1 files changed, 58 insertions, 0 deletions

diff --git a/modules/services/matrix-moderation.nix b/modules/services/matrix-moderation.nix
new file mode 100644
index 0000000..b44cdf3
--- /dev/null
+++ b/modules/services/matrix-moderation.nix
@@ -0,0 +1,58 @@
+{ config, lib, ... }:
+
+# TODO: rename
+
+with lib;
+let
+  cfg = config.modules.services.matrix-moderation;
+in
+{
+  options.modules.services.matrix-moderation = {
+    enable = mkEnableOption "matrix-moderation";
+    domain = mkOption { type = types.str; };
+    realHost = mkOption { type = types.str; default = "matrix.${cfg.domain}"; };
+    secrets.userPassword = mkOption { type = types.str; description = "path to the mjolnir password"; };
+  };
+
+  config = mkIf cfg.enable {
+    services.mjolnir = {
+      enable = true;
+      homeserverUrl = "http://127.0.0.1:8008";
+      pantalaimon.enable = true;
+      # NOTE: this option currently has no effect
+      pantalaimon.options = {
+        listenAddress = "127.0.0.1";
+        listenPort = 8011;
+      };
+      pantalaimon.username = "abuse";
+      pantalaimon.passwordFile = cfg.secrets.userPassword;
+      managementRoom = "#moderation:${cfg.domain}";
+
+      settings = {
+        # TODO: get rid of hardcoded values
+        homeserverUrl = "http://127.0.0.1:8011";
+        automaticallyRedactForReasons = [
+          "spam"
+          "advertising"
+          "unwanted"
+        ];
+      };
+    };
+
+    # TODO: get rid of hardcoded values
+    systemd.services.mjolnir.after = [ "matrix-synapse.service" ];
+
+    # Override the pantalaimon options, since the mjolnir one is broken
+    services.pantalaimon-headless.instances."mjolnir" = {
+      listenAddress = "127.0.0.1";
+      listenPort = 8011;
+    };
+
+    services.matrix-synapse.plugins = with config.services.matrix-synapse.package.plugins; [ matrix-synapse-mjolnir-antispam ];
+
+    modules.persistence.directories = [
+      "/var/lib/private/pantalaimon-mjolnir"
+      "/var/lib/mjolnir"
+    ];
+  };
+}