{ config, ... }:
{
  services.matrix-conduit = {
    enable = true;
    settings.global = {
      server_name = "ingolf-wagner.de";

      # This is the only directory where Conduit will save its data
      database_path = "/var/lib/matrix-conduit/";
      database_backend = "rocksdb";

      # The port Conduit will be running on. You need to set up a reverse proxy in
      # your web server (e.g. apache or nginx), so all requests to /_matrix on port
      # 443 and 8448 will be forwarded to the Conduit instance running on this port
      # Docker users: Don't change this, you'll need to map an external port to this.
      port = 6167;

      # Max size for uploads in bytes
      max_request_size = "20_000_000";

      # Enables registration. If set to false, no users can register on this server.
      allow_registration = true;
      allow_federation = true;

      # Enable the display name lightning bolt on registration.
      enable_lightning_bolt = true;

      trusted_servers = [ "matrix.org" "nixos.org" "xaos.space" "lassul.us" ];

      #max_concurrent_requests = 100 # How many requests Conduit sends to other servers at the same time
      #log = "warn,state_res=warn,rocket=off,_=off,sled=off"

      address = "127.0.0.1"; # This makes sure Conduit can only be reached using the reverse proxy


    };
  };

  services.nginx = {
    enable = true;
    virtualHosts. "ingolf-wagner.de" = {
      forceSSL = true;
      enableACME = true;
      locations."/_matrix" = {
        recommendedProxySettings = true;
        proxyWebsockets = true;
        proxyPass = "http://localhost:${toString config.services.matrix-conduit.settings.global.port}";
      };
    };
  };
}