athens/services/matrix-sliding-sync.nix

{ config, lib, pkgs, options, ... }:
with lib;
let
  cfg = config.services.matrix-syncv3;
in
{
  options = {
    services.matrix-syncv3 = {
      enable = mkEnableOption "SyncV3 for matrix";
      package = mkPackageOption pkgs "matrix-sliding-sync" { };

      port = mkOption {
        type = types.int;
        default = 8088;
        description = ''
          The port to listen on.
        '';
      };

      environmentFile = mkOption {
        type = types.nullOr types.path;
        default = null;
        description = ''
          Must contain the `SYNCV3_SECRET` environment variable. 
          Generated with ``openssl rand -hex 32``.
        '';
      };
    };
  };

  config = mkIf cfg.enable {
    services = {
      postgresql = {
        ensureDatabases = [ "matrix-syncv3" ];
        ensureUsers = [{
          name = "matrix-syncv3";
          ensurePermissions."DATABASE \"matrix-syncv3\"" = "ALL PRIVILEGES";
        }];
      };
    };

    systemd.services.matrix-syncv3 = {
      after = [ "matrix-synapse.service" "postgresql.service" ];
      wantedBy = [ "multi-user.target" ];
      serviceConfig = {
        DynamicUser = true;
        StateDirectory = "matrix-syncv3";
        WorkingDirectory = "/var/lib/matrix-syncv3";
        Environment = [
          "SYNCV3_SERVER=https://matrix.walkah.chat"
          "SYNCV3_DB=postgresql:///matrix-syncv3?host=/run/postgresql"
          "SYNCV3_BINDADDR=0.0.0.0:${toString cfg.port}"
        ];
      };
      script = ''
        path=/var/lib/matrix-syncv3/secret
        [ -f $path ] || ${pkgs.openssl}/bin/openssl rand -hex 32 > $path
        export SYNCV3_SECRET=$(cat $path)
        exec ${cfg.package}/bin/syncv3
      '';
    };
  };
}
✨ add matrix-sliding-sync Close #17 2023-07-09 19:58:59 -04:00			`{ config, lib, pkgs, options, ... }:`
			`with lib;`
			`let`
			`cfg = config.services.matrix-syncv3;`
			`in`
			`{`
			`options = {`
			`services.matrix-syncv3 = {`
			`enable = mkEnableOption "SyncV3 for matrix";`
			`package = mkPackageOption pkgs "matrix-sliding-sync" { };`

			`port = mkOption {`
			`type = types.int;`
			`default = 8088;`
			`description = ''`
			`The port to listen on.`
			`'';`
			`};`

			`environmentFile = mkOption {`
			`type = types.nullOr types.path;`
			`default = null;`
			`description = ''`
			Must contain the `SYNCV3_SECRET` environment variable.
			Generated with ``openssl rand -hex 32``.
			`'';`
			`};`
			`};`
			`};`

			`config = mkIf cfg.enable {`
			`services = {`
			`postgresql = {`
			`ensureDatabases = [ "matrix-syncv3" ];`
			`ensureUsers = [{`
			`name = "matrix-syncv3";`
			`ensurePermissions."DATABASE \"matrix-syncv3\"" = "ALL PRIVILEGES";`
			`}];`
			`};`
			`};`

			`systemd.services.matrix-syncv3 = {`
			`after = [ "matrix-synapse.service" "postgresql.service" ];`
			`wantedBy = [ "multi-user.target" ];`
			`serviceConfig = {`
			`DynamicUser = true;`
			`StateDirectory = "matrix-syncv3";`
			`WorkingDirectory = "/var/lib/matrix-syncv3";`
			`Environment = [`
			`"SYNCV3_SERVER=https://matrix.walkah.chat"`
			`"SYNCV3_DB=postgresql:///matrix-syncv3?host=/run/postgresql"`
			`"SYNCV3_BINDADDR=0.0.0.0:${toString cfg.port}"`
			`];`
			`};`
			`script = ''`
			`path=/var/lib/matrix-syncv3/secret`
			`[ -f $path ] \|\| ${pkgs.openssl}/bin/openssl rand -hex 32 > $path`
			`export SYNCV3_SECRET=$(cat $path)`
			`exec ${cfg.package}/bin/syncv3`
			`'';`
			`};`
			`};`
			`}`