···
1
+
{ config, pkgs, lib, ... }:
6
+
cfg = config.services.mautrix-facebook;
7
+
settingsFormat = pkgs.formats.json {};
8
+
settingsFile = settingsFormat.generate "mautrix-facebook-config.json" cfg.settings;
10
+
puppetRegex = concatStringsSep
16
+
cfg.settings.bridge.username_template));
19
+
services.mautrix-facebook = {
20
+
enable = mkEnableOption "Mautrix-Facebook, a Matrix-Facebook hybrid puppeting/relaybot bridge";
22
+
settings = mkOption rec {
23
+
apply = recursiveUpdate default;
24
+
type = settingsFormat.type;
27
+
address = "http://localhost:8008";
31
+
address = "http://${hostname}:${toString port}";
32
+
hostname = "localhost";
35
+
database = "postgresql://";
37
+
bot_username = "facebookbot";
40
+
metrics.enabled = false;
41
+
manhole.enabled = false;
48
+
username_template = "facebook_{userid}";
53
+
formatters.journal_fmt.format = "%(name)s: %(message)s";
54
+
handlers.journal = {
55
+
class = "systemd.journal.JournalHandler";
56
+
formatter = "journal_fmt";
57
+
SYSLOG_IDENTIFIER = "mautrix-facebook";
61
+
handlers = ["journal"];
65
+
example = literalExpression ''
68
+
address = "http://localhost:8008";
69
+
domain = "mydomain.example";
72
+
bridge.permissions = {
73
+
"@admin:mydomain.example" = "admin";
74
+
"mydomain.example" = "user";
79
+
<filename>config.yaml</filename> configuration as a Nix attribute set.
80
+
Configuration options should match those described in
81
+
<link xlink:href="https://github.com/mautrix/facebook/blob/master/mautrix_facebook/example-config.yaml">
82
+
example-config.yaml</link>.
86
+
Secret tokens should be specified using <option>environmentFile</option>
87
+
instead of this world-readable attribute set.
91
+
environmentFile = mkOption {
92
+
type = types.nullOr types.path;
95
+
File containing environment variables to be passed to the mautrix-telegram service.
97
+
Any config variable can be overridden by setting <literal>MAUTRIX_FACEBOOK_SOME_KEY</literal> to override the <literal>some.key</literal> variable.
101
+
configurePostgresql = mkOption {
105
+
Enable PostgreSQL and create a user and database for mautrix-facebook. The default <literal>settings</literal> reference this database, if you disable this option you must provide a database URL.
109
+
registrationData = mkOption {
110
+
type = types.attrs;
113
+
Output data for appservice registration. Simply make any desired changes and serialize to JSON. Note that this data contains secrets so think twice before putting it into the nix store.
115
+
Currently <literal>as_token</literal> and <literal>hs_token</literal> need to be added as they are not known to this module.
121
+
config = mkIf cfg.enable {
122
+
users.users.mautrix-facebook = {
123
+
group = "mautrix-facebook";
124
+
isSystemUser = true;
127
+
services.postgresql = mkIf cfg.configurePostgresql {
128
+
ensureDatabases = ["mautrix-facebook"];
130
+
name = "mautrix-facebook";
131
+
ensurePermissions = {
132
+
"DATABASE \"mautrix-facebook\"" = "ALL PRIVILEGES";
137
+
systemd.services.mautrix-facebook = rec {
138
+
wantedBy = [ "multi-user.target" ];
140
+
"network-online.target"
141
+
] ++ optional config.services.matrix-synapse.enable "matrix-synapse.service"
142
+
++ optional cfg.configurePostgresql "postgresql.service";
147
+
Restart = "always";
149
+
User = "mautrix-facebook";
151
+
ProtectSystem = "strict";
152
+
ProtectHome = true;
153
+
ProtectKernelTunables = true;
154
+
ProtectKernelModules = true;
155
+
ProtectControlGroups = true;
158
+
EnvironmentFile = cfg.environmentFile;
161
+
${pkgs.mautrix-facebook}/bin/mautrix-facebook --config=${settingsFile}
166
+
services.mautrix-facebook = {
167
+
registrationData = {
168
+
id = "mautrix-facebook";
174
+
regex = escapeRegex "@${cfg.settings.appservice.bot_username}:${cfg.settings.homeserver.domain}";
178
+
regex = "@${puppetRegex}:${escapeRegex cfg.settings.homeserver.domain}";
184
+
url = cfg.settings.appservice.address;
185
+
sender_localpart = "mautrix-facebook-sender";
187
+
rate_limited = false;
188
+
"de.sorunome.msc2409.push_ephemeral" = true;
189
+
push_ephemeral = true;
194
+
meta.maintainers = with maintainers; [ kevincox ];
pyrox.dev