#+TITLE: Matrix Homeserver on NixOS

* Prerequisites
- NixOS installed
- Domain with DNS pointing to server (A/AAAA Record matrix.domain.tld)
- Port 443

* Setup

1. Clone to =/etc/nixos= (or copy files)
2. Edit =matrix.nix= line 7: change =enter-your-domain= to your domain
3. Copy your =hardware-configuration.nix= into the directory
4. Rebuild:
#+begin_src sh
nixos-rebuild switch --flake /etc/nixos#nixos-matrix
#+end_src

* Create Admin Account

#+begin_src sh
sudo matrix-synapse-register_new_matrix_user
#+end_src

Prompts for: username, password, admin (y/n)

* Verify

#+begin_src sh
systemctl status matrix-synapse postgresql nginx
#+end_src

Test federation: https://federationtester.matrix.org

* Notes
- Registration disabled by default (=enable_registration = false=)
- PostgreSQL configured automatically
- Intended usecase ipv6 lxc container with remote reverse proxy

* NGINX Reverse Proxy Configurarion
- Create nginx config with this location
- issue Lets Encrypt cert via certbot for example
- nginx will handle everything

#+begin_src sh
    location / {
      proxy_pass https://[ipv6_lxc];
      proxy_ssl_verify off;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Host $host;
 
      # Increase body size for media uploads (federation can send large files too)
      client_max_body_size 100M;
    }
#+end_src