{ config, lib, ... }: with lib; let cfg = config.modules.services.matrix-bridge; in { imports = [ ../../overlays/mautrix-signal-module.nix ]; options.modules.services.matrix-bridge = { enable = mkEnableOption "matrix-bridge"; domain = mkOption { type = types.str; }; realHost = mkOption { type = types.str; default = "matrix.${cfg.domain}"; }; secrets.mautrix-envs = mkOption { type = types.str; description = "path to the mautrix-* environment file"; }; }; config = mkIf cfg.enable { services.mautrix-telegram = { enable = true; environmentFile = cfg.secrets.mautrix-envs; serviceDependencies = [ "matrix-synapse.service" ]; settings = { homeserver.address = "https://${cfg.realHost}"; homeserver.domain = cfg.domain; homeserver.verify_ssl = true; appservice = { address = "http://localhost:29317"; port = 29317; database = "postgres:///mautrix-telegram?host=/run/postgresql"; bot_avatar = "mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX"; id = "telegram"; max_body_size = 1; provisioning.enabled = false; }; bridge = { alias_template = "tg_{groupname}"; username_templace = "tg_{userid}"; allow_matrix_login = true; bot_messages_as_notices = true; catch_up = true; plaintext_highlights = true; startup_sync = true; animated_stickers = { target = "webp"; convert_from_webm = true; }; encryption = { allow = true; default = true; require = true; allow_key_sharing = true; }; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; }; }; }; }; services.mautrix-signal = { enable = true; environmentFile = cfg.secrets.mautrix-envs; serviceDependencies = [ "matrix-synapse.service" ]; settings = { homeserver.address = "https://${cfg.realHost}"; homeserver.domain = cfg.domain; homeserver.verify_ssl = true; appservice = { address = "http://localhost:29318"; port = 29318; database = "postgres:///mautrix-signal?host=/run/postgresql"; bot_avatar = "mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp"; id = "signal"; max_body_size = 1; provisioning.enabled = false; }; signal = { avatar_dir = "/var/lib/signald/avatars"; data_dir = "/var/lib/signald/data"; }; bridge = { alias_template = "sig_{groupname}"; username_templace = "sig_{userid}"; allow_matrix_login = true; catch_up = true; plaintext_highlights = true; startup_sync = true; animated_stickers = { target = "webp"; convert_from_webm = true; }; # FIXME: crashes immediately: `KeyError: 'delete_outdated_inbound'` # encryption = { # allow = true; # default = true; # require = true; # allow_key_sharing = true; # }; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; }; }; }; }; services.mautrix-whatsapp = { enable = true; environmentFile = cfg.secrets.mautrix-envs; serviceDependencies = [ "matrix-synapse.service" ]; settings = { homeserver.address = "https://${cfg.realHost}"; homeserver.domain = cfg.domain; homeserver.verify_ssl = true; appservice = { address = "http://localhost:29319"; port = 29319; database = { type = "postgres"; uri = "postgres://mautrix-whatsapp:@/mautrix-whatsapp?host=/run/postgresql"; }; bot_avatar = "mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr"; id = "whatsapp"; max_body_size = 1; provisioning.enabled = false; }; bridge = { alias_template = "wa_{groupname}"; username_templace = "wa_{userid}"; personal_filtering_spaces = true; delivery_receipts = true; identity_change_notices = true; hystory_sync = { backfill = false; # MSC2716 request_full_sync = true; }; send_presence_on_typing = true; double_puppet_server_map = { }; login_shared_secret_map = { }; private_chat_portal_meta = true; mute_bridging = true; pinned_tag = "m.favourite"; archive_tag = "m.lowpriority"; allow_user_invite = true; disappearing_messages_in_groups = true; url_previews = true; encryption = { allow = true; default = true; require = true; allow_key_sharing = true; }; sync_manual_marked_unread = true; force_active_delivery_receipts = true; parallel_member_sync = true; extev_polls = true; send_whatsapp_edits = true; permissions = { "@sef:exotic.sh" = "admin"; "exotic.sh" = "full"; }; }; }; }; environment.persistence."/persist".directories = [ "/var/lib/private/mautrix-telegram" "/var/lib/private/mautrix-signal" "/var/lib/private/mautrix-whatsapp" "/var/lib/signald" ]; modules.services.postgresql.enable = true; services.postgresql.ensureDatabases = [ "mautrix-telegram" "mautrix-signal" "mautrix-whatsapp" ]; services.postgresql.ensureUsers = [ { name = "mautrix-telegram"; ensurePermissions."DATABASE \"mautrix-telegram\"" = "ALL PRIVILEGES"; } { name = "mautrix-signal"; ensurePermissions."DATABASE \"mautrix-signal\"" = "ALL PRIVILEGES"; } { name = "mautrix-whatsapp"; ensurePermissions."DATABASE \"mautrix-whatsapp\"" = "ALL PRIVILEGES"; } ]; systemd.services.matrix-synapse.serviceConfig.LoadCredential = [ "mautrix-telegram:/var/lib/mautrix-telegram/telegram-registration.yaml" "mautrix-signal:/var/lib/mautrix-signal/signal-registration.yaml" "mautrix-whatsapp:/var/lib/mautrix-whatsapp/whatsapp-registration.yaml" ]; services.matrix-synapse.settings.app_service_config_files = [ "/run/credentials/matrix-synapse.service/mautrix-telegram" "/run/credentials/matrix-synapse.service/mautrix-signal" "/run/credentials/matrix-synapse.service/mautrix-whatsapp" ]; }; }