1
0
Fork 0
dotfiles/system/nixos/matrix/mautrix-signal.nix
Daniel Kempkens 650be0e27e
All checks were successful
Update Flake / update-flake (push) Successful in 3m20s
Build / build-arm64-linux (push) Successful in 12m23s
Build / build-amd64-linux (push) Successful in 28s
chore: use lib.getExe in more places
2023-12-14 00:29:09 +01:00

39 lines
1.3 KiB
Nix

{ pkgs, config, lib, ... }:
{
services.signald.enable = true;
systemd.services.signald.serviceConfig.EnvironmentFile = [
config.age.secrets.signald-environment.path
];
systemd.services.mautrix-signal = {
description = "A Matrix-Signal puppeting bridge";
wantedBy = [ "multi-user.target" ];
requires = [ "matrix-synapse.service" "signald.service" ];
after = [ "matrix-synapse.service" "signald.service" ];
restartTriggers = [ "${config.age.secrets.mautrix-signal-config.file}" ];
serviceConfig = {
User = config.services.signald.user;
Group = config.services.signald.group;
LoadCredential = [ "config:${config.age.secrets.mautrix-signal-config.path}" ];
ExecStart = "${lib.getExe pkgs.mautrix-signal} --config=%d/config --no-update";
Restart = "on-failure";
RestartSec = "5s";
StateDirectory = "mautrix-signal";
RuntimeDirectory = "mautrix-signal";
StateDirectoryMode = "0750";
RuntimeDirectoryMode = "0750";
ProtectHome = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
PrivateTmp = true;
};
};
services.matrix-synapse.settings.app_service_config_files = [
"/var/lib/matrix-synapse/bridges/registration-signal.yaml"
];
}