Migrate Synapse and Mautrix bridges (Whatsapp, Signal and Telegram)

machines/beagle/modules/reverse-proxy.nix

@@ -1,10 +1,14 @@
-{config, ...}: {
+{ config, ... }:
+{
   security.acme = {
     acceptTerms = true;
     defaults.email = "personal+letsencrypt@peprolinbot.com";
   };
 
-  networking.firewall.allowedTCPPorts = [80 443];
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];
 
   services.nginx = {
     enable = true;
@@ -24,6 +28,19 @@
           proxyPass = "https://${config.services.kanidm.serverSettings.bindaddress}";
         };
       };
+
+      "synapse.peprolinbot.com" = {
+        forceSSL = true;
+        enableACME = true;
+
+        locations."/" = {
+          proxyPass = "http://[::1]:8008";
+
+          extraConfig = ''
+            client_max_body_size ${config.services.matrix-synapse.settings.max_upload_size};
+          '';
+        };
+      };
     };
   };
 }