Compare commits
2 Commits
wip/mx-sig
...
wip/flake-
Author | SHA1 | Date | |
---|---|---|---|
05649d1a22 | |||
cc5d706c1b |
4
flake.lock
generated
4
flake.lock
generated
@@ -62,11 +62,11 @@
|
||||
"locked": {
|
||||
"lastModified": 1,
|
||||
"narHash": "sha256-d3XSehPFkNwvwlOYy7gch0NLxOgdXuV7j5r/Qsn7kHc=",
|
||||
"path": "/nix/store/wq6rmmnd7yhw9w44k54w4x5v63ah1psr-source/nixpatches",
|
||||
"path": "nixpatches",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/nix/store/wq6rmmnd7yhw9w44k54w4x5v63ah1psr-source/nixpatches",
|
||||
"path": "nixpatches",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
|
@@ -24,9 +24,10 @@
|
||||
# <https://github.com/nixos/nixpkgs/tree/nixos-unstable>
|
||||
nixpkgs-unpatched.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
||||
nixpkgs = {
|
||||
url = "./nixpatches";
|
||||
url = "path:nixpatches";
|
||||
inputs.nixpkgs.follows = "nixpkgs-unpatched";
|
||||
# TODO: remove this dependency injection: it's from when we used url = path:...
|
||||
# XXX: `path:` urls have poor UX in that they still get "locked" and require manual updates as if they were remote.
|
||||
# by linking back to ourselves here, we can update `nixpatches/list.nix` *without* having to run `nix flake update` afterward.
|
||||
inputs.patches.follows = "";
|
||||
};
|
||||
mobile-nixos = {
|
||||
|
@@ -46,8 +46,6 @@
|
||||
}];
|
||||
|
||||
# provide access to certs
|
||||
# TODO: this should just be `acme`. then we also add nginx to the `acme` group.
|
||||
# why is /var/lib/acme/* owned by `nginx` group??
|
||||
users.users.ejabberd.extraGroups = [ "nginx" ];
|
||||
|
||||
security.acme.certs."uninsane.org".extraDomainNames = [
|
||||
|
@@ -6,16 +6,8 @@
|
||||
imports = [
|
||||
./discord-puppet.nix
|
||||
# ./irc.nix
|
||||
./signal.nix
|
||||
];
|
||||
|
||||
services.matrix-appservices = {
|
||||
# configure defaults. used by e.g. ./signal.nix
|
||||
homeserverUrl = "http://127.0.0.1:8008";
|
||||
homeserverDomain = "uninsane.org";
|
||||
addRegistrationFiles = true;
|
||||
};
|
||||
|
||||
sane.persist.sys.plaintext = [
|
||||
{ user = "matrix-synapse"; group = "matrix-synapse"; directory = "/var/lib/matrix-synapse"; }
|
||||
];
|
||||
|
@@ -1,32 +0,0 @@
|
||||
{ ... }:
|
||||
{
|
||||
services.signald.enable = true;
|
||||
|
||||
# TODO: required?
|
||||
# comes from <nix-matrix-appservices:examples/mautrix.nix>
|
||||
systemd.services.matrix-as-signal = {
|
||||
requires = [ "signald.service" ];
|
||||
after = [ "signald.service" ];
|
||||
unitConfig = {
|
||||
JoinsNamespaceOf = "signald.service";
|
||||
};
|
||||
path = [
|
||||
pkgs.ffmpeg # voice messages need `ffmpeg`
|
||||
];
|
||||
};
|
||||
|
||||
|
||||
services.matrix-appservices.services.signal = {
|
||||
port = 29184;
|
||||
format = "mautrix-python";
|
||||
package = pkgs.mautrix-signal;
|
||||
serviceConfig = {
|
||||
StateDirectory = [ "matrix-as-signal" "signald" ];
|
||||
SupplementaryGroups = [ "signald" ];
|
||||
};
|
||||
settings.signal = {
|
||||
socket_path = config.services.signald.socketPath;
|
||||
outgoing_attachment_dir = "/var/lib/signald/tmp";
|
||||
};
|
||||
};
|
||||
}
|
Reference in New Issue
Block a user