{ config, lib, ... }: let cfg = config.services.matrix-synapse; dbGroup = "solo"; workers = lib.range 0 (cfg.authWorkers - 1); workerName = "auth"; workerRoutes = { client = [ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$" "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$" "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/whoami$" "~ ^/_matrix/client/versions$" "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$" "~ ^/_matrix/client/(r0|v3|unstable)/register$" "~ ^/_matrix/client/(r0|v3|unstable)/register/available$" "~ ^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$" "~ ^/_matrix/client/(r0|v3|unstable)/password_policy$" "~ ^/_matrix/client/(r0|v3|unstable)/capabilities$" ]; federation = [ ]; media = [ ]; }; in { config = lib.mkIf (cfg.authWorkers > 0) { services.matrix-synapse = { settings = { instance_map = lib.listToAttrs ( lib.map (index: { name = "${workerName}-${toString index}"; value = { path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; }; }) workers ); }; workers = lib.listToAttrs ( lib.map (index: { name = "${workerName}-${toString index}"; value = { worker_app = "synapse.app.generic_worker"; worker_listeners = [ { type = "http"; path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; resources = [ { names = [ "replication" ]; compress = false; } ]; } { type = "http"; path = "/run/matrix-synapse/${workerName}-client-${toString index}.sock"; mode = "666"; resources = [ { names = [ "client" ]; compress = false; } ]; } ]; database = ( import ../db.nix { inherit dbGroup; workerName = "${workerName}-${toString index}"; } ); }; }) workers ); }; services.nginx.upstreams = ( lib.listToAttrs ( lib.map (type: { name = "${workerName}-${type}"; value = { extraConfig = '' keepalive 32; ''; servers = lib.listToAttrs ( lib.map (index: { name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; value = { max_fails = 0; }; }) workers ); }; }) ([ ] ++ lib.optional (lib.length workerRoutes.client > 0) "client" ++ lib.optional (lib.length workerRoutes.federation > 0) "federation" ++ lib.optional (lib.length workerRoutes.media > 0) "media") ) ); services.nginx = { virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( lib.flatten ( lib.forEach ([ ] ++ lib.optional (lib.length workerRoutes.client > 0) "client" ++ lib.optional (lib.length workerRoutes.federation > 0) "federation" ++ lib.optional (lib.length workerRoutes.media > 0) "media") ( type: lib.map (route: { name = route; value = { proxyPass = "http://${workerName}-${type}"; }; }) workerRoutes.${type} ) ) ); }; }; }