{ config, lib, pkgs, ... }: with pkgs; # NOTE Reference the environment variable set in the corresponding agenix secret let database.connection_string = "$DB_STRING"; in { # Matrix server configuration services.dendrite = { enable = true; httpPort = 8008; environmentFile = config.age.secrets.dendrite-postgres.path; loadCredential = [ "private_key:${config.age.secrets.dendrite.path}" ]; settings = { global = { server_name = "coolneng.duckdns.org"; private_key = config.age.secrets.dendrite.path; inherit database; }; # HACK Inherit postgres connection string for the rest of the DBs app_service_api = { inherit database; config_files = [ "/var/lib/matrix-as-facebook/facebook-registration.yaml" "/var/lib/matrix-as-signal/signal-registration.yaml" "/var/lib/matrix-as-telegram/telegram-registration.yaml" ]; }; media_api = { inherit database; }; room_server = { inherit database; }; push_server = { inherit database; }; mscs = { inherit database; mscs = [ "msc2836" "msc2946" ]; }; sync_api = { inherit database; }; key_server = { inherit database; }; federation_api = { inherit database; }; user_api = { account_database = database; device_database = database; }; }; }; # Matrix bridges services.matrix-appservices = { homeserver = "dendrite"; homeserverDomain = "coolneng.duckdns.org"; homeserverURL = "https://matrix.coolneng.duckdns.org"; addRegistrationFiles = true; services = { telegram = { port = 8118; format = "mautrix-python"; package = mautrix-telegram; serviceConfig.EnvironmentFile = config.age.secrets.telegram.path; settings = { telegram = { api_id = "$API_ID"; api_hash = "$API_HASH"; }; bridge.permissions."@coolneng:coolneng.duckdns.org" = "admin"; backfill.normal_groups = true; }; }; facebook = { port = 8228; format = "mautrix-python"; package = mautrix-facebook; }; signal = { port = 8338; format = "mautrix-python"; package = mautrix-signal; serviceConfig = { StateDirectory = [ "matrix-as-signal" "signald" ]; JoinNamespaceOf = "signald.service"; SupplementaryGroups = [ "signald" ]; }; settings.signal = { socket_path = config.services.signald.socketPath; outgoing_attachment_dir = "/var/lib/signald/tmp"; }; }; }; }; # Additional settings for mautrix-signal services.signald = { enable = true; user = "matrix-as-signal"; }; systemd.services.matrix-as-signal = { requires = [ "signald.service" ]; after = [ "signald.service" ]; }; }