Initial commit

.gitignore

@@ -0,0 +1,4 @@
+result
+registration.json
+registration.yaml
+ooye-src/

default.nix

@@ -0,0 +1,46 @@
+{
+  lib,
+  fetchgit,
+  makeWrapper,
+  nodejs,
+  buildNpmPackage,
+}:
+
+buildNpmPackage rec {
+  pname = "out-of-your-element";
+  version = "0";
+    src = fetchgit {
+      url = "https://gitdab.com/cadence/out-of-your-element.git";
+      rev = "07d6eb3c1272c2526a4749724c07c4fd530893d4";
+      sha256 = "3Y6s9pNKKeqF6s4I2Rd4TpxXPCwqizXeil/sTDVnpr0=";
+    };
+#  src = ./ooye-src;
+  npmDepsHash = "sha256-1STam+Sjy2MQcK5TmRacoxmgErd2sNqw0yIFX2M+iZk=";
+  # "sha256-1STam+Sjy2MQcK5TmRacoxmgErd2sNqw0yIFX2M+iZk=";
+  makeCacheWritable = true; # Something tries to write there, idk why - Emma [it/its] @ Rory&
+  dontNpmBuild = true;
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  installPhase = ''
+    runHook preInstall
+
+    mkdir -p $out/share
+    cp -a . $out/share/ooye
+    makeWrapper ${nodejs}/bin/node $out/bin/matrix-ooye --add-flags $out/share/ooye/start.js
+    makeWrapper ${nodejs}/bin/node $out/bin/matrix-ooye-addbot --add-flags $out/share/ooye/addbot.js
+
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "A Matrix Discord bridge";
+    homepage = "https://gitdab.com/cadence/out-of-your-element";
+    longDescription = ''
+      Cool.
+    '';
+    #license = licenses.agpl3;
+    #maintainers = with maintainers; [ RorySys ];
+    mainProgram = "matrix-ooye";
+  };
+}

flake.lock

@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1734119587,
+        "narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

flake.nix

@@ -0,0 +1,12 @@
+{
+  description = "A very basic flake";
+
+  inputs = {
+    nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
+  };
+
+  outputs = { self, nixpkgs }: {
+    packages.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.callPackage ./default.nix { };
+    
+  };
+}

module.nix

@@ -0,0 +1,154 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.services.matrix-ooye;
+  mkStringOption =
+    name: default:
+    lib.mkOption {
+      type = lib.types.str;
+      default = default;
+    };
+in
+{
+  options = {
+    services.matrix-ooye = {
+      enable = lib.mkEnableOption "Enable OOYE service";
+      package = lib.mkOption {
+        type = lib.types.package;
+        default = pkgs.callPackage ./default.nix { };
+      };
+      appserviceId = mkStringOption "The ID of the appservice." "ooye";
+      homeserver = mkStringOption "The homeserver to connect to." "http://localhost:8006";
+      homeserverName = mkStringOption "The name of the homeserver to connect to." "localhost";
+      namespace = mkStringOption "The prefix to use for the MXIDs/aliases of bridged users/rooms. Should end with a _!" "_ooye_";
+      discordTokenPath = mkStringOption "The path to the discord token file." "/etc/ooye-discord-token";
+      socket = mkStringOption "The socket to listen on, can either be a port number or a unix socket path." "6693";
+    };
+  };
+  config = lib.mkIf cfg.enable {
+    warnings =
+      lib.optionals ((builtins.substring (lib.stringLength cfg.namespace - 1) 1 cfg.namespace) != "_") [
+        "OOYE namespace does not end with an underscore! This is recommended to have better ID formatting. Provided: '${cfg.namespace}'"
+      ]
+      ++ lib.optionals ((builtins.substring 0 1 cfg.namespace) != "_") [
+        "OOYE namespace does not start with an underscore! This is recommended to avoid conflicts with registered users. Provided: '${cfg.namespace}'"
+      ];
+
+    systemd.services."matrix-ooye" =
+      let
+        baseConfig = pkgs.writeText "matrix-ooye-config.json" (
+          builtins.toJSON {
+            id = cfg.appserviceId;
+            namespaces = {
+              users = [
+                {
+                  exclusive = true;
+                  regex = "@${cfg.namespace}.*:${cfg.homeserverName}";
+                }
+              ];
+              aliases = [
+                {
+                  exclusive = true;
+                  regex = "#${cfg.namespace}.*:${cfg.homeserverName}";
+                }
+              ];
+            };
+            protocols = [ "discord" ];
+            sender_localpart = "${cfg.namespace}bot";
+            rate_limited = false;
+            socket = cfg.socket; # Can either be a TCP port or a unix socket path
+            url = if (lib.hasPrefix "/" cfg.socket) then "unix:${cfg.socket}" else "http://localhost:${cfg.socket}";
+            ooye = {
+              server_name = cfg.homeserverName;
+              namespace_prefix = cfg.namespace;
+              max_file_size = 5000000;
+              content_length_workaround = false;
+              include_user_id_in_mxid = true;
+              server_origin = cfg.homeserver;
+            };
+          }
+        );
+
+        script = pkgs.writeScript "matrix-ooye-pre-start.sh" ''
+          #!${lib.getExe pkgs.bash}
+          REGISTRATION_FILE=registration.yaml
+
+          if [[ ! -f ''${REGISTRATION_FILE} ]]; then
+            echo "No registration file found at '$REGISTRATION_FILE'"
+            cp --no-preserve=mode,ownership ${baseConfig} ''${REGISTRATION_FILE}
+          fi
+
+          AS_TOKEN=$(${lib.getExe pkgs.jq} -r .as_token ''${REGISTRATION_FILE})
+          HS_TOKEN=$(${lib.getExe pkgs.jq} -r .hs_token ''${REGISTRATION_FILE})
+          DISCORD_TOKEN=$(cat /run/credentials/matrix-ooye.service/discord_token)
+
+          if [[ -z "$AS_TOKEN" || "$AS_TOKEN" == "null" ]]; then
+            AS_TOKEN=$(${lib.getExe pkgs.openssl} rand -hex 64)
+            echo "Generated new AS token: ''${AS_TOKEN}"
+          fi
+          if [[ -z "$HS_TOKEN" || "$HS_TOKEN" == "null" ]]; then
+            HS_TOKEN=$(${lib.getExe pkgs.openssl} rand -hex 64)
+            echo "Generated new HS token: ''${HS_TOKEN}"
+          fi
+          if [[ -z "$DISCORD_TOKEN" ]]; then
+            echo "No Discord token found at '${cfg.discordTokenPath}'"
+            exit 1
+          fi
+
+          shred -u ''${REGISTRATION_FILE}
+          cp --no-preserve=mode,ownership ${baseConfig} ''${REGISTRATION_FILE}
+
+          ${lib.getExe pkgs.jq} '.as_token = "'$AS_TOKEN'" | .hs_token = "'$HS_TOKEN'" | .ooye.discord_token = "'$DISCORD_TOKEN'"' ''${REGISTRATION_FILE} > ''${REGISTRATION_FILE}.tmp
+
+          shred -u ''${REGISTRATION_FILE}
+          mv ''${REGISTRATION_FILE}.tmp ''${REGISTRATION_FILE}
+        '';
+
+      in
+      {
+        enable = true;
+
+        description = "Out of Your Element - a Discord bridge for Matrix.";
+
+        wants = [
+          "network-online.target"
+          "matrix-synapse.service"
+          "conduit.service"
+          "dendrite.service"
+        ];
+
+        after = [
+          "matrix-ooye-pre-start.service"
+          "network-online.target"
+          "matrix-synapse.service"
+          "conduit.service"
+          "dendrite.service"
+        ];
+        wantedBy = [ "multi-user.target" ];
+
+        serviceConfig = {
+          ExecStartPre = script;
+          ExecStart = lib.getExe config.services.matrix-ooye.package;
+
+          WorkingDirectory = "/var/lib/matrix-ooye";
+          StateDirectory = "matrix-ooye";
+          StateDirectoryMode = "0700";
+          ProtectSystem = "strict";
+          ProtectHome = true;
+          PrivateTmp = true;
+          NoNewPrivileges = true;
+          PrivateDevices = true;
+          Restart = "on-failure";
+
+          DynamicUser = true;
+          LoadCredential = [
+            "discord_token:${cfg.discordTokenPath}"
+          ];
+        };
+      };
+  };
+}