1 files changed, 93 insertions, 93 deletions

diff --git a/nixos/doc/manual/configuration/matrix.xml b/nixos/doc/manual/configuration/matrix.xml
index 66965460a15d..e43b70faf7ac 100644
--- a/nixos/doc/manual/configuration/matrix.xml
+++ b/nixos/doc/manual/configuration/matrix.xml
@@ -33,91 +33,91 @@
    <link xlink:href="https://github.com/matrix-org/synapse#synapse-installation">
    installation instructions of Synapse </link>.
 <programlisting>
+let
+  fqdn =
     let
-      fqdn =
-        let
-          join = hostName: domain: hostName + optionalString (domain != null) ".${domain}";
-        in join config.networking.hostName config.networking.domain;
-    in {
-      networking = {
-        hostName = "myhostname";
-        domain = "example.org";
-      };
-      networking.firewall.allowedTCPPorts = [ 80 443 ];
+      join = hostName: domain: hostName + optionalString (domain != null) ".${domain}";
+    in join config.networking.hostName config.networking.domain;
+in {
+  networking = {
+    hostName = "myhostname";
+    domain = "example.org";
+  };
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
 
-      services.nginx = {
-        enable = true;
-        # only recommendedProxySettings and recommendedGzipSettings are strictly required,
-        # but the rest make sense as well
-        recommendedTlsSettings = true;
-        recommendedOptimisation = true;
-        recommendedGzipSettings = true;
-        recommendedProxySettings = true;
+  services.nginx = {
+    enable = true;
+    # only recommendedProxySettings and recommendedGzipSettings are strictly required,
+    # but the rest make sense as well
+    recommendedTlsSettings = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedProxySettings = true;
 
-        virtualHosts = {
-          # This host section can be placed on a different host than the rest,
-          # i.e. to delegate from the host being accessible as ${config.networking.domain}
-          # to another host actually running the Matrix homeserver.
-          "${config.networking.domain}" = {
-            locations."= /.well-known/matrix/server".extraConfig =
-              let
-                # use 443 instead of the default 8448 port to unite
-                # the client-server and server-server port for simplicity
-                server = { "m.server" = "${fqdn}:443"; };
-              in ''
-                add_header Content-Type application/json;
-                return 200 '${builtins.toJSON server}';
-              '';
-            locations."= /.well-known/matrix/client".extraConfig =
-              let
-                client = {
-                  "m.homeserver" =  { "base_url" = "https://${fqdn}"; };
-                  "m.identity_server" =  { "base_url" = "https://vector.im"; };
-                };
-              # ACAO required to allow riot-web on any URL to request this json file
-              in ''
-                add_header Content-Type application/json;
-                add_header Access-Control-Allow-Origin *;
-                return 200 '${builtins.toJSON client}';
-              '';
-          };
+    virtualHosts = {
+      # This host section can be placed on a different host than the rest,
+      # i.e. to delegate from the host being accessible as ${config.networking.domain}
+      # to another host actually running the Matrix homeserver.
+      "${config.networking.domain}" = {
+        locations."= /.well-known/matrix/server".extraConfig =
+          let
+            # use 443 instead of the default 8448 port to unite
+            # the client-server and server-server port for simplicity
+            server = { "m.server" = "${fqdn}:443"; };
+          in ''
+            add_header Content-Type application/json;
+            return 200 '${builtins.toJSON server}';
+          '';
+        locations."= /.well-known/matrix/client".extraConfig =
+          let
+            client = {
+              "m.homeserver" =  { "base_url" = "https://${fqdn}"; };
+              "m.identity_server" =  { "base_url" = "https://vector.im"; };
+            };
+          # ACAO required to allow riot-web on any URL to request this json file
+          in ''
+            add_header Content-Type application/json;
+            add_header Access-Control-Allow-Origin *;
+            return 200 '${builtins.toJSON client}';
+          '';
+      };
 
-          # Reverse proxy for Matrix client-server and server-server communication
-          ${fqdn} = {
-            enableACME = true;
-            forceSSL = true;
+      # Reverse proxy for Matrix client-server and server-server communication
+      ${fqdn} = {
+        enableACME = true;
+        forceSSL = true;
 
-            # Or do a redirect instead of the 404, or whatever is appropriate for you.
-            # But do not put a Matrix Web client here! See the Riot Web section below.
-            locations."/".extraConfig = ''
-              return 404;
-            '';
+        # Or do a redirect instead of the 404, or whatever is appropriate for you.
+        # But do not put a Matrix Web client here! See the Riot Web section below.
+        locations."/".extraConfig = ''
+          return 404;
+        '';
 
-            # forward all Matrix API calls to the synapse Matrix homeserver
-            locations."/_matrix" = {
-              proxyPass = "http://[::1]:8008";
-            };
-          };
+        # forward all Matrix API calls to the synapse Matrix homeserver
+        locations."/_matrix" = {
+          proxyPass = "http://[::1]:8008";
         };
       };
-      services.matrix-synapse = {
-        enable = true;
-        server_name = config.networking.domain;
-        listeners = [
-          {
-            port = 8008;
-            bind_address = "::1";
-            type = "http";
-            tls = false;
-            x_forwarded = true;
-            resources = [
-              { names = [ "client" "federation" ]; compress = false; }
-            ];
-          }
-        ];
-      };
     };
-   </programlisting>
+  };
+  services.matrix-synapse = {
+    enable = true;
+    server_name = config.networking.domain;
+    listeners = [
+      {
+        port = 8008;
+        bind_address = "::1";
+        type = "http";
+        tls = false;
+        x_forwarded = true;
+        resources = [
+          { names = [ "client" "federation" ]; compress = false; }
+        ];
+      }
+    ];
+  };
+};
+</programlisting>
   </para>
 
   <para>
@@ -142,14 +142,14 @@
    create a new user or admin, run the following after you have set the secret
    and have rebuilt NixOS:
 <programlisting>
-    $ nix run nixpkgs.matrix-synapse
-    $ register_new_matrix_user -k &lt;your-registration-shared-secret&gt; http://localhost:8008
-    New user localpart: &lt;your-username&gt;
-    Password:
-    Confirm password:
-    Make admin [no]:
-    Success!
-   </programlisting>
+$ nix run nixpkgs.matrix-synapse
+$ register_new_matrix_user -k &lt;your-registration-shared-secret&gt; http://localhost:8008
+New user localpart: &lt;your-username&gt;
+Password:
+Confirm password:
+Make admin [no]:
+Success!
+</programlisting>
    In the example, this would create a user with the Matrix Identifier
    <literal>@your-username:example.org</literal>. Note that the registration
    secret ends up in the nix store and therefore is world-readable by any user
@@ -177,16 +177,16 @@
    Matrix Now!</link> for a list of existing clients and their supported
    featureset.
 <programlisting>
-     services.nginx.virtualHosts."riot.${fqdn}" = {
-       enableACME = true;
-       forceSSL = true;
-       serverAliases = [
-        "riot.${config.networking.domain}"
-       ];
+services.nginx.virtualHosts."riot.${fqdn}" = {
+  enableACME = true;
+  forceSSL = true;
+  serverAliases = [
+    "riot.${config.networking.domain}"
+  ];
 
-       root = pkgs.riot-web;
-     };
-   </programlisting>
+  root = pkgs.riot-web;
+};
+</programlisting>
   </para>
 
   <para>