Fix mautrix signal
This commit is contained in:
parent
63b4abd679
commit
b6d79deccd
|
@ -4,7 +4,12 @@
|
||||||
./mautrix-signal-module.nix
|
./mautrix-signal-module.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
services.signald.enable = true;
|
services.signald = {
|
||||||
|
enable = true;
|
||||||
|
user = "mautrix-signal";
|
||||||
|
group = "mautrix-signal";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
services.mautrix-signal = {
|
services.mautrix-signal = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -33,6 +33,10 @@ in
|
||||||
double_puppet_server_map = { };
|
double_puppet_server_map = { };
|
||||||
login_shared_secret_map = { };
|
login_shared_secret_map = { };
|
||||||
};
|
};
|
||||||
|
signal = {
|
||||||
|
socket_path = "/run/signald/signald.sock";
|
||||||
|
outgoing_attachment_dir = "/var/lib/signald/tmp";
|
||||||
|
};
|
||||||
|
|
||||||
logging = {
|
logging = {
|
||||||
version = 1;
|
version = 1;
|
||||||
|
@ -164,7 +168,6 @@ in
|
||||||
ProtectKernelModules = true;
|
ProtectKernelModules = true;
|
||||||
ProtectControlGroups = true;
|
ProtectControlGroups = true;
|
||||||
User = "mautrix-signal";
|
User = "mautrix-signal";
|
||||||
Group = "signald";
|
|
||||||
|
|
||||||
CapabilityBoundingSet = [ "CAP_CHOWN" ];
|
CapabilityBoundingSet = [ "CAP_CHOWN" ];
|
||||||
AmbientCapabilities = CapabilityBoundingSet;
|
AmbientCapabilities = CapabilityBoundingSet;
|
||||||
|
@ -173,7 +176,8 @@ in
|
||||||
LockPersonality = true;
|
LockPersonality = true;
|
||||||
RestrictRealtime = true;
|
RestrictRealtime = true;
|
||||||
|
|
||||||
SupplementaryGroups = [ "signald" ];
|
ReadWritePaths = [ "/var/lib/signald" ];
|
||||||
|
|
||||||
BindPaths = "/var/lib/signald";
|
BindPaths = "/var/lib/signald";
|
||||||
StateDirectory = baseNameOf dataDir;
|
StateDirectory = baseNameOf dataDir;
|
||||||
StateDirectoryMode = "771";
|
StateDirectoryMode = "771";
|
||||||
|
@ -184,17 +188,15 @@ in
|
||||||
--config='${settingsFile}'
|
--config='${settingsFile}'
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
unitConfig = {
|
|
||||||
JoinsNamespaceOf = "signald.service";
|
|
||||||
};
|
|
||||||
|
|
||||||
restartTriggers = [ settingsFileUnsubstituted ];
|
restartTriggers = [ settingsFileUnsubstituted ];
|
||||||
};
|
};
|
||||||
users.users.mautrix-signal = {
|
users.users.mautrix-signal = {
|
||||||
description = "Service user for the Matrix-Signal bridge";
|
description = "Service user for the Matrix-Signal bridge";
|
||||||
group = "signald";
|
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
|
group = "mautrix-signal";
|
||||||
};
|
};
|
||||||
|
users.groups.mautrix-signal = { };
|
||||||
};
|
};
|
||||||
|
|
||||||
meta.maintainers = with maintainers; [ expipiplus1 ];
|
meta.maintainers = with maintainers; [ expipiplus1 ];
|
||||||
|
|
Loading…
Reference in a new issue