summary refs log tree commit diff
diff options
context:
space:
mode:
-rwxr-xr-xbuild.sh2
-rwxr-xr-xflake.nix3
-rwxr-xr-xhost/Rory-synapse/configuration.nix91
-rwxr-xr-xhost/Rory-synapse/post-rebuild.sh4
-rwxr-xr-xmodules/base-server.nix2
5 files changed, 67 insertions, 35 deletions
diff --git a/build.sh b/build.sh
index 7542303..b89de4b 100755
--- a/build.sh
+++ b/build.sh
@@ -10,7 +10,7 @@ if [ "$1" = "/" ]; then
     [ -f "host/${2}/pre-rebuild.sh" ] && host/$2/pre-rebuild.sh
     nixos-generate-config --show-hardware-config > hardware-configuration.nix
     git add -f hardware-configuration.nix
-    nixos-rebuild switch --flake ".#${2}" -j`nproc` --upgrade-all
+    nixos-rebuild switch --flake ".#${2}" -j`nproc` --upgrade-all || exit 1
     [ -f "host/${2}/post-rebuild.sh" ] && host/$2/post-rebuild.sh
     git rm --cached hardware-configuration.nix
     exit
diff --git a/flake.nix b/flake.nix
index dc5d08d..e3edd4a 100755
--- a/flake.nix
+++ b/flake.nix
@@ -3,7 +3,8 @@
 
   inputs = {
     nixpkgs = {
-      url = "github:NixOS/nixpkgs/nixos-unstable";
+      #url = "github:NixOS/nixpkgs/nixos-unstable";
+      url="path:/Rory-Open-Architecture/nixpkgs";
     };
     botcore-v4 = {
       url = "gitlab:BotCore-Devs/BotCore-v4/staging";
diff --git a/host/Rory-synapse/configuration.nix b/host/Rory-synapse/configuration.nix
index a805e5f..46da7b6 100755
--- a/host/Rory-synapse/configuration.nix
+++ b/host/Rory-synapse/configuration.nix
@@ -121,8 +121,6 @@
       };
       url_preview_enabled = true;
       
-
-      
       database = {
         name = "psycopg2";
         args = {
@@ -141,37 +139,63 @@
     plugins = with pkgs.matrix-synapse-plugins; [
       # Alicia - need to port draupnir...
       #matrix-synapse-mjolnir-antispam
-      matrix-synapse-pam
+#      matrix-synapse-pam
     ];
-    extraConfigFiles = [
-        (pkgs.writeTextFile {
-          name = "matrix-synapse-extra-config.yml";
-          text = ''
-            modules:
-              - module: "pam_auth_provider.PAMAuthProvider"
-                config:
-                  create_users: true
-                  skip_user_check: false
-          '';
-        })
-      ];
+#    extraConfigFiles = [
+#        (pkgs.writeTextFile {
+#          name = "matrix-synapse-extra-config.yml";
+#          text = ''
+#            modules:
+#              - module: "pam_auth_provider.PAMAuthProvider"
+#                config:
+#                  create_users: true
+#                  skip_user_check: false
+#          '';
+#        })
+#      ];
   };
 
   # Alicia - doesnt work yet... until in nixpkgs...
-  #services.draupnir = {
-  #  enable = true;
-  #  pantalaimon = {
-  #    enable = true;
-  #    username = "draupnir";
-  #    passwordFile = "/run/secrets/draupnir-password";
-  #    options = {
-  #      homeserver = "http://localhost:8008";
-  #      ssl = false;
-  #    };
-  #    
-  #  };
-  #  managementRoom = "#draupnir-mgmt:rory.gay";
-  #};
+  services.draupnir = {
+    enable = true;
+    
+    pantalaimon = {
+      enable = true;
+      username = "draupnir";
+      passwordFile = "/etc/draupnir-password";
+      options = {
+        homeserver = "http://localhost:8008";
+        ssl = false;
+      };
+      
+    };
+    managementRoom = "#draupnir-mgmt:rory.gay";
+    homeserverUrl = "http://localhost:8008";
+    verboseLogging = false;
+    settings = {
+      recordIgnoredInvites = false;
+      automaticallyRedactForReasons = [ "*" ];
+      fasterMembershipChecks = true;
+      backgroundDelayMS = 100;
+      pollReports = true;
+      admin.enableMakeRoomAdminCommand = true;
+      commands.ban.defaultReasons = [
+        "spam"
+        "harassment"
+        "transphobia"
+        "scam"
+      ];
+      protections = {
+        wordlist = {
+          words = [
+            "tranny"
+            "faggot"
+          ];
+          minutesBeforeTrusting = 0;
+        };
+      };
+    };
+  };
 
     systemd.services.matrix-synapse-reg-token = {
       description = "Random registration token for Synapse.";
@@ -179,7 +203,14 @@
       wantedBy = ["multi-user.target"];
       after = ["network.target"];
 
-      script = ''cat /dev/urandom | tr -dc a-zA-Z0-9 | fold -w 256 | head -n 1 > registration_shared_secret.txt'';
+      script = ''
+
+        if [ ! -f "registration_shared_secret.txt" ]
+        then
+          cat /dev/urandom | tr -dc a-zA-Z0-9 | fold -w 256 | head -n 1 > registration_shared_secret.txt
+        else
+          echo Not generating key, key exists;
+        fi'';
       serviceConfig = {
         User = "matrix-synapse";
         Group = "matrix-synapse";
diff --git a/host/Rory-synapse/post-rebuild.sh b/host/Rory-synapse/post-rebuild.sh
index 7be1383..27028d9 100755
--- a/host/Rory-synapse/post-rebuild.sh
+++ b/host/Rory-synapse/post-rebuild.sh
@@ -24,8 +24,8 @@ register(){
 
 
 
-PASSWD=`cat /run/keys/matrix-user-pass`
-for u in {Alicia,Emma,Rory,root}
+PASSWD=`cat /etc/matrix-user-pass`
+for u in {draupnir,Alicia,Emma,Rory,root}
 do 
 	register $u $PASSWD
 done
diff --git a/modules/base-server.nix b/modules/base-server.nix
index 6404ae9..756769f 100755
--- a/modules/base-server.nix
+++ b/modules/base-server.nix
@@ -6,7 +6,7 @@
        ./base.nix
        ./users/chris.nix
     ];
-
+  documentation.nixos.enable = false;
   # My servers always use /dev/sda as boot disk...
   boot = {
     kernelPackages = pkgs.linuxPackages_latest;