Merge branch 'main' of ssh://git.berlin.ccc.de/cccb/matrix

services/nginx.nix

@@ -25,39 +25,10 @@ in
       quic = true;
       kTLS = true;
       forceSSL = true;
-      useACMEHost = fqdn;
-      listen = [
-        {
-          addr = "0.0.0.0";
-          port = 443;
-          ssl = true;
-        }
-        {
-          addr = "[::]";
-          port = 443;
-          ssl = true;
-        }
-        {
-          addr = "0.0.0.0";
-          port = 8448;
-          ssl = true;
-        }
-        {
-          addr = "[::]";
-          port = 8448;
-          ssl = true;
-        }
-      ];
+      enableACME = true;
       locations = {
-        "/.well-known/acme-challenge".root = config.security.acme.defaults.webroot;
+        #"/.well-known/acme-challenge".root = config.security.acme.defaults.webroot;
         "/".return = "418 \"🫖\"";
-        "= /.well-known/matrix/client" = {
-          return = "200 '{\"m.homeserver\": {\"base_url\": \"https://matrix.berlin.ccc.de\"}}'";
-          extraConfig = ''
-            default_type application/json;
-            add_header Access-Control-Allow-Origin "*";
-          '';
-        };
         "~ ^(/_matrix|/_synapse/client)" = {
           recommendedProxySettings = true;
           proxyPass = "http://[::1]:8008";
@@ -70,8 +41,5 @@ in
       };
     };
   };
-
-  security.acme.certs."${fqdn}" = {
-    reloadServices = [ "nginx" ];
-  };
 }
+