diff --git a/acct-group/mautrix-signal-bin/Manifest b/acct-group/mautrix-signal-bin/Manifest
new file mode 100644
index 0000000..31fbce2
--- /dev/null
+++ b/acct-group/mautrix-signal-bin/Manifest
@@ -0,0 +1 @@
+EBUILD mautrix-signal-bin-0.ebuild 308 BLAKE2B 7d2db0f352c894e6bd4bd8cbf16996d88a98ead92ef62fc5106e30c66ac3b6d28e9eba1b168be003e1a207019b4e189e93b8ae0fcd2404b91e09deb4de6ba05d SHA512 49c94b99a08793a375caa836f7e8e21afc9865e20aef35b63c5d3a30478ecd43a461a5ff75ed9de96caf851ea395644c5233e6edb1806c7b066f1c53e26c0866
diff --git a/acct-group/mautrix-signal-bin/mautrix-signal-bin-0.ebuild b/acct-group/mautrix-signal-bin/mautrix-signal-bin-0.ebuild
new file mode 100644
index 0000000..f413776
--- /dev/null
+++ b/acct-group/mautrix-signal-bin/mautrix-signal-bin-0.ebuild
@@ -0,0 +1,11 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit acct-group
+DESCRIPTION="Group used for the mautrix signal Matrix bridge"
+KEYWORDS="~amd64"
+
+# If you want this to persist across multiple machines, pick a real number!
+ACCT_GROUP_ID="-1"
diff --git a/acct-user/mautrix-signal-bin/Manifest b/acct-user/mautrix-signal-bin/Manifest
new file mode 100644
index 0000000..f0fd075
--- /dev/null
+++ b/acct-user/mautrix-signal-bin/Manifest
@@ -0,0 +1,2 @@
+EBUILD mautrix-signal-bin-0.ebuild 318 BLAKE2B 0802162dc33f5891ee859844f26fa3b1fb5a3e60fb334bc56040245d4a823ad2ae7ee64c8df0deb0bee9cd59318dc116e1d3197a0744a69b6abe0dc76f0c991b SHA512 428767bfdc9d8495af62fbe4741c7bd7c588991485f324ef8c0de0eb6b9a808a3cb33c2b53c41c043ecf5c99ccf2ece3e7cb272e4b380df9dac1ff6e50060d5a
+MISC metadata.xml 248 BLAKE2B cb50cad2c614a99daa2e236f9e0d0fab1ab20a898c0b0f0c28a1387820ab1f2b9dd4d396a3b38f732b493824f96a29ee5894e80e09dbd08dff62c1aaba3feaa0 SHA512 29f9b96b0a77546cce6a8bffd82fae2fd0939d32a7a05ffd0d91f9250a019a3ddaa599b93988c82daabb9c4c4b284dd947e2c47f6ca7727b8539cffa91bcb8c2
diff --git a/acct-user/mautrix-signal-bin/mautrix-signal-bin-0.ebuild b/acct-user/mautrix-signal-bin/mautrix-signal-bin-0.ebuild
new file mode 100644
index 0000000..e8ee18e
--- /dev/null
+++ b/acct-user/mautrix-signal-bin/mautrix-signal-bin-0.ebuild
@@ -0,0 +1,15 @@
+# Copyright 2019-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit acct-user
+
+DESCRIPTION="User for the mautrix-signal Matrix bridge"
+KEYWORDS="~amd64"
+
+ACCT_USER_ID=-1
+ACCT_USER_GROUPS=( mautrix-signal-bin )
+ACCT_USER_HOME=/opt/mautrix-signal
+
+acct-user_add_deps
diff --git a/acct-user/mautrix-signal-bin/metadata.xml b/acct-user/mautrix-signal-bin/metadata.xml
new file mode 100644
index 0000000..67a771c
--- /dev/null
+++ b/acct-user/mautrix-signal-bin/metadata.xml
@@ -0,0 +1,8 @@
+
+
+
+
+ manuel@fritteli.ch
+ Manuel Friedli
+
+
diff --git a/dev-libs/libsignal-ffi-bin/Manifest b/dev-libs/libsignal-ffi-bin/Manifest
new file mode 100644
index 0000000..08be570
--- /dev/null
+++ b/dev-libs/libsignal-ffi-bin/Manifest
@@ -0,0 +1,3 @@
+DIST libsignal-ffi-bin-0.42.0.a 33239536 BLAKE2B e2310a063d6c28515ebdea0e7fdac1f39ecfa0b69ab7d6a1fae44c781306ab1515d0d0e67eef244241903cfc99fa74e998301f15bc502e8293520bb452563c9c SHA512 403e623ceaa664091b0ea84917dd060e5878c8f7a8688319f99907f49810c9154f92036c7fe88f8fe11040776ced1c8e5d68c16921fc31cfd5dd5bc862198c65
+EBUILD libsignal-ffi-bin-0.42.0.ebuild 682 BLAKE2B e4d018acab395aefdc29d14915e1d2bdf41cbe05d65ca05c9f6f6711348cc40718750341f36fbe4610359ff86891056227e47e390d59e2ef5c9171e5876ca395 SHA512 3be6397adaad98917ea9e5c9cccce4bc88f62f03cf3d1bbe8f3d4c2b137d2c398de4f48b0ef6a2d0d4f33d32b783392985592489377aa9c73659011d0341db47
+MISC metadata.xml 332 BLAKE2B 404d801af9c327afcd00e2ace9d73b5fd4d6aa1e0a906d293822f7644afd2bce6456e5b10f18b295978a87def60ec214b419fa94071d40eaa78466fdfab08de4 SHA512 af986f82bb1b85f58602aa7e4bdb101dae23088c0636f385d97cd0bb46f0fca66c96c9d7f79182f7ecde16ba90318bac7e352c48ec24d4fd206961bee6f376ad
diff --git a/dev-libs/libsignal-ffi-bin/libsignal-ffi-bin-0.42.0.ebuild b/dev-libs/libsignal-ffi-bin/libsignal-ffi-bin-0.42.0.ebuild
new file mode 100644
index 0000000..4302305
--- /dev/null
+++ b/dev-libs/libsignal-ffi-bin/libsignal-ffi-bin-0.42.0.ebuild
@@ -0,0 +1,38 @@
+# Copyright 2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="libsignal-ffi prebuilt binary package"
+HOMEPAGE="https://github.com/signalapp/libsignal"
+SRC_URI="https://gentoo-overlay.friedli.info/libsignal_ffi-${PV}.a -> ${P}.a"
+
+LICENSE="AGPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+
+RDEPEND="${DEPEND}"
+
+RESTRICT="mirror"
+
+S="${WORKDIR}"
+
+MY_TARGET_NAME="libsignal_ffi-${PV}.a"
+
+src_unpack() {
+ cp "${DISTDIR}/${P}.a" "${S}/"
+}
+
+src_prepare() {
+ mv "${P}.a" "${MY_TARGET_NAME}"
+ eapply_user
+}
+
+src_compile() {
+ :
+}
+
+src_install() {
+ dolib.a "${MY_TARGET_NAME}"
+ dosym -r /usr/lib64/"${MY_TARGET_NAME}" /usr/lib64/libsignal_ffi.a
+}
diff --git a/dev-libs/libsignal-ffi-bin/metadata.xml b/dev-libs/libsignal-ffi-bin/metadata.xml
new file mode 100644
index 0000000..f9a1b48
--- /dev/null
+++ b/dev-libs/libsignal-ffi-bin/metadata.xml
@@ -0,0 +1,11 @@
+
+
+
+
+ manuel@fritteli.ch
+ Manuel Friedli
+
+
+ signalapp/libsignal
+
+
diff --git a/metadata/md5-cache/acct-group/mautrix-signal-bin-0 b/metadata/md5-cache/acct-group/mautrix-signal-bin-0
new file mode 100644
index 0000000..7eea044
--- /dev/null
+++ b/metadata/md5-cache/acct-group/mautrix-signal-bin-0
@@ -0,0 +1,8 @@
+DEFINED_PHASES=install preinst pretend
+DESCRIPTION=Group used for the mautrix signal Matrix bridge
+EAPI=8
+INHERIT=acct-group
+KEYWORDS=~amd64
+SLOT=0
+_eclasses_=user-info 9951b1a0e4f026d16c33a001fd2d5cdf acct-group 1ba28b31fccef7f4ff1cebfad243a633
+_md5_=089facd8e5589fcd1780ea802a3e0acb
diff --git a/metadata/md5-cache/acct-user/mautrix-signal-bin-0 b/metadata/md5-cache/acct-user/mautrix-signal-bin-0
new file mode 100644
index 0000000..c54487b
--- /dev/null
+++ b/metadata/md5-cache/acct-user/mautrix-signal-bin-0
@@ -0,0 +1,9 @@
+DEFINED_PHASES=install postinst preinst prerm pretend
+DESCRIPTION=User for the mautrix-signal Matrix bridge
+EAPI=8
+INHERIT=acct-user
+KEYWORDS=~amd64
+RDEPEND=acct-group/mautrix-signal-bin
+SLOT=0
+_eclasses_=user-info 9951b1a0e4f026d16c33a001fd2d5cdf acct-user 485d9a6aa1311a8ca9da380d8a8c6c76
+_md5_=a07f017347d2077b9344690c7e4293a5
diff --git a/metadata/md5-cache/dev-libs/libsignal-ffi-bin-0.42.0 b/metadata/md5-cache/dev-libs/libsignal-ffi-bin-0.42.0
new file mode 100644
index 0000000..d891bc8
--- /dev/null
+++ b/metadata/md5-cache/dev-libs/libsignal-ffi-bin-0.42.0
@@ -0,0 +1,10 @@
+DEFINED_PHASES=compile install prepare unpack
+DESCRIPTION=libsignal-ffi prebuilt binary package
+EAPI=8
+HOMEPAGE=https://github.com/signalapp/libsignal
+KEYWORDS=~amd64
+LICENSE=AGPL-3
+RESTRICT=mirror
+SLOT=0
+SRC_URI=https://gentoo-overlay.friedli.info/libsignal_ffi-0.42.0.a -> libsignal-ffi-bin-0.42.0.a
+_md5_=aa8c84b50b3e9740dcbf0056f7c4f999
diff --git a/metadata/md5-cache/net-im/mautrix-signal-bin-0.5.1 b/metadata/md5-cache/net-im/mautrix-signal-bin-0.5.1
new file mode 100644
index 0000000..df825d5
--- /dev/null
+++ b/metadata/md5-cache/net-im/mautrix-signal-bin-0.5.1
@@ -0,0 +1,14 @@
+BDEPEND=virtual/pkgconfig
+DEFINED_PHASES=compile install unpack
+DEPEND=acct-user/mautrix-signal-bin
+DESCRIPTION=A Matrix-Signal puppeting bridge.
+EAPI=8
+HOMEPAGE=https://docs.mau.fi/bridges/go/signal/index.html
+INHERIT=systemd
+KEYWORDS=~amd64
+LICENSE=AGPL-3
+RDEPEND=acct-user/mautrix-signal-bin
+SLOT=0
+SRC_URI=https://github.com/mautrix/signal/releases/download/v0.5.1/mautrix-signal-amd64 -> mautrix-signal-bin-0.5.1
+_eclasses_=toolchain-funcs e56c7649b804f051623c8bc1a1c44084 multilib c19072c3cd7ac5cb21de013f7e9832e0 systemd c8b03e8df84486aa991d4396686e8942
+_md5_=6bf3b0e36f33bf14dd2b86bd35e9d3bc
diff --git a/net-im/mautrix-signal-bin/Manifest b/net-im/mautrix-signal-bin/Manifest
new file mode 100644
index 0000000..d4aaaeb
--- /dev/null
+++ b/net-im/mautrix-signal-bin/Manifest
@@ -0,0 +1,5 @@
+AUX example-config.yaml 16358 BLAKE2B 8398daaa7ba496f52e1cab6c39ca3db278640cca207c24d13aab7106fc2b8c1e78b2bbc2689faf2daa13e7e5094f30006dc4d1340117d8fa1963a37ace079279 SHA512 882168dc62d8e45310c31b60424e2401b4f777e90012cbafda68af0d86c09e51ea864ad6dc28a400d18d83e33d8ca97841c4f75ec17192c705662830b6751427
+AUX mautrix-signal.service 752 BLAKE2B a6ede48e7e59ce5d845b14346a417673833e8dec6a764f5ada951d10e39a7412beed5663746bc47dcaefcab9a9521fb02e516f828cad252b508e56ae992e13e3 SHA512 2d9fa8ad00cc5b607668789e5493475ad012bc62b9928ecbdbd19738dee6ccc7d98b8558f1e624764cd76b134cea126430cf3f682efa019a0a4cce7007276db2
+DIST mautrix-signal-bin-0.5.1 33327672 BLAKE2B ac4bea98b1a20b1b22429c4452356623576c11779ce6d1ad3d5977c7e0314efee4cdc4d74611e8b0113d23545007686bbf4d1e305e5af130f14383fb638cfe7b SHA512 4a7cc89eff8181acb009f2afa205035894662b963672199e5a4d8f1ef780417082ca6bdb00a589307af9cce6013add8afce3892e8db1249cf0576a1e9322a5c7
+EBUILD mautrix-signal-bin-0.5.1.ebuild 957 BLAKE2B b691dcddf9da6cf88cff07a6958b0378deb76124a7e8fa99c86a67e4bec22c4721dc19a0a295afef57b5faa36527bc2f76d27b81062e0c2a76ff3651a71fb921 SHA512 e438b0207c63d838b3a11fa9bc4879bb9d1a4881808bc7a093307619799e102dabd79025126a4910653d689b75bcf2923ba0af95f92aa3d228a458b238e23256
+MISC metadata.xml 327 BLAKE2B b43501e0f83e76c07376c8ecbbeef40b1edb5541df3863b1d707378b357781e37d73a11bb47ba3e5f4a44ded424900342bc9a9ad5b1e2636a554bcdbbd96c755 SHA512 9974cd49059b27751c44655b90c20b0197e91f2aa42af2a45c4f40023cf23163c2aa8df6fe98e8090f4f92576383da50d7fb2035ea33b8b61cecf671d96af3f1
diff --git a/net-im/mautrix-signal-bin/files/example-config.yaml b/net-im/mautrix-signal-bin/files/example-config.yaml
new file mode 100644
index 0000000..a509a0c
--- /dev/null
+++ b/net-im/mautrix-signal-bin/files/example-config.yaml
@@ -0,0 +1,312 @@
+# Homeserver details.
+homeserver:
+ # The address that this appservice can use to connect to the homeserver.
+ address: https://matrix.example.com
+ # The domain of the homeserver (also known as server_name, used for MXIDs, etc).
+ domain: example.com
+
+ # What software is the homeserver running?
+ # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
+ software: standard
+ # The URL to push real-time bridge status to.
+ # If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes.
+ # The bridge will use the appservice as_token to authorize requests.
+ status_endpoint: null
+ # Endpoint for reporting per-message status.
+ message_send_checkpoint_endpoint: null
+ # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
+ async_media: false
+
+ # Should the bridge use a websocket for connecting to the homeserver?
+ # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
+ # mautrix-asmux (deprecated), and hungryserv (proprietary).
+ websocket: false
+ # How often should the websocket be pinged? Pinging will be disabled if this is zero.
+ ping_interval_seconds: 0
+
+# Application service host/registration related details.
+# Changing these values requires regeneration of the registration.
+appservice:
+ # The address that the homeserver can use to connect to this appservice.
+ address: http://localhost:29328
+
+ # The hostname and port where this appservice should listen.
+ hostname: 0.0.0.0
+ port: 29328
+
+ # Database config.
+ database:
+ # The database type. "sqlite3-fk-wal" and "postgres" are supported.
+ type: postgres
+ # The database URI.
+ # SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended.
+ # https://github.com/mattn/go-sqlite3#connection-string
+ # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
+ # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
+ uri: postgres://user:password@host/database?sslmode=disable
+ # Maximum number of connections. Mostly relevant for Postgres.
+ max_open_conns: 20
+ max_idle_conns: 2
+ # Maximum connection idle time and lifetime before they're closed. Disabled if null.
+ # Parsed with https://pkg.go.dev/time#ParseDuration
+ max_conn_idle_time: null
+ max_conn_lifetime: null
+
+ # The unique ID of this appservice.
+ id: signal
+ # Appservice bot details.
+ bot:
+ # Username of the appservice bot.
+ username: signalbot
+ # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
+ # to leave display name/avatar as-is.
+ displayname: Signal bridge bot
+ avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
+
+ # Whether or not to receive ephemeral events via appservice transactions.
+ # Requires MSC2409 support (i.e. Synapse 1.22+).
+ ephemeral_events: true
+
+ # Should incoming events be handled asynchronously?
+ # This may be necessary for large public instances with lots of messages going through.
+ # However, messages will not be guaranteed to be bridged in the same order they were sent in.
+ async_transactions: false
+
+ # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
+ as_token: "This value is generated when generating the registration"
+ hs_token: "This value is generated when generating the registration"
+
+# Prometheus config.
+metrics:
+ # Enable prometheus metrics?
+ enabled: false
+ # IP and port where the metrics listener should be. The path is always /metrics
+ listen: 127.0.0.1:8000
+
+signal:
+ # Default device name that shows up in the Signal app.
+ device_name: mautrix-signal
+
+# Bridge config
+bridge:
+ # Localpart template of MXIDs for Signal users.
+ # {{.}} is replaced with the internal ID of the Signal user.
+ username_template: signal_{{.}}
+ # Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
+ # {{.ProfileName}} - The Signal profile name set by the user.
+ # {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances.
+ # {{.PhoneNumber}} - The phone number of the user.
+ # {{.UUID}} - The UUID of the Signal user.
+ # {{.AboutEmoji}} - The emoji set by the user in their profile.
+ displayname_template: '{{or .ProfileName .PhoneNumber "Unknown user"}}'
+ # Whether to explicitly set the avatar and room name for private chat portal rooms.
+ # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
+ # If set to `always`, all DM rooms will have explicit names and avatars set.
+ # If set to `never`, DM rooms will never have names and avatars set.
+ private_chat_portal_meta: default
+ # Should avatars from the user's contact list be used? This is not safe on multi-user instances.
+ use_contact_avatars: false
+ # Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances.
+ use_outdated_profiles: false
+ # Should the Signal user's phone number be included in the room topic in private chat portal rooms?
+ number_in_topic: true
+ # Avatar image for the Note to Self room.
+ note_to_self_avatar: mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL
+
+ portal_message_buffer: 128
+
+ # Should the bridge create a space for each logged-in user and add bridged rooms to it?
+ # Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time.
+ personal_filtering_spaces: false
+ # Should Matrix m.notice-type messages be bridged?
+ bridge_notices: true
+ # Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
+ delivery_receipts: false
+ # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
+ message_status_events: false
+ # Whether the bridge should send error notices via m.notice events when a message fails to bridge.
+ message_error_notices: true
+ # Should the bridge update the m.direct account data event when double puppeting is enabled.
+ # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
+ # and is therefore prone to race conditions.
+ sync_direct_chat_list: false
+ # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
+ # This field will automatically be changed back to false after it, except if the config file is not writable.
+ resend_bridge_info: false
+ # Whether or not to make portals of groups that don't need approval of an admin to join by invite
+ # link publicly joinable on Matrix.
+ public_portals: false
+ # Send captions in the same message as images. This will send data compatible with both MSC2530.
+ # This is currently not supported in most clients.
+ caption_in_message: false
+ # Whether or not created rooms should have federation enabled.
+ # If false, created portal rooms will never be federated.
+ federate_rooms: true
+ # Servers to always allow double puppeting from
+ double_puppet_server_map:
+ example.com: https://example.com
+ # Allow using double puppeting from any server with a valid client .well-known file.
+ double_puppet_allow_discovery: false
+ # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
+ #
+ # If set, double puppeting will be enabled automatically for local users
+ # instead of users having to find an access token and run `login-matrix`
+ # manually.
+ login_shared_secret_map:
+ example.com: foobar
+
+ # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
+ # Null means there's no enforced timeout.
+ message_handling_timeout:
+ # Send an error message after this timeout, but keep waiting for the response until the deadline.
+ # This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
+ # If the message is older than this when it reaches the bridge, the message won't be handled at all.
+ error_after: null
+ # Drop messages after this timeout. They may still go through if the message got sent to the servers.
+ # This is counted from the time the bridge starts handling the message.
+ deadline: 120s
+
+ # The prefix for commands. Only required in non-management rooms.
+ command_prefix: '!signal'
+ # Messages sent upon joining a management room.
+ # Markdown is supported. The defaults are listed below.
+ management_room_text:
+ # Sent when joining a room.
+ welcome: "Hello, I'm a Signal bridge bot."
+ # Sent when joining a management room and the user is already logged in.
+ welcome_connected: "Use `help` for help."
+ # Sent when joining a management room and the user is not logged in.
+ welcome_unconnected: "Use `help` for help or `login` to log in."
+ # Optional extra text sent when joining a management room.
+ additional_help: ""
+
+ # End-to-bridge encryption support options.
+ #
+ # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
+ encryption:
+ # Allow encryption, work in group chat rooms with e2ee enabled
+ allow: false
+ # Default to encryption, force-enable encryption in all portals the bridge creates
+ # This will cause the bridge bot to be in private chats for the encryption to work properly.
+ default: false
+ # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
+ appservice: false
+ # Require encryption, drop any unencrypted messages.
+ require: false
+ # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
+ # You must use a client that supports requesting keys from other users to use this feature.
+ allow_key_sharing: false
+ # Options for deleting megolm sessions from the bridge.
+ delete_keys:
+ # Beeper-specific: delete outbound sessions when hungryserv confirms
+ # that the user has uploaded the key to key backup.
+ delete_outbound_on_ack: false
+ # Don't store outbound sessions in the inbound table.
+ dont_store_outbound: false
+ # Ratchet megolm sessions forward after decrypting messages.
+ ratchet_on_decrypt: false
+ # Delete fully used keys (index >= max_messages) after decrypting messages.
+ delete_fully_used_on_decrypt: false
+ # Delete previous megolm sessions from same device when receiving a new one.
+ delete_prev_on_new_session: false
+ # Delete megolm sessions received from a device when the device is deleted.
+ delete_on_device_delete: false
+ # Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
+ periodically_delete_expired: false
+ # Delete inbound megolm sessions that don't have the received_at field used for
+ # automatic ratcheting and expired session deletion. This is meant as a migration
+ # to delete old keys prior to the bridge update.
+ delete_outdated_inbound: false
+ # What level of device verification should be required from users?
+ #
+ # Valid levels:
+ # unverified - Send keys to all device in the room.
+ # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
+ # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
+ # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
+ # Note that creating user signatures from the bridge bot is not currently possible.
+ # verified - Require manual per-device verification
+ # (currently only possible by modifying the `trust` column in the `crypto_device` database table).
+ verification_levels:
+ # Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix.
+ receive: unverified
+ # Minimum level that the bridge should accept for incoming Matrix messages.
+ send: unverified
+ # Minimum level that the bridge should require for accepting key requests.
+ share: cross-signed-tofu
+ # Options for Megolm room key rotation. These options allow you to
+ # configure the m.room.encryption event content. See:
+ # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
+ # more information about that event.
+ rotation:
+ # Enable custom Megolm room key rotation settings. Note that these
+ # settings will only apply to rooms created after this option is
+ # set.
+ enable_custom: false
+ # The maximum number of milliseconds a session should be used
+ # before changing it. The Matrix spec recommends 604800000 (a week)
+ # as the default.
+ milliseconds: 604800000
+ # The maximum number of messages that should be sent with a given a
+ # session before changing it. The Matrix spec recommends 100 as the
+ # default.
+ messages: 100
+
+ # Disable rotating keys when a user's devices change?
+ # You should not enable this option unless you understand all the implications.
+ disable_device_change_key_rotation: false
+
+ # Settings for provisioning API
+ provisioning:
+ # Prefix for the provisioning API paths.
+ prefix: /_matrix/provision
+ # Shared secret for authentication. If set to "generate", a random secret will be generated,
+ # or if set to "disable", the provisioning API will be disabled.
+ shared_secret: generate
+ # Enable debug API at /debug with provisioning authentication.
+ debug_endpoints: false
+
+ # Permissions for using the bridge.
+ # Permitted values:
+ # relay - Talk through the relaybot (if enabled), no access otherwise
+ # user - Access to use the bridge to chat with a Signal account.
+ # admin - User level and some additional administration tools
+ # Permitted keys:
+ # * - All Matrix users
+ # domain - All users on that homeserver
+ # mxid - Specific user
+ permissions:
+ "*": relay
+ "example.com": user
+ "@admin:example.com": admin
+
+ # Settings for relay mode
+ relay:
+ # Whether relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
+ # authenticated user into a relaybot for that chat.
+ enabled: false
+ # Should only admins be allowed to set themselves as relay users?
+ admin_only: true
+ # The formats to use when sending messages to Signal via the relaybot.
+ message_formats:
+ m.text: "{{ .Sender.Displayname }}: {{ .Message }}"
+ m.notice: "{{ .Sender.Displayname }}: {{ .Message }}"
+ m.emote: "* {{ .Sender.Displayname }} {{ .Message }}"
+ m.file: "{{ .Sender.Displayname }} sent a file"
+ m.image: "{{ .Sender.Displayname }} sent an image"
+ m.audio: "{{ .Sender.Displayname }} sent an audio file"
+ m.video: "{{ .Sender.Displayname }} sent a video"
+ m.location: "{{ .Sender.Displayname }} sent a location"
+
+# Logging config. See https://github.com/tulir/zeroconfig for details.
+logging:
+ min_level: debug
+ writers:
+ - type: stdout
+ format: pretty-colored
+ - type: file
+ format: json
+ filename: ./logs/mautrix-signal.log
+ max_size: 100
+ max_backups: 10
+ compress: true
diff --git a/net-im/mautrix-signal-bin/files/mautrix-signal.service b/net-im/mautrix-signal-bin/files/mautrix-signal.service
new file mode 100644
index 0000000..4a2819f
--- /dev/null
+++ b/net-im/mautrix-signal-bin/files/mautrix-signal.service
@@ -0,0 +1,35 @@
+[Unit]
+Description=mautrix-signal bridge
+
+[Service]
+Type=exec
+User=mautrix-signal-bin
+WorkingDirectory=/opt/mautrix-signal
+ExecStart=/opt/mautrix-signal/mautrix-signal
+Restart=on-failure
+RestartSec=30s
+
+# Optional hardening to improve security
+ReadWritePaths=/opt/mautrix-signal
+NoNewPrivileges=yes
+MemoryDenyWriteExecute=true
+PrivateDevices=yes
+PrivateTmp=yes
+ProtectHome=yes
+ProtectSystem=strict
+ProtectControlGroups=true
+RestrictSUIDSGID=true
+RestrictRealtime=true
+LockPersonality=true
+ProtectKernelLogs=true
+ProtectKernelTunables=true
+ProtectHostname=true
+ProtectKernelModules=true
+PrivateUsers=true
+ProtectClock=true
+SystemCallArchitectures=native
+SystemCallErrorNumber=EPERM
+SystemCallFilter=@system-service
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-im/mautrix-signal-bin/mautrix-signal-bin-0.5.1.ebuild b/net-im/mautrix-signal-bin/mautrix-signal-bin-0.5.1.ebuild
new file mode 100644
index 0000000..e04ddf3
--- /dev/null
+++ b/net-im/mautrix-signal-bin/mautrix-signal-bin-0.5.1.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+inherit systemd
+
+DESCRIPTION="A Matrix-Signal puppeting bridge."
+HOMEPAGE="https://docs.mau.fi/bridges/go/signal/index.html"
+SRC_URI="https://github.com/mautrix/signal/releases/download/v${PV}/mautrix-signal-amd64 -> ${P}"
+
+LICENSE="AGPL-3"
+SLOT="0"
+KEYWORDS="~amd64"
+
+DEPEND="acct-user/mautrix-signal-bin"
+RDEPEND="${DEPEND}"
+
+S="${WORKDIR}"
+
+src_unpack() {
+ cp "${DISTDIR}/${P}" "${S}/mautrix-signal"
+}
+
+src_compile() {
+ :
+}
+
+src_install() {
+ exeinto /opt/mautrix-signal
+ doexe mautrix-signal
+
+ insinto /opt/mautrix-signal
+ doins "${FILESDIR}/example-config.yaml"
+
+ systemd_dounit "${FILESDIR}"/mautrix-signal.service
+
+ fowners mautrix-signal-bin:mautrix-signal-bin /opt/mautrix-signal/mautrix-signal
+ fowners mautrix-signal-bin:mautrix-signal-bin /opt/mautris-signal/example-config.yaml
+ fperms 0640 /opt/mautris-signal/example-config.yaml
+}
diff --git a/net-im/mautrix-signal-bin/metadata.xml b/net-im/mautrix-signal-bin/metadata.xml
new file mode 100644
index 0000000..5de5af8
--- /dev/null
+++ b/net-im/mautrix-signal-bin/metadata.xml
@@ -0,0 +1,11 @@
+
+
+
+
+ manuel@fritteli.ch
+ Manuel Friedli
+
+
+ mautrix/signal
+
+