From d2349014329c38008dc992b1b6c989865cd7b1cc Mon Sep 17 00:00:00 2001
From: Christine Elisabeth Koppel <kuutruu@posteo.net>
Date: Tue, 10 Feb 2026 00:29:03 +0100
Subject: [PATCH] Add Matrix Conduit service configuration to Nix setup

---
 .../modules/system/teamspeak.nix              | 28 +++++++++++++++++++
 nix-system-configs/modules/system/traefik.nix | 15 +++++++++-
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/nix-system-configs/modules/system/teamspeak.nix b/nix-system-configs/modules/system/teamspeak.nix
index 113919a..f05443e 100644
--- a/nix-system-configs/modules/system/teamspeak.nix
+++ b/nix-system-configs/modules/system/teamspeak.nix
@@ -52,13 +52,41 @@
       openFirewall = true;
     };
 
+    ## Add Conduit for Matrix
+
+    # See https://search.nixos.org/options?channel=unstable&query=services.matrix-conduit.
+    # and https://docs.conduit.rs/configuration.html
+    services.matrix-conduit = {
+      enable = true;
+      settings.global = {
+        allow_registration = true;
+        # You will need this token when creating your first account.
+        registration_token = "testtoken1234";
+        # server_name = yourDomainName;
+        port = 12244;
+        # Bind to all interfaces so Traefik on the network can reach Conduit.
+        address = "0.0.0.0";
+        database_backend = "rocksdb";
+        server_name = "https://lgbtq.prg-radio.org";
+
+        # See https://docs.conduit.rs/turn.html, and https://github.com/element-hq/synapse/blob/develop/docs/turn-howto.md for more details
+        # turn_uris = [
+        #  "turn:your.turn.url?transport=udp"
+        #  "turn:your.turn.url?transport=tcp"
+        # ];
+        # turn_secret = "your secret";
+      };
+    };
+
     networking.firewall.allowedTCPPorts = [
       80
       443
+      12244
     ];
     networking.firewall.allowedUDPPorts = [
       80
       443
+      12244
     ];
 
     system.stateVersion = "25.11";
diff --git a/nix-system-configs/modules/system/traefik.nix b/nix-system-configs/modules/system/traefik.nix
index cdfb311..11e1bfb 100644
--- a/nix-system-configs/modules/system/traefik.nix
+++ b/nix-system-configs/modules/system/traefik.nix
@@ -114,6 +114,13 @@
             entryPoints = ["websecure"];
             tls = {};
           };
+
+          matrix = {
+            rule = "Host(`lgbtq.prg-radio.org`)";
+            service = "matrix";
+            entryPoints = ["websecure"];
+            tls = {};
+          };
         };
         http.services = {
           forgejo.loadBalancer = {
@@ -133,6 +140,12 @@
               {url = "http://10.1.1.249:8087";}
             ];
           };
+
+          matrix.loadBalancer = {
+            servers = [
+              { url = "http://10.1.1.248:12244"; }
+            ];
+          };
         };
 
         # TCP routing for TeamSpeak
@@ -205,4 +218,4 @@
 
     system.stateVersion = "25.11";
   };
-}
\ No newline at end of file
+}