diff --git a/host/Rory-ovh/services/containers/draupnir-belibre/container.nix b/host/Rory-ovh/services/containers/draupnir-belibre/container.nix
index e19fb68..09f5606 100644
--- a/host/Rory-ovh/services/containers/draupnir-belibre/container.nix
+++ b/host/Rory-ovh/services/containers/draupnir-belibre/container.nix
@@ -19,10 +19,10 @@
];
};
hostAddress = "192.168.100.1";
- localAddress = "192.168.100.18";
+ localAddress = "192.168.100.23";
bindMounts."draupnir-access-token" = {
- hostPath = "/data/secrets/draupnir-fedora-access-token";
+ hostPath = "/data/secrets/draupnir-belibre-access-token";
mountPoint = "/etc/draupnir-access-token";
isReadOnly = true;
};
diff --git a/host/Rory-ovh/services/containers/draupnir-belibre/services/draupnir.nix b/host/Rory-ovh/services/containers/draupnir-belibre/services/draupnir.nix
index bacc9f3..917958c 100644
--- a/host/Rory-ovh/services/containers/draupnir-belibre/services/draupnir.nix
+++ b/host/Rory-ovh/services/containers/draupnir-belibre/services/draupnir.nix
@@ -8,7 +8,7 @@
settings = {
homeserverUrl = "https://matrix.rory.gay";
- managementRoom = "#draupnir-fedora-mgmt:rory.gay";
+ managementRoom = "#draupnir-belibre-mgmt:rory.gay";
recordIgnoredInvites = true; # We want to be aware of invites
autojoinOnlyIfManager = true; # ... but we don't want the bot to be invited to eg. Matrix HQ...
automaticallyRedactForReasons = [ "*" ]; # Always autoredact
@@ -22,8 +22,38 @@
protections = {
wordlist = {
- words = [
+ words = [
+ # The Obvious
+ "tranny"
+ "faggot"
+ "ywnbaw"
+ "nigger"
+ # abuse domains
"https://postimg.cc/"
+ "https://s.binance.com"
+ # Dec 2025 IRC spam
+ "irc.hardchats.com"
+ "white power"
+ "white pride"
+ "trannies"
+ "jews did 9/11"
+ "zigger"
+ "|| || <==="
+ "usurping jews"
+ "fag hoe"
+ "neo-freenode"
+ "thegreatbritishbookshop.co.uk"
+ "\"israel\""
+ "die alone"
+ "kike"
+ "irc.tr0ll.us"
+ "irc.gangste.rs"
+ "irc.wepump.in"
+ "death to"
+ "irc.hackclub.com"
+ "irc.supernets.org"
+ "[supernets]"
+ # Known abuse
"lolitaheaven.onrender.com"
"heavenlychat-px42.onrender.com"
"heavenlydev.onrender.com"
diff --git a/host/Rory-ovh/services/containers/spacebar/services/spacebar.nix b/host/Rory-ovh/services/containers/spacebar/services/spacebar.nix
index 228bf69..7b8321b 100644
--- a/host/Rory-ovh/services/containers/spacebar/services/spacebar.nix
+++ b/host/Rory-ovh/services/containers/spacebar/services/spacebar.nix
@@ -190,6 +190,7 @@ in
#LOG_REQUESTS = "-200,204,304";
LOG_REQUESTS = "-";
LOG_VALIDATION_ERRORS = true;
+ LOG_API_ERRORS = true;
#DB_LOGGING=true;
#LOG_GATEWAY_TRACES=true;
#LOG_PROTO_UPDATES=true;
diff --git a/host/Rory-ovh/services/matrix/draupnir.nix b/host/Rory-ovh/services/matrix/draupnir.nix
index f754809..9a7c292 100755
--- a/host/Rory-ovh/services/matrix/draupnir.nix
+++ b/host/Rory-ovh/services/matrix/draupnir.nix
@@ -1,4 +1,4 @@
-{ pkgs, draupnir, ... }:
+{ config, lib, pkgs, draupnir, ... }:
{
services.draupnir = {
@@ -70,4 +70,39 @@
};
};
};
+
+ systemd.services."draupnir" = {
+ serviceConfig = let
+ cfg = config.services.draupnir;
+ format = pkgs.formats.yaml { };
+ configFile = format.generate "draupnir.yaml" cfg.settings;
+ in {
+ ExecStart = lib.mkForce (
+ toString (
+ [
+ (lib.getExe cfg.package)
+ "--draupnir-config"
+ configFile
+ ]
+ ++ lib.optionals (cfg.secrets.accessToken != null) [
+ "--access-token-path"
+ "%d/access_token"
+ ]
+ ++ lib.optionals (cfg.secrets.pantalaimon.password != null) [
+ "--pantalaimon-password-path"
+ "%d/pantalaimon_password"
+ ]
+ ++ lib.optionals (cfg.secrets.web.synapseHTTPAntispam.authorization != null) [
+ "--http-antispam-authorization-path"
+ "%d/http_antispam_authorization"
+ ]
+ ++ [
+ "--max-old-space-size=32768"
+ "--max-semi-space-size=256"
+ "--prof"
+ ]
+ )
+ );
+ };
+ };
}
|