{ povSelf, pkgs, lib, config, hostConfig, ... }: let inherit (lib) types; cfg = lib.getAttrFromPath povSelf config; in { options.enable = { type = types.bool; default = false; }; config = lib.mkIf cfg.enable { assertions = [ { assertion = config.modules.websites."grapevine.zaphyra.eu".enable == true; message = "The option 'modules.websites.\"grapevine.zaphyra.eu\"' must be enabled in order to use this module."; } ]; sops.secrets."environments/mautrixBridges/signal" = { }; modules.services.mautrixBridge.signal = { enable = true; package = pkgs.mautrix-signal.override { withGoolm = true; }; environmentFile = config.sops.secrets."environments/mautrixBridges/signal".path; serviceDependencies = [ "grapevine.service" ]; settings = rec { network.device_name = "Mautix-Signal (on ${homeserver.domain})"; network.displayname_template = "{{or .ProfileName .PhoneNumber \"Unknown user\"}} (Signal)"; homeserver.address = "http://[::1]:6167"; homeserver.domain = "zaphyra.eu"; database.type = "sqlite3-fk-wal"; database.uri = "file:/var/lib/mautrix-signal/mautrix-signal.db?_txlock=immediate"; encryption.allow = true; encryption.default = true; encryption.pickle_key = "$MAUTRIX_PICKLE_KEY"; relay.enabled = false; backfill.enabled = true; # double_puppet.secrets."${homeserver.domain}" = "as_token:$MAUTRIX_DOUBLE_PUPPET_SHARED_SECRET"; appservice = { id = "signal"; address = "http://[::1]:29328/"; hostname = "[::1]"; port = 29328; as_token = "$MAUTRIX_AS_TOKEN"; hs_token = "$MAUTRIX_HS_TOKEN"; }; bridge = { personal_filtering_spaces = true; permissions."${homeserver.domain}" = "admin"; cleanup_on_logout = { enabled = true; } // (lib.genAttrs [ "manual" "bad_credentials" ] (name: { shared_has_users = "delete"; shared_no_users = "delete"; relayed = "delete"; private = "delete"; })); }; }; }; }; }