diff --git a/modules/matrix-synapse.nix b/modules/matrix-synapse.nix index 167b11f..fb2e1b5 100644 --- a/modules/matrix-synapse.nix +++ b/modules/matrix-synapse.nix @@ -15,21 +15,13 @@ names = [ "federation" ]; } ]; - tls = true; type = "http"; - x_forwarded = false; + tls = false; + x_forwarded = true; }]; registration_shared_secret = config.secrets.matrix.shared_secret; - public_baseurl = "https://balsoft.ru:13748/"; + public_baseurl = "http://balsoft.ru"; server_name = "balsoft.ru"; - tls_certificate_path = toString (pkgs.writeTextFile { - name = "matrix.crt"; - text = config.secrets.ssl.cert; - }); - tls_private_key_path = toString (pkgs.writeTextFile { - name = "matrix_rsa"; - text = config.secrets.ssl.priv; - }); app_service_config_files = [ (builtins.toFile "registration_tg.yaml" (builtins.toJSON config.secrets.matrix.mautrix-telegram.registration)) diff --git a/modules/nginx.nix b/modules/nginx.nix index a413507..919fda0 100644 --- a/modules/nginx.nix +++ b/modules/nginx.nix @@ -14,9 +14,9 @@ root = "/var/lib/balsoft.ru"; index = "index.txt"; }; - locations."/.well-known".proxyPass = "https://localhost:13748"; + locations."/.well-known".proxyPass = "http://localhost:13748"; locations."/_matrix" = { - proxyPass = "https://localhost:13748"; + proxyPass = "http://localhost:13748"; }; enableACME = true; addSSL = true; @@ -28,7 +28,7 @@ locations."/" = { proxyPass = "http://localhost:5000"; }; } // default; "matrix.balsoft.ru" = { - locations."/" = { proxyPass = "https://localhost:13748"; }; + locations."/" = { proxyPass = "http://localhost:13748"; }; } // default; "share.balsoft.ru" = { locations."/" = { root = "/var/lib/share"; }; diff --git a/secret.nix b/secret.nix index f393741..bd99e60 100644 Binary files a/secret.nix and b/secret.nix differ