69 lines
2 KiB
Nix
69 lines
2 KiB
Nix
{ config, ... }:
|
|
let
|
|
in
|
|
{
|
|
age.secrets = {
|
|
matrix_mjolnir_pass = {
|
|
file = ../secrets/matrix_mjolnir_pass.age;
|
|
owner = "mjolnir";
|
|
group = "mjolnir";
|
|
mode = "0600";
|
|
};
|
|
|
|
matrix_mjolnir_tle_pass = {
|
|
file = ../secrets/matrix_mjolnir_tle_pass.age;
|
|
owner = "mjolnir";
|
|
group = "mjolnir";
|
|
mode = "0777"; # not ideal, but containers are weird
|
|
};
|
|
};
|
|
|
|
# global mjolnir
|
|
services.mjolnir = {
|
|
enable = true;
|
|
homeserverUrl = config.services.matrix-synapse-next.settings.public_baseurl;
|
|
protectedRooms = [ "https://matrix.to/#/!zDkrFrfuMIKbqYFbFv:grimmauld.de" ];
|
|
managementRoom = "!kgfXXqEYHGgToIwhMP:grimmauld.de";
|
|
pantalaimon = {
|
|
enable = true;
|
|
username = "mjolnir";
|
|
options = {
|
|
homeserver = config.services.matrix-synapse-next.settings.public_baseurl;
|
|
};
|
|
passwordFile = config.age.secrets.matrix_mjolnir_pass.path;
|
|
};
|
|
};
|
|
|
|
services.logrotate.checkConfig = false; # needed or this explodes
|
|
containers.mjolnirtle =
|
|
let
|
|
baseurl = config.services.matrix-synapse-next.settings.public_baseurl;
|
|
pass_file = config.age.secrets.matrix_mjolnir_tle_pass.path;
|
|
in
|
|
{
|
|
privateNetwork = false; # don't want nat
|
|
autoStart = true;
|
|
bindMounts."${pass_file}".isReadOnly = true;
|
|
config =
|
|
{ config, ... }:
|
|
{
|
|
system.stateVersion = "unstable";
|
|
# tle mjolnir
|
|
services.logrotate.checkConfig = false;
|
|
services.mjolnir = {
|
|
enable = true;
|
|
homeserverUrl = baseurl;
|
|
protectedRooms = [ "https://matrix.to/#/!BgDBnHgMgilMMnPMyp:grimmauld.de" ];
|
|
managementRoom = "!NQedmlMeoQErGgAwxm:grimmauld.de";
|
|
pantalaimon = {
|
|
enable = true;
|
|
username = "mjolnir_tle";
|
|
options = {
|
|
homeserver = baseurl;
|
|
};
|
|
passwordFile = pass_file;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|