server-configuration/services/conduwuit.nix

{...}: let
  port = 6167;
  host = "127.0.0.1";
  domain = "matrix.spoodythe.one";
  mb = 1024 * 1024;
  max-request-size = 20;
in {
  imports = [
    ./nginx.nix
  ];

  services.conduwuit = {
    enable = true;
    settings = {
      global = {
        port = [port];
        address = [host];
        server_name = domain;
        max_request_size = max-request-size * mb;
      };
    };
  };

  services.nginx.virtualHosts."${domain}" = {
    forceSSL = true;
    enableACME = true;
    listen = [
      { port = 443; ssl = true; addr = "0.0.0.0"; }
      { port = 8448; ssl = true; addr = "0.0.0.0"; }
    ];
    locations."/" = {
      proxyPass = "http://${host}:${toString port}";
      extraConfig = ''
        client_max_body_size ${toString max-request-size}M;
      '';
    };
    locations."/_matrix" = {
      proxyPass = "http://${host}:${toString port}";
      extraConfig = ''
        client_max_body_size ${toString max-request-size}M;
      '';
    };
  };

  # Open port so i can access it on my local network
  networking.firewall.allowedTCPPorts = [port 8448];
  networking.firewall.allowedUDPPorts = [port 8448];
}