diff --git a/modules/services/server/matrix.nix b/modules/services/server/matrix.nix index 8ca76fb..6a3cf2a 100644 --- a/modules/services/server/matrix.nix +++ b/modules/services/server/matrix.nix @@ -71,6 +71,11 @@ in { } ]; }; +# app_service_config_files = [ +# "/var/lib/matrix-synapse/whatsapp-registration.yaml" +# "/var/lib/matrix-synapse/telegram-registration.yaml" +# "/var/lib/matrix-synapse/signal-registration.yaml" +# ]; extraConfigFiles = [ config.age.secrets."services/matrix/synapse.yml".path ]; @@ -87,26 +92,90 @@ in { }; }; -# users = { -# users = { -# mautrix_whatsapp = { -# uid = 3001; -# group = "mautrix_whatsapp"; -# isSystemUser = true; -# }; -# mautrix_telegram = { -# uid = 3002; -# group = "matrix_appservice_slack"; -# isSystemUser = true; -# }; -# }; -# groups = { -# mautrix_whatsapp = { -# gid = 3001; -# }; -# mautrix_telegram = { -# gid = 3002; -# }; -# }; -# }; + users = { + users = { + mautrix_whatsapp = { + uid = 3001; + group = "mautrix_whatsapp"; + isSystemUser = true; + }; + mautrix_telegram = { + uid = 3002; + group = "mautrix_telegram"; + isSystemUser = true; + }; + mautrix_signal = { + uid = 3003; + group = "mautrix_signal"; + isSystemUser = true; + }; + }; + groups = { + mautrix_whatsapp = { + gid = 3001; + }; + mautrix_telegram = { + gid = 3002; + }; + mautrix_signal = { + gid = 3003; + }; + }; + }; + + services = { + mautrix-telegram = { + enable = true; + environmentFile = config.age.secrets."services/matrix/mautrix-telegram.env".path + settings = { + homeserver = { + address = "http://localhost:8008"; + domain = "kabtop.de"; + }; + appservice = { + hostname = "127.0.0.1"; + database = "postgres://${mautrixteledb}"; + provisioning.enabled = false; + id = "telegram"; + public = { + enabled = false; + }; + }; + bridge = { + sync_channel_members = true; + startup_sync = true; + public_portals = true; + double_puppet_server_map = { + "kabtop.de: https://kabtop.de"; + }; + encryption = { + allow = true; + default = true; + verification_levels = { + receive = "cross-signed-untrusted"; + send = "cross-signed-untrusted"; + }; + }; + private_chat_portal_meta = true; + backfill = { + disable_notifications = true; + }; + permissions = { + "@kabbone:kabtop.de" = "admin"; + }; + }; + telegram = { + api_id = ${telegram-api_id}; + api_hash = ${telegram-api_hash}; + bot_token = ${telegram-bot_token}; + }; + }; + }; + }; + + age.secrets."services/matrix/mautrix-telegram.env" = { + file = ../../../secrets/services/matrix/mautrix-telegram.age; + owner = "mautrix-telegram"; + }; + } diff --git a/secrets/secrets.nix b/secrets/secrets.nix index cfc1348..8a3601c 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -34,6 +34,7 @@ in "services/postgresql/initScript.age".publicKeys = servers ++ users; "services/coturn/static-auth.age".publicKeys = servers ++ users; "services/matrix/synapse.age".publicKeys = servers ++ users; + "services/matrix/mautrix-telegram.age".publicKeys = servers ++ users; "services/nextcloud/adminpassFile.age".publicKeys = servers ++ users; "services/nextcloud/dbpassFile.age".publicKeys = servers ++ users; } diff --git a/secrets/services/matrix/mautrix-telegram.age b/secrets/services/matrix/mautrix-telegram.age new file mode 100644 index 0000000..4bb8216 Binary files /dev/null and b/secrets/services/matrix/mautrix-telegram.age differ