diff options
| author | Max Audron <audron@cocaine.farm> | 2023-08-11 16:51:35 +0200 |
|---|---|---|
| committer | Max Audron <audron@cocaine.farm> | 2023-08-11 16:51:35 +0200 |
| commit | 5828af9fc19e18dc85e49fcc1a251a7eb25d909c (patch) | |
| tree | c70c3e52237c08d3fdcb2f1269c524c25e3feeb8 /modules/matrix/mx-puppet-slack.nix | |
init
Diffstat (limited to 'modules/matrix/mx-puppet-slack.nix')
| -rw-r--r-- | modules/matrix/mx-puppet-slack.nix | 132 |
1 files changed, 132 insertions, 0 deletions
diff --git a/modules/matrix/mx-puppet-slack.nix b/modules/matrix/mx-puppet-slack.nix new file mode 100644 index 0000000..5737319 --- /dev/null +++ b/modules/matrix/mx-puppet-slack.nix @@ -0,0 +1,132 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + dataDir = "/var/lib/mx-puppet-slack"; + registrationFile = "${dataDir}/slack-registration.yaml"; + cfg = config.services.mx-puppet-slack; + settingsFormat = pkgs.formats.json {}; + settingsFile = settingsFormat.generate "mx-puppet-slack-config.json" cfg.settings; + +in { + options = { + services.mx-puppet-slack = { + enable = mkEnableOption (lib.mdDoc '' + mx-puppet-slack is a slack puppeting bridge for matrix. + It handles bridging private and group DMs + ''); + + package = mkOption { + type = types.package; + default = pkgs.callPackage ./pkgs/mx-puppet-slack.nix {}; + defaultText = "pkgs.mx-puppet-slack"; + example = "pkgs.mx-puppet-slack.override { … = …; }"; + description = lib.mdDoc '' + Package of the application to run, exposed for overriding purposes. + ''; + }; + + settings = mkOption rec { + apply = recursiveUpdate default; + inherit (settingsFormat) type; + default = { + bridge = { + port = 8432; + }; + presence = { + enabled = true; + interval = 500; + }; + provisioning.whitelist = [ ]; + + # variables are preceded by a colon. + namePatterns = { + user = ":name"; + room = ":name[:team? - :team,]"; + group = ":name"; + }; + + #defaults to sqlite but can be configured to use postgresql with + #connstring + database.filename = "${dataDir}/database.db"; + logging = { + console = "info"; + lineDateFormat = "MMM-D HH:mm:ss.SSS"; + }; + }; + example = literalExpression '' + { + bridge = { + bindAddress = "localhost"; + domain = "example.com"; + homeserverUrl = "https://example.com"; + }; + provisioning.whitelist = [ "@admin:example.com" ]; + relay.whitelist = [ "@.*:example.com" ]; + } + ''; + description = lib.mdDoc '' + {file}`config.yaml` configuration as a Nix attribute set. + Configuration options should match those described in + [ + sample.config.yaml](https://github.com/matrix-slack/mx-puppet-slack/blob/master/sample.config.yaml). + ''; + }; + serviceDependencies = mkOption { + type = with types; listOf str; + default = optional config.services.matrix-synapse.enable "matrix-synapse.service"; + defaultText = literalExpression '' + optional config.services.matrix-synapse.enable "matrix-synapse.service" + ''; + description = lib.mdDoc '' + List of Systemd services to require and wait for when starting the application service. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + systemd.services.mx-puppet-slack = { + description = "Matrix to Slack puppeting bridge"; + + wantedBy = [ "multi-user.target" ]; + wants = [ "network-online.target" ] ++ cfg.serviceDependencies; + after = [ "network-online.target" ] ++ cfg.serviceDependencies; + + preStart = '' + # generate the appservice's registration file if absent + if [ ! -f '${registrationFile}' ]; then + ${cfg.package}/bin/mx-puppet-slack -r -c ${settingsFile} \ + -f ${registrationFile} + fi + ''; + + serviceConfig = { + Type = "simple"; + Restart = "always"; + + ProtectSystem = "strict"; + ProtectHome = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectControlGroups = true; + + DynamicUser = true; + PrivateTmp = true; + WorkingDirectory = cfg.package; + StateDirectory = baseNameOf dataDir; + + UMask = "0027"; + + ExecStart = '' + ${cfg.package}/bin/mx-puppet-slack \ + -c ${settingsFile} \ + -f ${registrationFile} + ''; + }; + }; + }; + + meta.maintainers = with maintainers; [ govanify ]; +} |