diff options
Diffstat (limited to 'modules/services/matrix-bridge.nix')
| -rw-r--r-- | modules/services/matrix-bridge.nix | 200 |
1 files changed, 200 insertions, 0 deletions
diff --git a/modules/services/matrix-bridge.nix b/modules/services/matrix-bridge.nix new file mode 100644 index 0000000..65d8187 --- /dev/null +++ b/modules/services/matrix-bridge.nix @@ -0,0 +1,200 @@ +{ config, lib, ... }: + +with lib; +let + cfg = config.modules.services.matrix-bridge; +in +{ + imports = [ + ../../overlays/mautrix-signal-module.nix + ../../overlays/mautrix-whatsapp-module.nix + ]; + + options.modules.services.matrix-bridge = { + enable = mkEnableOption "matrix-bridge"; + domain = mkOption { type = types.str; }; + realHost = mkOption { type = types.str; default = "matrix.${cfg.domain}"; }; + secrets.mautrix-envs = mkOption { type = types.str; description = "path to the mautrix-* environment file"; }; + }; + + config = mkIf cfg.enable { + services.mautrix-telegram = { + enable = true; + environmentFile = cfg.secrets.mautrix-envs; + serviceDependencies = [ "dendrite.service" ]; + + settings = { + homeserver.address = "https://${cfg.realHost}"; + homeserver.domain = cfg.domain; + homeserver.verify_ssl = true; + appservice = { + address = "http://localhost:29317"; + port = 29317; + database = "postgres:///mautrix-telegram?host=/run/postgresql"; + bot_avatar = "mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX"; + id = "telegram"; + max_body_size = 1; + provisioning.enabled = false; + }; + bridge = { + alias_template = "tg_{groupname}"; + username_templace = "tg_{userid}"; + allow_matrix_login = true; + bot_messages_as_notices = true; + catch_up = true; + plaintext_highlights = true; + startup_sync = true; + animated_stickers = { + target = "webp"; + convert_from_webm = true; + }; + permissions = { + "@sef:exotic.sh" = "admin"; + "exotic.sh" = "full"; + }; + }; + }; + }; + + services.mautrix-signal = { + enable = true; + environmentFile = cfg.secrets.mautrix-envs; + serviceDependencies = [ "dendrite.service" ]; + + settings = { + homeserver.address = "https://${cfg.realHost}"; + homeserver.domain = cfg.domain; + homeserver.verify_ssl = true; + appservice = { + address = "http://localhost:29318"; + port = 29318; + database = "postgres:///mautrix-signal?host=/run/postgresql"; + bot_avatar = "mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp"; + id = "signal"; + max_body_size = 1; + provisioning.enabled = false; + }; + + signal = { + avatar_dir = "/var/lib/signald/avatars"; + data_dir = "/var/lib/signald/data"; + }; + + bridge = { + alias_template = "sig_{groupname}"; + username_templace = "sig_{userid}"; + allow_matrix_login = true; + catch_up = true; + plaintext_highlights = true; + startup_sync = true; + animated_stickers = { + target = "webp"; + convert_from_webm = true; + }; + permissions = { + "@sef:exotic.sh" = "admin"; + "exotic.sh" = "full"; + }; + }; + }; + }; + + services.mautrix-whatsapp = { + enable = true; + environmentFile = cfg.secrets.mautrix-envs; + serviceDependencies = [ "dendrite.service" ]; + + settings = { + homeserver.address = "https://${cfg.realHost}"; + homeserver.domain = cfg.domain; + homeserver.verify_ssl = true; + appservice = { + address = "http://localhost:29319"; + port = 29319; + database = { + type = "postgres"; + uri = "postgres://mautrix-whatsapp:@/mautrix-whatsapp?host=/run/postgresql"; + }; + bot_avatar = "mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr"; + id = "whatsapp"; + max_body_size = 1; + provisioning.enabled = false; + }; + + bridge = { + alias_template = "wa_{groupname}"; + username_templace = "wa_{userid}"; + personal_filtering_spaces = true; + delivery_receipts = true; + identity_change_notices = true; + hystory_sync = { + backfill = false; # MSC2716 + request_full_sync = true; + }; + send_presence_on_typing = true; + double_puppet_server_map = { }; + login_shared_secret_map = { }; + private_chat_portal_meta = true; + mute_bridging = true; + pinned_tag = "m.favourite"; + archive_tag = "m.lowpriority"; + allow_user_invite = true; + disappearing_messages_in_groups = true; + url_previews = true; + # TODO: https://github.com/matrix-org/dendrite/issues/2723 + # encryption = { + # allow = true; + # default = true; + # require = true; + # allow_key_sharing = true; + # }; + sync_manual_marked_unread = true; + force_active_delivery_receipts = true; + parallel_member_sync = true; + extev_polls = true; + send_whatsapp_edits = true; + permissions = { + "@sef:exotic.sh" = "admin"; + "exotic.sh" = "full"; + }; + }; + }; + }; + + + environment.persistence."/persist".directories = [ + "/var/lib/private/mautrix-telegram" + "/var/lib/private/mautrix-signal" + "/var/lib/private/mautrix-whatsapp" + "/var/lib/signald" + ]; + + modules.services.postgresql.enable = true; + services.postgresql.ensureDatabases = [ "mautrix-telegram" "mautrix-signal" "mautrix-whatsapp" ]; + services.postgresql.ensureUsers = [ + { + name = "mautrix-telegram"; + ensurePermissions."DATABASE \"mautrix-telegram\"" = "ALL PRIVILEGES"; + } + { + name = "mautrix-signal"; + ensurePermissions."DATABASE \"mautrix-signal\"" = "ALL PRIVILEGES"; + } + { + name = "mautrix-whatsapp"; + ensurePermissions."DATABASE \"mautrix-whatsapp\"" = "ALL PRIVILEGES"; + } + ]; + + systemd.services.dendrite = { + serviceConfig.SupplementaryGroups = [ "mautrix-telegram" "mautrix-signal" "mautrix-whatsapp" ]; + }; + + services.dendrite.settings.app_service_api.config_files = [ + # Symlinks doesn't seem to work. Provide the actual path. + "/persist/var/lib/private/mautrix-telegram/telegram-registration.yaml" + "/persist/var/lib/private/mautrix-signal/signal-registration.yaml" + "/persist/var/lib/private/mautrix-whatsapp/whatsapp-registration.yaml" + ]; + }; +} |