diff --git a/hosts/bicep/services/matrix/hookshot/default.nix b/hosts/bicep/services/matrix/hookshot/default.nix index d7f70418..4c64494f 100644 --- a/hosts/bicep/services/matrix/hookshot/default.nix +++ b/hosts/bicep/services/matrix/hookshot/default.nix @@ -1,5 +1,10 @@ { config, lib, unstablePkgs, inputs, ... }: +let + cfg = config.services.matrix-hookshot; + webhookListenAddress = "127.0.0.1"; + webhookListenPort = 9000; +in { imports = [ ./module.nix @@ -30,18 +35,19 @@ }; listeners = [ { - bindAddress = "127.0.0.1"; - port = 9000; + bindAddress = webhookListenAddress; + port = webhookListenPort; resources = [ "webhooks" - "metrics" - "provisioning" + # "metrics" + # "provisioning" "widgets" ]; } ]; generic = { enabled = true; + outbound = true; }; feeds = { enabled = true; @@ -54,4 +60,11 @@ services.matrix-synapse-next.settings = { app_service_config_files = [ config.sops.secrets."matrix/registrations/matrix-hookshot".path ]; }; + + services.nginx.virtualHosts."hookshot.pvv.ntnu.no" = { + enableACME = true; + locations."/" = { + proxyPass = "http://${webhookListenAddress}:${toString webhookListenPort}"; + }; + }; } diff --git a/secrets/bicep/matrix.yaml b/secrets/bicep/matrix.yaml index aa38a216..9216900b 100644 --- a/secrets/bicep/matrix.yaml +++ b/secrets/bicep/matrix.yaml @@ -8,7 +8,7 @@ mjolnir: access_token: ENC[AES256_GCM,data:ERFqZjK7MRD0xWt91FNCIxP1YC6Qj54QgnckHlCTtcQVLWaM1h2h9lHS+K8=,iv:1d7vmFkXAPcsmumzlmOT31amdrKLWtL5sJiS8G9g+LE=,tag:2l0vWzJ6P12ofuBdf5CCWw==,type:str] registrations: mx-puppet-discord: ENC[AES256_GCM,data:FleyXxgOmc05nTP6M2DBJlacufN3p/05eZm4kB8+K4ci0k24o3zli988wlM/kyeZmxu4pgQlJ3lNLte4uip2hBXHWG5t5Ldzmr7bNCUD+r7nM+I1lfNkrDROPZ54bHysmn9O5CHpEa16rSo6RJgncIPqsLJxTwjC7qZlkOpzqvMhkq/MHCVOpvg0M/6AUR+AlSZoggujBMoXLznQNQapN13foEsbuo/QxjszM/ObGmhYMVyaS+TDBXzQLA8Yuj50Q/gZCIINWZ4G2qmgsGxxNR4I+usUQml/jxCtIXS4zn/ettXfL9G4Fdm2F9u1v11DehtTGa5xoxDq94M9rIxOqeJpvgEQEyyKAyFUIrlINfGl7tAj4Zu7+9Z8JTRAnppjM1q8iInwn/Z2L9KgB0YFi/Go1whgXly+TH6hpreo7m5klXV/ff/aV3ghOgFCGA8nBrZFqE8Uw268q9tV1s1dxCb6TbpGf19V5c9MD6BsCIVeoq+j9I/I8iZpzg2Reb4IlHhMDwbwsL2w2ks30wiZ9XO/CFrXDY4uBlI=,iv:3vvkGvldS8Raibg6tzlV8VY1O9NCLxSuNX/lwi1QgiA=,tag:D/noIsE3xlOiYM6Pk+cc8Q==,type:str] - matrix-hookshot: ENC[AES256_GCM,data:xdgW720VcaREJEaVs0BTT9/5fBp+VpXL54oRrLt53ymjMMS5QCLA9VLW0kOwadpZcr9xv2txVICkU63wmmH5W6HzDHpVbVWG5ByUMyvZkBWWB5HEvfNi6+66CGRNwPqrtrmM4aS8cg3eoXje+qJbjfxk0UzQsDkPV/VXxpzcQt47GTMUX59Xu9C6SYncze5G3QkTn30o+jiJMiha4xTULfqnP0iHXDVN1iFlNudOgr8keQIdYnFu7QqWZdvuERUPA9OANy8c0CQxoMxuUfHnLvxPyEYkDXTyBIgBAWC2AlOqHJWXUccqXYZWSRFp51uB3Tmlhkv+nTsmVWndnmOgnVpvUp9BS1wTqF8z3Vg63EHCrOGb4iPprjH13hUompmXDsFt4+FC1vd1KIl5DeAL9N3WCDa0hX4reH0SVmI2alNG28cpKdFimMowgdHJ9nLA7rgIqGRjciZMr+uJTGnWHeOFpqUo3hkF9vA2+Ca0Ti307SfgCsymfVgt9nFIoHGwWG2CJ0FdAs7JUiKIuG4K87HpYaowcAcCj9wU2sVKvDx+zQWb7pmRM2TGDJZ2W/yzYdFWLCqbSUBt0S/1rEPiqj5h7+y2ZTWB42aN0lcjWOwZBP39+wvJI+4EUE/F+aezPd6viWyJn8pIK9ZBDEcWfBBEb/xADa8UTBk6LjL/Sqsu9BDvCbIaOeTDi/LaUNJLOdre9GiUtjWlAxXKjYhYaFpI0SlXP42JZxLhz5jvGE8kGgPK+ruq2bai3KiwaWJRSadnO5L1+bFTjaiVrp2PSskULdHmCxgKDfPDmMWglPvF7wCswMmE4rqvBx0fxVtPTVzQeo6pwUBbZ4Ihg6UlcFEBncyNCahuvClCNO2st7c7ygbnMoZuDDYjgqbCf2jVOPg06FDgn5wXi2jJerw4L7NAD8FtsepScuqdjmsB14oepMDMgOnzKc72h4JiIouUe3wkU1ReTdIIxfpuvLpF9WNzwZOc214YfDWdhus+RvsHZtoaupezjHFDiFmwP5tygyz3iw==,iv:HIVrDHhwEQ+NOU4MYUXgz1aSjQD445b/LSj4rqvJRY8=,tag:VJAy4v9OZJrOV2y4JFuh9w==,type:str] + matrix-hookshot: ENC[AES256_GCM,data:7gwMGvp06eztKxj0/5GUPj1UcnBeFtZiQDnqJJ/Ak4ZjeQY9C/WxR261chyvXdzu65iQdT881/5vhBktGLggA+Wzqq3w6Q4PiajRcs49AEVqBp1aEVRkhoA3FTctK+E5kynsY3uXnYwcI7cmx7W+6RngibDism5A356U0/ycniUArQzcRfQDZjtHTmKNwwDkSUJfF1JBr4UMibbEhYeif3pGdC561IoEJQ0r7TII/Z2MihUuGFWO+Ye5ucJQafoJ/ujvQCMeJFTRr8PQkrZpwYStdZ+WoXDnRnO8U+fARNuIBRa5yezBL4sgHvkCNKV4jGcfLPTYwRAbKsUHikPOad2u5BnvQhw98fhKV0vVvDtGEGqMmq/MBDB2O9KuJPH34aReS9d1+I5DIvo6YgMHI8uvlQLlDTCh5KmLwAy+IrhDMM9IZsFCkqDTzwbXRNggISLNxfeusKkIb0G4vhRj0PuvhFSKNdnf0KPnrvL4ACxE5DdomUhM2uilxEQvcNxs1hWB5LXn3uqSvjzD+NRPFkaey0BSUQmtgRURaP18dVzZBVbnPZNvypVFyfFkUbmRIBsb/UWE9ARIlr4oPklxQBYxHo+DcIO8Y0YCh7bIVNjmjCor5cTWVroaJeryuDHUe6blgQ8hX7QXFnjrTM3YEuvVsQbzapMNs+6TGZwGPBq2Rne8DPQxFH/N5QSMwTSbtT/dR6xdp37FJaA4kXByoMweNHgotK3l3TucYowCYX6L3uH2KQm8+47Qd2/yxkRWpkHc58fx0mMbqzPU92rGX6vTDmkLgbTnyNVtod7Y2kgf7fh6CsRnuvpWZFp2tHzbToZ/CYnQILy6E6c7UZfV3oHTiJKfWRJg5p2pwFay6DBLwKL5PAurEuDOoAs4KVW9L5vIvg9WWvgOp3BrQJ915yugizUDVjO9AkNbrGRlPD+HJ8vk913h2Uk0Bi2i52ROeycWX3ncHTTGhurwBjY4Jx2usqxLSSl1HkI6yVPDY3FmkXv8XNzLwHI=,iv:gr8+o05ZPxzsw4stuNpY65ABUVTgrRF8NF00vOLTkIA=,tag:h1MCuZxHc+RLbre+0P++aw==,type:str] sops: kms: [] gcp_kms: [] @@ -69,8 +69,8 @@ sops: WEh5NFN6SFF1TlltdWFWTGw4MHRHUkUKrKIvC87xjEmwxPQhH8dN+ZuaJTCgPY28 pR62KxmoKFICLTHPpYP3euiAx5M9BWvgvCnA/US/5klpk8MtlreNFA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-12T21:48:59Z" - mac: ENC[AES256_GCM,data:fLpGjWpoLwwwofwBzkNakD9JoNjbbGOvTEKrrT1jTWXo26Y01NkuqTEEwbmNkODOjmlyeTovRnY3K0dujtEcKJO8Nlu3uNCiL/ie3KitYTQH1lrsI7IdtXvCRELU5trQCqFmBjYUFhFyldKyKL30QxEuYxxTa+t1eBmtOL4jBTY=,iv:kcAPBuA3R5uF6bTfffMgdnsySKxSmCheQx1tOpRwyf4=,tag:aUGRR5w8Ljcdh458ir99DA==,type:str] + lastmodified: "2024-10-13T04:02:47Z" + mac: ENC[AES256_GCM,data:e9UTv8AbchriDXpfWjTKb6QdtqXiTMI9JsoA829eTjbVeoo0Mu5JmYorqORAtLvpsIOICRRR/DvQ4RDV/QZSpRUKWuZ6YKBm10C3eGwmX+CaRkgk8rxQn77XG5M1jFNtmALYp8/ssp145Akp8hNP9Ew+s/hX/Pw6PqPArlyoPdM=,iv:aRcuwbEIM0dLCMzoAwFi7K2w8GjYaWyNby+bSmm8/tY=,tag:Ku8dpZt0kgDH7qpfqSpw0Q==,type:str] pgp: - created_at: "2024-08-04T00:03:46Z" enc: |-