From 72a2ab78f3488689758c0d4b30eb4ee54552a698 Mon Sep 17 00:00:00 2001
From: colin <colin@uninsane.org>
Date: Mon, 16 Jan 2023 11:54:32 +0000
Subject: [PATCH] matrix: allow mautrix-signal to communicate with signald

---
 hosts/servo/services/matrix/signal.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/hosts/servo/services/matrix/signal.nix b/hosts/servo/services/matrix/signal.nix
index fb6205f1..3034d772 100644
--- a/hosts/servo/services/matrix/signal.nix
+++ b/hosts/servo/services/matrix/signal.nix
@@ -5,12 +5,19 @@
   services.mautrix-signal.environmentFile =
     config.sops.secrets.mautrix_signal_env.path;
 
+  services.mautrix-signal.settings.signal.socket_path = "/run/signald/signald.sock";
   services.mautrix-signal.settings.homeserver.domain = "uninsane.org";
   services.matrix-synapse.settings.app_service_config_files = [
     # auto-created by mautrix-signal service
     "/var/lib/mautrix-signal/signal-registration.yaml"
   ];
 
+  systemd.services.mautrix-signal.serviceConfig = {
+    # allow communication to signald
+    SupplementaryGroups = [ "signald" ];
+    ReadWritePaths = [ "/run/signald" ];
+  };
+
   sops.secrets.mautrix_signal_env = {
     sopsFile = ../../../../secrets/servo/mautrix_signal_env.bin;
     format = "binary";