{ config, pkgs, lib, ... }: let cfg = config.services.matrix-appservice-irc; pkg = pkgs.matrix-appservice-irc; # RecopiƩ de https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/services/matrix/appservice-irc.nix # Permet de ne pas avoir un secret dans le store matrix-appservice-irc-config-file = pkgs.runCommand "matrix-appservice-irc.yml" { nativeBuildInputs = [ (pkgs.python3.withPackages (ps: [ ps.jsonschema ])) pkgs.remarshal ]; preferLocalBuild = true; config = builtins.toJSON cfg.settings; passAsFile = [ "config" ]; } '' remarshal --if yaml --of json -i ${pkg}/config.schema.yml -o config.schema.json # desactive le check sinon on a des probleme avec envsubst # python -m jsonschema config.schema.json -i $configPath cp "$configPath" "$out" ''; configFile = "/var/lib/matrix-appservice-irc/config.yaml"; registrationFile = "/var/lib/matrix-appservice-irc/registration.yml"; bin = "${pkg}/bin/matrix-appservice-irc"; in { services.matrix-appservice-irc = { enable = true; registrationUrl = "http://localhost:9999"; settings = { homeserver = { url = "https://matrix.crans.org:443"; domain = "crans.org"; dropMatrixMessagesAfterSecs = 3000; enablePresence = true; }; database = { engine = "postgres"; connectionString = "$MATRIX_APPSERVICE_IRC_DB_CONNECTION_STRING"; }; ircService = { servers = { "irc.crans.org" = { name = "Crans"; onlyAdditionalAddresses = false; networkId = "crans"; port = 6697; ssl = true; sslselfsign = true; sasl = false; allowExpiredCerts = false; sendConnectionMessages = true; passwordEncryptionKeyPath = "/var/lib/matrix-appservice-irc/passkey.pem"; modePowerMap = { o = 50; v = 1; }; dynamicChannels = { enabled = true; useHomeserverDirectory = true; aliasTemplate = "\$\$CHANNEL"; }; membershipLists = { enabled = true; floodDelayMs = 100; global = { ircToMatrix = { initial = true; incremental = true; requireMatrixJoined = true; }; matrixToIrc = { initial = true; incremental = true; }; }; ignoreIdleUsersOnStartup = { enabled = true; idleForHours = 720; }; }; matrixClients = { userTemplate = "@irc_\$\$NICK"; displayName = "\$\$NICK"; }; ircClients = { nickTemplate = "\$\$DISPLAY"; allowNickChanges = true; maxClients = 300; ipv6.enabled = false; idleTimeout = 10800; realnameFormat = "mxid"; kickOn = { channelJoinFailure = true; ircConnectionFailure = true; userQuit = true; }; }; }; }; bridgeInfoState = { enabled = false; }; logging = { level = "info"; logging = "debug.log"; errfile = "error.log"; toConsole = true; maxFiles = 2; }; metrics = { enabled = false; }; matrixHandler = { eventCacheSize = 4096; shortReplyTemplate = "\$\$NICK: \$\$REPLY"; longReplyTemplate = "<\$\$NICK> \"\$\$ORIGINAL\" <- \$\$REPLY"; shortReplyTresholdSeconds = 300; }; mediaProxy = { publicUrl = "https://matrix.crans.org/media"; }; }; advanced = { maxHttpSockets = 1000; maxTxnSize = 10000000; }; }; }; systemd.services = { matrix-appservice-irc = { path = [ pkgs.envsubst ]; serviceConfig = { ExecStartPre = lib.mkForce "${lib.getExe pkgs.envsubst} -i ${matrix-appservice-irc-config-file} -o ${configFile}"; ExecStart = lib.mkForce "${bin} --config ${configFile} --file ${registrationFile} --port ${toString config.services.matrix-appservice-irc.port}"; EnvironmentFile = config.sops.secrets.matrix_appservice_irc_db_env.path; WorkingDirectory = "/var/lib/matrix-appservice-irc"; SystemCallFilter = lib.mkForce [ ]; }; }; }; }