From 0986130e61996c1e4d04819344b5e5761a94f38b Mon Sep 17 00:00:00 2001
From: sefidel <contact@sefidel.net>
Date: Sat, 23 Mar 2024 15:30:18 +0900
Subject: feat(modules/matrix-homeserver): allow admin endpoints on tailscale
 ip

---
 modules/services/matrix-homeserver.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/modules/services/matrix-homeserver.nix b/modules/services/matrix-homeserver.nix
index a29ecc6..56e9adf 100644
--- a/modules/services/matrix-homeserver.nix
+++ b/modules/services/matrix-homeserver.nix
@@ -151,6 +151,15 @@ in
       '';
 
       locations."~* ^(\\/_matrix|\\/_synapse\\/client)".proxyPass = "http://[::1]:${toString httpPort}";
+      locations."/_synapse/admin" = {
+        # TODO: set up proper tailscale auth
+        extraConfig = ''
+          allow 100.64.0.0/10;
+          deny all;
+        '';
+
+        proxyPass = "http://[::1]:${toString httpPort}";
+      };
     };
 
     services.nginx.virtualHosts.${cfg.domain} =
-- 
cgit 1.4.1