42 lines
1.2 KiB
Nix
42 lines
1.2 KiB
Nix
{ pkgs, config, lib, ... }:
|
|
|
|
{
|
|
# Re-use old signald user and group
|
|
users.users.signald = {
|
|
group = "signald";
|
|
isSystemUser = true;
|
|
};
|
|
|
|
users.groups.signald = { };
|
|
|
|
systemd.services.mautrix-signal = {
|
|
description = "A Matrix-Signal puppeting bridge";
|
|
wantedBy = [ "multi-user.target" ];
|
|
requires = [ "matrix-synapse.service" ];
|
|
after = [ "matrix-synapse.service" ];
|
|
restartTriggers = [ "${config.age.secrets.mautrix-signal-config.file}" ];
|
|
serviceConfig = {
|
|
User = "signald";
|
|
Group = "signald";
|
|
LoadCredential = [ "config:${config.age.secrets.mautrix-signal-config.path}" ];
|
|
ExecStart = "${lib.getExe pkgs.mautrix-signal} --config=%d/config --no-update";
|
|
Restart = "on-failure";
|
|
RestartSec = "5s";
|
|
|
|
StateDirectory = "mautrix-signal";
|
|
RuntimeDirectory = "mautrix-signal";
|
|
StateDirectoryMode = "0750";
|
|
RuntimeDirectoryMode = "0750";
|
|
|
|
ProtectHome = true;
|
|
ProtectKernelTunables = true;
|
|
ProtectKernelModules = true;
|
|
ProtectControlGroups = true;
|
|
PrivateTmp = true;
|
|
};
|
|
};
|
|
|
|
services.matrix-synapse.settings.app_service_config_files = [
|
|
"/var/lib/matrix-synapse/bridges/registration-signal.yaml"
|
|
];
|
|
}
|