders; + worker_replication_secret = "${workerName}_secret"; }; workers = lib.listToAttrs ( lib.map (index: { - name = "federation_sender-${toString index}"; + name = "${workerName}-${toString index}"; value = { worker_app = "synapse.app.generic_worker"; worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/federation_sender-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; resources = [ { names = [ "replication" ]; @@ -49,6 +39,12 @@ in ]; } ]; + database = ( + import ../db.nix { + workerName = "${workerName}-${toString index}"; + dbGroup = "solo"; + } + ); }; }) federationSenders ); diff --git a/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix b/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix index e4d3b32..b030706 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix @@ -1,13 +1,9 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; workers = lib.range 0 (cfg.mediaRepoWorkers - 1); + workerName = "media_repo"; routes = [ "~ ^/_matrix/media/" "~ ^/_matrix/client/v1/media/" @@ -25,26 +21,26 @@ in settings = { instance_map = lib.listToAttrs ( lib.map (index: { - name = "media_repo-${toString index}"; + name = "${workerName}-${toString index}"; value = { - path = "/run/matrix-synapse/media_repo-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; }; }) workers ); - media_instance_running_background_jobs = "media_repo-0"; + media_instance_running_background_jobs = "${workerName}-0"; enable_media_repo = false; }; workers = lib.listToAttrs ( lib.map (index: { - name = "media_repo-${toString index}"; + name = "${workerName}-${toString index}"; value = { worker_app = "synapse.app.generic_worker"; worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/media_repo-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; resources = [ { names = [ "replication" ]; @@ -54,7 +50,7 @@ in } { type = "http"; - path = "/run/matrix-synapse/media_repo-media-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-media-${toString index}.sock"; mode = "666"; resources = [ { @@ -66,23 +62,33 @@ in ]; database = ( import ../db.nix { - workerName = "media_repo-${toString index}"; + workerName = "${workerName}-${toString index}"; dbGroup = "solo"; } ); enable_media_repo = true; + max_upload_size = "512M"; + remote_media_download_burst_count = "512G"; + remote_media_download_per_second = "512G"; + rc_federation = { + window_size = 1; + sleep_limit = 1000; + sleep_delay = 1; + reject_limit = 1000; + concurrent = 100; + }; }; }) workers ); }; - services.nginx.upstreams."media_repo" = { + services.nginx.upstreams."${workerName}" = { extraConfig = '' keepalive 32; ''; servers = lib.listToAttrs ( lib.map (index: { - name = "unix:/run/matrix-synapse/media_repo-media-${toString index}.sock"; + name = "unix:/run/matrix-synapse/${workerName}-media-${toString index}.sock"; value = { max_fails = 0; }; @@ -94,7 +100,7 @@ in lib.map (route: { name = route; value = { - proxyPass = "http://media_repo"; + proxyPass = "http://${workerName}"; extraConfig = '' client_max_body_size 500M; ''; diff --git a/host/Rory-nginx/services/matrix/synapse/workers/module.nix b/host/Rory-nginx/services/matrix/synapse/workers/module.nix index 1450d52..bb46aed 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/module.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/module.nix @@ -1,19 +1,8 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; in -#eventWriters = lib.range 0 (count - 1); -#typingWriters = lib.range 0 (count - 1); -#deviceWriters = lib.range 0 (count - 1); -#accountDataWriters = lib.range 0 (count - 1); -#receiptsWriters = lib.range 0 (count - 1); -#presenceWriters = lib.range 0 (count - 1); -#pusherWriters = lib.range 0 (count - 1); + { imports = [ ./appservice.nix @@ -51,6 +40,7 @@ in ] ) // { + enableWorkers = lib.mkEnableOption "Enable dedicated workers"; enableStreamWriters = lib.mkEnableOption "Enable stream writers"; enableAppserviceWorker = lib.mkEnableOption "Enable dedicated appservice worker"; enableBackgroundWorker = lib.mkEnableOption "Enable dedicated background task worker"; diff --git a/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix b/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix index 63d903a..3391171 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix @@ -1,12 +1,9 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; pushers = lib.range 0 (cfg.pushers - 1); + workerName = "pusher"; + workerRoutes = [ ]; in { config = lib.mkIf (cfg.pushers > 0) { @@ -16,23 +13,23 @@ in lib.map (index: { name = "pusher-${toString index}"; value = { - path = "/run/matrix-synapse/pusher-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; }; }) pushers ); - pusher_instances = lib.map (index: "pusher-${toString index}") pushers; + pusher_instances = lib.map (index: "${workerName}-${toString index}") pushers; }; workers = lib.listToAttrs ( lib.map (index: { - name = "pusher-${toString index}"; + name = "${workerName}-${toString index}"; value = { worker_app = "synapse.app.generic_worker"; worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/pusher-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; resources = [ { names = [ "replication" ]; @@ -43,7 +40,7 @@ in ]; database = ( import ../db.nix { - workerName = "pusher-${toString index}"; + workerName = "${workerName}-${toString index}"; dbGroup = "small"; } ); diff --git a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/__OLD__module.nix b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/__OLD__module.nix deleted file mode 100644 index d4a9ff4..0000000 --- a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/__OLD__module.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -let - cfg = config.services.matrix-synapse; -in -#eventWriters = lib.range 0 (count - 1); -#typingWriters = lib.range 0 (count - 1); -#deviceWriters = lib.range 0 (count - 1); -#accountDataWriters = lib.range 0 (count - 1); -#receiptsWriters = lib.range 0 (count - 1); -#presenceWriters = lib.range 0 (count - 1); -#pusherWriters = lib.range 0 (count - 1); -{ - options.services.matrix-synapse = - lib.listToAttrs ( - lib.map - (option: { - name = "${option}StreamWriters"; - value = lib.mkOption { - type = lib.types.int; - default = 1; - description = "Number of writers for ${option} streams"; - }; - }) - [ - "event" - "typing" - "toDevice" - "accountData" - "receipts" - "presence" - "pushRule" - ] - ) - // { - enableStreamWriters = lib.mkEnableOption "Enable stream writers"; - federationSenders = lib.mkOption { - type = lib.types.int; - default = 1; - description = "Number of federation senders"; - }; - pushers = lib.mkOption { - type = lib.types.int; - default = 1; - description = "Number of pushers"; - }; - }; - - config = lib.mkIf cfg.enableStreamWriters { - services.matrix-synapse = { - settings = { - instance_map = lib.listToAttrs ( - lib.map (port: { - name = "stream-writer-${toString port}"; - value = { - path = "/run/matrix-synapse/stream-writer-${toString port}.sock"; - }; - }) federationSenders - ); - - stream_writers = { - events = lib.map (port: "stream-writer-events-${toString port}") federationSenders; - typing = lib.map (port: "stream-writer-typing-${toString port}") typingWriters; - to_device = lib.map (port: "stream-writer-to_device-${toString port}") deviceWriters; - account_data = lib.map (port: "stream-writer-account_data-${toString port}") accountDataWriters; - receipts = lib.map (port: "stream-writer-receipts-${toString port}") receiptsWriters; - presence = lib.map (port: "stream-writer-presence-${toString port}") presenceWriters; - push_rules = lib.map (port: "stream-writer-push_rules-${toString port}") pusherWriters; - }; - }; - - workers = lib.listToAttrs ( - lib.map (port: { - name = "stream-writerr-${toString port}"; - value = { - worker_app = "synapse.app.generic_worker"; - worker_listeners = [ ]; - }; - }) federationSenders - ); - }; - }; -} diff --git a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix index 4dbf4ee..1f5b638 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; streamWriters = lib.range 0 (cfg.eventStreamWriters - 1); diff --git a/host/Rory-nginx/services/matrix/synapse/workers/sync.nix b/host/Rory-nginx/services/matrix/synapse/workers/sync.nix index b9ccad3..579e14b 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/sync.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/sync.nix @@ -1,13 +1,9 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, lib, ... }: let cfg = config.services.matrix-synapse; workers = lib.range 0 (cfg.syncWorkers - 1); + workerName = "sync"; routes = [ "~ ^/_matrix/client/(v2_alpha|r0|v3)/sync$" "~ ^/_matrix/client/(api/v1|v2_alpha|r0|v3)/events$" @@ -21,9 +17,9 @@ in settings = { instance_map = lib.listToAttrs ( lib.map (index: { - name = "sync-${toString index}"; + name = "${workerName}-${toString index}"; value = { - path = "/run/matrix-synapse/sync-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; }; }) workers ); @@ -31,13 +27,13 @@ in workers = lib.listToAttrs ( lib.map (index: { - name = "sync-${toString index}"; + name = "${workerName}-${toString index}"; value = { worker_app = "synapse.app.generic_worker"; worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/sync-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; resources = [ { names = [ "replication" ]; @@ -47,7 +43,7 @@ in } { type = "http"; - path = "/run/matrix-synapse/sync-client-${toString index}.sock"; + path = "/run/matrix-synapse/${workerName}-client-${toString index}.sock"; mode = "666"; resources = [ { @@ -59,7 +55,7 @@ in ]; database = ( import ../db.nix { - workerName = "sync-${toString index}"; + workerName = "${workerName}-${toString index}"; dbGroup = "small"; } ); @@ -68,13 +64,13 @@ in ); }; - services.nginx.upstreams."sync" = { + services.nginx.upstreams."${workerName}" = { extraConfig = '' keepalive 32; ''; servers = lib.listToAttrs ( lib.map (index: { - name = "unix:/run/matrix-synapse/sync-client-${toString index}.sock"; + name = "unix:/run/matrix-synapse/${workerName}-client-${toString index}.sock"; value = { max_fails = 0; }; @@ -86,7 +82,7 @@ in lib.map (route: { name = route; value = { - proxyPass = "http://sync"; + proxyPass = "http://${workerName}"; }; }) routes ); diff --git a/host/Rory-nginx/services/matrix/synapse/workers/user-dir.nix b/host/Rory-nginx/services/matrix/synapse/workers/user-dir.nix index 2eabe9d..f8d118e 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/user-dir.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/user-dir.nix @@ -7,6 +7,8 @@ let cfg = config.services.matrix-synapse; + workerName = "user_dir"; + workerRoutes = [ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/user_directory/search$" ]; in { config = lib.mkIf cfg.enableUserDirWorker { @@ -18,7 +20,7 @@ in }; }; - update_user_directory_from_worker = "user_dir"; + update_user_directory_from_worker = workerName; }; workers = { @@ -27,7 +29,7 @@ in worker_listeners = [ { type = "http"; - path = "/run/matrix-synapse/user_dir.sock"; + path = "/run/matrix-synapse/${workerName}.sock"; resources = [ { names = [ "replication" ]; @@ -37,7 +39,7 @@ in } { type = "http"; - path = "/run/matrix-synapse/user_dir-client.sock"; + path = "/run/matrix-synapse/${workerName}-client.sock"; mode = "666"; resources = [ { |