diff options
author | sephalon <me@sephalon.net> | 2021-01-13 22:20:17 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-01-13 22:20:17 +0100 |
commit | 76fad08473687bce7c46772a57d061ae70eec728 (patch) | |
tree | 1ac21d03a4d8b3d4d87c986dda3839fc7a977292 | |
parent | 69dc4dc2c130575a679a851d6bc759fe6ee0fe39 (diff) | |
download | nixpkgs-76fad08473687bce7c46772a57d061ae70eec728.tar nixpkgs-76fad08473687bce7c46772a57d061ae70eec728.tar.gz nixpkgs-76fad08473687bce7c46772a57d061ae70eec728.tar.bz2 nixpkgs-76fad08473687bce7c46772a57d061ae70eec728.tar.lz nixpkgs-76fad08473687bce7c46772a57d061ae70eec728.tar.xz nixpkgs-76fad08473687bce7c46772a57d061ae70eec728.tar.zst nixpkgs-76fad08473687bce7c46772a57d061ae70eec728.zip |
nixos/matrix-synapse: enable HTTPS in example (#109230)
The /.well-known endpoint must use HTTPS, see specification: https://matrix.org/docs/spec/server_server/latest#resolving-server-names.
-rw-r--r-- | nixos/modules/services/misc/matrix-synapse.xml | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/nixos/modules/services/misc/matrix-synapse.xml b/nixos/modules/services/misc/matrix-synapse.xml index fbfa838b168..5544c2035fb 100644 --- a/nixos/modules/services/misc/matrix-synapse.xml +++ b/nixos/modules/services/misc/matrix-synapse.xml @@ -69,6 +69,9 @@ in { # i.e. to delegate from the host being accessible as ${config.networking.domain} # to another host actually running the Matrix homeserver. "${config.networking.domain}" = { + <link linkend="opt-services.nginx.virtualHosts._name_.enableACME">enableACME</link> = true; + <link linkend="opt-services.nginx.virtualHosts._name_.forceSSL">forceSSL</link> = true; + <link linkend="opt-services.nginx.virtualHosts._name_.locations._name_.extraConfig">locations."= /.well-known/matrix/server".extraConfig</link> = let # use 443 instead of the default 8448 port to unite |