Switch to nginx mainline

author: TheArcaneBrony <myrainbowdash949@gmail.com> 2023-09-25 19:12:45 +0200
committer: Rory& <root@rory.gay> 2024-06-05 17:25:16 +0200
commit: c47e2f0ab033cbb4ce54cadb6c024c20ad7b5145 (patch)
tree: cafe69cc37dbac1a2224ef1a01319cdec8f89910
parent: Move boot target (diff)
download: Spacebar-Open-Infrastructure-c47e2f0ab033cbb4ce54cadb6c024c20ad7b5145.tar.xz
12 files changed, 57 insertions, 10 deletions
diff --git a/host/Spacebar-nginx/configuration.nix b/host/Spacebar-nginx/configuration.nix
index 5037c81..9118af9 100755
--- a/host/Spacebar-nginx/configuration.nix
+++ b/host/Spacebar-nginx/configuration.nix
@@ -21,25 +21,25 @@
   services = {
     nginx = {
       enable = true;
-      package = pkgs.nginxQuic;
+      package = pkgs.nginxMainline;
       recommendedProxySettings = true;
       recommendedTlsSettings = true;
       clientMaxBodySize = "50m";
       virtualHosts = {
         # legacy
-        "matrix.thearcanebrony.net" = import ./hosts/thearcanebrony.net/matrix.nix;
-        "matrix.fosscord.com" = import ./hosts/fosscord.com/matrix.nix;
+        "matrix.thearcanebrony.net" = import ./nginx-hosts/thearcanebrony.net/matrix.nix;
+        "matrix.fosscord.com" = import ./nginx-hosts/fosscord.com/matrix.nix;
 
         # production
-        "mail.spacebar.chat" = import ./hosts/spacebar.chat/mail.nix;
-        "grafana.spacebar.chat" = import ./hosts/spacebar.chat/grafana.nix;
-        "old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/root.nix;
-        "api.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/api.nix;
-        "cdn.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/cdn.nix;
-        "gateway.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/gateway.nix;
+        "mail.spacebar.chat" = import ./nginx-hosts/spacebar.chat/mail.nix;
+        "grafana.spacebar.chat" = import ./nginx-hosts/spacebar.chat/grafana.nix;
+        "old.server.spacebar.chat" = import ./nginx-hosts/spacebar.chat/server/old/root.nix;
+        "api.old.server.spacebar.chat" = import ./nginx-hosts/spacebar.chat/server/old/api.nix;
+        "cdn.old.server.spacebar.chat" = import ./nginx-hosts/spacebar.chat/server/old/cdn.nix;
+        "gateway.old.server.spacebar.chat" = import ./nginx-hosts/spacebar.chat/server/old/gateway.nix;
 
         # local only
-        "secrets.internal.spacebar.chat" = import ./hosts/spacebar.chat/internal/secrets.nix { inherit lib config; };
+        "secrets.internal.spacebar.chat" = import ./nginx-hosts/spacebar.chat/internal/secrets.nix { inherit lib config; };
       };
     };
   };
diff --git a/host/Spacebar-nginx/hosts/fosscord.com/matrix.nix b/host/Spacebar-nginx/nginx-hosts/fosscord.com/matrix.nix
index ac21846..ac21846 100755
--- a/host/Spacebar-nginx/hosts/fosscord.com/matrix.nix
+++ b/host/Spacebar-nginx/nginx-hosts/fosscord.com/matrix.nix
diff --git a/host/Spacebar-nginx/nginx-hosts/fosscord.com/root.nix b/host/Spacebar-nginx/nginx-hosts/fosscord.com/root.nix
new file mode 100644
index 0000000..7efa326
--- /dev/null
+++ b/host/Spacebar-nginx/nginx-hosts/fosscord.com/root.nix
@@ -0,0 +1,16 @@
+{ lib, config }: {  
+  locations = {
+    "/" = {
+      extraConfig =
+        ''
+        return 301 https://spacebar.chat$request_uri;
+        '';
+    };
+    ".well-known/matrix/server" = {
+      root = "/var/lib/matrix";
+    };
+    "^~ /.well-known/acme-challenge/" = {
+      root = "/var/lib/acme/acme-challenge";
+    };
+  };
+}
diff --git a/host/Spacebar-nginx/hosts/spacebar.chat/grafana.nix b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/grafana.nix
index d2b7207..d2b7207 100755
--- a/host/Spacebar-nginx/hosts/spacebar.chat/grafana.nix
+++ b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/grafana.nix
diff --git a/host/Spacebar-nginx/hosts/spacebar.chat/internal/secrets.nix b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/internal/secrets.nix
index cc0e299..cc0e299 100644
--- a/host/Spacebar-nginx/hosts/spacebar.chat/internal/secrets.nix
+++ b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/internal/secrets.nix
diff --git a/host/Spacebar-nginx/hosts/spacebar.chat/mail.nix b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/mail.nix
index 3ca873d..3ca873d 100755
--- a/host/Spacebar-nginx/hosts/spacebar.chat/mail.nix
+++ b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/mail.nix
diff --git a/host/Spacebar-nginx/hosts/spacebar.chat/server/old/api.nix b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/server/old/api.nix
index 8b7df6d..8b7df6d 100755
--- a/host/Spacebar-nginx/hosts/spacebar.chat/server/old/api.nix
+++ b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/server/old/api.nix
diff --git a/host/Spacebar-nginx/hosts/spacebar.chat/server/old/cdn.nix b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/server/old/cdn.nix
index 89958fe..89958fe 100755
--- a/host/Spacebar-nginx/hosts/spacebar.chat/server/old/cdn.nix
+++ b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/server/old/cdn.nix
diff --git a/host/Spacebar-nginx/hosts/spacebar.chat/server/old/gateway.nix b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/server/old/gateway.nix
index ff95a5e..ff95a5e 100755
--- a/host/Spacebar-nginx/hosts/spacebar.chat/server/old/gateway.nix
+++ b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/server/old/gateway.nix
diff --git a/host/Spacebar-nginx/hosts/spacebar.chat/server/old/root.nix b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/server/old/root.nix
index 8b7df6d..8b7df6d 100755
--- a/host/Spacebar-nginx/hosts/spacebar.chat/server/old/root.nix
+++ b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/server/old/root.nix
diff --git a/host/Spacebar-nginx/hosts/thearcanebrony.net/matrix.nix b/host/Spacebar-nginx/nginx-hosts/thearcanebrony.net/matrix.nix
index d2b7606..d2b7606 100755
--- a/host/Spacebar-nginx/hosts/thearcanebrony.net/matrix.nix
+++ b/host/Spacebar-nginx/nginx-hosts/thearcanebrony.net/matrix.nix
diff --git a/host/Spacebar-nginx/postgres.nix b/host/Spacebar-nginx/postgres.nix
new file mode 100644
index 0000000..6d0acd9
--- /dev/null
+++ b/host/Spacebar-nginx/postgres.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, lib, ... }:
+
+{
+  systemd.tmpfiles.rules = [  "d /data/pg 0750 postgres postgres" ];
+
+  services.postgresql = {
+    enable = true;
+    package = pkgs.postgresql_14;
+    enableTCPIP = true;
+    authentication = pkgs.lib.mkOverride 10 ''
+      # TYPE, DATABASE, USER, ADDRESS, METHOD
+      local all all trust
+      host all all 127.0.0.1/32 trust
+      host all all ::1/128 trust
+      host matrix-synapse-spacebar-chat matrix-synapse-spacebar-chat 192.168.1.5/32 trust
+      host all all 0.0.0.0/0 md5
+    '';
+    initialScript = pkgs.writeText "backend-initScript" ''
+      CREATE ROLE matrix-synapse-spacebar-chat WITH LOGIN PASSWORD '${pkgs.postgresql_14}' CREATEDB;
+      CREATE DATABASE matrix-synapse-spacebar-chat;
+      GRANT ALL PRIVILEGES ON DATABASE matrix-synapse-spacebar-chat TO matrix-synapse-spacebar-chat;
+    '';
+    dataDir = "/data/pg";
+    settings = {
+      "max_connections" = "100";
+      "shared_buffers" = "128MB";
+      "max_wal_size" = "1GB";
+      "min_wal_size" = "80MB";
+    };
+  };
+}
\ No newline at end of file
author	TheArcaneBrony <myrainbowdash949@gmail.com>	2023-09-25 19:12:45 +0200
committer	Rory& <root@rory.gay>	2024-06-05 17:25:16 +0200
commit	c47e2f0ab033cbb4ce54cadb6c024c20ad7b5145 (patch)
tree	cafe69cc37dbac1a2224ef1a01319cdec8f89910
parent	Move boot target (diff)
download	Spacebar-Open-Infrastructure-c47e2f0ab033cbb4ce54cadb6c024c20ad7b5145.tar.xz