From a15a93a31790ae0ecde471b5b4ef8b07bfcbfe8a Mon Sep 17 00:00:00 2001
From: Jimbo <jimjam4real@gmail.com>
Date: Tue, 27 Aug 2024 05:14:19 -0400
Subject: [PATCH] Add a Discord/Matrix bridge

---
 flake.nix                       |   2 +-
 nixos/modules/secrets.nix       | Bin 1615 -> 1751 bytes
 nixos/server.nix                |   7 +++++--
 nixos/server/matrix-discord.nix |  18 ++++++++++++++++++
 nixos/server/synapse.nix        |   7 +++++++
 5 files changed, 31 insertions(+), 3 deletions(-)
 create mode 100644 nixos/server/matrix-discord.nix

diff --git a/flake.nix b/flake.nix
index fca2cf90..c9f6684f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -24,8 +24,8 @@
     self,
     nixpkgs,
     nur,
-    blender-bin,
     nixos-mailserver,
+    blender-bin,
     home-manager,
     ...
   } @inputs: let
diff --git a/nixos/modules/secrets.nix b/nixos/modules/secrets.nix
index 27f416efcfe8e5432ae302e496b32f4b8b050371..66c57ff50b6d7d72bfbc575f848aa88da92687de 100644
GIT binary patch
literal 1751
zcmZQ@_Y83kiVO&0n3u5sT#n!T3;%CaUA-0czjJ2gU%r?!?*D9R4cFqg2_IQz-~Q#a
ze|G;w#Y^$h`=wjvR85JP^Fm$8gz4_hD=B9p#1bA?WlCpz^`8Bx_iO5<4R;hHUeuJ#
z`jJ#(w@P7qVR?;csN;=4uNgd@E~rW;_;)INP$<-vernCXM%POI_$O0Fd6UL8QGX?+
z!;kf=6EATqPphgdn6%vUj(fjUw8q*hyJ^#Ne^1zZd@YCHOMB@=2K8lUJFb~&UwV9P
z;lj`VT#r^g@&4p4<;5+1=eMf@`-SP@g6VH2SpG=9?{SR(uFn41_xAjjS)E{h*|spx
z^N5cyTh}a$jF&TC>rOR3v4n5yvc>iZ+BvUud?Y?ywaD*37q8~%H^aBH;Gu=u{x^+$
z30fA{-P>Mp>0IdHx%N$X_gC&u{f}oypOg^az@+o#{8`<Aie*Q4{E27U{g3H7@6y-N
z&G$~+I=^xL!{8~rucG=*roK-~c)QUgp2^>Fj_}&M5l7R_PhK{8&a<!a-}Rrrm)_r`
zn*73ls>3$3l`4AMDtBu1#JuxL-*-!=bH;=fM!6oYx1!f-TY726b#bqIddH*x@W+SW
zGQR!V?|ZeXPVHws`*X4W;-_C7UVq*gw)c`{<f_ffPPglIsyZ%I&lb3H{>)qnkGTgA
z#bh_E@D%s#oA@?R&w26h8<7dg^D4d4R`G~Tz5LPg)4$AV=68GMtG!|rRyt{~_+`&~
z!w#b@TasMQz5mAX&EWR`qb6DhXI$UxwEz9;&zfA07r$8x=+B$l<&d#2Pv(5^-pS9W
zJH2lC^7P`bS9-z|Ym`!Miu3sGeEq3-<_|-~+IFjZYMW96+1@Q~yHuV(=i5Tjb0-e#
zdKgN!B|BO4ZJVj@oT2{5yfImx!Di-xjVFGdUoTrV!zpS0-L2|ROZK`k3yF06cCF8m
zuW!|yn#pErer|_n;XH#PzVzpL4c3_@UE94ns#7-$o|S)GI`g-eoaHIQN2QYvFt;^m
zv#GPR&fB4BoM9{Z?Rm#J_82wkrI+_UVaxw}vo`*S`{eoelU~QGPw)O;A$-?d{KzGD
z$%(s5C6D+|dHGYUyM^tKUDfY?#hJ_!v+KWUo=g$=VjRPETD_<{Ow9TD{F2GqZ$lS$
zOXe<pRJhoH^+C8<+Gc?@4B8P>yp@@5c^vFboO+_ZQfB9>AA*<u1YZC4Vpqavs|m`o
zTNfI{{99ac=I6SU3WFf6&l9GZa?kFbRi9pB`t)z^iQ``qVt=wvE_(8Xg;i(&yNO@7
z>b{+wpQNul(RTlBK7EHP8b<Si?=-(VIAPwA<6+B%j^F;fO{;)!mfwN?2M+mjU+>J9
zIGU06o@eUZg}HWbO2o}iu3sRcx?IIES8LPqyA4bd;;F?k+;tn2p5+~Ni(m1u>z++r
z%kCYI<X5oYIGDfxTzI&l+gsU%$M<gC$0d6$w`6Dd+aHQAd1orc88-TEDEnigTE?Sv
zK6g&<oO>*Sr>?#Fdw<ER-nl2_*bL2fOmsW<^YO*4vlJxH=;r#0NpXKvkJXsTyyDjM
ze8;st8{6NmR1}HN{%9=lrs}Z%0@rV!Ok|e5oEWS)P4G@E+Xkiuc>%MVKJ%$h-*flK
z^o0Sf$4gfoH@E0wXqbJ;fjux#;F9`YsZam!oK3PhP<=r(J8Ng);q&kA9A9_h@VrSp
z6I(Ja_p3j@d?B&=B>S({8}4^&rB*k-`o8~{&dVD6O2&mV&*Y?LS)>S^@z`hKc~0|0
zxY6Q0cb6Tx)4>w9xp)8c9c!+B(zL1xo_g=fdi{H~zaGwey2^XUJ$vsLEgMa9;xpXS
z*_?L@<R01Em9z4#>(neqAFuNw{SBd2Yk2-{Ofkv-*VpU6Vka|~_x+6R7O#$^72M|V
zTg-Z5wMKd2ktJ)Tjvo=;q5S)_`P%}M#xMP83)b|%@SeR#J=rGXa|-*zxK&HO+I%jw
z^K3se^E-F<#L0_dXZD@*y0P`0Sk^nU(pFPTq0)ydH~yQKR3zmiTU6p`_Coo;EL+cn
zimL26|B9wg*)q#0Tx~`8Rq;Kop}z#fOsmb^mwsNZxFUbe$pfcZczZlNPVJt&b*DqO
z`(DMyNbdU|?rZnAbsRFg7tuQR@A(%S?A=%1dfxEKk>}(kKix!r4i%$c-`UlaKW}=%
z%U|8pX_da{M`^A^Sn#<OmAR~5Jg39!4$JV!c9v!CC_Gs5`l7Vs<qm~49m}rGVC`9X
z|BR;5t2r5M2b7=jCrzz?zGrXOLc!9{JPw*?k}P?u5AWX0)c=&><sFu*kBX8fcXaH(
zraI?||I?Flc40~9Uh>}8->Y`Ox5u}wg5OG4Q{HWhDu)qYrp)OjDL%W|1pZ7kxX&!9
i@B8{}cHflwea_D>X+|jDaG4gdOJZ-KQO-i`&&L4?+iT+h

literal 1615
zcmZQ@_Y83kiVO&0*d5V6dCun4Iq6e&Jbth+R<pX>;MSb2smGUH%b(<M$y3p8_5-6i
z7W-#C={x%7<&=h*PkfR**LWK<>}ZNR^Uc-0r{_qcH0w2=IX5gbjX!Kndv{SHG4`C>
zr6bd?%QH)wSHFG9^!ByN`8yZZRb<8*SY=%9`#GN}%*xP;d3Ei#MO`ze_pDo2pRB(v
z`bf8PsJm*9na1BMDX(tCd-$ihicAr3eJ|c#;?EYA_+4;ocHZMlntRp1ezq5tD_tg@
zP#q9kws7C9M2n*GZ&O_}`+ioO=bBr7SR{<g%wWpS^*dY4cSYa1{9Nmh(zU-TXU=<0
zSXAru*`OwA5jU%#(_G1<`b|=W0$E%=vjiVhZBPGsprCQu&GHhiH9wy%+5f++F#h%u
zu9Q!`C2~6#3!gUET;zS!HGWdWbj6eve<#(NElN?nCK>vfSK_6kgxiIds864_D(@CN
zbMnfWON^odpO<xiTb_P;;_uS)`W`uJg!(4$@B2TaVu$G~??;-uP5*G+;hnU$MuX*;
z#!{Bdey&irl^loX*k{#G`O{&r$6CXm#cZwp^yel{I}%^~bUegc>BM&`Z`nqk<I`?+
z+u8p0WnNjD_qM2y^YYo#D)IYH|6TW{_)sqAn&sPgbiLNBTW#33@c2}R_uqOmCLeOG
zYx@<qZ~Lz`d!;4#%#|lLMpV6ND)_3$UEFkfeeV>TI|46`{n@(hQT*=L%h#W?Q>~pC
zxK8xY^UXHj-{jp|cKc+-hLs`PEKTpuR}`;V+Sc`1Qmu6V^A9%eSG{sf&+FXzx!Gpj
z>Fo8EJ4$$hZUty;**~*T<6J`C_G1g1kNrr9jaXJZ*_iQR@T6G{(`x$kx&BR4iPD?>
zHh0@AOQwf~<}Y8=e{|aL|K59};(U(>{bAqVZJo7cPRbJdA8q@27sokC-@k6AA<cgN
z|CEetXO~p$dUIOz@WNH1xhd1DXO#a~#`T!PF)De2%Vo)wM@MQ@PFPJ$4G>i->g+gs
zHTXjB+k_C?$+c<{vHcbO9H#0Xf9J%rUTT^7xNMGs-=paHrafCv?L4W^c$jbfM$Lum
z-I7Amv@Ztjvp*`G^n6Qa{p7`0?<mS&aOxGjdgiHX{h@|W+{?tCEA9KG-m~zPj!V(k
z21%E@k8K%xme#&3F5GTf>-qM=<xLxR7MVxQymn`Yw0TGg`<CpIV|<2pq8Zj~RO{CZ
z-?p4V_L1GCeg2oFzq2U)UX}Y(S<h$Yqz<!F0rs|YBxm-B&+<}s51KLkUu-Pzw`=SB
z4tlu9TjU%MitPQ)6k@UE?42(LiuYIFTg~z!zkSZ?`Oovuq%&vqrS12<_^NL8$Hb#S
zmnxRdJf`_5^6<MaSD&@r;ImY|yma;NrHill)pypMaISQ?yY};%Co`|k<}^uQS6_4S
z&0OcCgAE@!In^t~Cm-LiXKHDo)^ujGgG<F;Uy=X3k&R<=p=c1FACGGEsi0pH&)06;
zq+2MZ(|)Vl?PtWMU$(DOx?|1fYfEqKT9`j0e*XL8&qQB-o_So8SMT<RQ*~U7Te`0Z
ze@p&h*v(iF;c96nG4q-eYws*M!w2go<(5dic)q}7TF2(Q@ArRB{mE;hcDG=$Va~gr
zZ9WIALpSE!jF$_TB*guH@yA^gXC!YkJ0zU?C+ba@v*-2h^=Yk7&ZrySE_=SMO7Pn>
zj-*57vYt0jPk1ry(uG+0X<|n_V?G$Qd~C{K`EjyNSjaxz?02uK#PMA9Un;RWqC$xQ
zl0Gxs5(Sw)3wjB<OgcC1P1LcEVLHb{Z-n~lO*r_A_4l92q17^PpM~9Vi0S+DGC6?R
zI!Rvm-!9v(Fpc<MJd;)lZeg(0majT|&C+Ud_E*W3x9)w~IQ8+{yHmuP-c?K7a=$3P
zOe(<6Zd*^`|M{COe=glV>5N3eYcKAo+kQP0cB*u;dKau*KlR=X3Bf;gSu;#CxxRTa
z`IP5IwPpmWCWSYz`(K-JR&(#9#fhhHTOMA}v4xGbUT3bt=GS@)gJ=85+ewNVZjq_K
zq{VMOJH|b4vyJ$EPRH%rybOZ+CpAf?97&t`kaGu**R*s!fdz3Yfz2Wu`pj~9qCMhz
z6aQLl-fO3NRWjjk@u}If3a;C34SsWFYt{<CFZ21t^x2H>eUL3ONSor$zfdyh*q^80
vx4iReU_M;d6Iy)n^cSbO0qe6Wt4#UXpYuy*-K?MFm~*s4(XE5w<owG3A><^R

diff --git a/nixos/server.nix b/nixos/server.nix
index df3a8d2c..a9f67fc0 100644
--- a/nixos/server.nix
+++ b/nixos/server.nix
@@ -21,7 +21,6 @@
     ./server/acme.nix
     ./server/ddclient.nix
     ./server/docker.nix
-    ./server/element.nix
     ./server/firewall.nix
     ./server/gitea.nix
     ./server/lemmy.nix
@@ -33,10 +32,14 @@
     ./server/nginx.nix
     ./server/owncast.nix
     ./server/pufferpanel.nix
-    ./server/synapse.nix
     ./server/tandoor.nix
     ./server/vaultwarden.nix
     ./server/misc.nix
+
+    # Matrix
+    ./server/synapse.nix
+    ./server/element.nix
+    ./server/matrix-discord.nix
   ];
 
   services.openssh.ports = [ 2222 ];
diff --git a/nixos/server/matrix-discord.nix b/nixos/server/matrix-discord.nix
new file mode 100644
index 00000000..344af0eb
--- /dev/null
+++ b/nixos/server/matrix-discord.nix
@@ -0,0 +1,18 @@
+let
+  secrets = import ../modules/secrets.nix;
+in {
+    services.matrix-appservice-discord = {
+    enable = true;
+    settings = {
+      auth = {
+        clientID = "${secrets.discordBotID}";
+	botToken = "${secrets.discordBotToken}";
+	usePrivilegedIntents = true;
+      };
+      bridge = {
+        domain = "${secrets.jimDomain}";
+        homeserverUrl = "https://matrix.${secrets.jimDomain}";
+      };
+    };
+  };
+}
diff --git a/nixos/server/synapse.nix b/nixos/server/synapse.nix
index 1b76a423..515c7636 100644
--- a/nixos/server/synapse.nix
+++ b/nixos/server/synapse.nix
@@ -32,6 +32,13 @@ in {
           require_transport_security = true;
         };
 
+	# Allows a Discord/Matrix bridge, comment on first use and copy using instructions
+	app_service_config_files = [
+          # cp /var/lib/matrix-appservice-discord/discord-registration.yaml /var/lib/matrix-synapse/
+          # chown matrix-synapse:matrix-synapse /var/lib/matrix-synapse/discord-registration.yaml
+          "/var/lib/matrix-synapse/discord-registration.yaml"
+        ];
+
         # Disable registration without email
         registrations_require_3pid = [ "email" ];