dan/ops-jrz1
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Fix mautrix-slack configuration and Matrix integration

Browse source 
- Add bridge.permissions for clarun.xyz to fix crash loop
- Configure Matrix homeserver to load appservice registration
- Update workspace from delpadtech to chochacho
- Remove duplicate matrix-homeserver service config
- Fix sops secret permissions for DynamicUser services
This commit is contained in:
Dan 2025-10-25 17:36:07 -07:00
parent c4a00356fc
commit d6e0df31ae
2 changed files with 22 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
hosts/ops-jrz1.nix
View file

@ -27,9 +27,9 @@
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets.matrix-registration-token = { sops.secrets.matrix-registration-token = {
owner = "continuwuity"; # Used by dev-services.nix matrix-continuwuity via systemd LoadCredential
group = "continuwuity"; # Root ownership is correct for DynamicUser services
mode = "0440"; mode = "0400";
}; };
sops.secrets.acme-email = { sops.secrets.acme-email = {
@ -38,13 +38,15 @@
}; };
# Matrix homeserver configuration # Matrix homeserver configuration
services.matrix-homeserver = { # NOTE: Disabled in favor of dev-platform.matrix which provides integrated
enable = true; # bridge coordination and systemd credential-based secrets management
domain = "clarun.xyz"; # services.matrix-homeserver = {
port = 8008; # enable = true;
enableRegistration = true; # domain = "clarun.xyz";
enableFederation = false; # port = 8008;
}; # enableRegistration = true;
# enableFederation = false;
# };
# Development platform services (Matrix, Forgejo, bridges) # Development platform services (Matrix, Forgejo, bridges)
services.dev-platform = { services.dev-platform = {
@ -65,7 +67,7 @@
slackBridge = { slackBridge = {
enable = true; enable = true;
workspace = "delpadtech"; workspace = "chochacho";
port = 29319; port = 29319;
}; };
}; };

9
modules/dev-services.nix
View file

@ -118,6 +118,11 @@ in
database_path = "/var/lib/matrix-continuwuity/db/" database_path = "/var/lib/matrix-continuwuity/db/"
log = "info" log = "info"
admin_room_tag = "m.server_notice" admin_room_tag = "m.server_notice"
${optionalString cfg.slackBridge.enable ''
[[appservices]]
registration = "/var/lib/matrix-appservices/mautrix_slack_registration.yaml"
''}
EOF EOF
''; '';
@ -215,6 +220,10 @@ in
type = "postgres"; type = "postgres";
uri = "postgresql:///mautrix_slack?host=/run/postgresql"; uri = "postgresql:///mautrix_slack?host=/run/postgresql";
}; };
bridge.permissions = {
"${cfg.matrix.serverName}" = "user";
};
}; };
# Basic Nginx reverse proxy # Basic Nginx reverse proxy