diff options
| author | sefidel <contact@sefidel.net> | 2023-12-22 19:13:18 +0900 |
|---|---|---|
| committer | sefidel <contact@sefidel.net> | 2023-12-23 00:03:24 +0900 |
| commit | f47bf3b5c7c4c03a7f4e2aac7856e6e8a6dc360f (patch) | |
| tree | 32c88ebbfcc5e3ec8c654408f077ec41c73a373a /modules | |
| parent | 81e502a651b39e96cc062e9a8a376cc2bd7a4378 (diff) | |
| download | infra-f47bf3b5c7c4c03a7f4e2aac7856e6e8a6dc360f.tar.gz infra-f47bf3b5c7c4c03a7f4e2aac7856e6e8a6dc360f.zip | |
feat(modules/matrix-bridge): configure double puppeting
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/services/matrix-bridge.nix | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/modules/services/matrix-bridge.nix b/modules/services/matrix-bridge.nix index 04f51be..2a96e01 100644 --- a/modules/services/matrix-bridge.nix +++ b/modules/services/matrix-bridge.nix @@ -18,6 +18,22 @@ in }; config = mkIf cfg.enable { + sops.secrets.double-puppet-as-token = { }; + sops.secrets.double-puppet-hs-token = { }; + + sops.templates."double-puppet-registration.yaml".content = '' + id: doublepuppet + url: + as_token: ${config.sops.placeholder.double-puppet-as-token} + hs_token: ${config.sops.placeholder.double-puppet-hs-token} + sender_localpart: 55e126746dad19e50d9c4e646b6f5ac9ba21b346a24b840330cd8d8a1d65ce80 + rate_limited: false + namespaces: + users: + - regex: '@.*:exotic\.sh' + exclusive: false + ''; + services.mautrix-telegram = { enable = true; @@ -56,6 +72,10 @@ in require = true; allow_key_sharing = true; }; + # NOTE: python bridge - managed via env variable + # login_shared_secret_map = { + # "${cfg.domain}" = "as_token:$DOUBLE_PUPPET_AS_TOKEN"; + # }; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; @@ -112,6 +132,10 @@ in require = true; allow_key_sharing = true; }; + # NOTE: python bridge - managed via env variable + # login_shared_secret_map = { + # "${cfg.domain}" = "as_token:$DOUBLE_PUPPET_AS_TOKEN"; + # }; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; @@ -155,7 +179,9 @@ in }; send_presence_on_typing = true; double_puppet_server_map = { }; - login_shared_secret_map = { }; + login_shared_secret_map = { + "${cfg.domain}" = "as_token:$DOUBLE_PUPPET_AS_TOKEN"; + }; private_chat_portal_meta = true; mute_bridging = true; pinned_tag = "m.favourite"; @@ -213,6 +239,9 @@ in require = true; allow_key_sharing = true; }; + login_shared_secret_map = { + "${cfg.domain}" = "as_token:$DOUBLE_PUPPET_AS_TOKEN"; + }; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; @@ -256,6 +285,7 @@ in "mautrix-signal:/var/lib/mautrix-signal/signal-registration.yaml" "mautrix-whatsapp:/var/lib/mautrix-whatsapp/whatsapp-registration.yaml" "mautrix-discord:/var/lib/mautrix-discord/discord-registration.yaml" + "double-puppet:${config.sops.templates."double-puppet-registration.yaml".path}" ]; services.matrix-synapse.settings.app_service_config_files = [ @@ -263,6 +293,7 @@ in "/run/credentials/matrix-synapse.service/mautrix-signal" "/run/credentials/matrix-synapse.service/mautrix-whatsapp" "/run/credentials/matrix-synapse.service/mautrix-discord" + "/run/credentials/matrix-synapse.service/double-puppet" ]; }; } |