From 6abbff704baa8f87625db730fbd45a169936d527 Mon Sep 17 00:00:00 2001 From: sefidel Date: Sun, 2 Jun 2024 19:33:03 +0900 Subject: fix(modules/matrix-bridge): fixup matrix-discord-appservice --- modules/services/matrix-bridge/default.nix | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'modules/services') diff --git a/modules/services/matrix-bridge/default.nix b/modules/services/matrix-bridge/default.nix index 9668336..6fb0cd2 100644 --- a/modules/services/matrix-bridge/default.nix +++ b/modules/services/matrix-bridge/default.nix @@ -353,7 +353,7 @@ in # }; auth.usePrivilegedIntents = true; database = { - connString = "postgresql://matrix-appservice-discord?host=/run/postgresql"; + connString = "postgresql:///matrix-appservice-discord?host=/run/postgresql"; filename = ""; }; @@ -372,6 +372,19 @@ in @system-service @pkey ~@privileged @resources @chown ''; + systemd.services.matrix-appservice-discord.serviceConfig = { + DynamicUser = lib.mkForce false; + PrivateTmp = lib.mkForce false; + User = "matrix-appservice-discord"; + Group = "matrix-appservice-discord"; + }; + + users.groups.matrix-appservice-discord = {}; + users.users.matrix-appservice-discord = { + description = "Service user for the Matrix-Discord bridge"; + group = "matrix-appservice-discord"; + isSystemUser = true; + }; modules.persistence.directories = [ "/var/lib/private/mautrix-telegram" @@ -426,7 +439,7 @@ in "mautrix-discord:/var/lib/mautrix-discord/discord-registration.yaml" "double-puppet:${config.sops.templates."double-puppet-registration.yaml".path}" "appservice-irc:/var/lib/matrix-appservice-irc/registration.yml" - "appservice-discord:/var/lib/private/matrix-appservice-discord/discord-registration.yaml" + "appservice-discord:/var/lib/matrix-appservice-discord/discord-registration.yaml" ]; services.matrix-synapse.settings.app_service_config_files = [ -- cgit 1.4.1