{ enableACME = true; addSSL = true; locations."/" = { proxyPass = "http://127.0.0.1:6167"; extraConfig = '' if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; more_set_headers 'Access-Control-Allow-Methods: *'; # # Custom headers and headers various browsers *should* be OK with but aren't # more_set_headers 'Access-Control-Allow-Headers: *, Authorization'; # # Tell client that this pre-flight info is valid for 20 days # more_set_headers 'Access-Control-Max-Age: 1728000'; more_set_headers 'Content-Type: text/plain; charset=utf-8'; more_set_headers 'Content-Length: 0'; return 204; } ''; }; #locations."/_synapse/client".proxyPass = "http://192.168.1.5:8008"; locations."= /.well-known/matrix/server".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; return 200 '${builtins.toJSON { "m.server" = "conduit.rory.gay:443"; }}'; ''; locations."= /.well-known/matrix/client".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; return 200 '${builtins.toJSON { "m.homeserver".base_url = "https://conduit.rory.gay"; "m.identity_server".base_url = "https://conduit.rory.gay"; } }'; ''; locations."= /.well-known/matrix/support".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; return 200 '${builtins.toJSON { admins = [ { matrix_id = "@emma:rory.gay"; role = "admin"; } { matrix_id = "@alicia:rory.gay"; role = "admin"; } { matrix_id = "@root:rory.gay"; role = "admin"; } { matrix_id = "@rory:rory.gay"; role = "admin"; } ]; } }'; ''; }