diff options
Diffstat (limited to 'system/services/matrix')
-rw-r--r-- | system/services/matrix/bridges/mautrix-whatsapp.nix | 149 | ||||
-rw-r--r-- | system/services/matrix/default.nix | 35 |
2 files changed, 184 insertions, 0 deletions
diff --git a/system/services/matrix/bridges/mautrix-whatsapp.nix b/system/services/matrix/bridges/mautrix-whatsapp.nix new file mode 100644 index 0000000..1c68af9 --- /dev/null +++ b/system/services/matrix/bridges/mautrix-whatsapp.nix @@ -0,0 +1,149 @@ +# TAKEN FROM: https://raw.githubusercontent.com/Vskilet/nixpkgs/mautrix-whatsapp2/nixos/modules/services/matrix/mautrix-whatsapp.nix +{ + lib, + config, + pkgs, + ... +}: +with lib; let + cfg = config.services.mautrix-whatsapp; + dataDir = "/var/lib/mautrix-whatsapp"; + settingsFormat = pkgs.formats.json {}; + + registrationFile = "${dataDir}/whatsapp-registration.yaml"; + settingsFile = settingsFormat.generate "config.json" cfg.settings; + + startupScript = '' + ${pkgs.yq}/bin/yq -s '.[0].appservice.as_token = .[1].as_token + | .[0].appservice.hs_token = .[1].hs_token + | .[0]' ${settingsFile} ${registrationFile} \ + > ${dataDir}/config.yml + + ${pkgs.mautrix-whatsapp}/bin/mautrix-whatsapp \ + --config='${dataDir}/config.yml' \ + --registration='${registrationFile}' + ''; +in { + options.services.mautrix-whatsapp = { + enable = mkEnableOption "Mautrix-whatsapp, a puppeting bridge between Matrix and WhatsApp."; + + settings = mkOption rec { + apply = recursiveUpdate default; + inherit (settingsFormat) type; + + description = lib.mdDoc '' + {file}`config.yaml` configuration as a Nix attribute set. + Configuration options should match those described in + [example-config.yaml](https://github.com/mautrix/whatsapp/blob/master/example-config.yaml). + ''; + default = { + homeserver = { + domain = config.services.matrix-synapse.settings.server_name; + }; + appservice = { + address = "http://localhost:29318"; + hostname = "0.0.0.0"; + port = 29318; + database = { + type = "sqlite3"; + uri = "${dataDir}/mautrix-whatsapp.db"; + }; + id = "whatsapp"; + bot = { + username = "whatsappbot"; + displayname = "WhatsApp Bot"; + }; + as_token = ""; + hs_token = ""; + }; + bridge = { + username_template = "whatsapp_{{.}}"; + displayname_template = "{{if .Notify}}{{.Notify}}{{else}}{{.Jid}}{{end}}"; + command_prefix = "!wa"; + permissions."*" = "relay"; + }; + relay = { + enabled = true; + management = "!whatsappbot:${toString config.services.matrix-synapse.settings.server_name}"; + }; + logging = { + directory = "${dataDir}/logs"; + file_name_format = "{{.Date}}-{{.Index}}.log"; + file_date_format = "2006-01-02"; + file_mode = 0384; + timestamp_format = "Jan _2, 2006 15:04:05"; + print_level = "info"; + }; + }; + example = { + settings = { + homeserver.address = "https://matrix.myhomeserver.org"; + bridge.permissions = { + "@admin:myhomeserver.org" = "admin"; + }; + }; + }; + }; + + serviceDependencies = mkOption { + type = with types; listOf str; + default = optional config.services.matrix-synapse.enable "matrix-synapse.service"; + defaultText = literalExpression '' + optional config.services.matrix-synapse.enable "matrix-synapse.service" + ''; + description = lib.mdDoc '' + List of Systemd services to require and wait for when starting the application service. + ''; + }; + }; + + config = mkIf cfg.enable { + systemd.services.mautrix-whatsapp = { + description = "Mautrix-WhatsApp Service - A WhatsApp bridge for Matrix"; + + wantedBy = ["multi-user.target"]; + wants = ["network-online.target"] ++ cfg.serviceDependencies; + after = ["network-online.target"] ++ cfg.serviceDependencies; + + preStart = '' + # generate the appservice's registration file if absent + if [ ! -f '${registrationFile}' ]; then + ${pkgs.mautrix-whatsapp}/bin/mautrix-whatsapp \ + --generate-registration \ + --config='${settingsFile}' \ + --registration='${registrationFile}' + fi + chmod 640 ${registrationFile} + ''; + + script = startupScript; + + serviceConfig = { + Type = "simple"; + #DynamicUser = true; + PrivateTmp = true; + StateDirectory = baseNameOf dataDir; + WorkingDirectory = "${dataDir}"; + + ProtectSystem = "strict"; + ProtectHome = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectControlGroups = true; + User = "mautrix-whatsapp"; + Group = "matrix-synapse"; + SupplementaryGroups = "matrix-synapse"; + UMask = 0027; + Restart = "always"; + }; + }; + + users.groups.mautrix-whatsapp = {}; + users.users.mautrix-whatsapp = { + isSystemUser = true; + group = "mautrix-whatsapp"; + home = dataDir; + }; + services.matrix-synapse.settings.app_service_config_files = ["${registrationFile}"]; + }; +} diff --git a/system/services/matrix/default.nix b/system/services/matrix/default.nix index 62345a7..ed3b567 100644 --- a/system/services/matrix/default.nix +++ b/system/services/matrix/default.nix @@ -12,15 +12,27 @@ return 200 '${builtins.toJSON data}'; ''; in { + imports = [ + ./bridges/mautrix-whatsapp.nix + ]; + networking.firewall.allowedTCPPorts = [80 443]; services.postgresql.enable = true; services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" '' + --Matrix: CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" TEMPLATE template0 LC_COLLATE = "C" LC_CTYPE = "C"; + + --Whatsapp-bridge: + CREATE ROLE "mautrix-whatsapp" WITH LOGIN PASSWORD 'whatsapp'; + CREATE DATABASE "mautrix-whatsapp" WITH OWNER "mautrix-whatsapp" + TEMPLATE template0 + LC_COLLATE = "C" + LC_CTYPE = "C"; ''; services.nginx = { @@ -52,6 +64,29 @@ in { }; }; + services.mautrix-whatsapp = { + enable = true; + settings = { + appservice = { + database = { + type = "postgres"; + uri = "postgres:///mautrix-whatsapp?host=/run/postgresql"; + }; + whatsapp = { + # TODO: See https://github.com/tulir/whatsmeow/blob/efc632c008604016ddde63bfcfca8de4e5304da9/binary/proto/def.proto#L43-L64 for a list. + # This also determints the whatsapp icon + browser_name = "unknown"; + }; + }; + homeserver.address = "https://matrix.vhack.eu"; + bridge.permissions = { + "@soispha:vhack.eu" = "admin"; + "@sils:vhack.eu" = "admin"; + "@nightingale:vhack.eu" = "admin"; + }; + }; + }; + services.matrix-synapse = { enable = true; dataDir = "/var/lib/matrix"; |