Add initial dingserver config

hosts/dingserver/bot.nix

@@ -0,0 +1,39 @@
+{pkgs, ... }:
+
+{
+  services.mautrix-facebook = {
+    enable = true;
+
+    # file containing the appservice and telegram tokens
+    #environmentFile = /etc/secrets/mautrix-telegram.env;
+
+    # The appservice is pre-configured to use SQLite by default.
+    # It's also possible to use PostgreSQL.
+    settings = {
+      homeserver = {
+        address = "http://localhost:8008";
+        domain = "broccoli.town";
+      };
+      appservice = {
+        address = "https://localhost:29319";
+        bot_username = "messenger_bot";
+        database = "sqlite:///var/lib/mautrix/bot.db";
+        port = 29319;
+        as_token = "NwNtnSTUaIIxf8DIew1XMYyktrbckiMp8iwcXUGkHq28tYVc99A-IL2swBR7WFtl";
+        hs_token = "QAuD0k9I3QCfEfhlnWbqBFGOTJz-fFdesnzZOovJxdfGVMDCkdFEb6Zvu5eGAIZi";
+      };
+      bridge = {
+        encryption = {
+          allow = true;
+          default = true;
+        };
+        username_template = "facebook_{userid}";
+        permissions = {
+          "*" = "relay";
+          "broccoli.town"  = "user";
+          "@dung:broccoli.town" = "admin";
+        };
+      };
+    };
+  };
+}

hosts/dingserver/caddy.nix

@@ -0,0 +1,51 @@
+{ pkgs, lib, ... }:
+
+{
+  services.caddy = {
+    enable = true;
+    virtualHosts = {
+
+      "matrix.broccoli.town" = {
+        extraConfig = ''
+          reverse_proxy /_matrix/* http://localhost:8008
+          reverse_proxy /_synapse/client/* http://localhost:8008
+        '';
+      };
+
+      "broccoli.town:8448" = {
+        extraConfig = ''
+          reverse_proxy http://localhost:8008
+        '';
+      };
+
+      "chat.broccoli.town" = {
+        extraConfig = ''
+          header {
+            X-Frame-Options "SAMEORIGIN"
+            X-XSS-Protection "1; mode=block"
+            X-Content-Type-Options "nosniff"
+            X-Robots-Tag "noindex, noarchive, nofollow"
+          }
+          root * ${pkgs.element-web.override {
+            conf = {
+              default_server_config."m.homeserver" = {
+                "base_url" = "https://matrix.broccoli.town";
+                "server_name" = "matrix.broccoli.town";
+              };
+            };
+          }
+          }
+          file_server
+        '';
+      };
+
+      "danielpatterson.dev" = {
+        extraConfig = ''
+          root * /srv/site/danielpatterson.dev
+          file_server
+        '';
+      };
+
+    };
+  };
+}

hosts/dingserver/configuration.nix

@@ -0,0 +1,44 @@
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+      ./synapse.nix
+      ./caddy.nix
+    ];
+
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
+
+  networking.hostName = "dingserver";
+  networking.useDHCP = false;
+  networking.interfaces.ens3.useDHCP = true;
+
+  users.users.daniel = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+  };
+
+  environment.systemPackages = with pkgs; [
+    curl
+    git
+    kitty
+    lazygit
+    wget
+  ];
+
+  programs.neovim = {
+  	enable = true;
+	vimAlias = true;
+	viAlias = true;
+  };
+
+  services.openssh.enable = true;
+ 
+  system.stateVersion = "21.11"; # Did you read the comment?
+
+}
+

hosts/dingserver/hardware-configuration.nix

@@ -0,0 +1,24 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/f91229ad-de6b-49ad-8858-e49fea85e8a1";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/dingserver/synapse.nix

@@ -0,0 +1,28 @@
+{ config, pkgs, lib, ... }:
+let
+  fqdn = "matrix.broccoli.town";
+in {
+  networking.firewall.allowedTCPPorts = [ 80 8448 443 ];
+
+  services.matrix-synapse = {
+    enable = true;
+    server_name = "broccoli.town";
+    database_type = "sqlite3";
+    max_upload_size = "50M";
+    listeners = [
+      {
+        port = 8008;
+        bind_address = "::1";
+        type = "http";
+        tls = false;
+        x_forwarded = true;
+        resources = [
+          {
+            names = [ "client" "federation" ];
+            compress = false;
+          }
+        ];
+      }
+    ];
+  };
+}