diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/matrix/appservice-irc.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/matrix/appservice-irc.nix | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/nixpkgs/nixos/modules/services/matrix/appservice-irc.nix b/nixpkgs/nixos/modules/services/matrix/appservice-irc.nix index c79cd799b4d0..f4539a90f2e6 100644 --- a/nixpkgs/nixos/modules/services/matrix/appservice-irc.nix +++ b/nixpkgs/nixos/modules/services/matrix/appservice-irc.nix @@ -26,30 +26,30 @@ let registrationFile = "/var/lib/matrix-appservice-irc/registration.yml"; in { options.services.matrix-appservice-irc = with types; { - enable = mkEnableOption (lib.mdDoc "the Matrix/IRC bridge"); + enable = mkEnableOption "the Matrix/IRC bridge"; port = mkOption { type = port; - description = lib.mdDoc "The port to listen on"; + description = "The port to listen on"; default = 8009; }; needBindingCap = mkOption { type = bool; - description = lib.mdDoc "Whether the daemon needs to bind to ports below 1024 (e.g. for the ident service)"; + description = "Whether the daemon needs to bind to ports below 1024 (e.g. for the ident service)"; default = false; }; passwordEncryptionKeyLength = mkOption { type = ints.unsigned; - description = lib.mdDoc "Length of the key to encrypt IRC passwords with"; + description = "Length of the key to encrypt IRC passwords with"; default = 4096; example = 8192; }; registrationUrl = mkOption { type = str; - description = lib.mdDoc '' + description = '' The URL where the application service is listening for homeserver requests, from the Matrix homeserver perspective. ''; @@ -58,12 +58,12 @@ in { localpart = mkOption { type = str; - description = lib.mdDoc "The user_id localpart to assign to the appservice"; + description = "The user_id localpart to assign to the appservice"; default = "appservice-irc"; }; settings = mkOption { - description = lib.mdDoc '' + description = '' Configuration for the appservice, see <https://github.com/matrix-org/matrix-appservice-irc/blob/${pkgs.matrix-appservice-irc.version}/config.sample.yaml> for supported values @@ -74,7 +74,7 @@ in { options = { homeserver = mkOption { - description = lib.mdDoc "Homeserver configuration"; + description = "Homeserver configuration"; default = {}; type = submodule { freeformType = jsonType; @@ -82,12 +82,12 @@ in { options = { url = mkOption { type = str; - description = lib.mdDoc "The URL to the home server for client-server API calls"; + description = "The URL to the home server for client-server API calls"; }; domain = mkOption { type = str; - description = lib.mdDoc '' + description = '' The 'domain' part for user IDs on this home server. Usually (but not always) is the "domain name" part of the homeserver URL. ''; @@ -98,21 +98,21 @@ in { database = mkOption { default = {}; - description = lib.mdDoc "Configuration for the database"; + description = "Configuration for the database"; type = submodule { freeformType = jsonType; options = { engine = mkOption { type = str; - description = lib.mdDoc "Which database engine to use"; + description = "Which database engine to use"; default = "nedb"; example = "postgres"; }; connectionString = mkOption { type = str; - description = lib.mdDoc "The database connection string"; + description = "The database connection string"; default = "nedb://var/lib/matrix-appservice-irc/data"; example = "postgres://username:password@host:port/databasename"; }; @@ -122,14 +122,14 @@ in { ircService = mkOption { default = {}; - description = lib.mdDoc "IRC bridge configuration"; + description = "IRC bridge configuration"; type = submodule { freeformType = jsonType; options = { passwordEncryptionKeyPath = mkOption { type = str; - description = lib.mdDoc '' + description = '' Location of the key with which IRC passwords are encrypted for storage. Will be generated on first run if not present. ''; @@ -138,7 +138,7 @@ in { servers = mkOption { type = submodule { freeformType = jsonType; }; - description = lib.mdDoc "IRC servers to connect to"; + description = "IRC servers to connect to"; }; }; }; @@ -214,8 +214,9 @@ in { RestrictRealtime = true; PrivateMounts = true; SystemCallFilter = [ - "@system-service @pkey @chown" + "@system-service @pkey" "~@privileged @resources" + "@chown" ]; SystemCallArchitectures = "native"; # AF_UNIX is required to connect to a postgres socket. |