113 lines
2.7 KiB
Nix
113 lines
2.7 KiB
Nix
|
{ flake, pkgs, ...}:{
|
||
|
|
||
|
age.secrets."matrix-hookshot-registration.yaml" = {
|
||
|
file = "${flake.self}/secrets/matrix-hookshot-registration.yaml.age";
|
||
|
mode = "400";
|
||
|
owner = "matrix-synapse";
|
||
|
};
|
||
|
|
||
|
configFile = ''
|
||
|
bot:
|
||
|
avatar: mxc://half-shot.uk/2876e89ccade4cb615e210c458e2a7a6883fe17d
|
||
|
displayname: Hookshot Bot
|
||
|
bridge:
|
||
|
bindAddress: 0.0.0.0
|
||
|
domain: test.pub.solar
|
||
|
mediaUrl: http://matrix-nginx-proxy:12080
|
||
|
port: 9993
|
||
|
url: http://matrix-nginx-proxy:12080
|
||
|
feeds:
|
||
|
enabled: true
|
||
|
pollIntervalSeconds: 600
|
||
|
pollTimeoutSeconds: 30
|
||
|
generic:
|
||
|
allowJsTransformationFunctions: true
|
||
|
enableHttpGet: false
|
||
|
enabled: true
|
||
|
urlPrefix: https://matrix.test.pub.solar/hookshot/webhooks
|
||
|
userIdPrefix: _webhooks_
|
||
|
waitForComplete: false
|
||
|
gitlab:
|
||
|
instances:
|
||
|
gitlab.com:
|
||
|
url: https://gitlab.com
|
||
|
webhook:
|
||
|
secret: ""
|
||
|
listeners:
|
||
|
- bindAddress: 0.0.0.0
|
||
|
port: 9000
|
||
|
resources:
|
||
|
- webhooks
|
||
|
- bindAddress: 0.0.0.0
|
||
|
port: 9002
|
||
|
resources:
|
||
|
- provisioning
|
||
|
- bindAddress: 0.0.0.0
|
||
|
port: 9003
|
||
|
resources:
|
||
|
- widgets
|
||
|
logging:
|
||
|
level: warn
|
||
|
metrics:
|
||
|
enabled: false
|
||
|
passFile: /data/passkey.pem
|
||
|
permissions:
|
||
|
- actor: pub.solar
|
||
|
services:
|
||
|
- level: commands
|
||
|
service: '*'
|
||
|
- actor: '@axeman:pub.solar'
|
||
|
services:
|
||
|
- level: admin
|
||
|
service: '*'
|
||
|
- actor: '@b12f:pub.solar'
|
||
|
services:
|
||
|
- level: admin
|
||
|
service: '*'
|
||
|
- actor: '@hensoko:pub.solar'
|
||
|
services:
|
||
|
- level: admin
|
||
|
service: '*'
|
||
|
- actor: '@teutat3s:pub.solar'
|
||
|
services:
|
||
|
- level: admin
|
||
|
service: '*'
|
||
|
provisioning:
|
||
|
secret: 1acb44197a5a6d52c6cff38ea07433bfbfe9a83313a6bade
|
||
|
widgets:
|
||
|
addToAdminRooms: false
|
||
|
branding:
|
||
|
widgetTitle: Hookshot Configuration
|
||
|
publicUrl: https://matrix.pub.solar/hookshot/widgetapi/v1/static
|
||
|
roomSetupWidget:
|
||
|
addOnInvite: false
|
||
|
'';
|
||
|
|
||
|
systemd.services.matrix-hookshot = {
|
||
|
description = "Matrix-Hookshot, a bridge between Matrix and multiple project management services, such as GitHub, GitLab and JIRA. ";
|
||
|
|
||
|
wantedBy = [ "multi-user.target" ];
|
||
|
wants = [ "network-online.target" ];
|
||
|
after = [ "network-online.target" ];
|
||
|
|
||
|
serviceConfig = {
|
||
|
Type = "simple";
|
||
|
Restart = "always";
|
||
|
|
||
|
ProtectSystem = "strict";
|
||
|
ProtectHome = true;
|
||
|
ProtectKernelTunables = true;
|
||
|
ProtectKernelModules = true;
|
||
|
ProtectControlGroups = true;
|
||
|
|
||
|
DynamicUser = true;
|
||
|
PrivateTmp = true;
|
||
|
UMask = "0027";
|
||
|
|
||
|
ExecStart = ''
|
||
|
${pkgs.matrix-hookshot}/bin/matrix-hookshot
|
||
|
'';
|
||
|
};
|
||
|
};
|
||
|
}
|