jordan/nix-config
1
1
Fork 0
Code Issues 14 Pull Requests Actions Projects 3 Wiki Activity

Refactor matrix module
All checks were successful
Check flake / build-amd64-linux (push) Successful in 2m29s
Details

Browse Source
This commit is contained in:
Jordan Holt 2024-07-21 12:00:25 +01:00
parent 2f8f03faf8
commit abfb24ca21
Signed by: jordan
GPG Key ID: B8CFFF61F1CCF520
2 changed files with 60 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/vps1/default.nix
View File

@ -64,11 +64,11 @@
headscale.enable = true; headscale.enable = true;
matrix = { matrix = {
enable = true; enable = true;
bridges = {
signal = true;
whatsapp = true;
};
usePostgresql = databases.postgresql.enable; usePostgresql = databases.postgresql.enable;
bridges = [
"signal"
"whatsapp"
];
}; };
nginx.enable = true; nginx.enable = true;
photoprism.enable = true; photoprism.enable = true;

108
modules/services/matrix/default.nix
View File

@ -7,43 +7,46 @@
let let
cfg = config.modules.services.matrix; cfg = config.modules.services.matrix;
validBridges = [
"signal"
"whatsapp"
];
in { in {
options.modules.services.matrix = { options.modules.services.matrix = {
enable = lib.mkEnableOption "matrix"; enable = lib.mkEnableOption "matrix";
enableElementWeb = lib.mkOption { element = {
enable = lib.mkOption {
type = lib.types.bool;
default = true; default = true;
example = false;
}; };
bridges = lib.mkOption { };
type = lib.types.listOf lib.types.str; bridges = {
description = "A list of bridges to configure with Synapse."; signal = lib.mkOption {
example = [ "signal" "whatsapp" ]; type = lib.types.bool;
default = []; default = false;
apply = bridges: description = "Enable Signal bridge.";
if lib.all (bridge: lib.elem bridge validBridges) bridges };
then lib.map (b: "mautrix-${b}") bridges whatsapp = lib.mkOption {
else throw "Invalid bridge(s) specified. Valid bridges are: ${lib.concatStringsSep ", " validBridges}"; type = lib.types.bool;
default = false;
description = "Enable WhatsApp bridge.";
};
}; };
serverName = lib.mkOption { serverName = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = "vimium.com"; default = "vimium.com";
example = "vimium.com"; example = "vimium.com";
}; };
usePostgresql = lib.mkOption { usePostgresql = lib.mkEnableOption "postgresql";
default = false;
example = true;
};
}; };
config = let config = let
mkBridgeDatabase = bridge: { matrixSubdomain = "matrix.${cfg.serverName}";
name = bridge; elementSubdomain = "chat.${cfg.serverName}";
ensureDBOwnership = true; matrixClientConfig = {
"m.homeserver" = {
base_url = "https://${matrixSubdomain}";
server_name = cfg.serverName;
}; };
"m.identity_server" = {};
};
matrixServerConfig."m.server" = "${matrixSubdomain}:443";
commonBridgeSettings = bridge: { commonBridgeSettings = bridge: {
appservice = { appservice = {
database = lib.mkIf cfg.usePostgresql { database = lib.mkIf cfg.usePostgresql {
@ -59,42 +62,30 @@ in {
}; };
permissions = { permissions = {
"${cfg.serverName}" = "user"; "${cfg.serverName}" = "user";
"@jordan:vimium.com" = "admin"; "@jordan:${cfg.serverName}" = "admin";
}; };
provisioning = { provisioning = {
shared_secret = "disable"; shared_secret = "disable";
}; };
}; };
homeserver = { homeserver = {
address = "https://matrix.${cfg.serverName}"; address = "https://${matrixSubdomain}";
domain = cfg.serverName; domain = cfg.serverName;
}; };
}; };
matrixClientConfig = {
"m.homeserver" = {
base_url = "https://matrix.${cfg.serverName}";
server_name = cfg.serverName;
};
"m.identity_server" = {};
};
matrixServerConfig."m.server" = "matrix.${cfg.serverName}:443";
mkWellKnown = data: ''
more_set_headers 'Content-Type: application/json';
return 200 '${builtins.toJSON data}';
'';
in lib.mkIf cfg.enable { in lib.mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
8448 # Matrix federation 8448 # Matrix federation
]; ];
security.acme.certs = { security.acme.certs = {
"matrix.${cfg.serverName}" = { "${matrixSubdomain}" = {
reloadServices = [ "matrix-synapse" ]; reloadServices = [ "matrix-synapse" ];
}; };
}; };
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"matrix.${cfg.serverName}" = { "${matrixSubdomain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
listen = [ listen = [
@ -144,12 +135,17 @@ in {
"/_synapse/client".proxyPass = "http://localhost:8008"; "/_synapse/client".proxyPass = "http://localhost:8008";
}; };
}; };
"${cfg.serverName}" = { "${cfg.serverName}" = let
mkWellKnown = data: ''
more_set_headers 'Content-Type: application/json';
return 200 '${builtins.toJSON data}';
'';
in {
locations."= /.well-known/matrix/server".extraConfig = (mkWellKnown matrixServerConfig); locations."= /.well-known/matrix/server".extraConfig = (mkWellKnown matrixServerConfig);
locations."= /.well-known/matrix/client".extraConfig = (mkWellKnown matrixClientConfig); locations."= /.well-known/matrix/client".extraConfig = (mkWellKnown matrixClientConfig);
}; };
} // (if cfg.enableElementWeb then { } // (if cfg.element.enable then {
"chat.${cfg.serverName}" = { "${elementSubdomain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
root = pkgs.unstable.element-web.override { root = pkgs.unstable.element-web.override {
@ -177,12 +173,12 @@ in {
max_upload_size = "100M"; max_upload_size = "100M";
report_stats = false; report_stats = false;
server_name = cfg.serverName; server_name = cfg.serverName;
app_service_config_files = (lib.optional (lib.elem "mautrix-whatsapp" cfg.bridges) app_service_config_files = (lib.optional cfg.bridges.whatsapp
"/var/lib/mautrix-whatsapp/whatsapp-registration.yaml"); "/var/lib/mautrix-whatsapp/whatsapp-registration.yaml");
}; };
}; };
systemd.services.matrix-synapse.serviceConfig.SupplementaryGroups = systemd.services.matrix-synapse.serviceConfig.SupplementaryGroups =
(lib.optional (lib.elem "mautrix-whatsapp" cfg.bridges) (lib.optional cfg.bridges.whatsapp
config.systemd.services.mautrix-whatsapp.serviceConfig.Group); config.systemd.services.mautrix-whatsapp.serviceConfig.Group);
services.postgresql = lib.mkIf cfg.usePostgresql { services.postgresql = lib.mkIf cfg.usePostgresql {
@ -191,18 +187,30 @@ in {
name = "matrix-synapse"; name = "matrix-synapse";
ensureDBOwnership = true; ensureDBOwnership = true;
} }
] ++ lib.map mkBridgeDatabase cfg.bridges; ] ++ (lib.optional cfg.bridges.signal
{
name = "mautrix-signal";
ensureDBOwnership = true;
})
++ (lib.optional cfg.bridges.whatsapp
{
name = "mautrix-whatsapp";
ensureDBOwnership = true;
});
ensureDatabases = [ ensureDatabases = [
"matrix-synapse" "matrix-synapse"
] ++ cfg.bridges; ] ++ (lib.optional cfg.bridges.signal
"mautrix-signal")
++ (lib.optional cfg.bridges.whatsapp
"mautrix-whatsapp");
}; };
services.mautrix-signal = lib.mkIf (lib.elem "mautrix-signal" cfg.bridges) { services.mautrix-signal = lib.mkIf cfg.bridges.signal {
enable = true; enable = true;
settings = commonBridgeSettings "mautrix-signal"; settings = commonBridgeSettings "mautrix-signal";
}; };
services.mautrix-whatsapp = lib.mkIf (lib.elem "mautrix-whatsapp" cfg.bridges) { services.mautrix-whatsapp = lib.mkIf cfg.bridges.whatsapp {
enable = true; enable = true;
settings = { settings = {
bridge = { bridge = {
@ -216,11 +224,5 @@ in {
}; };
} // commonBridgeSettings "mautrix-whatsapp"; } // commonBridgeSettings "mautrix-whatsapp";
}; };
services.matrix-sliding-sync = lib.mkIf cfg.slidingSync.enable {
enable = true;
environmentFile = null;
settings = { SYNCV3_SERVER = "https://${cfg.serverName}"; };
};
}; };
} }