feate(nixos) bfs: matrix, element, bla bla bla

2025-12-05 19:36:53 +00:00
parent 5177f9a1f6
commit 9a5bfa3f80
4 changed files with 46 additions and 19 deletions
--- a/nixos/system/bfs/bfs.nix
+++ b/nixos/system/bfs/bfs.nix
@@ -10,7 +10,6 @@
  ...
 }: let
  xrayPort = 10086;
  matrixDomain = "accord.tube";
 in {
  # TODO:
  # white list
@@ -24,6 +23,7 @@ in {
    ./voice-tune.nix
    ./matrix.nix
    ./element-rtc.nix
    ./element.nix
  ];
  currentServer = {
--- a/nixos/system/bfs/element-rtc.nix
+++ b/nixos/system/bfs/element-rtc.nix
@@ -46,23 +46,23 @@ in {
            default_type application/json;
            add_header Access-Control-Allow-Origin *;
          '';
-          return = "200 '{\
+          return = ''200 '{
-            \"m.homeserver\": {\
+            "m.homeserver": {
-              \"base_url\": \"https://${cfg.matrixDomain}\"\
+              "base_url": "https://${cfg.matrixDomain}"
-            },\
+            },
-            \"m.identity_server\": {\
+            "m.identity_server": {
-              \"base_url\": \"https://vector.im\"\
+              "base_url": "https://vector.im"
-            },\
+            },
-            \"org.matrix.msc3575.proxy\": {\
+            "org.matrix.msc3575.proxy": {
-              \"url\": \"https://${cfg.matrixDomain}\"\
+              "url": "https://${cfg.matrixDomain}"
-            },\
+            },
-            \"org.matrix.msc4143.rtc_foci\": [\
+            "org.matrix.msc4143.rtc_foci": [
-              {\
+              {
-                \"type\": \"livekit\",\
+                "type": "livekit",
-                \"livekit_service_url\": \"https://${cfg.matrixDomain}/livekit/jwt\"\
+                "livekit_service_url": "https://${cfg.matrixDomain}/livekit/jwt"
-              }\
+              }
-            ]\
+            ]
-          }'";
+          }' '';
        };
        locations."^~ /livekit/jwt/" = {
@@ -89,7 +89,9 @@ in {
    networking.firewall = {
      enable = true;
      allowedTCPPorts = [
-        8448
+        8080
        7880
        7881
      ];
    };
  };
--- a/nixos/system/bfs/element.nix
+++ b/nixos/system/bfs/element.nix
@@ -0,0 +1,22 @@
 { config, lib, pkgs, ... }: let
  cfg = config.currentServer.matrix;
 in {
  config = {
    services.nginx.virtualHosts."element.${cfg.matrixDomain}" = {
      enableACME = true;
      forceSSL = true;
      root = pkgs.element-web.override {
        conf = {
          default_server_config = {
            "m.homeserver".base_url = "https://${cfg.matrixDomain}";
            "m.identity_server".base_url = "https://vector.im";
          };
          default_theme = "dark";
          show_labs_settings = true;
        };
      };
    };
  };
 }
--- a/nixos/system/bfs/voice-tune.nix
+++ b/nixos/system/bfs/voice-tune.nix
@@ -17,6 +17,9 @@ in {
      allowedUDPPortRanges = [
        { from = 49152; to = 65535; }
      ];
      allowedTCPPortRanges = [
        { from = 50000; to = 51000; }
      ];
    };
    services.matrix-synapse.settings = {