muck around with slack bridge config

nixos_configs/matrix.nix

@@ -6,6 +6,7 @@ let
   storage-dir = "/srv/matrix-data";
   matrix-reg-dir = "${storage-dir}/matrix-registration";
   slackbridge-dir = "${storage-dir}/slackbridge";
+  pantalaimon-dir = "${storage-dir}/pantalaimon";
   secrets = builtins.fromJSON (builtins.readFile ./secrets.json);
   slack-reg-source-yaml = (builtins.readFile ./slack-registration.yaml);
   slack-reg-dest-yaml = pkgs.writeText "slack-registration.yaml" "${slack-reg-source-yaml}";
@@ -18,7 +19,14 @@ in {
      "${toString modulesPath}/virtualisation/digital-ocean-image.nix"
   ];
 
-  environment.systemPackages = [ pkgs.jq matrix-registration pkgs.matrix-appservice-slack ];
+  nixpkgs.config = {
+    packageOverrides = pkgs: {
+      pantalaimon = pkgs.pantalaimon.override { enableDbusUi = false; };
+    };
+  };
+
+
+  environment.systemPackages = [ pkgs.jq matrix-registration pkgs.matrix-appservice-slack pkgs.pantalaimon pkgs.olm ];
   services.openssh.enable = true;
   networking.firewall.allowedTCPPorts = [ 22 80 443 ];
 
@@ -237,6 +245,7 @@ homeserver:
   server_name: waffle.farm
   url: http://[::1]:8008
   media_url: "http://matrix.waffle.farm"
+  appservice_host: localhost
   appservice_port: 8090
 username_prefix: "slack_"
 
@@ -248,7 +257,7 @@ matrix_admin_room: "!tuUJADDNODYliJTxYK:waffle.farm"
 
 rtm:
   enable: true
-  logging: "silent"
+  logging: "debug"
 
 slack_hook_port: 9898
 inbound_uri_prefix: "https://waffle.farm/slackbridge/"
@@ -258,14 +267,14 @@ inbound_uri_prefix: "https://waffle.farm/slackbridge/"
 oauth2:
   client_id: "4494054004.1702274627236"
   client_secret: "${secrets.matrix.slack_bridge.client_secret}"
-  #redirect_prefix: "https://waffle.farm/slackbridge/oauth"
+  redirect_prefix: "https://waffle.farm/slackbridge/oauth"
 
 # Optional. Enable metrics reporting on http://0.0.0.0:bridgePort/metrics which can be scraped by prometheus
 enable_metrics: true
 
 provisioning:
   enabled: true
-  require_public_room: true
+  require_public_room: false
   allow_private_channels: true
   limits:
     room_count: 20
@@ -280,6 +289,28 @@ logging:
 
 bot_profile:
   displayname: "Slack Bridger"
+
+team_sync:
+  T04EJ1L04:
+    channels:
+      enabled: true
+    whitelist:
+      # bot-test
+      - C04FKFUHK
+      # generic-gaming
+      - C2EEUE9UY
+
+    alias_prefix: "slack_"
+    users:
+      enabled: true
+  # default for all other teams
+  all:
+    channels:
+      enabled: false
+
+encryption:
+  enabled: true
+  pantalaimon_url: "http://localhost:8009"
     '';
   in {
     enable = true;
@@ -293,4 +324,32 @@ bot_profile:
     };
   };
 
+  users.users.pantalaimon = {
+    home = pantalaimon-dir;
+    createHome = true;
+    isNormalUser = true;
+  };
+
+  systemd.services.pantalaimon = let
+  pantalaimon-config-file = pkgs.writeText "pantalaimon.conf" ''
+[local-matrix]
+Homeserver = http://localhost:8008
+ListenAddress = localhost
+ListenPort = 8009
+Notifications = off
+UseKeyring = no
+IgnoreVerification = True
+    '';
+  in {
+    enable = true;
+    description = "pantalaimon daemon";
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = "${pkgs.pantalaimon}/bin/pantalaimon -c ${pantalaimon-config-file} --data-path ${pantalaimon-dir}";
+      User = "pantalaimon";
+      Restart = "always";
+    };
+  };
+
 }