diff --git a/host/Rory-desktop/nginx.nix b/host/Rory-desktop/nginx.nix
index 98ef48b..d28dd33 100644
--- a/host/Rory-desktop/nginx.nix
+++ b/host/Rory-desktop/nginx.nix
@@ -13,7 +13,7 @@
recommendedProxySettings = true;
#recommendedTlsSettings = true;
recommendedZstdSettings = true;
-# recommendedGzipSettings = true;
+ # recommendedGzipSettings = true;
recommendedBrotliSettings = true;
recommendedOptimisation = true;
#defaultMimeTypes = ../../../../packages/nginx/mime.types;
diff --git a/host/Rory-laptop/nginx.nix b/host/Rory-laptop/nginx.nix
index 98ef48b..d28dd33 100644
--- a/host/Rory-laptop/nginx.nix
+++ b/host/Rory-laptop/nginx.nix
@@ -13,7 +13,7 @@
recommendedProxySettings = true;
#recommendedTlsSettings = true;
recommendedZstdSettings = true;
-# recommendedGzipSettings = true;
+ # recommendedGzipSettings = true;
recommendedBrotliSettings = true;
recommendedOptimisation = true;
#defaultMimeTypes = ../../../../packages/nginx/mime.types;
diff --git a/host/Rory-nginx/services/email/maddy.nix b/host/Rory-nginx/services/email/maddy.nix
index f2e6666..07b6e72 100644
--- a/host/Rory-nginx/services/email/maddy.nix
+++ b/host/Rory-nginx/services/email/maddy.nix
@@ -16,18 +16,18 @@
"root@rory.gay".passwordFile = "/var/lib/maddy/passwd/root";
};
config = builtins.readFile ./maddy.conf;
-# builtins.replaceStrings
-# [
-# "imap tcp://0.0.0.0:143"
-# "submission tcp://0.0.0.0:587"
-# "entry postmaster postmaster@$(primary_domain)"
-# ]
-# [
-# "imap tls://0.0.0.0:993 tcp://0.0.0.0:143"
-# "submission tls://0.0.0.0:465 tcp://0.0.0.0:587"
-# "entry postmaster root@$(primary_domain)"
-# ]
-# options.services.maddy.config.default;
+ # builtins.replaceStrings
+ # [
+ # "imap tcp://0.0.0.0:143"
+ # "submission tcp://0.0.0.0:587"
+ # "entry postmaster postmaster@$(primary_domain)"
+ # ]
+ # [
+ # "imap tls://0.0.0.0:993 tcp://0.0.0.0:143"
+ # "submission tls://0.0.0.0:465 tcp://0.0.0.0:587"
+ # "entry postmaster root@$(primary_domain)"
+ # ]
+ # options.services.maddy.config.default;
tls = {
loader = "file";
@@ -39,7 +39,7 @@
];
};
};
-
+
networking.firewall.allowedTCPPorts = [
993
465
diff --git a/host/Rory-nginx/services/matrix/draupnir.nix b/host/Rory-nginx/services/matrix/draupnir.nix
index adc525c..40d1489 100755
--- a/host/Rory-nginx/services/matrix/draupnir.nix
+++ b/host/Rory-nginx/services/matrix/draupnir.nix
@@ -6,7 +6,7 @@
# src = draupnirSrc;
# version = draupnirSrc.rev;
#}));
-
+
enable = true;
homeserverUrl = "https://matrix.rory.gay";
accessTokenFile = "/etc/draupnir-access-token";
@@ -16,8 +16,8 @@
# username = "draupnir";
# passwordFile = "/etc/draupnir-password";
# options = {
- #homeserver = "http://localhost:8008";
- #ssl = false;
+ #homeserver = "http://localhost:8008";
+ #ssl = false;
# };
#};
settings = {
diff --git a/host/Rory-nginx/services/matrix/root.nix b/host/Rory-nginx/services/matrix/root.nix
index 39c252d..5bb3915 100755
--- a/host/Rory-nginx/services/matrix/root.nix
+++ b/host/Rory-nginx/services/matrix/root.nix
@@ -7,7 +7,7 @@
./matrix-appservice-discord.nix
./draupnir.nix
./grapevine.nix
-# ./sliding-sync.nix # removed from nixpkgs, use synapse support instead
+ # ./sliding-sync.nix # removed from nixpkgs, use synapse support instead
./ooye.nix
];
diff --git a/host/Rory-nginx/services/matrix/synapse/db.nix b/host/Rory-nginx/services/matrix/synapse/db.nix
index 77d9773..409c039 100644
--- a/host/Rory-nginx/services/matrix/synapse/db.nix
+++ b/host/Rory-nginx/services/matrix/synapse/db.nix
@@ -32,19 +32,18 @@
10
else
throw "synapse/db.nix: Invalid dbGroup: ${if dbGroup == null then "null" else dbGroup}";
-
+
# cp_reconnect - default=True - https://github.com/element-hq/synapse/blob/develop/synapse/storage/database.py#L129
# cp_noisy - default=False - https://docs.twisted.org/en/stable/api/twisted.enterprise.adbapi.ConnectionPool.html#__init__ - info logs during operation
# check_same_thread - default=False - https://github.com/element-hq/synapse/blob/develop/synapse/config/database.py#L65 - can this even be set?
};
-
-
- # synchronous_commit - default=True - https://github.com/element-hq/synapse/blob/develop/synapse/storage/engines/postgres.py#L56
+
+ # synchronous_commit - default=True - https://github.com/element-hq/synapse/blob/develop/synapse/storage/engines/postgres.py#L56
# statement_timeout - default=60 * 60 * 1000 ms - https://github.com/element-hq/synapse/blob/develop/synapse/storage/engines/postgres.py#L63
# allow_unsafe_locale - default=False - https://github.com/element-hq/synapse/blob/develop/synapse/storage/engines/postgres.py#L99
# allow_outdated_version - default=False - https://github.com/element-hq/synapse/blob/develop/synapse/storage/engines/postgres.py#L92 - needs source link
# txn_limit - default=0 - https://github.com/element-hq/synapse/blob/develop/synapse/storage/database.py#L564
-
- statement_timeout = 24 * 60 * 60 * 1000; #24 hours, good for bg jobs
- txn_limit = 500; #maybe dropping old data from pg caches helps?
+
+ statement_timeout = 24 * 60 * 60 * 1000; # 24 hours, good for bg jobs
+ txn_limit = 500; # maybe dropping old data from pg caches helps?
}
diff --git a/host/Rory-nginx/services/matrix/synapse/synapse-main.nix b/host/Rory-nginx/services/matrix/synapse/synapse-main.nix
index d1dafb1..ae63b82 100755
--- a/host/Rory-nginx/services/matrix/synapse/synapse-main.nix
+++ b/host/Rory-nginx/services/matrix/synapse/synapse-main.nix
@@ -18,7 +18,7 @@
clientReaders = 2; # 4
syncWorkers = 2; # 4
authWorkers = 0;
-
+
eventCreators = 16;
federationReaders = 8; # 8
@@ -40,149 +40,152 @@
#sharedStreamWriters = 1;
# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
- settings = {
- server_name = "rory.gay";
+ settings =
+ {
+ server_name = "rory.gay";
+
+ # use_frozen_dicts = true;
+ # user_agent_suffix = " (rory.gay)";
-# use_frozen_dicts = true;
-# user_agent_suffix = " (rory.gay)";
+ # look into later: replication_torture_level - https://github.com/element-hq/synapse/blob/develop/synapse/config/server.py#L560
+ # limit_remote_rooms ???
+ # cleanup_extremities_with_dummy_events - default=True
+ # dummy_devents_treshold - default=10 - required forward extremities to send dummy event
+ # enable_ephemeral_messages - default=False - ???
+ # rooms_to_exclude_from_sync - default=[] - room ids...
+ # third_party_event_rules - https://github.com/element-hq/synapse/blob/develop/synapse/config/third_party_event_rules.py - ???
+ # default_power_level_content_override - default=None - https://github.com/element-hq/synapse/blob/develop/synapse/config/room.py#L73
- # look into later: replication_torture_level - https://github.com/element-hq/synapse/blob/develop/synapse/config/server.py#L560
- # limit_remote_rooms ???
- # cleanup_extremities_with_dummy_events - default=True
- # dummy_devents_treshold - default=10 - required forward extremities to send dummy event
- # enable_ephemeral_messages - default=False - ???
- # rooms_to_exclude_from_sync - default=[] - room ids...
- # third_party_event_rules - https://github.com/element-hq/synapse/blob/develop/synapse/config/third_party_event_rules.py - ???
- # default_power_level_content_override - default=None - https://github.com/element-hq/synapse/blob/develop/synapse/config/room.py#L73
-
- dummy_devents_treshold = 2;
- cleanup_extremities_with_dummy_events = true;
+ dummy_devents_treshold = 2;
+ cleanup_extremities_with_dummy_events = true;
- enable_registration = true;
- registration_requires_token = true;
+ enable_registration = true;
+ registration_requires_token = true;
- require_membership_for_aliases = false;
- redaction_retention_period = null;
- user_ips_max_age = null;
- allow_device_name_lookup_over_federation = true;
+ require_membership_for_aliases = false;
+ redaction_retention_period = null;
+ user_ips_max_age = null;
+ allow_device_name_lookup_over_federation = true;
- federation = {
- client_timeout = "30s"; # default=60s
- max_short_retries = 12;
- max_short_retry_delay = "5s";
- max_long_retries = 5;
- max_long_retry_delay = "30s";
-
- # rapid retry, small increments
- destination_min_retry_interval = "5m"; # default=10m
- destination_max_retry_interval = "12h"; #default=7d
- destination_retry_multiplier = 1.2; #default=2
- };
+ federation = {
+ client_timeout = "30s"; # default=60s
+ max_short_retries = 12;
+ max_short_retry_delay = "5s";
+ max_long_retries = 5;
+ max_long_retry_delay = "30s";
- registration_shared_secret_path = "/var/lib/matrix-synapse/registration_shared_secret.txt";
+ # rapid retry, small increments
+ destination_min_retry_interval = "5m"; # default=10m
+ destination_max_retry_interval = "12h"; # default=7d
+ destination_retry_multiplier = 1.2; # default=2
+ };
- listeners = [
- {
- port = 8008;
- bind_addresses = [ "127.0.0.1" ];
- type = "http";
- tls = false;
- x_forwarded = true;
- resources = [
- {
- names = [
- "client"
- "federation"
- ];
- compress = false;
- }
- ];
- }
- {
- type = "http";
- path = "/run/matrix-synapse/main.sock";
- resources = [
- {
- names = [ "replication" ];
- compress = false;
- }
- ];
- }
- ];
- presence = {
- enablee = true;
- update_interval = 60;
- };
- database = (
- import ./db.nix {
- workerName = "main";
- dbGroup = "medium";
- }
- );
- app_service_config_files = [
- #"/etc/matrix-synapse/appservice-registration.yaml"
- "/var/lib/matrix-synapse/modas-registration.yaml"
- ];
+ registration_shared_secret_path = "/var/lib/matrix-synapse/registration_shared_secret.txt";
+
+ listeners = [
+ {
+ port = 8008;
+ bind_addresses = [ "127.0.0.1" ];
+ type = "http";
+ tls = false;
+ x_forwarded = true;
+ resources = [
+ {
+ names = [
+ "client"
+ "federation"
+ ];
+ compress = false;
+ }
+ ];
+ }
+ {
+ type = "http";
+ path = "/run/matrix-synapse/main.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ];
+ presence = {
+ enablee = true;
+ update_interval = 60;
+ };
+ database = (
+ import ./db.nix {
+ workerName = "main";
+ dbGroup = "medium";
+ }
+ );
+ app_service_config_files = [
+ #"/etc/matrix-synapse/appservice-registration.yaml"
+ "/var/lib/matrix-synapse/modas-registration.yaml"
+ ];
- #region Media
- max_upload_size = "512M";
+ #region Media
+ max_upload_size = "512M";
- max_avatar_size = "512M";
- max_image_pixels = "250M";
+ max_avatar_size = "512M";
+ max_image_pixels = "250M";
- max_pending_media_uploads = 512;
- dynamic_thumbnails = true;
+ max_pending_media_uploads = 512;
+ dynamic_thumbnails = true;
- prevent_media_downloads_from = [
- # none, give me all the media
- ];
- enable_authenticated_media = false;
+ prevent_media_downloads_from = [
+ # none, give me all the media
+ ];
+ enable_authenticated_media = false;
- url_preview_enabled = true;
- max_spider_size = "50M";
+ url_preview_enabled = true;
+ max_spider_size = "50M";
- #endregion
+ #endregion
- ui_auth = {
- session_timeout = "1m";
- };
+ ui_auth = {
+ session_timeout = "1m";
+ };
- login_via_existing_session = {
- enabled = true;
- require_ui_auth = true;
- token_timeout = "1y";
- };
+ login_via_existing_session = {
+ enabled = true;
+ require_ui_auth = true;
+ token_timeout = "1y";
+ };
- report_stats = false;
+ report_stats = false;
- user_directory = {
- enabled = true;
- search_all_users = true;
- prefer_local_users = true;
- };
+ user_directory = {
+ enabled = true;
+ search_all_users = true;
+ prefer_local_users = true;
+ };
- # https://github.com/element-hq/synapse/blob/master/synapse/config/experimental.py
- experimental_features = {
- "msc2815_enabled" = true; # Redacted event content
- "msc3026_enabled" = true; # Busy presence
- "msc3266_enabled" = true; # Room summary API
- "msc3916_authenticated_media_enabled" = true; # Authenticated media
- "msc3823_account_suspension" = true; # Account suspension
- "msc4151_enabled" = true; # Report room API (CS-API)
- };
+ # https://github.com/element-hq/synapse/blob/master/synapse/config/experimental.py
+ experimental_features = {
+ "msc2815_enabled" = true; # Redacted event content
+ "msc3026_enabled" = true; # Busy presence
+ "msc3266_enabled" = true; # Room summary API
+ "msc3916_authenticated_media_enabled" = true; # Authenticated media
+ "msc3823_account_suspension" = true; # Account suspension
+ "msc4151_enabled" = true; # Report room API (CS-API)
+ };
- redis = {
- enabled = true;
- path = "/run/redis-matrix-synapse/redis.sock";
- };
+ redis = {
+ enabled = true;
+ path = "/run/redis-matrix-synapse/redis.sock";
+ };
- instance_map = {
- main = {
- # replication listener
- path = "/run/matrix-synapse/main.sock";
+ instance_map = {
+ main = {
+ # replication listener
+ path = "/run/matrix-synapse/main.sock";
+ };
};
- };
- } // import ./ratelimits.nix // import ./caches.nix;
+ }
+ // import ./ratelimits.nix
+ // import ./caches.nix;
};
systemd.services.matrix-synapse-reg-token = {
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
index 81d07e7..04bfe7c 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
@@ -134,7 +134,7 @@ in
)
)
);
-
+
#virtualHosts."${cfg.nginxVirtualHostName}".locations."~ ^/_matrix/federation/(v1|v2)/invite/" = {
# proxyPass = "http://${workerName}-federation";
# extraConfig = ''
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/module.nix b/host/Rory-nginx/services/matrix/synapse/workers/module.nix
index 65cf42b..3b6456b 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/module.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/module.nix
@@ -33,7 +33,7 @@ in
./stream-writers/to_device-stream-writer.nix
./stream-writers/typing-stream-writer.nix
-# ./stream-writers/shared-stream-writer.nix
+ # ./stream-writers/shared-stream-writer.nix
];
options.services.matrix-synapse = {
enableWorkers = lib.mkEnableOption "Enable dedicated workers";
@@ -60,7 +60,7 @@ in
receiptStreamWriters = mkIntOption "Number of read receipt stream writers";
presenceStreamWriters = mkIntOption "Number of presence stream writers";
pushRuleStreamWriters = mkIntOption "Number of push rule stream writers";
-
+
sharedStreamWriters = mkIntOption "Number of shared stream writers";
nginxVirtualHostName = lib.mkOption {
@@ -68,10 +68,10 @@ in
default = null;
description = "The virtual host name for the nginx server";
};
-
+
allowedRemoteInviteOrigins = lib.mkOption {
type = lib.types.listOf lib.types.str;
- default = [];
+ default = [ ];
description = "List of allowed remote invite origins";
};
};
@@ -83,7 +83,6 @@ in
message = "nginxVirtualHostName must be set when enableWorkers is true";
}
-
# Stream types and count limitations: https://github.com/element-hq/synapse/blob/develop/synapse/config/workers.py#L344
{
assertion = cfg.typingStreamWriters <= 1;
@@ -110,13 +109,13 @@ in
assertion = cfg.pushRuleStreamWriters <= 1;
message = "Only one push rule stream writer is supported";
}
-
+
{
assertion = cfg.sharedStreamWriters <= 1;
message = "Only one shared stream writer is supported";
}
];
-
+
# Matrix utility maps
services.nginx.appendHttpConfig = ''
# Map authorization header to origin name
@@ -130,6 +129,6 @@ in
default 0;
${lib.concatMapStringsSep "\n" (origin: " \"${origin}\" 1;") cfg.allowedRemoteInviteOrigins}
}
- '';
+ '';
};
}
diff --git a/host/Rory-nginx/services/nginx/nginx.nix b/host/Rory-nginx/services/nginx/nginx.nix
index 2d83072..e08bcc0 100755
--- a/host/Rory-nginx/services/nginx/nginx.nix
+++ b/host/Rory-nginx/services/nginx/nginx.nix
@@ -52,7 +52,9 @@ in
"ec.rory.gay" = serveDir { path = "/data/nginx/html_ec"; };
"git.rory.gay" = serveDir { path = "/data/nginx/html_git"; };
- "wad.rory.gay" = serveDir { path = "/data/nginx/html_wad"; } // { locations."/".extraConfig = "autoindex on; try_files $uri $uri/ /index.html;"; };
+ "wad.rory.gay" = serveDir { path = "/data/nginx/html_wad"; } // {
+ locations."/".extraConfig = "autoindex on; try_files $uri $uri/ /index.html;";
+ };
"wad-api.rory.gay" = import ./rory.gay/wad-api.nix;
"thearcanebrony.net" = import ./thearcanebrony.net/root.nix;
diff --git a/host/Rory-nginx/services/nginx/rory.gay/conduit.nix b/host/Rory-nginx/services/nginx/rory.gay/conduit.nix
index 250a6b2..ef0fbd8 100755
--- a/host/Rory-nginx/services/nginx/rory.gay/conduit.nix
+++ b/host/Rory-nginx/services/nginx/rory.gay/conduit.nix
@@ -26,7 +26,7 @@
proxy_send_timeout 54000;
'';
};
- #locations."/_synapse/client".proxyPass = "http://192.168.1.5:8008";
+ #locations."/_synapse/client".proxyPass = "http://192.168.1.5:8008";
locations."/_conduwuit/".extraConfig = ''
return 404;
'';
diff --git a/host/Rory-nginx/services/postgres.nix b/host/Rory-nginx/services/postgres.nix
index d24b0b9..f0fb3e7 100755
--- a/host/Rory-nginx/services/postgres.nix
+++ b/host/Rory-nginx/services/postgres.nix
@@ -53,7 +53,7 @@
wal_compression = "off";
wal_buffers = "-1";
- wal_writer_delay = "500ms"; #was 100
+ wal_writer_delay = "500ms"; # was 100
wal_writer_flush_after = "32MB"; # was 1
#checkpoint_segments = "64"; # additional
default_statistics_target = "250"; # additional
@@ -80,20 +80,20 @@
};
};
-# services.prometheus.exporters.postgres = {
-# enable = true;
-# port = 9187;
-# extraFlags = [
-# "--collector.database_wraparound"
-# "--collector.long_running_transactions"
-# "--collector.postmaster"
-# "--collector.process_idle"
-# "--collector.stat_activity_autovacuum"
-# "--collector.stat_statements"
-# #"--collector.stat_wal_receiver" #we dont have WAL receivers
-# "--collector.statio_user_indexes"
-# "--collector.xlog_location"
-# ];
-# };
+ # services.prometheus.exporters.postgres = {
+ # enable = true;
+ # port = 9187;
+ # extraFlags = [
+ # "--collector.database_wraparound"
+ # "--collector.long_running_transactions"
+ # "--collector.postmaster"
+ # "--collector.process_idle"
+ # "--collector.stat_activity_autovacuum"
+ # "--collector.stat_statements"
+ # #"--collector.stat_wal_receiver" #we dont have WAL receivers
+ # "--collector.statio_user_indexes"
+ # "--collector.xlog_location"
+ # ];
+ # };
}
diff --git a/host/Rory-nginx/services/redpanda/root.nix b/host/Rory-nginx/services/redpanda/root.nix
index 813b370..ef169a6 100644
--- a/host/Rory-nginx/services/redpanda/root.nix
+++ b/host/Rory-nginx/services/redpanda/root.nix
@@ -3,8 +3,8 @@
imports = [
./systemd-services.nix
];
-
+
services.redpanda-connect = {
enable = true;
};
-}
\ No newline at end of file
+}
diff --git a/host/Rory-nginx/services/redpanda/systemd-services.nix b/host/Rory-nginx/services/redpanda/systemd-services.nix
index 6178b22..c75a5be 100644
--- a/host/Rory-nginx/services/redpanda/systemd-services.nix
+++ b/host/Rory-nginx/services/redpanda/systemd-services.nix
@@ -17,7 +17,7 @@
"--recursive"
];
restart_on_exit = true;
- max_buffer = 1024*512;
+ max_buffer = 1024 * 512;
};
};
pipeline = {
diff --git a/host/Rory-wsl/configuration.nix b/host/Rory-wsl/configuration.nix
index 5d170ef..9911991 100644
--- a/host/Rory-wsl/configuration.nix
+++ b/host/Rory-wsl/configuration.nix
@@ -58,7 +58,7 @@
# temurin-bin
# obsidian
- # ungoogled-chromium #needed for Rider in order to debug WASM
+ # ungoogled-chromium #needed for Rider in order to debug WASM
# peek
unrar-wrapper
|
