colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

matrix: set up Discord bridge

Browse Source 
verified working after i fill in the Discord secrets, but i need to find
a way to provide those outside of the nix store.
This commit is contained in:
colin
2022-10-05 22:02:07 -07:00
parent 6c38500e52
commit ca239ca3e6
4 changed files with 62 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
machines/servo/services/ipfs.nix
View File

@@ -12,7 +12,7 @@
# TODO: mode? could be more granular # TODO: mode? could be more granular
{ user = "261"; group = "261"; directory = "/var/lib/ipfs"; } { user = "261"; group = "261"; directory = "/var/lib/ipfs"; }
]; ];
services.ipfs.enable = true; # services.ipfs.enable = true;
services.ipfs.localDiscovery = true; services.ipfs.localDiscovery = true;
services.ipfs.swarmAddress = [ services.ipfs.swarmAddress = [
# "/dns4/ipfs.uninsane.org/tcp/4001" # "/dns4/ipfs.uninsane.org/tcp/4001"

43
machines/servo/services/matrix/default.nix
View File

@@ -1,12 +1,13 @@
# docs: https://nixos.wiki/wiki/Matrix # docs: https://nixos.wiki/wiki/Matrix
# docs: https://nixos.org/manual/nixos/stable/index.html#module-services-matrix-synapse # docs: https://nixos.org/manual/nixos/stable/index.html#module-services-matrix-synapse
{ config, ... }: { config, lib, ... }:
{ {
sane.impermanence.service-dirs = [ sane.impermanence.service-dirs = [
# TODO: mode? # TODO: mode?
# user and group are both "matrix-appservice-irc" # user and group are both "matrix-appservice-irc"
{ user = "993"; group = "992"; directory = "/var/lib/matrix-appservice-irc"; } { user = "993"; group = "992"; directory = "/var/lib/matrix-appservice-irc"; }
{ user = "matrix-appservice-discord"; group = "matrix-appservice-discord"; directory = "/var/lib/matrix-appservice-discord"; }
{ user = "224"; group = "224"; directory = "/var/lib/matrix-synapse"; } { user = "224"; group = "224"; directory = "/var/lib/matrix-synapse"; }
]; ];
services.matrix-synapse.enable = true; services.matrix-synapse.enable = true;
@@ -64,6 +65,7 @@
# '']; # ''];
services.matrix-synapse.settings.app_service_config_files = [ services.matrix-synapse.settings.app_service_config_files = [
"/var/lib/matrix-appservice-irc/registration.yml" # auto-created by irc appservice "/var/lib/matrix-appservice-irc/registration.yml" # auto-created by irc appservice
"/var/lib/matrix-appservice-discord/discord-registration.yaml" # auto-created by discord appservice
]; ];
# new users may be registered on the CLI: # new users may be registered on the CLI:
@@ -78,6 +80,45 @@
# create a token with limited uses: # create a token with limited uses:
# curl -d '{ "uses_allowed": 1 }' --header "Authorization: Bearer <my_token>" localhost:8008/_synapse/admin/v1/registration_tokens/new # curl -d '{ "uses_allowed": 1 }' --header "Authorization: Bearer <my_token>" localhost:8008/_synapse/admin/v1/registration_tokens/new
# Discord bridging
# docs: https://github.com/matrix-org/matrix-appservice-discord
services.matrix-appservice-discord.enable = false;
services.matrix-appservice-discord.settings = {
bridge = {
homeserverUrl = "http://127.0.0.1:8008";
domain = "uninsane.org";
adminMxid = "admin.matrix@uninsane.org";
enableSelfServiceBridging = true;
disablePortalBridging = false;
disableInviteNotifications = false;
};
# these are marked as required in the yaml schema
auth = {
clientId = "FILLME";
botToken = "FILLME";
usePrivilegedIntents = false;
};
logging = {
# silly, verbose, info, http, warn, error, silent
console = "verbose";
};
};
# fix up to not use /var/lib/private, but just /var/lib
systemd.services.matrix-appservice-discord.serviceConfig = {
DynamicUser = lib.mkForce false;
User = "matrix-appservice-discord";
Group = "matrix-appservice-discord";
};
users.groups.matrix-appservice-discord = {};
users.users.matrix-appservice-discord = {
description = "User for the Matrix-Discord bridge";
group = "matrix-appservice-discord";
isSystemUser = true;
};
users.users.matrix-appservice-discord.uid = 2134; # TODO: move to allocations
users.groups.matrix-appservice-discord.gid = 2134; # TODO
# IRC bridging # IRC bridging
# note: Rizon allows only FOUR simultaneous IRC connections per IP: https://wiki.rizon.net/index.php?title=Connection/Session_Limit_Exemptions # note: Rizon allows only FOUR simultaneous IRC connections per IP: https://wiki.rizon.net/index.php?title=Connection/Session_Limit_Exemptions
# Rizon supports CertFP for auth: https://wiki.rizon.net/index.php?title=CertFP # Rizon supports CertFP for auth: https://wiki.rizon.net/index.php?title=CertFP

16
pkgs/matrix-appservice-discord/02-auto-approve.patch Normal file
View File

@@ -0,0 +1,16 @@
diff --git a/src/provisioner.ts b/src/provisioner.ts
index c1568af..28a44c5 100644
--- a/src/provisioner.ts
+++ b/src/provisioner.ts
@@ -99,8 +99,9 @@
this.pendingRequests.set(channelId, approveFn);
setTimeout(() => approveFn(false, true), timeout);
- await channel.send(`${requestor} on matrix would like to bridge this channel. Someone with permission` +
- " to manage webhooks please reply with `!matrix approve` or `!matrix deny` in the next 5 minutes");
+ // await channel.send(`${requestor} on matrix would like to bridge this channel. Someone with permission` +
+ // " to manage webhooks please reply with `!matrix approve` or `!matrix deny` in the next 5 minutes");
+ approveFn(true);
return await deferP;
}

4
pkgs/matrix-appservice-discord/default.nix
View File

@@ -4,8 +4,10 @@
# 2022-10-05: the service can't login as an ordinary user unless i change the source # 2022-10-05: the service can't login as an ordinary user unless i change the source
doCheck = false; doCheck = false;
patches = (upstream.patches or []) ++ [ patches = (upstream.patches or []) ++ [
# bind to an IP address which is usable behind a netns # don't register with better-discord as a bot
./01-puppet.patch ./01-puppet.patch
# don't ask Discord admin for approval before bridging
./02-auto-approve.patch
]; ];
})) }))