{ config, lib, pkgs, ... }: { options.zpha.configure.matrixBridges.enable = lib.mkEnableOption ""; config = lib.mkIf config.zpha.configure.matrixBridges.enable { assertions = [ { assertion = config.zpha.websites."continuwuity.zaphyra.eu".enable; message = "The option 'zpha.websites.\"continuwuity.zaphyra.eu\"' must be enabled in order to use this module."; } ]; sops.secrets = { "environments/mautrixBridges/signal" = { }; "environments/mautrixBridges/telegram" = { }; "environments/mautrixBridges/whatsapp" = { }; }; common.configure.persist.system.dirs = [ "/var/lib/private/mautrix-signal" "/var/lib/private/mautrix-telegram" "/var/lib/private/mautrix-whatsapp" ]; common.services.mautrixBridge = let commonSettings = rec { database.type = "sqlite3-fk-wal"; homeserver.address = "http://[::1]:6167"; homeserver.domain = "zaphyra.eu"; encryption.allow = true; encryption.default = true; encryption.pickle_key = "$MAUTRIX_PICKLE_KEY"; relay.enabled = false; backfill.enabled = true; double_puppet.secrets."${homeserver.domain}" = "as_token:$MAUTRIX_DOUBLE_PUPPET_SHARED_SECRET"; bridge = { personal_filtering_spaces = true; permissions."${homeserver.domain}" = "admin"; cleanup_on_logout = { enabled = true; } // (lib.genAttrs [ "manual" "bad_credentials" ] (_name: { shared_has_users = "delete"; shared_no_users = "delete"; relayed = "delete"; private = "delete"; })); }; }; in { signal = { enable = true; package = pkgs.mautrix-signal.override { withGoolm = true; }; environmentFile = config.sops.secrets."environments/mautrixBridges/signal".path; serviceDependencies = [ "continuwuity.service" ]; settings = lib.recursiveUpdate commonSettings { database.uri = "file:/var/lib/mautrix-signal/mautrix-signal.db?_txlock=immediate"; network = { device_name = "Mautix-Signal (on zaphyra.eu)"; displayname_template = "{{or .ProfileName .PhoneNumber \"Unknown user\"}} (Signal)"; }; appservice = { id = "signal"; address = "http://[::1]:29328/"; hostname = "[::1]"; port = 29328; as_token = "$MAUTRIX_AS_TOKEN"; hs_token = "$MAUTRIX_HS_TOKEN"; }; }; }; telegram = { enable = true; package = pkgs.zpha.mautrix-telegram; environmentFile = config.sops.secrets."environments/mautrixBridges/telegram".path; serviceDependencies = [ "continuwuity.service" ]; settings = lib.recursiveUpdate commonSettings { database.uri = "file:/var/lib/mautrix-telegram/mautrix-telegram.db?_txlock=immediate"; backfill.max_initial_messages = 400; appservice = { id = "telegram"; address = "http://[::1]:29317/"; hostname = "[::1]"; port = 29317; as_token = "$MAUTRIX_AS_TOKEN"; hs_token = "$MAUTRIX_HS_TOKEN"; }; network = { device_info.device_model = "Mautix-TelegramGO (on zaphyra.eu)"; api_id = "$TELEGRAM_API_ID"; api_hash = "$TELEGRAM_API_HASH"; }; }; }; whatsapp = { enable = true; package = pkgs.mautrix-whatsapp.override { withGoolm = true; }; environmentFile = config.sops.secrets."environments/mautrixBridges/whatsapp".path; serviceDependencies = [ "continuwuity.service" ]; settings = lib.recursiveUpdate commonSettings { database.uri = "file:/var/lib/mautrix-whatsapp/mautrix-whatsapp.db?_txlock=immediate"; backfill.max_initial_messages = 100; appservice = { id = "whatsapp"; address = "http://[::1]:29318/"; hostname = "[::1]"; port = 29318; as_token = "$MAUTRIX_AS_TOKEN"; hs_token = "$MAUTRIX_HS_TOKEN"; }; network = { displayname_template = "{{or .BusinessName .PushName .Phone}} (WA)"; os_name = "Mautrix-WhatsApp (on zaphyra.eu)"; identity_change_notices = true; url_previews = true; history_sync = { request_full_sync = true; full_sync_config = { days_limit = 1000; size_mb_limit = 1024; storage_quota_mb = 1024; }; }; }; }; }; }; }; }