about summary refs log tree commit diff
path: root/modules/services
diff options
context:
space:
mode:
Diffstat (limited to 'modules/services')
-rw-r--r--modules/services/matrix-bridge/default.nix51
1 files changed, 49 insertions, 2 deletions
diff --git a/modules/services/matrix-bridge/default.nix b/modules/services/matrix-bridge/default.nix
index 4d53223..8843e6a 100644
--- a/modules/services/matrix-bridge/default.nix
+++ b/modules/services/matrix-bridge/default.nix
@@ -14,7 +14,10 @@ in
     enable = mkEnableOption "matrix-bridge";
     domain = mkOption { type = types.str; };
     realHost = mkOption { type = types.str; default = "matrix.${cfg.domain}"; };
-    secrets.mautrix-envs = mkOption { type = types.path; description = "path to the mautrix-* environment file"; };
+    secrets = {
+      mautrix-envs = mkOption { type = types.path; description = "path to the mautrix-* environment file"; };
+      matrix-appservice-discord-envs = mkOption { type = types.path; description = "path to the matrix-appservice-discord environment file"; };
+    };
   };
 
   config = mkIf cfg.enable {
@@ -329,6 +332,36 @@ in
       };
     };
 
+    services.matrix-appservice-discord = {
+      enable = true;
+      port = 29322;
+
+      # NOTE: broken
+      # localpart = "";
+
+      environmentFile = cfg.secrets.matrix-appservice-discord-envs;
+      settings = {
+        # NOTE: Specified in environmentFile
+        # auth = {
+        #   botToken = "";
+        #   clientID = "";
+        # };
+        auth.usePrivilegedIntents = true;
+        database = {
+          connString = "postgresql://matrix-appservice-discord?host=/run/postgresql";
+          filename = "";
+        };
+
+        bridge = {
+          domain = cfg.domain;
+          homeserverUrl = "https://${cfg.realHost}";
+          adminMxid = "@sef:exotic.sh";
+          enableSelfServiceBridging = true;
+          disablePortalBridging = true;
+        };
+      };
+    };
+
     # HACK: https://github.com/NixOS/nixpkgs/issues/273929
     systemd.services.matrix-appservice-irc.serviceConfig.SystemCallFilter = lib.mkForce ''
       @system-service @pkey ~@privileged @resources @chown
@@ -341,11 +374,19 @@ in
       "/var/lib/private/mautrix-whatsapp"
       "/var/lib/private/mautrix-discord"
       "/var/lib/matrix-appservice-irc"
+      "/var/lib/matrix-appservice-discord"
       "/var/lib/signald"
     ];
 
     modules.services.postgresql.enable = true;
-    services.postgresql.ensureDatabases = [ "mautrix-telegram" "mautrix-signal" "mautrix-whatsapp" "mautrix-discord" "matrix-appservice-irc" ];
+    services.postgresql.ensureDatabases = [
+      "mautrix-telegram"
+      "mautrix-signal"
+      "mautrix-whatsapp"
+      "mautrix-discord"
+      "matrix-appservice-irc"
+      "matrix-appservice-discord"
+    ];
     services.postgresql.ensureUsers = [
       {
         name = "mautrix-telegram";
@@ -367,6 +408,10 @@ in
         name = "matrix-appservice-irc";
         ensureDBOwnership = true;
       }
+      {
+        name = "matrix-appservice-discord";
+        ensureDBOwnership = true;
+      }
     ];
 
     systemd.services.matrix-synapse.serviceConfig.LoadCredential = [
@@ -376,6 +421,7 @@ in
       "mautrix-discord:/var/lib/mautrix-discord/discord-registration.yaml"
       "double-puppet:${config.sops.templates."double-puppet-registration.yaml".path}"
       "appservice-irc:/var/lib/matrix-appservice-irc/registration.yml"
+      "appservice-discord:/var/lib/matrix-appservice-discord/discord-registration.yaml"
     ];
 
     services.matrix-synapse.settings.app_service_config_files = [
@@ -385,6 +431,7 @@ in
       "/run/credentials/matrix-synapse.service/mautrix-discord"
       "/run/credentials/matrix-synapse.service/double-puppet"
       "/run/credentials/matrix-synapse.service/appservice-irc"
+      "/run/credentials/matrix-synapse.service/appservice-discord"
     ];
   };
 }