# adapted from https://nixos.org/manual/nixos/stable/index.html#module-services-matrix
{ modulesPath, config, lib, pkgs, ... }:
let
  secrets = builtins.fromJSON (builtins.readFile ./secrets.json);
in {
  imports = [
     "${toString modulesPath}/virtualisation/digital-ocean-image.nix"
  ];

  environment.systemPackages = [ pkgs.jq ];
  services.openssh.enable = true;
  networking.firewall.allowedTCPPorts = [ 22 80 443 ];

  users.users.root.openssh.authorizedKeys.keys = [
    (builtins.readFile "/home/mike/.ssh/id_mops.pub")
  ];

  ### app specific config
  users.users.matterbridge = {
    createHome = true;
    isNormalUser = false;
    isSystemUser = true;
  };

  nixpkgs.overlays = [
    (final: prev: {
      matterbridge = prev.matterbridge.overrideAttrs (oldAttrs: rec {
        version = "1.26.0";

        src = prev.fetchFromGitHub {
          owner = "42wim";
          repo = "matterbridge";
          rev = "v${version}";
          sha256 = "sha256-APlnJUu/ttK/S2AxO+SadU2ttmEnU+js/3GUf3x0aSQ=";
        };
      });
    })
  ];

  services.matterbridge = let

    channels = [
      "a-rusty-venture"
      "anime"
      "bossin_around"
      "bot-test"
      "bridge-test"
      "cryptic-bunker"
      "cryptic-chat"
      "cryptic-net-public"
      "dumbathon"
      "europe"
      "generic-gaming"
      "get-rich-fast"
      "gnv"
      "golang"
      "jerbs"
      "main_linux"
      "minecraft"
      "nyc"
      "omg-berks"
      "sf"
      "smersh"
      "to-the-moon-and-back"
      "travel"
      "tunes"
    ];

  gateways = lib.strings.concatMapStrings (channel: ''
    [[gateway]]
    name="${channel}-gateway"
    enable=true

    [[gateway.inout]]
    account="matrix.wafflefarm"
    channel="#${channel}:waffle.farm"

    [[gateway.inout]]
    account="slack.cryptic"
    channel="${channel}"

    [[gateway.inout]]
    account="discord.cryptic"
    channel="${channel}"

  '') channels;

  config-file = pkgs.writeText "matterbridge.toml" ''
[discord.cryptic]
Token="${secrets.matterbridge.discord2.token}"
Server="${secrets.matterbridge.discord2.server}"
RemoteNickFormat="{NICK} [{PROTOCOL}]: "
AutoWebhooks=true
PreserveThreading=true

[slack.cryptic]
Token="${secrets.matterbridge.slack.token}"
RemoteNickFormat="{NICK} [{PROTOCOL}]: "
PreserveThreading=true

[matrix.wafflefarm]
Server="https://matrix.waffle.farm"
Login="${secrets.matterbridge.matrix.username}"
Password="${secrets.matterbridge.matrix.password}"
RemoteNickFormat="{NICK} [{PROTOCOL}]: "
SpoofUsername=true
PreserveThreading=true
KeepQuotedReply=false

${gateways}
    '';
  in {
    enable = true;
    configPath = "${config-file}";
  };
}