hyl.st
nix config
1# TODO too lazy to figure out how the official module works so i use this one lol
2{ config, lib, pkgs, ... }: with lib; let
3 cfg = config.services.sealight.heisenbridge;
4
5 heisenbridgeAppserviceConfig = {
6 id = "heisenbridge";
7 url = "http://${cfg.listenAddress}:${toString cfg.listenPort}";
8 as_token = cfg.appServiceToken;
9 hs_token = cfg.homeserverToken;
10 rate_limited = false;
11 sender_localpart = cfg.senderLocalpart;
12 namespaces = {
13 users = [{ regex = "@irc_.*"; exclusive = true; }];
14 aliases = [ ];
15 rooms = [ ];
16 };
17 };
18
19 heisenbridgeConfigYaml = pkgs.writeText "heisenbridge.yaml" (
20 generators.toYAML { } heisenbridgeAppserviceConfig);
21in
22{
23 options = {
24 services.sealight.heisenbridge = {
25 enable = mkEnableOption "heisenbridge, a bouncer-style Matrix IRC bridge.";
26 identd.enable = mkEnableOption "identd for heisenbridge" // {
27 default = true;
28 };
29 homeserver = mkOption {
30 type = types.str;
31 default = "http://localhost:8008";
32 description = "The URL of the Matrix homeserver.";
33 };
34 listenAddress = mkOption {
35 type = types.str;
36 default = "127.0.0.1";
37 description = "The address for heisenbridge to listen on.";
38 };
39 listenPort = mkOption {
40 type = types.int;
41 default = 9898;
42 description = "The port for heisenbridge to listen on.";
43 };
44 senderLocalpart = mkOption {
45 type = types.str;
46 default = "heisenbridge";
47 description = "The localpart of the heisenbridge admin bot's username.";
48 };
49 ownerId = mkOption {
50 type = types.nullOr types.str;
51 default = null;
52 description = ''
53 The owner MXID (for example, @user:homeserver) of the bridge. If
54 unspecified, the first talking local user will claim the bridge.
55 '';
56 };
57 appServiceToken = mkOption {
58 type = types.str;
59 description = ''
60 This is the token that the app service should use as its access_token
61 when using the Client-Server API. This can be anything you want.
62 '';
63 };
64 homeserverToken = mkOption {
65 type = types.str;
66 description = ''
67 This is the token that the homeserver will use when sending requests
68 to the app service. This can be anything you want.
69 '';
70 };
71 };
72 };
73
74 config = mkIf cfg.enable {
75 meta.maintainers = [ maintainers.sumnerevans ];
76
77 services.matrix-synapse.settings.app_service_config_files = [
78 heisenbridgeConfigYaml
79 ];
80
81 # Create a user for heisenbridge.
82 users.users.heisenbridge = {
83 group = "heisenbridge";
84 isSystemUser = true;
85 };
86 users.groups.heisenbridge = { };
87
88 # Open ports for identd.
89 networking.firewall.allowedTCPPorts = mkIf cfg.identd.enable [ 113 ];
90
91 systemd.services.heisenbridge-sealight = {
92 description = "Heisenbridge Matrix IRC bridge";
93 after = [ "matrix-synapse.service" ];
94 wantedBy = [ "multi-user.target" ];
95 serviceConfig = {
96 ExecStart = ''
97 ${pkgs.heisenbridge}/bin/heisenbridge \
98 --config ${heisenbridgeConfigYaml} \
99 --verbose --verbose \
100 --listen-address ${cfg.listenAddress} \
101 --listen-port ${toString cfg.listenPort} \
102 --uid heisenbridge \
103 --gid heisenbridge \
104 ${optionalString cfg.identd.enable "--identd"} \
105 ${optionalString (cfg.ownerId != null) "--owner ${cfg.ownerId}"} \
106 ${cfg.homeserver}
107 '';
108 Restart = "on-failure";
109 };
110 };
111 };
112}
113