{ config, pkgs, lib, conduit, ... }: { services.matrix-conduit = { package = conduit.packages.${pkgs.system}.default; enable = true; settings.global = { address = "127.0.0.1"; server_name = "conduit.rory.gay"; database_backend = "rocksdb"; # rocksdb_optimize_for_spinning_disks = false; # rocksdb_max_log_file_size = 33554432; # allow_public_room_directory_over_federation = true; # allow_device_name_federation = true; # enable_lightning_bolt = true; #allow_local_presence = true; #allow_incoming_presence = true; #allow_outgoing_presence = true; #presence_idle_timeout_s = 60; #presence_offline_timeout_s = 180; # max_concurrent_requests = 32767; # conduit_cache_capacity_modifier = 4000.0; #512.0; # db_cache_capacity_mb = 65535.0; #8192.0; # rocksdb_parallelism_threads = 12; #dns settings # dns_cache_entries = 65535; # dns_min_ttl = 60 * 60 * 12; #12 hours... we expect other servers to backfill in the unlikely case an IP changes. # dns_min_ttl_nxdomain = 60 * 60 * 24 * 7; #1 week... we expect backfill to happen must this change... # dns_timeout = 15; # dns_attempts = 15; #our DNS setup tends to fail # query_all_nameservers = true; #needed on our setup... # federation_timeout = 30; # federation_idle_per_host = 8; # federation_idle_timeout = 600; allow_check_for_updates = false; allow_registration = false; # log = "info,state_res=info"; #log = "debug"; }; }; systemd.services.matrix-conduit-reg-token = { description = "Random registration token for Conduit."; before = ["conduit.service"]; # So the registration can be used by Conduit. after = ["matrix-synapse-reg-token.service"]; script = '' mkdir -p /run/systemd/system/conduit.service.d echo Environment=\"CONDUIT_REGISTRATION_TOKEN=$(cat /var/lib/matrix-synapse/registration_shared_secret.txt)\" > /run/systemd/system/conduit.service.d/override.conf systemctl daemon-reload''; serviceConfig = { User = "root"; Group = "root"; }; }; }