41 lines
1.3 KiB
Nix
41 lines
1.3 KiB
Nix
{ config, ... }: {
|
|
services.dendrite = {
|
|
enable = true;
|
|
environmentFile = config.sops.secrets."services/dendrite/secrets".path;
|
|
settings = {
|
|
global = {
|
|
server_name = "chir.rs";
|
|
trusted_third_party_id_servers = [
|
|
"matrix.org"
|
|
"vector.im"
|
|
];
|
|
presence = {
|
|
enable_inbound = true;
|
|
enable_outbound = true;
|
|
};
|
|
};
|
|
app_service_api.database.connection_string = "postgresql://dendrite@localhost/dendrite_app_service";
|
|
client_api = {
|
|
registration_shared_secret = "$REGISTRATION_SHARED_SECRET";
|
|
};
|
|
federation_api = {
|
|
database.connection_string = "postgresql://dendrite@localhost/dendrite_federation";
|
|
};
|
|
key_server.database.connection_string = "postgresql://dendrite@localhost/dendrite_keyserver";
|
|
};
|
|
};
|
|
sops.secrets."services/dendrite/secrets" = { owner = "dendrite"; };
|
|
services.postgresql.ensureDatabases = [
|
|
"dendrite_app_service"
|
|
"dendrite_federation"
|
|
"dendrite_keyserver"
|
|
];
|
|
services.postgresql.ensureUsers = [{
|
|
name = "dendrite";
|
|
ensurePermissions = {
|
|
"DATABASE dendrite_app_service" = "ALL PRIVILEGES";
|
|
"DATABASE dendrite_federation" = "ALL PRIVILEGES";
|
|
"DATABASE dendrite_keyserver" = "ALL PRIVILEGES";
|
|
};
|
|
}];
|
|
}
|