Update matrix.nix

Maybe this works
2026-02-13 00:12:55 -07:00 · 2026-02-13 00:12:46 -07:00
1 changed files with 16 additions and 1 deletions
--- a/modules/matrix.nix
+++ b/modules/matrix.nix
@@ -55,9 +55,19 @@ in
      rtc = {
        port_range_start = 50000;
        port_range_end = 60000;
+        tcp_port = 7881;
        use_external_ip = true;
+        allow_tcp_fallback = true;
      };
      room.auto_create = false;
+      turn = {
+        enabled = true;
+        domain = matrixRtcDomain;
+        tls_port = 5349;
+        udp_port = 3478;
+        cert_file = "/var/lib/acme/${matrixRtcDomain}/fullchain.pem";
+        key_file = "/var/lib/acme/${matrixRtcDomain}/key.pem";
+      };
    };
    keyFile = livekitKeyFile;
  };
@@ -70,6 +80,10 @@ in

  systemd.services.lk-jwt-service.environment.LIVEKIT_FULL_ACCESS_HOMESERVERS = serverName;

+  systemd.services.livekit.serviceConfig.SupplementaryGroups = [ "acme" ];
+  systemd.services.livekit.after = [ "acme-${matrixRtcDomain}.service" ];
+  systemd.services.livekit.requires = [ "acme-${matrixRtcDomain}.service" ];
+
  systemd.services.livekit-key = {
    before = [ "lk-jwt-service.service" "livekit.service" ];
    wantedBy = [ "multi-user.target" ];
@@ -83,7 +97,8 @@ in
  };

  networking.firewall = {
-    allowedTCPPorts = [ 7880 7881 ];
+    allowedTCPPorts = [ 7880 7881 5349 ];
+    allowedUDPPorts = [ 3478 ];
    allowedUDPPortRanges = [
      { from = 50000; to = 60000; }
    ];
Author	SHA1	Message	Date
Atridad Lahiji	3ea2e7eaaa	Update matrix.nix All checks were successful Deploy NixOS / deploy (push) Successful in 38s Details	2026-02-13 00:12:55 -07:00
Atridad Lahiji	9c419d1f95	Maybe this works	2026-02-13 00:12:46 -07:00