mirror of https://gitlab.crans.org/nounous/nixos
173 lines
4.5 KiB
Nix
173 lines
4.5 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
let
|
|
cfg = config.services.matrix-appservice-irc;
|
|
pkg = pkgs.matrix-appservice-irc;
|
|
|
|
# Recopié de https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/services/matrix/appservice-irc.nix
|
|
# Permet de ne pas avoir un secret dans le store
|
|
matrix-appservice-irc-config-file =
|
|
pkgs.runCommand "matrix-appservice-irc.yml"
|
|
{
|
|
nativeBuildInputs = [
|
|
(pkgs.python3.withPackages (ps: [ ps.jsonschema ]))
|
|
pkgs.remarshal
|
|
];
|
|
preferLocalBuild = true;
|
|
|
|
config = builtins.toJSON cfg.settings;
|
|
passAsFile = [ "config" ];
|
|
}
|
|
''
|
|
remarshal --if yaml --of json -i ${pkg}/config.schema.yml -o config.schema.json
|
|
python -m jsonschema config.schema.json -i $configPath
|
|
cp "$configPath" "$out"
|
|
'';
|
|
|
|
configFile = "/var/lib/matrix-appservice-irc/config.yaml";
|
|
registrationFile = "/var/lib/matrix-appservice-irc/registration.yml";
|
|
bin = "${pkg}/bin/matrix-appservice-irc";
|
|
in
|
|
|
|
{
|
|
services.matrix-appservice-irc = {
|
|
enable = true;
|
|
|
|
registrationUrl = "http://localhost:9999";
|
|
settings = {
|
|
homeserver = {
|
|
url = "https://matrix.crans.org:443";
|
|
domain = "crans.org";
|
|
|
|
dropMatrixMessagesAfterSecs = 3000;
|
|
enablePresence = true;
|
|
};
|
|
|
|
database = {
|
|
engine = "postgres";
|
|
connectionString = "$MATRIX_APPSERVICE_IRC_DB_CONNECTION_STRING";
|
|
};
|
|
|
|
ircService = {
|
|
servers = {
|
|
"irc.crans.org" = {
|
|
name = "Crans";
|
|
onlyAdditionalAddresses = false;
|
|
networkId = "crans";
|
|
port = 6697;
|
|
ssl = true;
|
|
sslselfsign = true;
|
|
sasl = false;
|
|
allowExpiredCerts = false;
|
|
sendConnectionMessages = true;
|
|
passwordEncryptionKeyPath = "/var/lib/matrix-appservice-irc/passkey.pem";
|
|
|
|
modePowerMap = {
|
|
o = 50;
|
|
v = 1;
|
|
};
|
|
|
|
dynamicChannels = {
|
|
enabled = true;
|
|
useHomeserverDirectory = true;
|
|
aliasTemplate = "\$CHANNEL";
|
|
};
|
|
|
|
membershipLists = {
|
|
enabled = true;
|
|
floodDelayMs = 100;
|
|
global = {
|
|
ircToMatrix = {
|
|
initial = true;
|
|
incremental = true;
|
|
requireMatrixJoined = true;
|
|
};
|
|
matrixToIrc = {
|
|
initial = true;
|
|
incremental = true;
|
|
};
|
|
};
|
|
|
|
ignoreIdleUsersOnStartup = {
|
|
enabled = true;
|
|
idleForHours = 720;
|
|
};
|
|
};
|
|
|
|
matrixClients = {
|
|
userTemplate = "@irc_\$NICK";
|
|
displayName = "\$NICK";
|
|
};
|
|
|
|
ircClients = {
|
|
nickTemplate = "\$DISPLAY";
|
|
allowNickChanges = true;
|
|
maxClients = 300;
|
|
ipv6.enabled = false;
|
|
idleTimeout = 10800;
|
|
realnameFormat = "mxid";
|
|
kickOn = {
|
|
channelJoinFailure = true;
|
|
ircConnectionFailure = true;
|
|
userQuit = true;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
bridgeInfoState = {
|
|
enabled = false;
|
|
};
|
|
|
|
logging = {
|
|
level = "info";
|
|
logging = "debug.log";
|
|
errfile = "error.log";
|
|
toConsole = true;
|
|
maxFiles = 2;
|
|
};
|
|
|
|
metrics = {
|
|
enabled = false;
|
|
};
|
|
|
|
matrixHandler = {
|
|
eventCacheSize = 4096;
|
|
shortReplyTemplate = "\$NICK: \$REPLY";
|
|
longReplyTemplate = "<\$NICK> \"\$ORIGINAL\" <- \$REPLY";
|
|
shortReplyTresholdSeconds = 300;
|
|
};
|
|
|
|
mediaProxy = {
|
|
publicUrl = "https://matrix.crans.org/media";
|
|
};
|
|
};
|
|
|
|
advanced = {
|
|
maxHttpSockets = 1000;
|
|
maxTxnSize = 10000000;
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.services = {
|
|
matrix-appservice-irc = {
|
|
path = [ pkgs.envsubst ];
|
|
serviceConfig = {
|
|
ExecStartPre = lib.mkForce "${lib.getExe pkgs.envsubst} -i ${matrix-appservice-irc-config-file} -o ${configFile}";
|
|
ExecStart = lib.mkForce "${bin} --config ${configFile} --file ${registrationFile} --port ${toString config.services.matrix-appservice-irc.port}";
|
|
|
|
EnvironmentFile = config.sops.secrets.matrix_appservice_irc_db_env.path;
|
|
WorkingDirectory = "/var/lib/matrix-appservice-irc";
|
|
|
|
SystemCallFilter = lib.mkForce [ ];
|
|
};
|
|
};
|
|
};
|
|
}
|