[services] matrix - conduit

3 files changed, 114 insertions, 0 deletions

diff --git a/Applications/Services/matrix/conduit/.env.example b/Applications/Services/matrix/conduit/.env.example
new file mode 100644
index 0000000..54e2ffd
--- /dev/null
+++ b/Applications/Services/matrix/conduit/.env.example
@@ -0,0 +1,8 @@
+DOMAIN=matrix.example.org
+PORT=6167
+CONDUIT_DATABASE_PATH=/var/lib/matrix-conduit/
+REMOTE_DOMAIN=storage.example.org
+REMOTE_PATH=/matrix-conduit-db
+REMOTE_USERNAME=root
+REMOTE_PASSWORD=123456
+TRAEFIK_NETWORK=traefik-public
diff --git a/Applications/Services/matrix/conduit/docker-compose.yml b/Applications/Services/matrix/conduit/docker-compose.yml
new file mode 100644
index 0000000..1221596
--- /dev/null
+++ b/Applications/Services/matrix/conduit/docker-compose.yml
@@ -0,0 +1,87 @@
+version: "3"
+
+services:
+  conduit:
+    image: matrixconduit/matrix-conduit
+    restart: unless-stopped
+    volumes:
+      - "remote:${CONDUIT_DATABASE_PATH}"
+    environment:
+      - "CONDUIT_SERVER_NAME=${DOMAIN}"
+      - "CONDUIT_PORT=${PORT}"
+      - "CONDUIT_DATABASE_PATH=${CONDUIT_DATABASE_PATH}"
+      - "CONDUIT_DATABASE_BACKEND=rocksdb"
+      - "CONDUIT_ALLOW_REGISTRATION=false"
+      - "CONDUIT_ALLOW_FEDERATION=true"
+      - "CONDUIT_ALLOW_CHECK_FOR_UPDATES=false"
+      - "CONDUIT_ADDRESS=0.0.0.0"
+      - "CONDUIT_CONFIG="
+    networks:
+      - matrix
+      - traefik
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=${TRAEFIK_NETWORK}"
+      - "traefik.http.routers.matrix.rule=Host(`${DOMAIN}`)"
+      - "traefik.http.routers.matrix.entrypoints=websecure"
+      - "traefik.http.routers.matrix.tls=true"
+      - "traefik.http.routers.matrix.tls.certresolver=letsencrypt"
+      - "traefik.http.services.matrix.loadbalancer.server.port=${PORT}"
+      - "traefik.http.routers.matrix.middlewares=cors-headers@docker"
+
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"
+
+  well-known:
+    image: nginx:latest
+    restart: unless-stopped
+    volumes:
+      - "./nginx/templates:/etc/nginx/templates"
+      - "./nginx/www:/var/www"
+    environment:
+      - "CONDUIT_DOMAIN=${DOMAIN}"
+    networks:
+      - traefik
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=${TRAEFIK_NETWORK}"
+      - "traefik.http.routers.matrix-well-known.rule=Host(`${DOMAIN}`) && PathPrefix(`/.well-known/matrix`)"
+      - "traefik.http.routers.matrix-well-known.entrypoints=websecure"
+      - "traefik.http.routers.matrix-well-known.tls=true"
+      - "traefik.http.routers.matrix-well-known.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.matrix-well-known.middlewares=cors-headers@docker"
+
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
+      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"
+
+  bridge-telegram:
+    image: dock.mau.dev/mautrix/telegram:latest
+    restart: unless-stopped
+    volumes:
+      - "./bridges/telegram:/data"
+    networks:
+      - matrix
+
+  bridge-signal:
+    image: dock.mau.dev/mautrix/signalgo:latest
+    restart: unless-stopped
+    volumes:
+      - "./bridges/signal:/data"
+    networks:
+      - matrix
+
+volumes:
+  remote:
+    driver: local
+    driver_opts:
+      type: cifs
+      device: "//${REMOTE_DOMAIN}${REMOTE_PATH}"
+      o: "addr=${REMOTE_DOMAIN},username=${REMOTE_USERNAME},password=${REMOTE_PASSWORD},file_mode=0777,dir_mode=0777"
+
+networks:
+  matrix:
+  traefik:
+    name: "${TRAEFIK_NETWORK}"
+    external: true
diff --git a/Applications/Services/matrix/conduit/nginx/templates/matrix.conf.template b/Applications/Services/matrix/conduit/nginx/templates/matrix.conf.template
new file mode 100644
index 0000000..c1e1083
--- /dev/null
+++ b/Applications/Services/matrix/conduit/nginx/templates/matrix.conf.template
@@ -0,0 +1,19 @@
+server {
+    server_name ${CONDUIT_DOMAIN};
+    listen      80 default_server;
+
+    location /.well-known/matrix/server {
+       return 200 '{"m.server": "${CONDUIT_DOMAIN}:443"}';
+       types { } default_type "application/json; charset=utf-8";
+    }
+
+   location /.well-known/matrix/client {
+       return 200 '{"m.homeserver": {"base_url": "https://${CONDUIT_DOMAIN}"}}';
+       types { } default_type "application/json; charset=utf-8";
+       add_header "Access-Control-Allow-Origin" *;
+   }
+
+   location / {
+       return 404;
+   }
+}