summaryrefslogtreecommitdiff
path: root/hosts
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-02-24 22:20:21 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-02-24 22:20:21 +0100
commit1e901b985cecb3fb2c96df8b5b7be5e08a5d3723 (patch)
treef81940cd1a137aa4b0cb73308164398e06784c1c /hosts
parentc2f78236e3dce44068e3973b891666962b3dc4bc (diff)
downloadnixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.tar
nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.tar.gz
nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.tar.bz2
nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.tar.xz
nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.zip
surtr: ...
Diffstat (limited to 'hosts')
-rw-r--r--hosts/surtr/matrix/default.nix (renamed from hosts/surtr/matrix.nix)7
-rw-r--r--hosts/surtr/matrix/registration.yaml26
2 files changed, 33 insertions, 0 deletions
diff --git a/hosts/surtr/matrix.nix b/hosts/surtr/matrix/default.nix
index b6e6d29d..aad9bc90 100644
--- a/hosts/surtr/matrix.nix
+++ b/hosts/surtr/matrix/default.nix
@@ -30,6 +30,12 @@
30 tls_certificate_path = "/run/credentials/matrix-synapse/synapse.li.pem"; 30 tls_certificate_path = "/run/credentials/matrix-synapse/synapse.li.pem";
31 tls_private_key_path = "/run/credentials/matrix-synapse/synapse.li.key.pem"; 31 tls_private_key_path = "/run/credentials/matrix-synapse/synapse.li.key.pem";
32 tls_dh_params_path = config.security.dhparams.params.matrix-synapse.path; 32 tls_dh_params_path = config.security.dhparams.params.matrix-synapse.path;
33
34 extraConfigFiles = ["/run/credentials/matrix-synapse/registration.yaml"];
35 };
36 sops.secrets."matrix-synapse-registration.yaml" = {
37 format = "binary";
38 sopsFile = ./registration.yaml;
33 }; 39 };
34 40
35 systemd.services.matrix-synapse = { 41 systemd.services.matrix-synapse = {
@@ -37,6 +43,7 @@
37 LoadCredential = [ 43 LoadCredential = [
38 "synapse.li.key.pem:${config.security.acme.certs."synapse.li".directory}/key.pem" 44 "synapse.li.key.pem:${config.security.acme.certs."synapse.li".directory}/key.pem"
39 "synapse.li.pem:${config.security.acme.certs."synapse.li".directory}/fullchain.pem" 45 "synapse.li.pem:${config.security.acme.certs."synapse.li".directory}/fullchain.pem"
46 "registration.yaml:${config.sops.secrets."matrix-synapse-registration.yaml".path}"
40 ]; 47 ];
41 }; 48 };
42 }; 49 };
diff --git a/hosts/surtr/matrix/registration.yaml b/hosts/surtr/matrix/registration.yaml
new file mode 100644
index 00000000..44b9ca89
--- /dev/null
+++ b/hosts/surtr/matrix/registration.yaml
@@ -0,0 +1,26 @@
1{
2 "data": "ENC[AES256_GCM,data:RrFw7leN405vBuzzDi8HMMsZ68gGRNuEJ7tuPjgIsGbcI1eYQwaV1+81J3TUMFhqsgpsF3OuPEVcTEBAAaSSPJbPMiUo2dbS1AzZ,iv:+sfQ9yW+rbSDQiRlaPF5plMxwgKI6qa9o/FzLVeVHV0=,tag:Y1dnxQgFDUeRoELbSCiQBg==,type:str]",
3 "sops": {
4 "kms": null,
5 "gcp_kms": null,
6 "azure_kv": null,
7 "hc_vault": null,
8 "age": null,
9 "lastmodified": "2022-02-24T21:20:09Z",
10 "mac": "ENC[AES256_GCM,data:llCJ+LjuyaPhslNPzdARtBt67R7EcllGER9u/w8NEPd1kC2RyGGsUiO2y+LywO1SY4OO0JG5M3FAIYuXEefKofzeDMCzFlmDjPRdjts9N6e6ObGyVSppOCcRIn7J1lyy+Ml+qbxuV0VrP0DN6OxLGO/dOcvtsYjftPKxcUiplNQ=,iv:ZtBLC4Tl++1yNGK07/4GL+Qzq+Hy25gfRNRxJTvL53U=,tag:V6NyCT/1ZN0qNd1tc+NRQg==,type:str]",
11 "pgp": [
12 {
13 "created_at": "2022-02-24T21:18:14Z",
14 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAd77XebsH3fPMPEHxFn2zEVKiHBKkhSsCLESuR2PPRksw\nw8zx2eJsnnW7GnjTF7LH/OPYyDEHgSu73ZFcsUebjESupZKbeu/EL/fkNaVdHfFk\n0l4BC8BYAXh22mgnHYV2ZJp0WAfv2WL0nhemY2uQ8Zs2Zdf9866/j57xvj6RQEXP\nbInXWALV1wdXhnBGlYILdEo7U9RPHRVsbqdiRq7KZVi2gNAn93lBk5qcHsQTgIkz\n=4bf7\n-----END PGP MESSAGE-----\n",
15 "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8"
16 },
17 {
18 "created_at": "2022-02-24T21:18:14Z",
19 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAi4YnLeLo0H8uz6DbU8knoDxsgxqFcwp1M7kQp4GllFsw\nNjwT3AdoMxCYOOqFF9dNzcEieI4hqwfeN3pxe8hw5TG7EvlUbiY3x7udzoO0+9Tm\n0l4BdV1+kQsB1tldnVo+II7EvP9HWWtNowmZzZgmVRxHt/wTL2VrB3gS7EZFssoV\nDtHpqD7cQ6Pbe+R1bzg1TDmNRamzvMUKYIaJ8tuUgA2HmZI4SiaNBPLX4XML5Zbz\n=9njW\n-----END PGP MESSAGE-----\n",
20 "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51"
21 }
22 ],
23 "unencrypted_suffix": "_unencrypted",
24 "version": "3.7.1"
25 }
26} \ No newline at end of file