Use postgresql as database for Matrix bridges

2023-06-12 16:54:44 +02:00
parent 27f170070c
commit 13a91c8948
6 changed files with 29 additions and 9 deletions
--- a/configuration.nix
+++ b/configuration.nix
@@ -162,6 +162,16 @@ with pkgs;
      owner = "coolneng";
      group = "podman";
    };
    secrets.facebook = {
      file = secrets/facebook.age;
      owner = "matrix-as-facebook";
      group = "matrix-as-facebook";
    };
    secrets.signal = {
      file = secrets/signal.age;
      owner = "matrix-as-signal";
      group = "matrix-as-signal";
    };
    identityPaths = [ "/etc/ssh/id_ed25519" ];
  };
--- a/modules/communication.nix
+++ b/modules/communication.nix
@@ -26,14 +26,7 @@ in {
        dns_cache.enabled = true;
      };
      # HACK Inherit postgres connection string for the rest of the DBs
-      app_service_api = {
+      app_service_api = { inherit database; };
        inherit database;
        config_files = [
          "/var/lib/matrix-as-facebook/facebook-registration.yaml"
          "/var/lib/matrix-as-signal/signal-registration.yaml"
          "/var/lib/matrix-as-telegram/telegram-registration.yaml"
        ];
      };
      media_api = { inherit database; };
      room_server = { inherit database; };
      push_server = { inherit database; };
@@ -71,6 +64,7 @@ in {
        package = mautrix-telegram;
        serviceConfig.EnvironmentFile = config.age.secrets.telegram.path;
        settings = {
          appservice.database = "$DB_STRING";
          homeserver.software = "standard";
          telegram = {
            api_id = "$API_ID";
@@ -86,18 +80,24 @@ in {
        port = 8228;
        format = "mautrix-python";
        package = mautrix-facebook;
-        settings.homeserver.software = "standard";
+        serviceConfig.EnvironmentFile = config.age.secrets.facebook.path;
        settings = {
          appservice.database = "$DB_STRING";
          homeserver.software = "standard";
        };
      };
      signal = {
        port = 8338;
        format = "mautrix-python";
        package = mautrix-signal;
        serviceConfig = {
          EnvironmentFile = config.age.secrets.signal.path;
          StateDirectory = [ "matrix-as-signal" "signald" ];
          JoinNamespaceOf = "signald.service";
          SupplementaryGroups = [ "signald" ];
        };
        settings = {
          appservice.database = "$DB_STRING";
          homeserver.software = "standard";
          signal = {
            socket_path = config.services.signald.socketPath;
--- a/secrets/facebook.age
+++ b/secrets/facebook.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -15,4 +15,6 @@ in {
  "mqtt-sender.age".publicKeys = [ zion ];
  "mqtt-receiver.age".publicKeys = [ zion ];
  "nightscout.age".publicKeys = [ zion ];
  "facebook.age".publicKeys = [ zion ];
  "signal.age".publicKeys = [ zion ];
 }
--- a/secrets/signal.age
+++ b/secrets/signal.age
@@ -0,0 +1,8 @@
 age-encryption.org/v1
 -> ssh-ed25519 iUaRGg J/gZDBtDsIzjCzO1y2vXgxl8YuvWJgcpk+8KMOp63kg
 1XF9JFAIscHWFJMTctZOxVIBYhYliUFays5gwjZt6hs
 -> vM4\2y\'-grease
 bj9VKIuH0l1v5X8N2v4p+u3VySDKjj3WAyVZ7f+wmy16wncrNyMtiUZ+ELBWfqXd
 XOyeGZoKBHwd8lOgkZ+va0BEkBJs9piX
 --- K2uN9JxuqPQpAxjQ+6dgsqhsq50nTkLsw8QGJprE5hQ
 H<EFBFBD><EFBFBD><EFBFBD>S<>:<3A>eJ4}'<27><><EFBFBD>T<EFBFBD><54>˦<0B><>[<5B>'<27>M<EFBFBD><4D><EFBFBD>9<><07><>E6_<36><12><><EFBFBD><1D><><EFBFBD>_<EFBFBD><5F><EFBFBD><EFBFBD>yPM8''<27>'<15>F<><46><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Rڡ"<22>ݏ<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD>;<3B><>4<EFBFBD>J/>k<1C>5<EFBFBD><<15><>:<3A>M<EFBFBD>lK$<24>ӟq<D39F>S<EFBFBD><53><EFBFBD><EFBFBD>#<23>Ō<04>j<EFBFBD>X)<29><>v<EFBFBD><76><EFBFBD><EFBFBD>Ou<4F><75>J<>P<EFBFBD><12><>~
--- a/secrets/telegram.age
+++ b/secrets/telegram.age