From 590395d7b14e4f69d53874359217603004d74a4a Mon Sep 17 00:00:00 2001 From: sefidel Date: Sat, 17 Feb 2024 07:22:45 +0900 Subject: feat(modules/matrix-bridge): configure matrix-appservice-discord --- modules/services/matrix-bridge/default.nix | 51 ++++++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/services/matrix-bridge/default.nix b/modules/services/matrix-bridge/default.nix index 4d53223..8843e6a 100644 --- a/modules/services/matrix-bridge/default.nix +++ b/modules/services/matrix-bridge/default.nix @@ -14,7 +14,10 @@ in enable = mkEnableOption "matrix-bridge"; domain = mkOption { type = types.str; }; realHost = mkOption { type = types.str; default = "matrix.${cfg.domain}"; }; - secrets.mautrix-envs = mkOption { type = types.path; description = "path to the mautrix-* environment file"; }; + secrets = { + mautrix-envs = mkOption { type = types.path; description = "path to the mautrix-* environment file"; }; + matrix-appservice-discord-envs = mkOption { type = types.path; description = "path to the matrix-appservice-discord environment file"; }; + }; }; config = mkIf cfg.enable { @@ -329,6 +332,36 @@ in }; }; + services.matrix-appservice-discord = { + enable = true; + port = 29322; + + # NOTE: broken + # localpart = ""; + + environmentFile = cfg.secrets.matrix-appservice-discord-envs; + settings = { + # NOTE: Specified in environmentFile + # auth = { + # botToken = ""; + # clientID = ""; + # }; + auth.usePrivilegedIntents = true; + database = { + connString = "postgresql://matrix-appservice-discord?host=/run/postgresql"; + filename = ""; + }; + + bridge = { + domain = cfg.domain; + homeserverUrl = "https://${cfg.realHost}"; + adminMxid = "@sef:exotic.sh"; + enableSelfServiceBridging = true; + disablePortalBridging = true; + }; + }; + }; + # HACK: https://github.com/NixOS/nixpkgs/issues/273929 systemd.services.matrix-appservice-irc.serviceConfig.SystemCallFilter = lib.mkForce '' @system-service @pkey ~@privileged @resources @chown @@ -341,11 +374,19 @@ in "/var/lib/private/mautrix-whatsapp" "/var/lib/private/mautrix-discord" "/var/lib/matrix-appservice-irc" + "/var/lib/matrix-appservice-discord" "/var/lib/signald" ]; modules.services.postgresql.enable = true; - services.postgresql.ensureDatabases = [ "mautrix-telegram" "mautrix-signal" "mautrix-whatsapp" "mautrix-discord" "matrix-appservice-irc" ]; + services.postgresql.ensureDatabases = [ + "mautrix-telegram" + "mautrix-signal" + "mautrix-whatsapp" + "mautrix-discord" + "matrix-appservice-irc" + "matrix-appservice-discord" + ]; services.postgresql.ensureUsers = [ { name = "mautrix-telegram"; @@ -367,6 +408,10 @@ in name = "matrix-appservice-irc"; ensureDBOwnership = true; } + { + name = "matrix-appservice-discord"; + ensureDBOwnership = true; + } ]; systemd.services.matrix-synapse.serviceConfig.LoadCredential = [ @@ -376,6 +421,7 @@ in "mautrix-discord:/var/lib/mautrix-discord/discord-registration.yaml" "double-puppet:${config.sops.templates."double-puppet-registration.yaml".path}" "appservice-irc:/var/lib/matrix-appservice-irc/registration.yml" + "appservice-discord:/var/lib/matrix-appservice-discord/discord-registration.yaml" ]; services.matrix-synapse.settings.app_service_config_files = [ @@ -385,6 +431,7 @@ in "/run/credentials/matrix-synapse.service/mautrix-discord" "/run/credentials/matrix-synapse.service/double-puppet" "/run/credentials/matrix-synapse.service/appservice-irc" + "/run/credentials/matrix-synapse.service/appservice-discord" ]; }; } -- cgit 1.4.1