Seperated Matrix into logical modules; Added Exporters; Got Filebrowser working

2026-04-18 00:37:04 +02:00
parent 05d5789627
commit eebf846846
10 changed files with 466 additions and 11 deletions
--- a/nixos/roles/matrix/coturn.nix
+++ b/nixos/roles/matrix/coturn.nix
@@ -0,0 +1,39 @@
+{
+  config,
+  ...
+}:
+{
+  networking.firewall = {
+    allowedTCPPorts = [
+      3478 # TURN (coturn)
+    ];
+    allowedUDPPorts = [
+      3478 # TURN (coturn)
+    ];
+    allowedUDPPortRanges = [
+      {
+        from = 49152;
+        to = 65535; # TURN relay ports (coturn)
+      }
+    ];
+  };
+
+  sops.secrets.matrix_turn_secret = {
+    owner = "matrix-synapse";
+    group = "matrix-synapse";
+  };
+
+  services.coturn = {
+    enable = true;
+    no-cli = true;
+    no-tcp-relay = true;
+    min-port = 49152;
+    max-port = 65535;
+    use-auth-secret = true;
+    static-auth-secret-file = config.sops.secrets.matrix_turn_secret.path;
+    realm = "turn.cyperpunk.de";
+    extraConfig = ''
+      no-multicast-peers
+    '';
+  };
+}