summaryrefslogtreecommitdiff
path: root/hosts/surtr/matrix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-08-09 11:23:00 +0300
committerGregor Kleen <gkleen@yggdrasil.li>2022-08-09 11:23:00 +0300
commitc1f62e9827efe7c8e303e3cfa70dac8f544312b1 (patch)
treed20ff0f367804bc87996c6312cebe2fa57b5bd4c /hosts/surtr/matrix
parentde66ba821b2851cb23bcc7b064e84de3dd848e26 (diff)
downloadnixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar
nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.gz
nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.bz2
nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.xz
nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.zip
...
Diffstat (limited to 'hosts/surtr/matrix')
-rw-r--r--hosts/surtr/matrix/default.nix5
1 files changed, 2 insertions, 3 deletions
diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix
index a469be69..e3a52f9a 100644
--- a/hosts/surtr/matrix/default.nix
+++ b/hosts/surtr/matrix/default.nix
@@ -265,7 +265,7 @@ with lib;
265 min-port = 49000; 265 min-port = 49000;
266 max-port = 50000; 266 max-port = 50000;
267 use-auth-secret = true; 267 use-auth-secret = true;
268 static-auth-secret-file = config.sops.secrets."coturn-auth-secret".path; 268 static-auth-secret-file = "/run/credentials/coturn.service/auth-secret";
269 realm = "turn.synapse.li"; 269 realm = "turn.synapse.li";
270 cert = "/run/credentials/coturn.service/turn.synapse.li.pem"; 270 cert = "/run/credentials/coturn.service/turn.synapse.li.pem";
271 pkey = "/run/credentials/coturn.service/turn.synapse.li.key.pem"; 271 pkey = "/run/credentials/coturn.service/turn.synapse.li.key.pem";
@@ -307,6 +307,7 @@ with lib;
307 LoadCredential = [ 307 LoadCredential = [
308 "turn.synapse.li.key.pem:${config.security.acme.certs."turn.synapse.li".directory}/key.pem" 308 "turn.synapse.li.key.pem:${config.security.acme.certs."turn.synapse.li".directory}/key.pem"
309 "turn.synapse.li.pem:${config.security.acme.certs."turn.synapse.li".directory}/fullchain.pem" 309 "turn.synapse.li.pem:${config.security.acme.certs."turn.synapse.li".directory}/fullchain.pem"
310 "auth-secret:${config.sops.secrets."coturn-auth-secret".path}"
310 ]; 311 ];
311 }; 312 };
312 }; 313 };
@@ -314,8 +315,6 @@ with lib;
314 sops.secrets."coturn-auth-secret" = { 315 sops.secrets."coturn-auth-secret" = {
315 format = "binary"; 316 format = "binary";
316 sopsFile = ./coturn-auth-secret; 317 sopsFile = ./coturn-auth-secret;
317 owner = "turnserver";
318 group = "turnserver";
319 }; 318 };
320 }; 319 };
321} 320}