From 8de4852418e79548a615090cd5ea0208fea1b11f Mon Sep 17 00:00:00 2001 From: Simon Bruder Date: Tue, 31 May 2022 14:43:51 +0200 Subject: [PATCH] renge/synapse: Migrate to new settings option --- machines/renge/services/matrix/go-neb.nix | 2 +- .../services/matrix/mautrix-whatsapp.nix | 4 +- machines/renge/services/matrix/synapse.nix | 105 +++++++++--------- machines/renge/services/prometheus.nix | 4 +- 4 files changed, 58 insertions(+), 57 deletions(-) diff --git a/machines/renge/services/matrix/go-neb.nix b/machines/renge/services/matrix/go-neb.nix index bf2220d..ceb1cf4 100644 --- a/machines/renge/services/matrix/go-neb.nix +++ b/machines/renge/services/matrix/go-neb.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: let - synapseCfg = config.services.matrix-synapse; + synapseCfg = config.services.matrix-synapse.settings; in { sops.secrets = { diff --git a/machines/renge/services/matrix/mautrix-whatsapp.nix b/machines/renge/services/matrix/mautrix-whatsapp.nix index 7a7a01f..c08f171 100644 --- a/machines/renge/services/matrix/mautrix-whatsapp.nix +++ b/machines/renge/services/matrix/mautrix-whatsapp.nix @@ -1,7 +1,7 @@ # somewhat adapted from https://github.com/NixOS/nixpkgs/pull/59211 { config, lib, pkgs, ... }: let - synapseCfg = config.services.matrix-synapse; + synapseCfg = config.services.matrix-synapse.settings; in let config = rec { @@ -74,5 +74,5 @@ in }; }; - services.matrix-synapse.app_service_config_files = lib.singleton "${generatedConfig}/registration.yaml"; + services.matrix-synapse.settings.app_service_config_files = lib.singleton "${generatedConfig}/registration.yaml"; } diff --git a/machines/renge/services/matrix/synapse.nix b/machines/renge/services/matrix/synapse.nix index be376fd..19d7c29 100644 --- a/machines/renge/services/matrix/synapse.nix +++ b/machines/renge/services/matrix/synapse.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: let - cfg = config.services.matrix-synapse; + cfg = config.services.matrix-synapse.settings; fqdn = "matrix.sbruder.de"; domain = "sbruder.de"; @@ -20,64 +20,65 @@ in services.matrix-synapse = { enable = true; - server_name = domain; - public_baseurl = "https://${fqdn}"; - listeners = lib.singleton { - port = 8008; - bind_address = "127.0.0.1"; - type = "http"; - tls = false; - x_forwarded = true; - resources = lib.singleton { - names = [ "client" "federation" "metrics" ]; - compress = false; - }; - }; + settings = { + server_name = domain; + public_baseurl = "https://${fqdn}"; - turn_uris = [ - "turns:turn.sbruder.de:5349?transport=udp" - "turns:turn.sbruder.de:5349?transport=tcp" - "turn:turn.sbruder.de:3478?transport=udp" - "turn:turn.sbruder.de:3478?transport=tcp" - ]; - turn_user_lifetime = "3600000"; # 1h - - enable_metrics = true; - - # adapted from https://github.com/NixOS/nixpkgs/blob/7e10bf4327491a6ebccbe1aaa8e6c6c0aca4663a/nixos/modules/services/misc/matrix-synapse-log_config.yaml - # - set root.level to WARNING instead of INFO - logConfig = builtins.toJSON { - version = 1; - - formatters.journal_fmt.format = "%(name)s: [%(request)s] %(message)s"; - - filters.context = { - "()" = "synapse.util.logcontext.LoggingContextFilter"; - request = ""; + listeners = lib.singleton { + port = 8008; + bind_addresses = [ "127.0.0.1" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = lib.singleton { + names = [ "client" "federation" "metrics" ]; + compress = false; + }; }; - handlers.journal = { - class = "systemd.journal.JournalHandler"; - formatter = "journal_fmt"; - filters = [ "context" ]; - SYSLOG_IDENTIFIER = "synapse"; + turn_uris = [ + "turns:turn.sbruder.de:5349?transport=udp" + "turns:turn.sbruder.de:5349?transport=tcp" + "turn:turn.sbruder.de:3478?transport=udp" + "turn:turn.sbruder.de:3478?transport=tcp" + ]; + turn_user_lifetime = "3600000"; # 1h + + enable_metrics = true; + + # adapted from https://github.com/NixOS/nixpkgs/blob/7e10bf4327491a6ebccbe1aaa8e6c6c0aca4663a/nixos/modules/services/misc/matrix-synapse-log_config.yaml + # - set root.level to WARNING instead of INFO + logConfig = builtins.toJSON { + version = 1; + + formatters.journal_fmt.format = "%(name)s: [%(request)s] %(message)s"; + + filters.context = { + "()" = "synapse.util.logcontext.LoggingContextFilter"; + request = ""; + }; + + handlers.journal = { + class = "systemd.journal.JournalHandler"; + formatter = "journal_fmt"; + filters = [ "context" ]; + SYSLOG_IDENTIFIER = "synapse"; + }; + + root = { + level = "WARNING"; + handlers = [ "journal" ]; + }; + + disable_existing_loggers = false; }; - root = { - level = "WARNING"; - handlers = [ "journal" ]; - }; + max_upload_size = "50M"; - disable_existing_loggers = false; - }; - - max_upload_size = "50M"; - - extraConfig = '' # I’m okay with using matrix.org as trusted key server - suppress_key_server_warning: true - ''; + suppress_key_server_warning = true; + }; extraConfigFiles = with config.sops.secrets; [ synapse-registration-shared-secret.path @@ -109,7 +110,7 @@ in listenerCfg = (lib.elemAt cfg.listeners 0); in { - proxyPass = "http://${listenerCfg.bind_address}:${toString listenerCfg.port}"; + proxyPass = "http://${lib.elemAt listenerCfg.bind_addresses 0}:${toString listenerCfg.port}"; extraConfig = '' client_max_body_size ${cfg.max_upload_size}; diff --git a/machines/renge/services/prometheus.nix b/machines/renge/services/prometheus.nix index a1dfcff..d499822 100644 --- a/machines/renge/services/prometheus.nix +++ b/machines/renge/services/prometheus.nix @@ -87,11 +87,11 @@ in } ( let - listenerCfg = (lib.elemAt config.services.matrix-synapse.listeners 0); + listenerCfg = (lib.elemAt config.services.matrix-synapse.settings.listeners 0); in { job_name = "synapse"; - static_configs = mkStaticTarget "${listenerCfg.bind_address}:${toString listenerCfg.port}"; + static_configs = mkStaticTarget "${lib.elemAt listenerCfg.bind_addresses 0}:${toString listenerCfg.port}"; metrics_path = "/_synapse/metrics"; relabel_configs = lib.singleton { target_label = "instance";