diff options
author | TheArcaneBrony <myrainbowdash949@gmail.com> | 2023-09-06 23:30:26 +0200 |
---|---|---|
committer | TheArcaneBrony <myrainbowdash949@gmail.com> | 2023-09-06 23:30:26 +0200 |
commit | 40bfa51153bb38e0471ab05937b018d0ba255f0d (patch) | |
tree | f25aa0e590e433f5bcff65ad9bf3d94cc74cdccd /host/Rory-nginx/services/containers/pluralcontactbotpoc | |
parent | Add changes (diff) | |
download | Rory-Open-Architecture-40bfa51153bb38e0471ab05937b018d0ba255f0d.tar.xz |
Add container
Diffstat (limited to 'host/Rory-nginx/services/containers/pluralcontactbotpoc')
3 files changed, 72 insertions, 0 deletions
diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/conduit.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/conduit.nix new file mode 100755 index 0000000..f2fdad6 --- /dev/null +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/conduit.nix @@ -0,0 +1,33 @@ +{ config, pkgs, lib, conduit, ... }: + +{ + services.matrix-conduit = { + package = conduit.packages.${pkgs.system}.default; + enable = true; + settings.global = { + address = "127.0.0.1"; + server_name = "pcpoc.rory.gay"; + database_backend = "rocksdb"; + enable_lightning_bolt = true; + max_concurrent_requests = 1000; + allow_check_for_updates = false; + allow_registration = false; + }; + }; + systemd.services.matrix-conduit-reg-token = { + description = "Random registration token for Conduit."; + before = ["conduit.service"]; # So the registration can be used by Conduit. + after = ["matrix-synapse-reg-token.service"]; + + script = '' + mkdir -p /run/systemd/system/conduit.service.d + echo Environment=\"CONDUIT_REGISTRATION_TOKEN=$(cat /var/lib/matrix-synapse/registration_shared_secret.txt)\" > /run/systemd/system/conduit.service.d/override.conf + systemctl daemon-reload''; + serviceConfig = { + User = "root"; + Group = "root"; + }; + }; + system.stateVersion = "22.11"; # DO NOT EDIT! +} + diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix new file mode 100755 index 0000000..39f593e --- /dev/null +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix @@ -0,0 +1,28 @@ +{ pkgs, lib, ... }: + +{ +# imports = +# [ +# ./root.nix +# ]; + + privateNetwork = true; + autoStart = true; + + + # config is root.nix with networking overridden + config = import ./root.nix { + inherit config; + etc."resolv.conf".text = '' + nameserver 8.8.8.8 + nameserver 8.4.4.8 + nameserver 1.1.1.1 + nameserver 1.0.0.1 + ''; + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + }; + +} \ No newline at end of file diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix new file mode 100755 index 0000000..3dbf243 --- /dev/null +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix @@ -0,0 +1,11 @@ +{ config, pkgs, lib, botcore-v4, ... }: + +{ + imports = + [ + ./nginx.nix + ./conduit.nix + ]; + + system.stateVersion = "22.11"; # DO NOT EDIT! +} \ No newline at end of file |