Drift/pvv-nixos-config
17
5
Fork 1
Code Issues Pull Requests 11 Actions Wiki Activity
Files
create-flake-input-exporter
pvv-nixos-config/hosts/bicep/services/matrix/out-of-your-element.nix
Daniel Olsen 195163fd7b
Some checks failed
Eval nix flake / evals (push) Failing after 25s
Details
fix ooye somewhat
2025-06-22 19:00:50 +02:00

67 lines
2.0 KiB
Nix
Raw Permalink Blame History

{ config, pkgs, fp, ... }:
let
cfg = config.services.matrix-ooye;
in
{
users.groups.keys-matrix-registrations = { };
sops.secrets = {
"matrix/ooye/as_token" = {
sopsFile = fp /secrets/bicep/matrix.yaml;
key = "ooye/as_token";
};
"matrix/ooye/hs_token" = {
sopsFile = fp /secrets/bicep/matrix.yaml;
key = "ooye/hs_token";
};
"matrix/ooye/discord_token" = {
sopsFile = fp /secrets/bicep/matrix.yaml;
key = "ooye/discord_token";
};
"matrix/ooye/discord_client_secret" = {
sopsFile = fp /secrets/bicep/matrix.yaml;
key = "ooye/discord_client_secret";
};
};
services.matrix-ooye = {
enable = true;
homeserver = "https://matrix.pvv.ntnu.no";
homeserverName = "pvv.ntnu.no";
discordTokenPath = config.sops.secrets."matrix/ooye/discord_token".path;
discordClientSecretPath = config.sops.secrets."matrix/ooye/discord_client_secret".path;
bridgeOrigin = "https://ooye.pvv.ntnu.no";
enableSynapseIntegration = false;
};
systemd.services."matrix-synapse" = {
after = [
"matrix-ooye-pre-start.service"
"network-online.target"
];
requires = [ "matrix-ooye-pre-start.service" ];
serviceConfig = {
LoadCredential = [
"matrix-ooye-registration:/var/lib/matrix-ooye/registration.yaml"
];
ExecStartPre = [
"+${pkgs.coreutils}/bin/cp /run/credentials/matrix-synapse.service/matrix-ooye-registration ${config.services.matrix-synapse-next.dataDir}/ooye-registration.yaml"
"+${pkgs.coreutils}/bin/chown matrix-synapse:keys-matrix-registrations ${config.services.matrix-synapse-next.dataDir}/ooye-registration.yaml"
];
};
};
services.matrix-synapse-next.settings = {
app_service_config_files = [
"${config.services.matrix-synapse-next.dataDir}/ooye-registration.yaml"
];
};
services.nginx.virtualHosts."ooye.pvv.ntnu.no" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:${cfg.socket}";
};
}
View Git Blame Copy Permalink