From dd16d1f443788665b2b6e4acb21a1951140916b7 Mon Sep 17 00:00:00 2001 From: Mike Cugini Date: Sun, 12 Feb 2023 16:57:00 -0500 Subject: [PATCH] move back to matterbridge for errything --- nixos_configs/bridge.nix | 59 ++++++-- nixos_configs/matrix.nix | 281 ++++++++++++++------------------------- 2 files changed, 146 insertions(+), 194 deletions(-) diff --git a/nixos_configs/bridge.nix b/nixos_configs/bridge.nix index 4a9493c..22b02f8 100644 --- a/nixos_configs/bridge.nix +++ b/nixos_configs/bridge.nix @@ -22,28 +22,59 @@ in { isSystemUser = true; }; + nixpkgs.overlays = [ + (final: prev: { + matterbridge = prev.matterbridge.overrideAttrs (oldAttrs: rec { + version = "1.26.0"; + + src = prev.fetchFromGitHub { + owner = "42wim"; + repo = "matterbridge"; + rev = "v${version}"; + sha256 = "sha256-APlnJUu/ttK/S2AxO+SadU2ttmEnU+js/3GUf3x0aSQ="; + }; + }); + }) + ]; + services.matterbridge = let config-file = pkgs.writeText "matterbridge.toml" '' [discord.cryptic] -Token="${secrets.matterbridge.discord.token}" -Server="${secrets.matterbridge.discord.server}" -RemoteNickFormat="{NICK} [{PROTOCOL}]" +Token="${secrets.matterbridge.discord2.token}" +Server="${secrets.matterbridge.discord2.server}" +RemoteNickFormat="{NICK} [{PROTOCOL}]: " AutoWebhooks=true +PreserveThreading=true [slack.cryptic] Token="${secrets.matterbridge.slack.token}" -RemoteNickFormat="{NICK} [{PROTOCOL}]" +RemoteNickFormat="{NICK} [{PROTOCOL}]: " +PreserveThreading=true -# [[gateway]] -# name="bot-test-gateway" -# enable=true -# [[gateway.inout]] -# account="discord.cryptic" -# channel="bot-test" -# -# [[gateway.inout]] -# account="slack.cryptic" -# channel="bot-test" +[matrix.wafflefarm] +Server="https://matrix.waffle.farm" +Login="${secrets.matterbridge.matrix.username}" +Password="${secrets.matterbridge.matrix.password}" +RemoteNickFormat="{NICK} [{PROTOCOL}]: " +SpoofUsername=true +PreserveThreading=true +KeepQuotedReply=false + +[[gateway]] +name="testgateway" +enable=true + +[[gateway.inout]] +account="matrix.wafflefarm" +channel="#bridge-test:waffle.farm" + +[[gateway.inout]] +account="slack.cryptic" +channel="bridge-test" + +[[gateway.inout]] +account="discord.cryptic" +channel="bridge-test" [[samechannelgateway]] name="same-channel-gw" diff --git a/nixos_configs/matrix.nix b/nixos_configs/matrix.nix index 5aabf92..6c199ee 100644 --- a/nixos_configs/matrix.nix +++ b/nixos_configs/matrix.nix @@ -1,10 +1,8 @@ # adapted from https://nixos.org/manual/nixos/stable/index.html#module-services-matrix { modulesPath, config, lib, pkgs, ... }: let - matrix-registration = import ../../matrix-registration/default.nix; storage-device = "/dev/disk/by-id/scsi-0DO_Volume_matrix-storage"; storage-dir = "/srv/matrix-data"; - matrix-reg-dir = "${storage-dir}/matrix-registration"; slackbridge-dir = "${storage-dir}/slackbridge"; pantalaimon-dir = "${storage-dir}/pantalaimon"; secrets = builtins.fromJSON (builtins.readFile ./secrets.json); @@ -14,16 +12,13 @@ let discord-reg-dest-yaml = pkgs.writeText "discord-registration.yaml" "${discord-reg-source-yaml}"; discord-envs-src = (builtins.readFile ./discord_envs); discord-envs-dst = pkgs.writeText "discord_envs" "${discord-envs-src}"; - fqdn = - let - join = hostName: domain: hostName + lib.optionalString (domain != null) ".${domain}"; - in join config.networking.hostName config.networking.domain; + fqdn = "${config.networking.hostName}.${config.networking.domain}"; clientConfig = { "m.homeserver".base_url = "https://${fqdn}"; "server_name" = "${config.networking.domain}"; "m.identity_server" = {}; }; - serverConfig."m.server" = "${config.services.matrix-synapse.settings.server_name}:443"; + serverConfig."m.server" = "${fqdn}:443"; mkWellKnown = data: '' add_header Content-Type application/json; add_header Access-Control-Allow-Origin *; @@ -40,8 +35,7 @@ in { }; }; - - environment.systemPackages = [ pkgs.jq matrix-registration pkgs.matrix-appservice-slack pkgs.pantalaimon pkgs.olm ]; + environment.systemPackages = [ pkgs.jq pkgs.matrix-appservice-slack pkgs.pantalaimon pkgs.olm ]; services.openssh.enable = true; networking.firewall.allowedTCPPorts = [ 22 80 443 ]; @@ -90,16 +84,9 @@ in { forceSSL = true; locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; - locations."/".extraConfig = '' - return 301 https://waffle.farm/register; - ''; - locations."~ ^/(static|register)" = { - proxyPass = "http://localhost:5000"; - }; locations."~ ^/slackbridge" = { proxyPass = "http://localhost:9898"; }; - }; # Reverse proxy for Matrix client-server and server-server communication ${fqdn} = { @@ -163,15 +150,6 @@ in { ]; }; extraConfigFiles = [ "${storage-dir}/matrix_cfg" ]; - # registration_shared_secret = secrets.matrix.registration_secret; - # extraConfig = '' - # allow_public_rooms_over_federation: true - # auto_join_rooms: - # - "#cryptic-chat:waffle.farm" - # app_service_config_files: - # - "${slack-reg-dest-yaml}" - # - "${discord-reg-dest-yaml}" - # ''; }; security.acme.acceptTerms = true; security.acme.certs = { @@ -179,64 +157,6 @@ in { "${config.networking.domain}".email = "mike@betamike.com"; "chat.${config.networking.domain}".email = "mike@betamike.com"; }; - users.users.matrix-registration = { - home = matrix-reg-dir; - createHome = true; - isNormalUser = true; - }; - - systemd.services.matrix-registration = let - configFile = pkgs.writeText "matrix-reg-config.yaml" '' -server_location: 'https://matrix.waffle.farm:443' -base_url: "" -server_name: 'waffle.farm' -registration_shared_secret: '${secrets.matrix.registration_secret}' -admin_api_shared_secret: '${secrets.matrix.admin_api_secret}' -client_redirect: 'chat.waffle.farm' -client_logo: 'static/images/element-logo.png' -db: 'sqlite:///${matrix-reg-dir}/db.sqlite3' -host: 'localhost' -port: 5000 -rate_limit: ["1000 per day", "100 per minute"] -allow_cors: false -ip_logging: false -logging: - disable_existing_loggers: false - version: 1 - root: - level: DEBUG - handlers: [console] - formatters: - brief: - format: '%(name)s - %(levelname)s - %(message)s' - precise: - format: '%(asctime)s - %(name)s - %(levelname)s - %(message)s' - handlers: - console: - class: logging.StreamHandler - level: INFO - formatter: brief - stream: ext://sys.stdout -password: - min_length: 8 -username: - validation_regex: [] #list of regexes that the selected username must match. Example: '[a-zA-Z]\.[a-zA-Z]' - invalidation_regex: [] #list of regexes that the selected username must NOT match. Example: '(admin|support)' - ''; - in { - enable = true; - after = [ "matrix-synapse.service" ]; - bindsTo = [ "matrix-synapse.service" ]; - description = "Matrix-registration daemon"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "simple"; - WorkingDirectory = matrix-registration; - ExecStart = "${matrix-registration}/bin/matrix-registration --config-path ${configFile} serve"; - User = "matrix-registration"; - Restart = "always"; - }; - }; users.users.slackbridge = { home = slackbridge-dir; @@ -244,90 +164,90 @@ username: isNormalUser = true; }; - systemd.services.matrix-appservice-slack = let - slackbridge-config-file = pkgs.writeText "matrix-slack-bridge-config.yaml" '' -homeserver: - server_name: waffle.farm - url: http://[::1]:8008 - media_url: "http://matrix.waffle.farm" - appservice_host: localhost - appservice_port: 8090 -username_prefix: "slack_" - -db: - engine: "postgres" - connectionString: "postgresql://slackbridge_user:${secrets.matrix.slack_bridge.psql_password}@localhost/slack_bridge" - -matrix_admin_room: "!tuUJADDNODYliJTxYK:waffle.farm" - -rtm: - enable: true - logging: "debug" - -slack_hook_port: 9898 -inbound_uri_prefix: "https://waffle.farm/slackbridge/" - -# Optional. Allow users to add channels dynamically by using oauth, or puppet themselves. +# systemd.services.matrix-appservice-slack = let +# slackbridge-config-file = pkgs.writeText "matrix-slack-bridge-config.yaml" '' +#homeserver: +# server_name: waffle.farm +# url: http://[::1]:8008 +# media_url: "http://matrix.waffle.farm" +# appservice_host: localhost +# appservice_port: 8090 +#username_prefix: "slack_" # -oauth2: - client_id: "4494054004.1702274627236" - client_secret: "${secrets.matrix.slack_bridge.client_secret}" - redirect_prefix: "https://waffle.farm/slackbridge/oauth" - -# Optional. Enable metrics reporting on http://0.0.0.0:bridgePort/metrics which can be scraped by prometheus -enable_metrics: true - -provisioning: - enabled: true - require_public_room: false - allow_private_channels: true - limits: - room_count: 20 - team_count: 1 - -puppeting: - enabled: true - onboard_users: true - -logging: - console: "debug" - -bot_profile: - displayname: "Slack Bridger" - -team_sync: - T04EJ1L04: - channels: - enabled: true - whitelist: - # bot-test - - C04FKFUHK - # generic-gaming - - C2EEUE9UY - - alias_prefix: "slack_" - users: - enabled: true - # default for all other teams - all: - channels: - enabled: false - -encryption: - enabled: true - pantalaimon_url: "http://localhost:8009" - ''; - in { - enable = false; - description = "matrix-appservice-slack daemon"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "simple"; - ExecStart = "${pkgs.matrix-appservice-slack}/bin/matrix-appservice-slack -c ${slackbridge-config-file} -f ${slack-reg-dest-yaml} -p 8090"; - User = "slackbridge"; - Restart = "always"; - }; - }; +#db: +# engine: "postgres" +# connectionString: "postgresql://slackbridge_user:${secrets.matrix.slack_bridge.psql_password}@localhost/slack_bridge" +# +#matrix_admin_room: "!tuUJADDNODYliJTxYK:waffle.farm" +# +#rtm: +# enable: true +# logging: "debug" +# +#slack_hook_port: 9898 +#inbound_uri_prefix: "https://waffle.farm/slackbridge/" +# +## Optional. Allow users to add channels dynamically by using oauth, or puppet themselves. +## +#oauth2: +# client_id: "4494054004.1702274627236" +# client_secret: "${secrets.matrix.slack_bridge.client_secret}" +# redirect_prefix: "https://waffle.farm/slackbridge/oauth" +# +## Optional. Enable metrics reporting on http://0.0.0.0:bridgePort/metrics which can be scraped by prometheus +#enable_metrics: true +# +#provisioning: +# enabled: true +# require_public_room: false +# allow_private_channels: true +# limits: +# room_count: 20 +# team_count: 1 +# +#puppeting: +# enabled: true +# onboard_users: true +# +#logging: +# console: "debug" +# +#bot_profile: +# displayname: "Slack Bridger" +# +#team_sync: +# T04EJ1L04: +# channels: +# enabled: true +# whitelist: +# # bot-test +# - C04FKFUHK +# # generic-gaming +# - C2EEUE9UY +# +# alias_prefix: "slack_" +# users: +# enabled: true +# # default for all other teams +# all: +# channels: +# enabled: false +# +#encryption: +# enabled: true +# pantalaimon_url: "http://localhost:8009" +# ''; +# in { +# enable = false; +# description = "matrix-appservice-slack daemon"; +# wantedBy = [ "multi-user.target" ]; +# serviceConfig = { +# Type = "simple"; +# ExecStart = "${pkgs.matrix-appservice-slack}/bin/matrix-appservice-slack -c ${slackbridge-config-file} -f ${slack-reg-dest-yaml} -p 8090"; +# User = "slackbridge"; +# Restart = "always"; +# }; +# }; users.users.pantalaimon = { home = pantalaimon-dir; @@ -357,18 +277,19 @@ IgnoreVerification = True }; }; - services.matrix-appservice-discord = { - enable = true; - settings = { - bridge = { - domain = "waffle.farm"; - homeserverUrl = "https://matrix.waffle.farm"; - enableSelfServiceBridging = true; - disableJoinLeaveNotifications = true; - disableInviteNotifications = true; - }; - }; - url = "http://localhost:8008"; - environmentFile = "${discord-envs-dst}"; - }; +# services.matrix-appservice-discord = { +# enable = true; +# settings = { +# bridge = { +# domain = "waffle.farm"; +# homeserverUrl = "https://matrix.waffle.farm"; +# enableSelfServiceBridging = true; +# disableJoinLeaveNotifications = true; +# disableInviteNotifications = true; +# }; +# }; +# url = "http://localhost:8008"; +# environmentFile = "${discord-envs-dst}"; +# }; + }