Server changes

5 files changed, 32 insertions, 2 deletions

diff --git a/host/Rory-ovh/services/email/maddy.nix b/host/Rory-ovh/services/email/maddy.nix

index 3f1d427..1a25a99 100644
--- a/host/Rory-ovh/services/email/maddy.nix
+++ b/host/Rory-ovh/services/email/maddy.nix
@@ -63,8 +63,8 @@
 
     systemd.services.maddy.serviceConfig = {
       LoadCredential = [
-        "acme-fullchain.pem:/var/lib/acme/rory.gay/fullchain.pem"
-        "acme-key.pem:/var/lib/acme/rory.gay/key.pem"
+        "acme-fullchain.pem:/var/lib/acme/mail.rory.gay/fullchain.pem"
+        "acme-key.pem:/var/lib/acme/mail.rory.gay/key.pem"
       ];
     };
   };
diff --git a/host/Rory-ovh/services/matrix/ooye.nix b/host/Rory-ovh/services/matrix/ooye.nix

index 7b9c403..ff13bf8 100644
--- a/host/Rory-ovh/services/matrix/ooye.nix
+++ b/host/Rory-ovh/services/matrix/ooye.nix
@@ -6,5 +6,7 @@
     homeserver = "https://matrix.rory.gay";
     homeserverName = "rory.gay";
     enableSynapseIntegration = true;
+    bridgeOrigin = "https://ooye.rory.gay";
+    admins = [ "@emma:rory.gay" "@draupnir:rory.gay" ];
   };
 }
diff --git a/host/Rory-ovh/services/matrix/synapse/synapse-main.nix b/host/Rory-ovh/services/matrix/synapse/synapse-main.nix

index 65dba4e..86e1348 100755
--- a/host/Rory-ovh/services/matrix/synapse/synapse-main.nix
+++ b/host/Rory-ovh/services/matrix/synapse/synapse-main.nix
@@ -69,6 +69,8 @@
         redaction_retention_period = null;
         user_ips_max_age = null;
         allow_device_name_lookup_over_federation = true;
+        allow_public_rooms_over_federation = true;
+        allow_public_rooms_without_auth = true;
 
         federation = {
           client_timeout = "90s"; # 30 # default=60s
diff --git a/host/Rory-ovh/services/nginx/nginx.nix b/host/Rory-ovh/services/nginx/nginx.nix

index 9602335..c1f1c05 100755
--- a/host/Rory-ovh/services/nginx/nginx.nix
+++ b/host/Rory-ovh/services/nginx/nginx.nix
@@ -71,6 +71,7 @@ in
         # #matrix...
         # "conduit.rory.gay" = import ./rory.gay/conduit.nix;
         "matrix.rory.gay" = import ./rory.gay/matrix.nix { inherit config; };
+        "ooye.rory.gay" = import ./rory.gay/ooye.nix { inherit config; };
         "syntest1.rory.gay" = import ./rory.gay/syntest1.nix { inherit config; };
         "syntest2.rory.gay" = import ./rory.gay/syntest2.nix { inherit config; };
         "libmatrix-fed-test.rory.gay" = import ./rory.gay/libmatrix-fed-test.nix { inherit config; };
diff --git a/host/Rory-ovh/services/nginx/rory.gay/ooye.nix b/host/Rory-ovh/services/nginx/rory.gay/ooye.nix
new file mode 100755

index 0000000..d0ca32f
--- /dev/null
+++ b/host/Rory-ovh/services/nginx/rory.gay/ooye.nix
@@ -0,0 +1,25 @@
+{ config }:
+{
+  enableACME = !config.virtualisation.isVmVariant;
+  addSSL = !config.virtualisation.isVmVariant;
+  locations."/" = {
+    proxyPass = "http://localhost:6693";
+    extraConfig = ''
+      if ($request_method = 'OPTIONS') {
+        more_set_headers 'Access-Control-Allow-Origin: *';
+        more_set_headers 'Access-Control-Allow-Methods: *';
+        #
+        # Custom headers and headers various browsers *should* be OK with but aren't
+        #
+        more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
+        #
+        # Tell client that this pre-flight info is valid for 20 days
+        #
+        more_set_headers 'Access-Control-Max-Age: 1728000';
+        more_set_headers 'Content-Type: text/plain; charset=utf-8';
+        more_set_headers 'Content-Length: 0';
+        return 204;
+      }
+    '';
+  };
+}