WIP: Add matrix-hookshot

This commit is contained in:
Akshay Mankar 2023-10-29 13:45:51 +01:00 committed by teutat3s
parent 0e83deff1b
commit f56fd8dccc
Signed by untrusted user: teutat3s
GPG key ID: 4FA1D3FA524F22C1
3 changed files with 113 additions and 0 deletions

View file

@ -0,0 +1,112 @@
{ flake, pkgs, ...}:{
age.secrets."matrix-hookshot-registration.yaml" = {
file = "${flake.self}/secrets/matrix-hookshot-registration.yaml.age";
mode = "400";
owner = "matrix-synapse";
};
configFile = ''
bot:
avatar: mxc://half-shot.uk/2876e89ccade4cb615e210c458e2a7a6883fe17d
displayname: Hookshot Bot
bridge:
bindAddress: 0.0.0.0
domain: test.pub.solar
mediaUrl: http://matrix-nginx-proxy:12080
port: 9993
url: http://matrix-nginx-proxy:12080
feeds:
enabled: true
pollIntervalSeconds: 600
pollTimeoutSeconds: 30
generic:
allowJsTransformationFunctions: true
enableHttpGet: false
enabled: true
urlPrefix: https://matrix.test.pub.solar/hookshot/webhooks
userIdPrefix: _webhooks_
waitForComplete: false
gitlab:
instances:
gitlab.com:
url: https://gitlab.com
webhook:
secret: ""
listeners:
- bindAddress: 0.0.0.0
port: 9000
resources:
- webhooks
- bindAddress: 0.0.0.0
port: 9002
resources:
- provisioning
- bindAddress: 0.0.0.0
port: 9003
resources:
- widgets
logging:
level: warn
metrics:
enabled: false
passFile: /data/passkey.pem
permissions:
- actor: pub.solar
services:
- level: commands
service: '*'
- actor: '@axeman:pub.solar'
services:
- level: admin
service: '*'
- actor: '@b12f:pub.solar'
services:
- level: admin
service: '*'
- actor: '@hensoko:pub.solar'
services:
- level: admin
service: '*'
- actor: '@teutat3s:pub.solar'
services:
- level: admin
service: '*'
provisioning:
secret: 1acb44197a5a6d52c6cff38ea07433bfbfe9a83313a6bade
widgets:
addToAdminRooms: false
branding:
widgetTitle: Hookshot Configuration
publicUrl: https://matrix.pub.solar/hookshot/widgetapi/v1/static
roomSetupWidget:
addOnInvite: false
'';
systemd.services.matrix-hookshot = {
description = "Matrix-Hookshot, a bridge between Matrix and multiple project management services, such as GitHub, GitLab and JIRA. ";
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
serviceConfig = {
Type = "simple";
Restart = "always";
ProtectSystem = "strict";
ProtectHome = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
DynamicUser = true;
PrivateTmp = true;
UMask = "0027";
ExecStart = ''
${pkgs.matrix-hookshot}/bin/matrix-hookshot
'';
};
};
}

Binary file not shown.

View file

@ -44,6 +44,7 @@ in {
"matrix-mautrix-telegram-env-file.age".publicKeys = nachtigallKeys ++ baseKeys; "matrix-mautrix-telegram-env-file.age".publicKeys = nachtigallKeys ++ baseKeys;
"matrix-synapse-signing-key.age".publicKeys = nachtigallKeys ++ baseKeys; "matrix-synapse-signing-key.age".publicKeys = nachtigallKeys ++ baseKeys;
"matrix-synapse-secret-config.yaml.age".publicKeys = nachtigallKeys ++ baseKeys; "matrix-synapse-secret-config.yaml.age".publicKeys = nachtigallKeys ++ baseKeys;
"matrix-hookshot-registration.yaml.age".publicKeys = nachtigallKeys ++ baseKeys;
"nextcloud-secrets.age".publicKeys = nachtigallKeys ++ baseKeys; "nextcloud-secrets.age".publicKeys = nachtigallKeys ++ baseKeys;
"nextcloud-admin-pass.age".publicKeys = nachtigallKeys ++ baseKeys; "nextcloud-admin-pass.age".publicKeys = nachtigallKeys ++ baseKeys;