From 19668751b81b5d4464e17d15ece77c12387b4ca5 Mon Sep 17 00:00:00 2001 From: Simon Bruder Date: Fri, 14 Oct 2022 08:03:03 +0200 Subject: [PATCH] renge/mautrix-signal: Init --- machines/renge/services/matrix/default.nix | 1 + .../renge/services/matrix/mautrix-signal.nix | 97 +++++++++++++++++++ 2 files changed, 98 insertions(+) create mode 100644 machines/renge/services/matrix/mautrix-signal.nix diff --git a/machines/renge/services/matrix/default.nix b/machines/renge/services/matrix/default.nix index 423117f..b44b659 100644 --- a/machines/renge/services/matrix/default.nix +++ b/machines/renge/services/matrix/default.nix @@ -1,6 +1,7 @@ { imports = [ ./synapse.nix + ./mautrix-signal.nix ./mautrix-whatsapp.nix ./go-neb.nix ]; diff --git a/machines/renge/services/matrix/mautrix-signal.nix b/machines/renge/services/matrix/mautrix-signal.nix new file mode 100644 index 0000000..c3f56fc --- /dev/null +++ b/machines/renge/services/matrix/mautrix-signal.nix @@ -0,0 +1,97 @@ +{ config, lib, pkgs, ... }: +let + synapseCfg = config.services.matrix-synapse.settings; + + cfg = rec { + homeserver = { + address = synapseCfg.public_baseurl; + domain = synapseCfg.server_name; + }; + appservice = rec { + hostname = "127.0.0.1"; + port = 29328; + address = "http://${hostname}:${toString port}"; + provisioning.shared_secret = "disable"; + database = "postgres:///mautrix-signal"; + }; + signal = { + enable_disappearing_messages_in_groups = true; + }; + bridge = { + contact_list_names = "prefer"; + encryption = { + allow = true; + default = true; + }; + delivery_receipts = true; + provisioning.enabled = false; + permissions = { + # Only one user since using the name from the address book does not + # work with multiple users + "@simon:${homeserver.domain}" = "admin"; + }; + location_format = "https://www.openstreetmap.org/?mlat={lat}&mlon={long}"; + }; + logging = { + version = 1; + formatters = { + colored = { + "()" = "mautrix_signal.util.ColorFormatter"; + format = "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"; + }; + normal.format = "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"; + }; + handlers = { + console = { + class = "logging.StreamHandler"; + formatter = "colored"; + }; + }; + loggers = { + mau.level = "INFO"; + aiohttp.level = "INFO"; + }; + root = { + level = "INFO"; + handlers = [ "console" ]; + }; + }; + }; + + generatedConfig = pkgs.runCommandNoCC "mautrix-signal-config" { } '' + mkdir $out + cat ${pkgs.writeText "mautrix-signal.yaml" (lib.generators.toYAML { } cfg)} > $out/config.yaml + ${pkgs.mautrix-signal}/bin/mautrix-signal -c $out/config.yaml -g -r $out/registration.yaml + ''; +in +{ + services.signald = { + enable = true; + group = "signald"; + }; + + services.postgresql = { + enable = true; + ensureDatabases = [ "mautrix-signal" ]; + ensureUsers = lib.singleton { + name = "mautrix-signal"; + ensurePermissions = { "DATABASE \"mautrix-signal\"" = "ALL PRIVILEGES"; }; + }; + }; + + systemd.services.mautrix-signal = { + after = [ "network.target" "matrix-synapse.service" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + DynamicUser = true; + SupplementaryGroups = [ "signald" ]; + StateDirectory = "mautrix-signal"; + WorkingDirectory = "/var/lib/mautrix-signal"; + ExecStart = "${pkgs.mautrix-signal}/bin/mautrix-signal -c ${generatedConfig}/config.yaml"; + Restart = "on-failure"; + }; + }; + + services.matrix-synapse.settings.app_service_config_files = lib.singleton "${generatedConfig}/registration.yaml"; +}