Grimmauld/grimm-nix-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add bridge bot, (temporarily) disable mjolnir as it refused to work

Browse source
This commit is contained in:
Grimmauld 2024-01-26 12:45:18 +00:00
parent 2f4e82c131
commit 08a9547c0b
5 changed files with 50 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
configuration.nix
View file

@ -10,7 +10,8 @@ in {
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
boot.kernelPackages = pkgs.linuxPackages_hardened; boot.kernelPackages = pkgs.linuxPackages_latest;
services.logrotate.checkConfig = false; # needed or this explodes
users.users.grimmauld = { users.users.grimmauld = {
isNormalUser = true; isNormalUser = true;

3
flake.nix
View file

@ -32,9 +32,10 @@
./modules/nextcloud.nix ./modules/nextcloud.nix
./modules/prometheus.nix ./modules/prometheus.nix
./modules/letsencrypt.nix ./modules/letsencrypt.nix
./modules/mjolnir.nix # ./modules/mjolnir.nix
./modules/fail2ban.nix ./modules/fail2ban.nix
./modules/email.nix ./modules/email.nix
./modules/discord-matrix-bridge.nix
./modules/mastodon.nix ./modules/mastodon.nix
agenix.nixosModules.default agenix.nixosModules.default
nixos-mailserver.nixosModules.default nixos-mailserver.nixosModules.default

30
modules/discord-matrix-bridge.nix Normal file
View file

@ -0,0 +1,30 @@
{config, lib, pkgs, ...}: let
root_host = "grimmauld.de";
bridge_port = 9005; # netstat -nlp | grep 9005
in {
age.secrets = {
matrix_discord_bridge_token = {
file = ../secrets/matrix_discord_bridge_token.age;
# mode = "0600";
};
};
services.matrix-synapse-next.settings.app_service_config_files = [ "/var/lib/matrix-synapse/discord-registration.yaml" ];
services.matrix-appservice-discord = {
enable = true;
settings = {
auth = {
usePrivilegedIntents = true; # typing status and stuff
};
bridge = {
enableSelfServiceBridging = true;
domain = root_host;
homeserverUrl = "https://grimmauld.de"; # fixme does this work? Potentially need root_host instead
};
};
port = bridge_port;
localpart = "_discord_bot"; # fixme
environmentFile = config.age.secrets.matrix_discord_bridge_token.path;
};
}

15
secrets/matrix_discord_bridge_token.age Normal file
View file

@ -0,0 +1,15 @@
age-encryption.org/v1
-> ssh-rsa jWbwAg
NjaxRq6jsJbscI9ySg58c9D8HEOUjEusNfEDn2aCEcyvmO0AeLImCK/MI08x8hJ2
FwSmPVpumzatiTd9U8orgUj7ivr5On5yItg1FJs1yGojDotnvXKx2P2ulAkeGs/B
KHx7UZnCwm9gAzwz8r6Uki+R56/Wu/TCfygbGq0sRI1+Tyo2PdZv0EiXXQ+f5g0c
VS23NyxGxzO3yIHRV0hRB9xRfUlYddSINVqcfRr54q2DIFi1DKU2BueAchGF2tIl
9uazNaWetXeqLF15UAYbxv1Sh5/YOmZKSr6WXhTfmzT6bSTnDwu6IqYhgBagRIEO
lv17r0wbmNAHhDZKuj60Fv+28tbWdU4WENOVhrxsImJMP6iHC79iCpNM/uHLALwN
yB1MF4oFAajX2LzW4tmmoR3bM2LCy/aW3oNccLm8M1mWuPg6pqyhiejAk/09b0BT
73HqqHSBys4DMEUjxntG+BhtwAm+3e+zcG+7MSa9fVf3yb566EUnVNHjm60pX0JN
FIn08qwIS1vtDD/2vGDMB575sYafurh6gJ6kmwikv2IOlbJBoyXBONEb7Q5TGeJ6
mon6l7zdqgW/sYgW2wAsmwGrUTHeJNVV/CUNt1sPhmb7VyqRpP0a/fWif/S2XpxY
Caiv38ccsmpmm639BhBV7iF8BhV//Ovja/hKwsLUsoM
--- suzKNMEdOeEQQnOg6BIVnTTGqCg7b0+eAiVS6PR8W2c
´êõG"ÎÇu¿ívʪ¦¡ÚH"ÅtH aËÅz#¶0.é<>âɳ:žIå¾_†DU‡7xª¼MÌ@‰¹#ÆP£¢µ9ªz5¿”;Çš-<2D>êk“jhHâªáy[cü PÖ¯õî७Axî°¾áÐJàâ¸,í =í^%Ùá}éŽn\s½{« qÎ~AgxÛ6Š©ÿpÊfwæ8ÇÝ"yê³Ô²Ý¦ñ|=Ȅ륷T4Ï<>TxÀ]<5D>—©|>¬*Õ‚ä

1
secrets/secrets.nix
View file

@ -13,4 +13,5 @@ in
"matrix_admin_pass.age".publicKeys = [ contabo_nix_pub ]; "matrix_admin_pass.age".publicKeys = [ contabo_nix_pub ];
"matrix_mjolnir_pass.age".publicKeys = [ contabo_nix_pub ]; "matrix_mjolnir_pass.age".publicKeys = [ contabo_nix_pub ];
"matrix_mjolnir_tle_pass.age".publicKeys = [ contabo_nix_pub ]; "matrix_mjolnir_tle_pass.age".publicKeys = [ contabo_nix_pub ];
"matrix_discord_bridge_token.age".publicKeys = [ contabo_nix_pub ];
} }