summary refs log tree commit diff
path: root/host
diff options
context:
space:
mode:
authorRory& <root@rory.gay>2024-08-17 10:47:57 +0200
committerRory& <root@rory.gay>2024-08-17 10:47:57 +0200
commite6e5f18aa1329325cfcd615b1adc8ae4feb6013a (patch)
tree2b90564bcd310c2f27b8cca940cf5af5c3f6f8b2 /host
parentevent -> events (diff)
downloadRory-Open-Architecture-e6e5f18aa1329325cfcd615b1adc8ae4feb6013a.tar.xz
Fix synapse paths?
Diffstat (limited to 'host')
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/auth.nix54
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix92
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/event-creator.nix109
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix93
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix93
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix85
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix92
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/pusher.nix83
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/single/appservice.nix46
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/single/background.nix46
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/single/user-dir.nix46
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix92
-rw-r--r--host/Rory-nginx/services/matrix/synapse/workers/sync.nix92
13 files changed, 558 insertions, 465 deletions
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/auth.nix b/host/Rory-nginx/services/matrix/synapse/workers/auth.nix
index 37cdc85..50d52c6 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/auth.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/auth.nix
@@ -22,6 +22,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.authWorkers > 0) {
     services.matrix-synapse = {
@@ -41,29 +44,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
-                type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
-                resources = [
-                  {
-                    names = [ "replication" ];
-                    compress = false;
-                  }
-                ];
-              }
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 mode = "666";
                 resources = [
                   {
-                    names = [ "client" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -75,13 +79,14 @@ in
       );
     };
 
-    services.nginx.upstreams = (
-      lib.listToAttrs (
+    services.nginx = {
+      upstreams = lib.listToAttrs (
         lib.map (type: {
           name = "${workerName}-${type}";
           value = {
             extraConfig = ''
               keepalive 32;
+              least_conn;
             '';
             servers = lib.listToAttrs (
               lib.map (index: {
@@ -92,20 +97,21 @@ in
               }) workers
             );
           };
-        }) ([ ] ++ lib.optional (lib.length workerRoutes.client > 0) "client" ++ lib.optional (lib.length workerRoutes.federation > 0) "federation" ++ lib.optional (lib.length workerRoutes.media > 0) "media")
-      )
-    );
+        }) enabledResources
+      );
 
-    services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach ([ ] ++ lib.optional (lib.length workerRoutes.client > 0) "client" ++ lib.optional (lib.length workerRoutes.federation > 0) "federation" ++ lib.optional (lib.length workerRoutes.media > 0) "media") (
+          lib.forEach enabledResources (
             type:
             lib.map (route: {
               name = route;
               value = {
                 proxyPass = "http://${workerName}-${type}";
-
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
               };
             }) workerRoutes.${type}
           )
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix b/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix
index 937fabc..249084a 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/client-reader.nix
@@ -45,6 +45,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.clientReaders > 0) {
     services.matrix-synapse = {
@@ -64,29 +67,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
-                type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
-                resources = [
-                  {
-                    names = [ "replication" ];
-                    compress = false;
-                  }
-                ];
-              }
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 mode = "666";
                 resources = [
                   {
-                    names = [ "client" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -98,38 +102,42 @@ in
       );
     };
 
-    services.nginx.upstreams."${workerName}" = {
-      extraConfig = ''
-        keepalive 32;
-      '';
-      servers = lib.listToAttrs (
-        lib.map (index: {
-          name = "unix:/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+    services.nginx = {
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
           value = {
-            max_fails = 0;
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                value = {
+                  max_fails = 0;
+                };
+              }) workers
+            );
           };
-        }) workers
+        }) enabledResources
       );
-    };
 
-    services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/event-creator.nix b/host/Rory-nginx/services/matrix/synapse/workers/event-creator.nix
index c4b9c7f..c841b93 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/event-creator.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/event-creator.nix
@@ -6,19 +6,21 @@ let
   workers = lib.range 0 (cfg.eventCreators - 1);
   workerName = "event_creator";
   workerRoutes = {
-    client =
-      [
-        "^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact"
-        "^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send"
-        "^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$"
-        "^/_matrix/client/(api/v1|r0|v3|unstable)/join/"
-        "^/_matrix/client/(api/v1|r0|v3|unstable)/knock/"
-        "^/_matrix/client/(api/v1|r0|v3|unstable)/profile/"
-      ];
+    client = [
+      "^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact"
+      "^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send"
+      "^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$"
+      "^/_matrix/client/(api/v1|r0|v3|unstable)/join/"
+      "^/_matrix/client/(api/v1|r0|v3|unstable)/knock/"
+      "^/_matrix/client/(api/v1|r0|v3|unstable)/profile/"
+    ];
     federation = [ ];
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.eventCreators > 0) {
     services.matrix-synapse = {
@@ -38,29 +40,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
-                type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
-                resources = [
-                  {
-                    names = [ "replication" ];
-                    compress = false;
-                  }
-                ];
-              }
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 mode = "666";
                 resources = [
                   {
-                    names = [ "client" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -72,38 +75,42 @@ in
       );
     };
 
-    services.nginx.upstreams."${workerName}" = {
-      extraConfig = ''
-        keepalive 32;
-      '';
-      servers = lib.listToAttrs (
-        lib.map (index: {
-          name = "unix:/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+    services.nginx = {
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
           value = {
-            max_fails = 0;
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                value = {
+                  max_fails = 0;
+                };
+              }) workers
+            );
           };
-        }) workers
+        }) enabledResources
       );
-    };
 
-    services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix
index 4ea5aa2..83ceec7 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-inbound.nix
@@ -11,6 +11,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.federationInboundWorkers > 0) {
     services.matrix-synapse = {
@@ -30,29 +33,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
-                type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
-                resources = [
-                  {
-                    names = [ "replication" ];
-                    compress = false;
-                  }
-                ];
-              }
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-federation-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 mode = "666";
                 resources = [
                   {
-                    names = [ "federation" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -64,39 +68,42 @@ in
       );
     };
 
-    services.nginx.upstreams."${workerName}" = {
-      extraConfig = ''
-        keepalive 32;
-        ip_hash;
-      '';
-      servers = lib.listToAttrs (
-        lib.map (index: {
-          name = "unix:/run/matrix-synapse/${workerName}-federation-${toString index}.sock";
+    services.nginx = {
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
           value = {
-            max_fails = 0;
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                value = {
+                  max_fails = 0;
+                };
+              }) workers
+            );
           };
-        }) workers
+        }) enabledResources
       );
-    };
 
-    services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
index 29223d7..6a16fb6 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-reader.nix
@@ -35,6 +35,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.federationReaders > 0) {
     services.matrix-synapse = {
@@ -54,29 +57,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
-                type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
-                resources = [
-                  {
-                    names = [ "replication" ];
-                    compress = false;
-                  }
-                ];
-              }
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-federation-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 mode = "666";
                 resources = [
                   {
-                    names = [ "federation" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -88,39 +92,42 @@ in
       );
     };
 
-    services.nginx.upstreams."${workerName}" = {
-      extraConfig = ''
-        keepalive 32;
-        hash $request_uri consistent;
-      '';
-      servers = lib.listToAttrs (
-        lib.map (index: {
-          name = "unix:/run/matrix-synapse/${workerName}-federation-${toString index}.sock";
+    services.nginx = {
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
           value = {
-            max_fails = 0;
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                value = {
+                  max_fails = 0;
+                };
+              }) workers
+            );
           };
-        }) workers
+        }) enabledResources
       );
-    };
 
-    services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix
index 598c028..cd482f9 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix
@@ -2,7 +2,7 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "solo";
-  federationSenders = lib.range 0 (cfg.federationSenders - 1);
+  workers = lib.range 0 (cfg.federationSenders - 1);
   workerName = "federation_sender";
   workerRoutes = {
     client = [ ];
@@ -10,6 +10,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.federationSenders > 0) {
     services.matrix-synapse = {
@@ -20,11 +23,11 @@ in
             value = {
               path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
             };
-          }) federationSenders
+          }) workers
         );
         send_federation = false;
-        federation_sender_instances = lib.map (index: "${workerName}-${toString index}") federationSenders;
-        outbound_federation_restricted_to = lib.map (index: "${workerName}-${toString index}") federationSenders;
+        federation_sender_instances = lib.map (index: "${workerName}-${toString index}") workers;
+        outbound_federation_restricted_to = lib.map (index: "${workerName}-${toString index}") workers;
         worker_replication_secret = "${workerName}_secret";
       };
 
@@ -33,18 +36,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                mode = "666";
                 resources = [
                   {
-                    names = [ "replication" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -52,27 +67,45 @@ in
               }
             );
           };
-        }) federationSenders
+        }) workers
       );
     };
     services.nginx = {
-      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
-        lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
+          value = {
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                  max_fails = 0;
                 };
-              }) workerRoutes.${type}
-            )
+              }) workers
+            );
+          };
+        }) enabledResources
+      );
+
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix b/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix
index 2cccbf5..4394e10 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/media-repo.nix
@@ -20,6 +20,9 @@ let
     ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.mediaRepoWorkers > 0) {
     services.matrix-synapse = {
@@ -42,29 +45,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
-                type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
-                resources = [
-                  {
-                    names = [ "replication" ];
-                    compress = false;
-                  }
-                ];
-              }
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-media-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 mode = "666";
                 resources = [
                   {
-                    names = [ "media" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -87,30 +91,44 @@ in
       );
     };
 
-    services.nginx.upstreams."${workerName}" = {
-      extraConfig = ''
-        keepalive 32;
-      '';
-      servers = lib.listToAttrs (
-        lib.map (index: {
-          name = "unix:/run/matrix-synapse/${workerName}-media-${toString index}.sock";
+    services.nginx = {
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
           value = {
-            max_fails = 0;
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                value = {
+                  max_fails = 0;
+                };
+              }) workers
+            );
           };
-        }) workers
+        }) enabledResources
       );
-    };
 
-    services.nginx.virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
-      lib.map (route: {
-        name = route;
-        value = {
-          proxyPass = "http://${workerName}";
-          extraConfig = ''
-            client_max_body_size 500M;
-          '';
-        };
-      }) workerRoutes.media
-    );
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
+        )
+      );
+    };
   };
 }
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix b/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix
index 64d40b2..7388824 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix
@@ -2,7 +2,7 @@
 let
   cfg = config.services.matrix-synapse;
   dbGroup = "small";
-  pushers = lib.range 0 (cfg.pushers - 1);
+  workers = lib.range 0 (cfg.pushers - 1);
   workerName = "pusher";
   workerRoutes = {
     client = [ ];
@@ -10,6 +10,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.pushers > 0) {
     services.matrix-synapse = {
@@ -20,10 +23,10 @@ in
             value = {
               path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
             };
-          }) pushers
+          }) workers
         );
 
-        pusher_instances = lib.map (index: "${workerName}-${toString index}") pushers;
+        pusher_instances = lib.map (index: "${workerName}-${toString index}") workers;
       };
 
       workers = lib.listToAttrs (
@@ -31,18 +34,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                mode = "666";
                 resources = [
                   {
-                    names = [ "replication" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -50,28 +65,46 @@ in
               }
             );
           };
-        }) pushers
+        }) workers
       );
     };
 
     services.nginx = {
-      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
-        lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
+          value = {
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+                  max_fails = 0;
                 };
-              }) workerRoutes.${type}
-            )
+              }) workers
+            );
+          };
+        }) enabledResources
+      );
+
+      virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+        lib.flatten (
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/single/appservice.nix b/host/Rory-nginx/services/matrix/synapse/workers/single/appservice.nix
index a19b076..315a322 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/single/appservice.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/single/appservice.nix
@@ -10,6 +10,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf cfg.enableAppserviceWorker {
     services.matrix-synapse = {
@@ -39,28 +42,17 @@ in
                 ];
               }
             ]
-            ++ lib.optional (lib.length workerRoutes.client > 0) {
+            ++ lib.map (type: {
               type = "http";
-              path = "/run/matrix-synapse/${workerName}-client.sock";
+              path = "/run/matrix-synapse/${workerName}-${type}.sock";
               mode = "666";
               resources = [
                 {
-                  names = [ "client" ];
+                  names = [ type ];
                   compress = false;
                 }
               ];
-            }
-            ++ lib.optional (lib.length workerRoutes.federation > 0) {
-              type = "http";
-              path = "/run/matrix-synapse/${workerName}-federation.sock";
-              mode = "666";
-              resources = [
-                {
-                  names = [ "federation" ];
-                  compress = false;
-                }
-              ];
-            };
+            }) enabledResources;
 
           database = (import ../../db.nix { inherit workerName dbGroup; });
         };
@@ -70,21 +62,15 @@ in
     services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/single/background.nix b/host/Rory-nginx/services/matrix/synapse/workers/single/background.nix
index bfa1793..b667e19 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/single/background.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/single/background.nix
@@ -12,6 +12,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf cfg.enableBackgroundWorker {
     services.matrix-synapse = {
@@ -41,28 +44,17 @@ in
                 ];
               }
             ]
-            ++ lib.optional (lib.length workerRoutes.client > 0) {
+            ++ lib.map (type: {
               type = "http";
-              path = "/run/matrix-synapse/${workerName}-client.sock";
+              path = "/run/matrix-synapse/${workerName}-${type}.sock";
               mode = "666";
               resources = [
                 {
-                  names = [ "client" ];
+                  names = [ type ];
                   compress = false;
                 }
               ];
-            }
-            ++ lib.optional (lib.length workerRoutes.federation > 0) {
-              type = "http";
-              path = "/run/matrix-synapse/${workerName}-federation.sock";
-              mode = "666";
-              resources = [
-                {
-                  names = [ "federation" ];
-                  compress = false;
-                }
-              ];
-            };
+            }) enabledResources;
 
           database = (import ../../db.nix { inherit workerName dbGroup; });
         };
@@ -72,21 +64,15 @@ in
     services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/single/user-dir.nix b/host/Rory-nginx/services/matrix/synapse/workers/single/user-dir.nix
index 56dbd5f..89c6aa4 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/single/user-dir.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/single/user-dir.nix
@@ -15,6 +15,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf cfg.enableUserDirWorker {
     services.matrix-synapse = {
@@ -44,28 +47,17 @@ in
                 ];
               }
             ]
-            ++ lib.optional (lib.length workerRoutes.client > 0) {
+            ++ lib.map (type: {
               type = "http";
-              path = "/run/matrix-synapse/${workerName}-client.sock";
+              path = "/run/matrix-synapse/${workerName}-${type}.sock";
               mode = "666";
               resources = [
                 {
-                  names = [ "client" ];
+                  names = [ type ];
                   compress = false;
                 }
               ];
-            }
-            ++ lib.optional (lib.length workerRoutes.federation > 0) {
-              type = "http";
-              path = "/run/matrix-synapse/${workerName}-federation.sock";
-              mode = "666";
-              resources = [
-                {
-                  names = [ "federation" ];
-                  compress = false;
-                }
-              ];
-            };
+            }) enabledResources;
 
           database = (import ../../db.nix { inherit workerName dbGroup; });
         };
@@ -75,21 +67,15 @@ in
     services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix
index 3cf6b78..35bd4e9 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix
@@ -12,6 +12,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.eventStreamWriters > 0) {
     services.matrix-synapse = {
@@ -33,29 +36,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
-                type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
-                resources = [
-                  {
-                    names = [ "replication" ];
-                    compress = false;
-                  }
-                ];
-              }
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 mode = "666";
                 resources = [
                   {
-                    names = [ "client" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../../db.nix {
                 inherit dbGroup;
@@ -67,38 +71,42 @@ in
       );
     };
 
-    services.nginx.upstreams."${workerName}" = {
-      extraConfig = ''
-        keepalive 32;
-      '';
-      servers = lib.listToAttrs (
-        lib.map (index: {
-          name = "unix:/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+    services.nginx = {
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
           value = {
-            max_fails = 0;
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                value = {
+                  max_fails = 0;
+                };
+              }) workers
+            );
           };
-        }) workers
+        }) enabledResources
       );
-    };
 
-    services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };
diff --git a/host/Rory-nginx/services/matrix/synapse/workers/sync.nix b/host/Rory-nginx/services/matrix/synapse/workers/sync.nix
index 645e550..636f521 100644
--- a/host/Rory-nginx/services/matrix/synapse/workers/sync.nix
+++ b/host/Rory-nginx/services/matrix/synapse/workers/sync.nix
@@ -16,6 +16,9 @@ let
     media = [ ];
   };
 in
+let
+  enabledResources = lib.optionals (lib.length workerRoutes.client > 0) [ "client" ] ++ lib.optionals (lib.length workerRoutes.federation > 0) [ "federation" ] ++ lib.optionals (lib.length workerRoutes.media > 0) [ "media" ];
+in
 {
   config = lib.mkIf (cfg.syncWorkers > 0) {
     services.matrix-synapse = {
@@ -35,29 +38,30 @@ in
           name = "${workerName}-${toString index}";
           value = {
             worker_app = "synapse.app.generic_worker";
-            worker_listeners = [
-              {
-                type = "http";
-                path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
-                resources = [
-                  {
-                    names = [ "replication" ];
-                    compress = false;
-                  }
-                ];
-              }
-              {
+            worker_listeners =
+              [
+                {
+                  type = "http";
+                  path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+                  resources = [
+                    {
+                      names = [ "replication" ];
+                      compress = false;
+                    }
+                  ];
+                }
+              ]
+              ++ lib.map (type: {
                 type = "http";
-                path = "/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+                path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
                 mode = "666";
                 resources = [
                   {
-                    names = [ "client" ];
+                    names = [ type ];
                     compress = false;
                   }
                 ];
-              }
-            ];
+              }) enabledResources;
             database = (
               import ../db.nix {
                 inherit dbGroup;
@@ -69,38 +73,42 @@ in
       );
     };
 
-    services.nginx.upstreams."${workerName}" = {
-      extraConfig = ''
-        keepalive 32;
-      '';
-      servers = lib.listToAttrs (
-        lib.map (index: {
-          name = "unix:/run/matrix-synapse/${workerName}-client-${toString index}.sock";
+    services.nginx = {
+      upstreams = lib.listToAttrs (
+        lib.map (type: {
+          name = "${workerName}-${type}";
           value = {
-            max_fails = 0;
+            extraConfig = ''
+              keepalive 32;
+              least_conn;
+            '';
+            servers = lib.listToAttrs (
+              lib.map (index: {
+                name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+                value = {
+                  max_fails = 0;
+                };
+              }) workers
+            );
           };
-        }) workers
+        }) enabledResources
       );
-    };
 
-    services.nginx = {
       virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
         lib.flatten (
-          lib.forEach
-            [
-              "client"
-              "federation"
-              "media"
-            ]
-            (
-              type:
-              lib.map (route: {
-                name = route;
-                value = {
-                  proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
-                };
-              }) workerRoutes.${type}
-            )
+          lib.forEach enabledResources (
+            type:
+            lib.map (route: {
+              name = route;
+              value = {
+                proxyPass = "http://${workerName}-${type}";
+                extraConfig = ''
+                  proxy_http_version 1.1;
+                  proxy_set_header Connection "";
+                '';
+              };
+            }) workerRoutes.${type}
+          )
         )
       );
     };