alpine: many changes

- updates
- snapserver
- graphana dashboards
- loki
- ddclient
- arr suite, jellyseer
- mautrix fixes

nixos/services/mautrix/signal.nix

@@ -1,9 +1,44 @@
-{config, ...}: let
-  inherit (config) sops;
-  inherit (sops) templates placeholder;
+{config, lib, ...}: let
   inherit (import ./lib.nix) toAppRegistration;
+  inherit (config.sops) templates placeholder;
 in {
+
+  virtualisation.oci-containers.containers.mautrix-signal = {
+    image = "dock.mau.dev/mautrix/signal:v0.7.1";
+    dependsOn = ["mautrix-signal-psql"];
+    volumes = [
+      "/home/tristan/pods/signal-bridge/mautrix-signal:/data:z"
+    ];
+    ports = [
+      "29328:29328"
+      "8000:8000"
+    ];
+  };
+
+# when you get around to backing this up
+# 1. stop the server.
+# 2. backup the db.
+# 3. migrate to newer version of postgres
+# 4. migrate db to local
+  virtualisation.oci-containers.containers.mautrix-signal-psql = {
+    image = "docker.io/postgres:14-alpine";
+    # ports = [ "127.0.0.1:5435:5432" ];
+    ports = [ "5435:5432" ];
+    volumes = [ "/home/tristan/pods/signal-bridge/db:/var/lib/postgresql/data" ];
+    environmentFiles = [templates."mautrix-signal/psql.env".path];
+  };
+  sops.templates = {
+    "mautrix-signal/psql.env" = {
+      owner = config.users.users.nobody.name;
+      content = lib.strings.toShellVars {
+        POSTGRES_PASSWORD = placeholder."mautrix-signal/postgres_password";
+        POSTGRES_USER = "signald";
+        POSTGRES_DB = "signald";
+      };
+    };
+  };
   sops.secrets = {
+    "mautrix-signal/postgres_password" = {};
     "mautrix-signal/as_token" = {};
     "mautrix-signal/hs_token" = {};
   };
@@ -20,10 +55,8 @@ in {
       };
     };
   };
-
-  # mautrix-signal server currently in ansible/podman
-
   services.matrix-synapse.settings.app_service_config_files = [
     templates."mautrix-signal/appservice.yaml".path
   ];
+
 }

nixos/services/mautrix/whatsapp.nix

@@ -1,33 +1,11 @@
-{config, ...}: let
-  inherit (config) sops;
-  inherit (sops) templates placeholder;
-  inherit (import ./lib.nix) toAppRegistration;
-in {
-  sops.secrets = {
-    "mautrix-whatsapp/as_token" = {};
-    "mautrix-whatsapp/hs_token" = {};
-  };
-  sops.templates = {
-    "mautrix-whatsapp/appservice.yaml" = {
-      owner = "matrix-synapse";
-      content = toAppRegistration {
-        id = "whatsapp";
-        port = config.services.mautrix-whatsapp.settings.appservice.port;
-        as_token = placeholder."mautrix-whatsapp/as_token";
-        hs_token = placeholder."mautrix-whatsapp/hs_token";
-        sender_localpart = "Gx8tLTHsxVlrdD3qibaPdaP9t7GhfciV";
-        "de.sorunome.msc2409.push_ephemeral" = true;
-      };
-    };
-    # "mautrix-whatsapp/env".content = ''
-    #   MAUTRIX_WHATSAPP_APPSERVICE_AS_TOKEN=${placeholder."mautrix-whatsapp/as_token"}
-    #   MAUTRIX_WHATSAPP_APPSERVICE_HS_TOKEN=${placeholder."mautrix-whatsapp/hs_token"}
-    # '';
-  };
+{config, ...}: {
+  nixpkgs.config.permittedInsecurePackages = [
+    "olm-3.2.16"
+  ];
 
   services.mautrix-whatsapp = {
     enable = true;
-    # environmentFile = templates."mautrix-whatsapp/env".path;
+    registerToSynapse = true;
     settings = {
       homeserver = {
         address = "http://localhost:8008";
@@ -46,9 +24,4 @@ in {
       };
     };
   };
-
-  services.matrix-synapse.settings.app_service_config_files = [
-    templates."mautrix-whatsapp/appservice.yaml".path
-    # "/var/lib/mautrix-whatsapp/whatsapp-registration.yaml"
-  ];
 }