diff options
author | sefidel <contact@sefidel.net> | 2024-02-17 07:22:45 +0900 |
---|---|---|
committer | sefidel <contact@sefidel.net> | 2024-02-17 07:22:45 +0900 |
commit | 590395d7b14e4f69d53874359217603004d74a4a (patch) | |
tree | 64fa81f890307d0922282222155fcb28bf7c2a3e | |
parent | 2b819a074cba4e340c3f04175f181da2b28ac7bc (diff) | |
download | infra-590395d7b14e4f69d53874359217603004d74a4a.tar.gz infra-590395d7b14e4f69d53874359217603004d74a4a.zip |
feat(modules/matrix-bridge): configure matrix-appservice-discord
-rw-r--r-- | modules/services/matrix-bridge/default.nix | 51 |
1 files changed, 49 insertions, 2 deletions
diff --git a/modules/services/matrix-bridge/default.nix b/modules/services/matrix-bridge/default.nix index 4d53223..8843e6a 100644 --- a/modules/services/matrix-bridge/default.nix +++ b/modules/services/matrix-bridge/default.nix @@ -14,7 +14,10 @@ in enable = mkEnableOption "matrix-bridge"; domain = mkOption { type = types.str; }; realHost = mkOption { type = types.str; default = "matrix.${cfg.domain}"; }; - secrets.mautrix-envs = mkOption { type = types.path; description = "path to the mautrix-* environment file"; }; + secrets = { + mautrix-envs = mkOption { type = types.path; description = "path to the mautrix-* environment file"; }; + matrix-appservice-discord-envs = mkOption { type = types.path; description = "path to the matrix-appservice-discord environment file"; }; + }; }; config = mkIf cfg.enable { @@ -329,6 +332,36 @@ in }; }; + services.matrix-appservice-discord = { + enable = true; + port = 29322; + + # NOTE: broken + # localpart = ""; + + environmentFile = cfg.secrets.matrix-appservice-discord-envs; + settings = { + # NOTE: Specified in environmentFile + # auth = { + # botToken = ""; + # clientID = ""; + # }; + auth.usePrivilegedIntents = true; + database = { + connString = "postgresql://matrix-appservice-discord?host=/run/postgresql"; + filename = ""; + }; + + bridge = { + domain = cfg.domain; + homeserverUrl = "https://${cfg.realHost}"; + adminMxid = "@sef:exotic.sh"; + enableSelfServiceBridging = true; + disablePortalBridging = true; + }; + }; + }; + # HACK: https://github.com/NixOS/nixpkgs/issues/273929 systemd.services.matrix-appservice-irc.serviceConfig.SystemCallFilter = lib.mkForce '' @system-service @pkey ~@privileged @resources @chown @@ -341,11 +374,19 @@ in "/var/lib/private/mautrix-whatsapp" "/var/lib/private/mautrix-discord" "/var/lib/matrix-appservice-irc" + "/var/lib/matrix-appservice-discord" "/var/lib/signald" ]; modules.services.postgresql.enable = true; - services.postgresql.ensureDatabases = [ "mautrix-telegram" "mautrix-signal" "mautrix-whatsapp" "mautrix-discord" "matrix-appservice-irc" ]; + services.postgresql.ensureDatabases = [ + "mautrix-telegram" + "mautrix-signal" + "mautrix-whatsapp" + "mautrix-discord" + "matrix-appservice-irc" + "matrix-appservice-discord" + ]; services.postgresql.ensureUsers = [ { name = "mautrix-telegram"; @@ -367,6 +408,10 @@ in name = "matrix-appservice-irc"; ensureDBOwnership = true; } + { + name = "matrix-appservice-discord"; + ensureDBOwnership = true; + } ]; systemd.services.matrix-synapse.serviceConfig.LoadCredential = [ @@ -376,6 +421,7 @@ in "mautrix-discord:/var/lib/mautrix-discord/discord-registration.yaml" "double-puppet:${config.sops.templates."double-puppet-registration.yaml".path}" "appservice-irc:/var/lib/matrix-appservice-irc/registration.yml" + "appservice-discord:/var/lib/matrix-appservice-discord/discord-registration.yaml" ]; services.matrix-synapse.settings.app_service_config_files = [ @@ -385,6 +431,7 @@ in "/run/credentials/matrix-synapse.service/mautrix-discord" "/run/credentials/matrix-synapse.service/double-puppet" "/run/credentials/matrix-synapse.service/appservice-irc" + "/run/credentials/matrix-synapse.service/appservice-discord" ]; }; } |