{ config, lib, ... }: # TODO: rename with lib; let cfg = config.modules.services.matrix-moderation; in { options.modules.services.matrix-moderation = { enable = mkEnableOption "matrix-moderation"; domain = mkOption { type = types.str; }; realHost = mkOption { type = types.str; default = "matrix.${cfg.domain}"; }; secrets.userPassword = mkOption { type = types.str; description = "path to the mjolnir password"; }; }; config = mkIf cfg.enable { services.mjolnir = { enable = true; homeserverUrl = "http://127.0.0.1:8008"; pantalaimon.enable = true; # NOTE: this option currently has no effect pantalaimon.options = { listenAddress = "127.0.0.1"; listenPort = 8011; }; pantalaimon.username = "abuse"; pantalaimon.passwordFile = cfg.secrets.userPassword; managementRoom = "#moderation:${cfg.domain}"; settings = { # TODO: get rid of hardcoded values homeserverUrl = "http://127.0.0.1:8011"; automaticallyRedactForReasons = [ "spam" "advertising" "unwanted" ]; }; }; # TODO: get rid of hardcoded values systemd.services.mjolnir.after = [ "matrix-synapse.service" ]; # Override the pantalaimon options, since the mjolnir one is broken services.pantalaimon-headless.instances."mjolnir" = { listenAddress = "127.0.0.1"; listenPort = 8011; }; services.matrix-synapse.plugins = with config.services.matrix-synapse.package.plugins; [ matrix-synapse-mjolnir-antispam ]; environment.persistence."/persist".directories = [ "/var/lib/private/pantalaimon-mjolnir" "/var/lib/mjolnir" ]; }; }