{ pkgs }: { enableACME = false; addSSL = true; # We don't care about certificates around here... sslCertificate = "${pkgs.path}/nixos/tests/common/acme/server/acme.test.cert.pem"; sslCertificateKey = "${pkgs.path}/nixos/tests/common/acme/server/acme.test.key.pem"; locations."/" = { #proxyPass = "http://127.0.0.1:9001"; proxyPass = "http://localhost:8008"; extraConfig = '' if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; more_set_headers 'Access-Control-Allow-Methods: *'; # # Custom headers and headers various browsers *should* be OK with but aren't # more_set_headers 'Access-Control-Allow-Headers: *, Authorization'; # # Tell client that this pre-flight info is valid for 20 days # more_set_headers 'Access-Control-Max-Age: 1728000'; more_set_headers 'Content-Type: text/plain; charset=utf-8'; more_set_headers 'Content-Length: 0'; return 204; } ''; }; locations."= /.well-known/matrix/server".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; return 200 '${builtins.toJSON { "m.server" = "synapse.localhost:443"; }}'; ''; locations."= /.well-known/matrix/client".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; return 200 '${ builtins.toJSON { "m.homeserver".base_url = "http://synapse.localhost"; } }'; ''; locations."= /.well-known/matrix/support".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; return 200 '${ builtins.toJSON { admins = [ { matrix_id = "@emma:rory.gay"; role = "admin"; } { matrix_id = "@alicia:rory.gay"; role = "admin"; } { matrix_id = "@root:rory.gay"; role = "admin"; } { matrix_id = "@rory:rory.gay"; role = "admin"; } ]; } }'; ''; }