From 15cc356317a7771d26755b367dc58b2d2f7829e6 Mon Sep 17 00:00:00 2001
From: "Rory&::Emma" <root@rory.gay>
Date: Sun, 6 Aug 2023 23:49:43 +0000
Subject: Update stuff

---
 host/Rory-nginx/configuration.nix                 |  4 ++-
 host/Rory-nginx/hosts/rory.gay/matrix.nix         |  5 ++++
 host/Rory-nginx/hosts/thearcanebrony.net/root.nix |  6 +++--
 host/Rory-nginx/post-rebuild.sh                   | 32 +++++++++++++++++++++++
 host/Rory-nginx/software.nix                      |  1 +
 host/Rory-synapse/software.nix                    | 12 ++++-----
 6 files changed, 51 insertions(+), 9 deletions(-)
 create mode 100755 host/Rory-nginx/post-rebuild.sh

(limited to 'host')

diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix
index c38a1bf..2f2f7cc 100755
--- a/host/Rory-nginx/configuration.nix
+++ b/host/Rory-nginx/configuration.nix
@@ -4,9 +4,11 @@
   imports =
     [
       ../../modules/base-server.nix
+      ../../modules/users/levi.nix
+      ../../modules/users/db2k.nix
       ./software.nix
     ];
-
+  users.groups.ocp = {};
   networking = {
     hostName = "Rory-nginx";
     interfaces.ens18.ipv4.addresses = [ { 
diff --git a/host/Rory-nginx/hosts/rory.gay/matrix.nix b/host/Rory-nginx/hosts/rory.gay/matrix.nix
index 60a8e2c..46514a2 100755
--- a/host/Rory-nginx/hosts/rory.gay/matrix.nix
+++ b/host/Rory-nginx/hosts/rory.gay/matrix.nix
@@ -25,6 +25,11 @@
   		# https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker
 	locations."~ ^/_matrix/client/(r0|v3)/sync$" = {
 		proxyPass = "http://generic_workers_upstream$request_uri";
+                extraConfig = ''
+                     proxy_read_timeout 300;
+                     proxy_connect_timeout 300;
+                     proxy_send_timeout 300; 
+                  '';
 	};
 	locations."~ ^/_matrix/client/(api/v1|r0|v3)/events$" = {
 		proxyPass = "http://generic_workers_upstream$request_uri";
diff --git a/host/Rory-nginx/hosts/thearcanebrony.net/root.nix b/host/Rory-nginx/hosts/thearcanebrony.net/root.nix
index 722e989..bd23f10 100755
--- a/host/Rory-nginx/hosts/thearcanebrony.net/root.nix
+++ b/host/Rory-nginx/hosts/thearcanebrony.net/root.nix
@@ -2,9 +2,11 @@
   enableACME = true;
   addSSL = true;
   root = "/data/nginx/html_thearcanebrony";
+  extraConfig = ''
+    autoindex on;'';
   locations = {
     "/" = {
-      index = "index.html";
+      #index = "index.html";
     };
     "/destroy" = {
       return = "301 https://gitlab.com/KinoshitaProductions/SecureDestroyer/-/raw/master/run";
@@ -35,4 +37,4 @@
     }';
   ''; 
   };
-}
\ No newline at end of file
+}
diff --git a/host/Rory-nginx/post-rebuild.sh b/host/Rory-nginx/post-rebuild.sh
new file mode 100755
index 0000000..ea6e013
--- /dev/null
+++ b/host/Rory-nginx/post-rebuild.sh
@@ -0,0 +1,32 @@
+#!/usr/bin/env nix-shell
+#!nix-shell -i bash -p curl gnused nix coreutils jq openssl
+#set -x
+REG_KEY=`cat /var/lib/matrix-synapse/registration_shared_secret.txt`
+LOCALPART='rory.gay'
+REACHABLE_DOMAIN='http://localhost:8008'
+
+# -- LICENSE: CNPL v7+ - https://thufie.lain.haus/files/CNPLv7.md
+# Modified from Nyaaori (https://nyaaori.cat) <+@nyaaori.cat>
+# Explicit authorisation to use the code has been granted by the original author
+#  for use by members of the Rory system (https://rory.gay)
+
+
+# the magic function:
+register(){
+	echo "Registering $1"
+	_nonce=`curl -s http://localhost:8008/_synapse/admin/v1/register | jq -r .nonce`
+	#data: nonce, domain, username, password
+	_hmac=`printf '%s\0%s\0%s\0%s' "$_nonce" "$1" "$2" "admin" |  openssl dgst -sha1 -hmac "$REG_KEY" |  awk '{print $2}'`
+	curl -s -XPOST -d '{"nonce": "'"$_nonce"'", "username": "'"$1"'", "displayname": "'"$1"'", "password": "'"$2"'", "admin": true, "mac": "'"$_hmac"'"}' $REACHABLE_DOMAIN/_synapse/admin/v1/register | tee -a matrix-user-tokens.txt
+	echo
+}
+
+# -- END OF LICENSED CODE
+
+
+
+PASSWD=`cat /etc/matrix-user-pass`
+for u in {draupnir,Alicia,Emma,Rory,root,Quetzelle}
+do 
+	register $u $PASSWD
+done
diff --git a/host/Rory-nginx/software.nix b/host/Rory-nginx/software.nix
index 6423c08..56b09f4 100755
--- a/host/Rory-nginx/software.nix
+++ b/host/Rory-nginx/software.nix
@@ -27,6 +27,7 @@
         '';
       appendHttpConfig = ''
         #sendfile on;
+        disable_symlinks off;
       '';
       upstreams = import ./matrix/upstreams.nix;
       additionalModules = with pkgs.nginxModules; [
diff --git a/host/Rory-synapse/software.nix b/host/Rory-synapse/software.nix
index ea24c91..5db557b 100755
--- a/host/Rory-synapse/software.nix
+++ b/host/Rory-synapse/software.nix
@@ -93,11 +93,11 @@
       allow_device_name_lookup_over_federation = true;
 
       federation = {
-        client_timeout = "10s";
-        max_short_retries = 3;
-        max_short_retry_delay = "30s";
+        client_timeout = "60s";
+        max_short_retries = 6;
+        max_short_retry_delay = "10s";
         max_long_retries = 5;
-        max_long_retry_delay = "5m";
+        max_long_retry_delay = "30s";
       };
 
       event_cache_size = "30K"; #defaults to 10K
@@ -114,7 +114,7 @@
 
       # Alicia - figure this out later...
       #registration_shared_secret = builtins.exec ["cat" "/dev/urandom" "|" "tr" "-dc" "a-zA-Z0-9" "|" "fold" "-w" "256" "|" "head" "-n" "1"];
-      #registration_shared_secret_path = "/var/lib/matrix-synapse/registration_shared_secret.txt";
+      registration_shared_secret_path = "/var/lib/matrix-synapse/registration_shared_secret.txt";
       
       listeners = [
         { 
@@ -145,7 +145,7 @@
           host = "127.0.0.1";
           application_name = "matrix-synapse (rory.gay)";
           cp_min = 5;
-          cp_max = 15;
+          cp_max = 50;
           #cp_reconnect_interval = "True";
         };
       };
-- 
cgit 1.4.1