{ pkgs, config, ... }: let fqdn = "${config.networking.domain}"; baseUrl = "https://${fqdn}"; clientConfig."m.homeserver".base_url = "https://matrix.${fqdn}"; serverConfig."m.server" = "${fqdn}:443"; mkWellKnown = data: '' default_type application/json; add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON data}'; ''; in { services.nginx = { virtualHosts = { "matrix.${config.networking.domain}" = { forceSSL = true; enableACME = true; locations."/" = { proxyPass = " http://32.54.31.241:8008"; }; extraConfig = '' client_max_body_size 9000M; ''; }; "${fqdn}" = { # well known paths for matrix locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; locations."/_matrix".proxyPass = "http://32.54.31.241:8008"; locations."/_synapse".proxyPass = "http://32.54.31.241:8008"; locations."= /.well-known/matrix/client" .extraConfig = mkWellKnown clientConfig; }; }; }; }