From f47bf3b5c7c4c03a7f4e2aac7856e6e8a6dc360f Mon Sep 17 00:00:00 2001 From: sefidel Date: Fri, 22 Dec 2023 19:13:18 +0900 Subject: feat(modules/matrix-bridge): configure double puppeting --- modules/services/matrix-bridge.nix | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/matrix-bridge.nix b/modules/services/matrix-bridge.nix index 04f51be..2a96e01 100644 --- a/modules/services/matrix-bridge.nix +++ b/modules/services/matrix-bridge.nix @@ -18,6 +18,22 @@ in }; config = mkIf cfg.enable { + sops.secrets.double-puppet-as-token = { }; + sops.secrets.double-puppet-hs-token = { }; + + sops.templates."double-puppet-registration.yaml".content = '' + id: doublepuppet + url: + as_token: ${config.sops.placeholder.double-puppet-as-token} + hs_token: ${config.sops.placeholder.double-puppet-hs-token} + sender_localpart: 55e126746dad19e50d9c4e646b6f5ac9ba21b346a24b840330cd8d8a1d65ce80 + rate_limited: false + namespaces: + users: + - regex: '@.*:exotic\.sh' + exclusive: false + ''; + services.mautrix-telegram = { enable = true; @@ -56,6 +72,10 @@ in require = true; allow_key_sharing = true; }; + # NOTE: python bridge - managed via env variable + # login_shared_secret_map = { + # "${cfg.domain}" = "as_token:$DOUBLE_PUPPET_AS_TOKEN"; + # }; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; @@ -112,6 +132,10 @@ in require = true; allow_key_sharing = true; }; + # NOTE: python bridge - managed via env variable + # login_shared_secret_map = { + # "${cfg.domain}" = "as_token:$DOUBLE_PUPPET_AS_TOKEN"; + # }; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; @@ -155,7 +179,9 @@ in }; send_presence_on_typing = true; double_puppet_server_map = { }; - login_shared_secret_map = { }; + login_shared_secret_map = { + "${cfg.domain}" = "as_token:$DOUBLE_PUPPET_AS_TOKEN"; + }; private_chat_portal_meta = true; mute_bridging = true; pinned_tag = "m.favourite"; @@ -213,6 +239,9 @@ in require = true; allow_key_sharing = true; }; + login_shared_secret_map = { + "${cfg.domain}" = "as_token:$DOUBLE_PUPPET_AS_TOKEN"; + }; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; @@ -256,6 +285,7 @@ in "mautrix-signal:/var/lib/mautrix-signal/signal-registration.yaml" "mautrix-whatsapp:/var/lib/mautrix-whatsapp/whatsapp-registration.yaml" "mautrix-discord:/var/lib/mautrix-discord/discord-registration.yaml" + "double-puppet:${config.sops.templates."double-puppet-registration.yaml".path}" ]; services.matrix-synapse.settings.app_service_config_files = [ @@ -263,6 +293,7 @@ in "/run/credentials/matrix-synapse.service/mautrix-signal" "/run/credentials/matrix-synapse.service/mautrix-whatsapp" "/run/credentials/matrix-synapse.service/mautrix-discord" + "/run/credentials/matrix-synapse.service/double-puppet" ]; }; } -- cgit 1.4.1