blob: adf71437155436a7932517b7f530ec7240706f74 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
|
{ config, lib, ... }:
with lib;
let
cfg = config.modules.services.matrix-bridge;
in
{
imports = [
../../overlays/mautrix-signal-module.nix
];
options.modules.services.matrix-bridge = {
enable = mkEnableOption "matrix-bridge";
domain = mkOption { type = types.str; };
realHost = mkOption { type = types.str; default = "matrix.${cfg.domain}"; };
secrets.mautrix-envs = mkOption { type = types.str; description = "path to the mautrix-* environment file"; };
};
config = mkIf cfg.enable {
services.mautrix-telegram = {
enable = true;
environmentFile = cfg.secrets.mautrix-envs;
serviceDependencies = [ "matrix-synapse.service" ];
settings = {
homeserver.address = "https://${cfg.realHost}";
homeserver.domain = cfg.domain;
homeserver.verify_ssl = true;
appservice = {
address = "http://localhost:29317";
port = 29317;
database = "postgres:///mautrix-telegram?host=/run/postgresql";
bot_avatar = "mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX";
id = "telegram";
max_body_size = 1;
provisioning.enabled = false;
};
bridge = {
alias_template = "tg_{groupname}";
username_templace = "tg_{userid}";
allow_matrix_login = true;
bot_messages_as_notices = true;
catch_up = true;
plaintext_highlights = true;
startup_sync = true;
animated_stickers = {
target = "webp";
convert_from_webm = true;
};
permissions = {
"@sef:exotic.sh" = "admin";
"exotic.sh" = "full";
};
};
};
};
services.mautrix-signal = {
enable = true;
environmentFile = cfg.secrets.mautrix-envs;
serviceDependencies = [ "matrix-synapse.service" ];
settings = {
homeserver.address = "https://${cfg.realHost}";
homeserver.domain = cfg.domain;
homeserver.verify_ssl = true;
appservice = {
address = "http://localhost:29318";
port = 29318;
database = "postgres:///mautrix-signal?host=/run/postgresql";
bot_avatar = "mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp";
id = "signal";
max_body_size = 1;
provisioning.enabled = false;
};
signal = {
avatar_dir = "/var/lib/signald/avatars";
data_dir = "/var/lib/signald/data";
};
bridge = {
alias_template = "sig_{groupname}";
username_templace = "sig_{userid}";
allow_matrix_login = true;
catch_up = true;
plaintext_highlights = true;
startup_sync = true;
animated_stickers = {
target = "webp";
convert_from_webm = true;
};
permissions = {
"@sef:exotic.sh" = "admin";
"exotic.sh" = "full";
};
};
};
};
services.mautrix-whatsapp = {
enable = true;
environmentFile = cfg.secrets.mautrix-envs;
serviceDependencies = [ "matrix-synapse.service" ];
settings = {
homeserver.address = "https://${cfg.realHost}";
homeserver.domain = cfg.domain;
homeserver.verify_ssl = true;
appservice = {
address = "http://localhost:29319";
port = 29319;
database = {
type = "postgres";
uri = "postgres://mautrix-whatsapp:@/mautrix-whatsapp?host=/run/postgresql";
};
bot_avatar = "mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr";
id = "whatsapp";
max_body_size = 1;
provisioning.enabled = false;
};
bridge = {
alias_template = "wa_{groupname}";
username_templace = "wa_{userid}";
personal_filtering_spaces = true;
delivery_receipts = true;
identity_change_notices = true;
hystory_sync = {
backfill = false; # MSC2716
request_full_sync = true;
};
send_presence_on_typing = true;
double_puppet_server_map = { };
login_shared_secret_map = { };
private_chat_portal_meta = true;
mute_bridging = true;
pinned_tag = "m.favourite";
archive_tag = "m.lowpriority";
allow_user_invite = true;
disappearing_messages_in_groups = true;
url_previews = true;
# TODO: https://github.com/matrix-org/dendrite/issues/2723
# encryption = {
# allow = true;
# default = true;
# require = true;
# allow_key_sharing = true;
# };
sync_manual_marked_unread = true;
force_active_delivery_receipts = true;
parallel_member_sync = true;
extev_polls = true;
send_whatsapp_edits = true;
permissions = {
"@sef:exotic.sh" = "admin";
"exotic.sh" = "full";
};
};
};
};
environment.persistence."/persist".directories = [
"/var/lib/private/mautrix-telegram"
"/var/lib/private/mautrix-signal"
"/var/lib/private/mautrix-whatsapp"
"/var/lib/signald"
];
modules.services.postgresql.enable = true;
services.postgresql.ensureDatabases = [ "mautrix-telegram" "mautrix-signal" "mautrix-whatsapp" ];
services.postgresql.ensureUsers = [
{
name = "mautrix-telegram";
ensurePermissions."DATABASE \"mautrix-telegram\"" = "ALL PRIVILEGES";
}
{
name = "mautrix-signal";
ensurePermissions."DATABASE \"mautrix-signal\"" = "ALL PRIVILEGES";
}
{
name = "mautrix-whatsapp";
ensurePermissions."DATABASE \"mautrix-whatsapp\"" = "ALL PRIVILEGES";
}
];
systemd.services.matrix-synapse.serviceConfig.LoadCredential = [
"mautrix-telegram:/var/lib/mautrix-telegram/telegram-registration.yaml"
"mautrix-signal:/var/lib/mautrix-signal/signal-registration.yaml"
"mautrix-whatsapp:/var/lib/mautrix-whatsapp/whatsapp-registration.yaml"
];
services.matrix-synapse.settings.app_service_config_files = [
"/run/credentials/matrix-synapse.service/mautrix-telegram"
"/run/credentials/matrix-synapse.service/mautrix-signal"
"/run/credentials/matrix-synapse.service/mautrix-whatsapp"
];
};
}
|