|
|
|
@ -6,11 +6,7 @@ let |
|
|
|
|
storage-dir = "/srv/matrix-data"; |
|
|
|
|
matrix-reg-dir = "${storage-dir}/matrix-registration"; |
|
|
|
|
slackbridge-dir = "${storage-dir}/slackbridge"; |
|
|
|
|
remove-newline = string: builtins.replaceStrings [ "\n" ] [ "" ] string; |
|
|
|
|
matrix-reg-key = remove-newline (builtins.readFile ./matrix_reg_key); |
|
|
|
|
matrix-psql-password = remove-newline (builtins.readFile ./matrix_psql_password); |
|
|
|
|
slackbridge-psql-password = remove-newline (builtins.readFile ./slackbridge_psql_password); |
|
|
|
|
slack-client-secret = remove-newline (builtins.readFile ./slack_client_secret); |
|
|
|
|
secrets = builtins.fromJSON (builtins.readFile ./secrets.json); |
|
|
|
|
slack-reg-source-yaml = (builtins.readFile ./slack-registration.yaml); |
|
|
|
|
slack-reg-dest-yaml = pkgs.writeText "slack-registration.yaml" "${slack-reg-source-yaml}"; |
|
|
|
|
fqdn = |
|
|
|
@ -47,13 +43,13 @@ in { |
|
|
|
|
dataDir = "${storage-dir}/db"; |
|
|
|
|
|
|
|
|
|
initialScript = pkgs.writeText "synapse-init.sql" '' |
|
|
|
|
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD '${matrix-psql-password}'; |
|
|
|
|
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD '${secrets.matrix.psql_password}'; |
|
|
|
|
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" |
|
|
|
|
TEMPLATE template0 |
|
|
|
|
LC_COLLATE = "C" |
|
|
|
|
LC_CTYPE = "C"; |
|
|
|
|
CREATE DATABASE slack_bridge; |
|
|
|
|
CREATE USER slackbridge_user WITH PASSWORD '${slackbridge-psql-password}'; |
|
|
|
|
CREATE USER slackbridge_user WITH PASSWORD '${secrets.matrix.slack_bridge.psql_password}'; |
|
|
|
|
GRANT ALL PRIVILEGES ON DATABASE slack_bridge to slackbridge_user; |
|
|
|
|
''; |
|
|
|
|
}; |
|
|
|
@ -139,7 +135,7 @@ in { |
|
|
|
|
services.matrix-synapse = { |
|
|
|
|
enable = true; |
|
|
|
|
server_name = config.networking.domain; |
|
|
|
|
registration_shared_secret = matrix-reg-key; |
|
|
|
|
registration_shared_secret = secrets.matrix.registration_secret; |
|
|
|
|
extraConfig = '' |
|
|
|
|
allow_public_rooms_over_federation: true |
|
|
|
|
auto_join_rooms: |
|
|
|
@ -180,7 +176,7 @@ in { |
|
|
|
|
server_location: 'https://matrix.waffle.farm:443' |
|
|
|
|
base_url: 'waffle.farm' |
|
|
|
|
server_name: 'waffle.farm' |
|
|
|
|
shared_secret: '${matrix-reg-key}' |
|
|
|
|
shared_secret: '${secrets.matrix.registration_secret}' |
|
|
|
|
riot_instance: 'chat.waffle.farm' |
|
|
|
|
db: 'sqlite:///${matrix-reg-dir}/db.sqlite3' |
|
|
|
|
host: 'localhost' |
|
|
|
@ -238,7 +234,7 @@ username_prefix: "slack_" |
|
|
|
|
|
|
|
|
|
db: |
|
|
|
|
engine: "postgres" |
|
|
|
|
connectionString: "postgresql://slackbridge_user:${slackbridge-psql-password}@localhost/slack_bridge" |
|
|
|
|
connectionString: "postgresql://slackbridge_user:${secrets.matrix.slack_bridge.psql_password}@localhost/slack_bridge" |
|
|
|
|
|
|
|
|
|
matrix_admin_room: "!tuUJADDNODYliJTxYK:waffle.farm" |
|
|
|
|
|
|
|
|
@ -253,7 +249,7 @@ inbound_uri_prefix: "https://waffle.farm/slackbridge/" |
|
|
|
|
# |
|
|
|
|
oauth2: |
|
|
|
|
client_id: "4494054004.1702274627236" |
|
|
|
|
client_secret: "${slack-client-secret}" |
|
|
|
|
client_secret: "${secrets.matrix.slack_bridge.client_secret}" |
|
|
|
|
#redirect_prefix: "https://waffle.farm/slackbridge/oauth" |
|
|
|
|
|
|
|
|
|
# Optional. Enable metrics reporting on http://0.0.0.0:bridgePort/metrics which can be scraped by prometheus |
|
|
|
|