nix-infra/config/hosts/mjolnir/mjolnir.nix

37 lines
1 KiB
Nix
Raw Permalink Normal View History

# Sources for this configuration:
# - https://github.com/matrix-org/mjolnir/blob/main/docs/setup.md
# - https://github.com/matrix-org/mjolnir/blob/main/config/default.yaml
{ ... }:
{
# Allow deprecated, apparently somewhat insecure libolm to be able to update
# the moderation bot.
# The security issues aren't real world exploitable apparently:
# https://matrix.org/blog/2024/08/libolm-deprecation/
nixpkgs.config.permittedInsecurePackages = [ "olm-3.2.16" ];
services.mjolnir = {
enable = true;
homeserverUrl = "https://matrix.hamburg.ccc.de";
managementRoom = "#moderation-management:hamburg.ccc.de";
settings = {
verboseLogging = false;
};
pantalaimon = {
enable = true;
username = "moderation";
passwordFile = "/run/secrets/matrix_moderation_user_password";
options = {
ssl = true;
};
};
};
sops.secrets."matrix_moderation_user_password" = {
mode = "0440";
owner = "mjolnir";
group = "mjolnir";
restartUnits = [ "mjolnir.service" ];
};
}