diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-08-09 11:23:00 +0300 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-08-09 11:23:00 +0300 |
commit | c1f62e9827efe7c8e303e3cfa70dac8f544312b1 (patch) | |
tree | d20ff0f367804bc87996c6312cebe2fa57b5bd4c /hosts/surtr/matrix | |
parent | de66ba821b2851cb23bcc7b064e84de3dd848e26 (diff) | |
download | nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.gz nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.bz2 nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.xz nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.zip |
...
Diffstat (limited to 'hosts/surtr/matrix')
-rw-r--r-- | hosts/surtr/matrix/default.nix | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix index a469be69..e3a52f9a 100644 --- a/hosts/surtr/matrix/default.nix +++ b/hosts/surtr/matrix/default.nix | |||
@@ -265,7 +265,7 @@ with lib; | |||
265 | min-port = 49000; | 265 | min-port = 49000; |
266 | max-port = 50000; | 266 | max-port = 50000; |
267 | use-auth-secret = true; | 267 | use-auth-secret = true; |
268 | static-auth-secret-file = config.sops.secrets."coturn-auth-secret".path; | 268 | static-auth-secret-file = "/run/credentials/coturn.service/auth-secret"; |
269 | realm = "turn.synapse.li"; | 269 | realm = "turn.synapse.li"; |
270 | cert = "/run/credentials/coturn.service/turn.synapse.li.pem"; | 270 | cert = "/run/credentials/coturn.service/turn.synapse.li.pem"; |
271 | pkey = "/run/credentials/coturn.service/turn.synapse.li.key.pem"; | 271 | pkey = "/run/credentials/coturn.service/turn.synapse.li.key.pem"; |
@@ -307,6 +307,7 @@ with lib; | |||
307 | LoadCredential = [ | 307 | LoadCredential = [ |
308 | "turn.synapse.li.key.pem:${config.security.acme.certs."turn.synapse.li".directory}/key.pem" | 308 | "turn.synapse.li.key.pem:${config.security.acme.certs."turn.synapse.li".directory}/key.pem" |
309 | "turn.synapse.li.pem:${config.security.acme.certs."turn.synapse.li".directory}/fullchain.pem" | 309 | "turn.synapse.li.pem:${config.security.acme.certs."turn.synapse.li".directory}/fullchain.pem" |
310 | "auth-secret:${config.sops.secrets."coturn-auth-secret".path}" | ||
310 | ]; | 311 | ]; |
311 | }; | 312 | }; |
312 | }; | 313 | }; |
@@ -314,8 +315,6 @@ with lib; | |||
314 | sops.secrets."coturn-auth-secret" = { | 315 | sops.secrets."coturn-auth-secret" = { |
315 | format = "binary"; | 316 | format = "binary"; |
316 | sopsFile = ./coturn-auth-secret; | 317 | sopsFile = ./coturn-auth-secret; |
317 | owner = "turnserver"; | ||
318 | group = "turnserver"; | ||
319 | }; | 318 | }; |
320 | }; | 319 | }; |
321 | } | 320 | } |