Format with nixfmt
Change-Id: If9839d2c3308538ac8f3e166b69675d3b40bd7d9
diff --git a/modules/matrix.nix b/modules/matrix.nix
index 7441390..2d41da9 100644
--- a/modules/matrix.nix
+++ b/modules/matrix.nix
@@ -1,13 +1,11 @@
{ base, config, lib, pkgs, ... }:
-lib.recursiveUpdate
-{
+lib.recursiveUpdate {
services.matrix-synapse = {
enable = true;
withJemalloc = true;
- plugins = with config.services.matrix-synapse.package.plugins; [
- matrix-synapse-mjolnir-antispam
- ];
+ plugins = with config.services.matrix-synapse.package.plugins;
+ [ matrix-synapse-mjolnir-antispam ];
settings = rec {
server_name = "coded.codes";
@@ -23,10 +21,7 @@
x_forwarded = true;
tls = false;
resources = [{
- names = [
- "client"
- "federation"
- ];
+ names = [ "client" "federation" ];
compress = true;
}];
port = 4527;
@@ -36,9 +31,10 @@
turn_uris = [
/* "turn:turn.coded.codes:3478?transport=udp"
- "turn:turn.coded.codes:3478?transport=tcp"
- "turns:turn.coded.codes:5349?transport=udp"
- "turns:turn.coded.codes:5349?transport=tcp" */
+ "turn:turn.coded.codes:3478?transport=tcp"
+ "turns:turn.coded.codes:5349?transport=udp"
+ "turns:turn.coded.codes:5349?transport=tcp"
+ */
]; # Please use matrix.org turn
# turn_shared_secret = "!!turn_shared_secret!!";
@@ -62,10 +58,7 @@
handlers = [ "console" ];
};
"disable_existing_loggers" = false;
- } [
- builtins.toJSON
- (builtins.toFile "logcfg.yaml")
- ];
+ } [ builtins.toJSON (builtins.toFile "logcfg.yaml") ];
};
};
@@ -77,7 +70,8 @@
settings = {
autojoinOnlyIfManager = true;
- automaticallyRedactForReasons = [ "nsfw" "gore" "spam" "harassment" "hate" ];
+ automaticallyRedactForReasons =
+ [ "nsfw" "gore" "spam" "harassment" "hate" ];
recordIgnoredInvites = true;
admin.enableMakeRoomAdminCommand = true;
allowNoPrefix = true;
@@ -148,91 +142,67 @@
format = "json";
};
};
-}
- (
- let
- isDerived = base != null;
- in
- if isDerived
- # We cannot use mkIf as both sides are evaluated no matter the condition value
- # Given we use base as an attrset, mkIf will error if base is null in here
- then
+} (let isDerived = base != null;
+in if isDerived
+# We cannot use mkIf as both sides are evaluated no matter the condition value
+# Given we use base as an attrset, mkIf will error if base is null in here
+then
+ let synapse_cfgfile = config.services.matrix-synapse.configFile;
+ in {
+ scalpel.trafos."synapse.yaml" = {
+ source = toString synapse_cfgfile;
+ matchers."registration_shared_secret".secret =
+ config.sops.secrets.registration_shared_secret.path;
+ # matchers."turn_shared_secret".secret =
+ # config.sops.secrets.turn_shared_secret.path;
+ owner = config.users.users.matrix-synapse.name;
+ group = config.users.users.matrix-synapse.group;
+ mode = "0400";
+ };
+
+ systemd.services.matrix-synapse.serviceConfig.ExecStart = lib.mkForce
+ (builtins.replaceStrings [ "${synapse_cfgfile}" ]
+ [ "${config.scalpel.trafos."synapse.yaml".destination}" ]
+ "${base.config.systemd.services.matrix-synapse.serviceConfig.ExecStart}");
+
+ systemd.services.matrix-synapse.preStart = lib.mkForce
+ (builtins.replaceStrings [ "${synapse_cfgfile}" ]
+ [ "${config.scalpel.trafos."synapse.yaml".destination}" ]
+ "${base.config.systemd.services.matrix-synapse.preStart}");
+
+ systemd.services.matrix-synapse.restartTriggers = [ synapse_cfgfile ];
+
+ environment.systemPackages = with lib;
let
- synapse_cfgfile = config.services.matrix-synapse.configFile;
- in
- {
- scalpel.trafos."synapse.yaml" = {
- source = toString synapse_cfgfile;
- matchers."registration_shared_secret".secret =
- config.sops.secrets.registration_shared_secret.path;
- # matchers."turn_shared_secret".secret =
- # config.sops.secrets.turn_shared_secret.path;
- owner = config.users.users.matrix-synapse.name;
- group = config.users.users.matrix-synapse.group;
- mode = "0400";
- };
+ cfg = config.services.matrix-synapse;
+ registerNewMatrixUser = let
+ isIpv6 = x: lib.length (lib.splitString ":" x) > 1;
+ listener = lib.findFirst (listener:
+ lib.any (resource: lib.any (name: name == "client") resource.names)
+ listener.resources) (lib.last cfg.settings.listeners)
+ cfg.settings.listeners;
+ # FIXME: Handle cases with missing client listener properly,
+ # don't rely on lib.last, this will not work.
- systemd.services.matrix-synapse.serviceConfig.ExecStart = lib.mkForce (
- builtins.replaceStrings
- [ "${synapse_cfgfile}" ]
- [ "${config.scalpel.trafos."synapse.yaml".destination}" ]
- "${base.config.systemd.services.matrix-synapse.serviceConfig.ExecStart}"
- );
-
- systemd.services.matrix-synapse.preStart = lib.mkForce (
- builtins.replaceStrings
- [ "${synapse_cfgfile}" ]
- [ "${config.scalpel.trafos."synapse.yaml".destination}" ]
- "${base.config.systemd.services.matrix-synapse.preStart}"
- );
-
- systemd.services.matrix-synapse.restartTriggers = [ synapse_cfgfile ];
-
- environment.systemPackages =
- with lib; let
- cfg = config.services.matrix-synapse;
- registerNewMatrixUser =
- let
- isIpv6 = x: lib.length (lib.splitString ":" x) > 1;
- listener =
- lib.findFirst
- (
- listener: lib.any
- (
- resource: lib.any
- (
- name: name == "client"
- )
- resource.names
- )
- listener.resources
- )
- (lib.last cfg.settings.listeners)
- cfg.settings.listeners;
- # FIXME: Handle cases with missing client listener properly,
- # don't rely on lib.last, this will not work.
-
- # add a tail, so that without any bind_addresses we still have a useable address
- bindAddress = head (listener.bind_addresses ++ [ "127.0.0.1" ]);
- listenerProtocol =
- if listener.tls
- then "https"
- else "http";
- in
- pkgs.writeShellScriptBin "matrix-synapse-register_new_matrix_user" ''
- exec ${cfg.package}/bin/register_new_matrix_user \
- $@ \
- ${lib.concatMapStringsSep " " (x: "-c ${x}") ([
- config.scalpel.trafos."synapse.yaml".destination ] ++ cfg.extraConfigFiles)} \
- "${listenerProtocol}://${
- if (isIpv6 bindAddress) then
- "[${bindAddress}]"
- else
- "${bindAddress}"
- }:${builtins.toString listener.port}/"
- '';
- in
- [ (lib.meta.hiPrio registerNewMatrixUser) ];
- }
- else { }
- )
+ # add a tail, so that without any bind_addresses we still have a useable address
+ bindAddress = head (listener.bind_addresses ++ [ "127.0.0.1" ]);
+ listenerProtocol = if listener.tls then "https" else "http";
+ in pkgs.writeShellScriptBin "matrix-synapse-register_new_matrix_user" ''
+ exec ${cfg.package}/bin/register_new_matrix_user \
+ $@ \
+ ${
+ lib.concatMapStringsSep " " (x: "-c ${x}")
+ ([ config.scalpel.trafos."synapse.yaml".destination ]
+ ++ cfg.extraConfigFiles)
+ } \
+ "${listenerProtocol}://${
+ if (isIpv6 bindAddress) then
+ "[${bindAddress}]"
+ else
+ "${bindAddress}"
+ }:${builtins.toString listener.port}/"
+ '';
+ in [ (lib.meta.hiPrio registerNewMatrixUser) ];
+ }
+else
+ { })