Drift/pvv-nixos-config
17
5
Fork 1
Code Issues Pull Requests 11 Actions Wiki Activity

bicep/matrix: enable smtp auth
All checks were successful
Eval nix flake / evals (push) Successful in 2m43s
Details

Browse Source 
yolo lmao
This commit is contained in:
Daniel Lovbrotte Olsen
2023-10-22 01:10:03 +02:00
parent a6196e67fe
commit 32885891fe
4 changed files with 86 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
hosts/bicep/services/matrix/smtp-authenticator/default.nix Normal file
View File

@@ -0,0 +1,17 @@
{ lib, buildPythonPackage, fetchFromGitHub }:
buildPythonPackage rec {
pname = "matrix-synapse-smtp-auth";
version = "0.1.0";
src = ./.;
doCheck = false;
meta = with lib; {
description = "An SMTP auth provider for Synapse";
homepage = "pvv.ntnu.no";
license = licenses.agpl3Only;
maintainers = with maintainers; [ dandellion ];
};
}

11
hosts/bicep/services/matrix/smtp-authenticator/setup.py Normal file
View File

@@ -0,0 +1,11 @@
from setuptools import setup
setup(
name="matrix-synapse-smtp-auth",
version="0.1.0",
py_modules=['smtp_auth_provider'],
author="Daniel Løvbrøtte Olsen",
author_email="danio@pvv.ntnu.no",
description="An SMTP auth provider for Synapse",
license="AGPL-3.0-only"
)

45
hosts/bicep/services/matrix/smtp-authenticator/smtp_auth_provider.py Normal file
View File

@@ -0,0 +1,45 @@
from typing import Awaitable, Callable, Optional, Tuple
from smtplib import SMTP_SSL as SMTP
import synapse
from synapse import module_api
class SMTPAuthProvider:
def __init__(self, config: dict, api: module_api):
self.api = api
self.config = config
api.register_password_auth_provider_callbacks(
auth_checkers={
("m.login.password", ("password",)): self.check_pass,
},
)
async def check_pass(
self,
username: str,
login_type: str,
login_dict: "synapse.module_api.JsonDict",
):
if login_type != "m.login.password":
return None
result = False
with SMTP(self.config["smtp_host"]) as smtp:
password = login_dict.get("password")
try:
smtp.login(username, password)
result = True
except:
return None
if result == True:
userid = self.api.get_qualified_user_id(username)
if not self.api.check_user_exists(userid):
self.api.register_user(username)
return (userid, None)
else:
return None

14
hosts/bicep/services/matrix/synapse.nix
View File

@@ -25,6 +25,10 @@ in {
services.matrix-synapse-next = { services.matrix-synapse-next = {
enable = true; enable = true;
plugins = [
(pkgs.python3Packages.callPackage ./smtp-authenticator { })
];
dataDir = "/data/synapse"; dataDir = "/data/synapse";
workers.federationSenders = 2; workers.federationSenders = 2;
@@ -81,7 +85,15 @@ in {
enable_registration = false; enable_registration = false;
registration_shared_secret_path = config.sops.secrets."matrix/synapse/user_registration".path; registration_shared_secret_path = config.sops.secrets."matrix/synapse/user_registration".path;
password_config.enabled = lib.mkForce false; password_config.enabled = true;
modules = [
{ module = "smtp_auth_provider.SMTPAuthProvider";
config = {
smtp_host = "smtp.pvv.ntnu.no";
};
}
];
trusted_key_servers = [ trusted_key_servers = [
{ server_name = "matrix.org"; } { server_name = "matrix.org"; }