65 lines
1.7 KiB
Nix
65 lines
1.7 KiB
Nix
{ config, pkgs, ... }:
|
|
{
|
|
nixpkgs.config.permittedInsecurePackages = [ "olm-3.2.16" ];
|
|
|
|
sops.secrets.discord_bot_token = {
|
|
owner = "mautrix-discord";
|
|
group = "mautrix-discord";
|
|
};
|
|
sops.secrets.discord_client_id = {
|
|
owner = "mautrix-discord";
|
|
group = "mautrix-discord";
|
|
};
|
|
|
|
systemd.services.mautrix-discord-env = {
|
|
before = [ "mautrix-discord-registration.service" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
RemainAfterExit = true;
|
|
};
|
|
script = ''
|
|
mkdir -p /run/mautrix-discord
|
|
echo "DISCORD_BOT_TOKEN=$(cat ${config.sops.secrets.discord_bot_token.path})" > /run/mautrix-discord/env
|
|
echo "DISCORD_CLIENT_ID=$(cat ${config.sops.secrets.discord_client_id.path})" >> /run/mautrix-discord/env
|
|
chmod 600 /run/mautrix-discord/env
|
|
chown mautrix-discord:mautrix-discord /run/mautrix-discord/env
|
|
'';
|
|
};
|
|
|
|
services.postgresql = {
|
|
ensureUsers = [
|
|
{
|
|
name = "mautrix-discord";
|
|
ensureDBOwnership = true;
|
|
}
|
|
];
|
|
ensureDatabases = [ "mautrix-discord" ];
|
|
};
|
|
|
|
services.mautrix-discord = {
|
|
enable = true;
|
|
environmentFile = "/run/mautrix-discord/env";
|
|
settings = {
|
|
homeserver = {
|
|
address = "http://127.0.0.1:8008";
|
|
domain = "cyperpunk.de";
|
|
};
|
|
appservice.database = {
|
|
type = "postgres";
|
|
uri = "postgres:///mautrix-discord?host=/run/postgresql&sslmode=disable";
|
|
};
|
|
bridge = {
|
|
permissions = {
|
|
"cyperpunk.de" = "user";
|
|
"@dergrumpf:cyperpunk.de" = "admin";
|
|
};
|
|
};
|
|
discord = {
|
|
client_id = "$DISCORD_CLIENT_ID";
|
|
bot_token = "$DISCORD_BOT_TOKEN";
|
|
};
|
|
};
|
|
};
|
|
}
|