config.yaml configuration as a Nix attribute set. Configuration options should match those described in example-config.yaml.
Secret tokens should be specified using environmentFile instead.
Declarations
Type
YAML valueDefault
''
{
homeserver = {
software = "standard";
address = "https://''${config.settings.homeserver.domain}";
};
appservice = {
database = {
type = "sqlite3-fk-wal";
uri = "file:''${fullDataDir config}/mautrix-meta.db?_txlock=immediate";
};
hostname = "localhost";
port = 29319;
address = "http://''${config.settings.appservice.hostname}:''${toString config.settings.appservice.port}";
};
bridge = {
# Require encryption by default to make the bridge more secure
encryption = {
allow = true;
default = true;
require = true;
# Recommended options from mautrix documentation
# for optimal security.
delete_keys = {
dont_store_outbound = true;
ratchet_on_decrypt = true;
delete_fully_used_on_decrypt = true;
delete_prev_on_new_session = true;
delete_on_device_delete = true;
periodically_delete_expired = true;
delete_outdated_inbound = true;
};
verification_levels = {
receive = "cross-signed-tofu";
send = "cross-signed-tofu";
share = "cross-signed-tofu";
};
};
};
logging = {
min_level = "info";
writers = lib.singleton {
type = "stdout";
format = "pretty-colored";
time_format = " ";
};
};
};
''