diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-24 22:20:21 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-24 22:20:21 +0100 |
commit | 1e901b985cecb3fb2c96df8b5b7be5e08a5d3723 (patch) | |
tree | f81940cd1a137aa4b0cb73308164398e06784c1c /hosts | |
parent | c2f78236e3dce44068e3973b891666962b3dc4bc (diff) | |
download | nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.tar nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.tar.gz nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.tar.bz2 nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.tar.xz nixos-1e901b985cecb3fb2c96df8b5b7be5e08a5d3723.zip |
surtr: ...
Diffstat (limited to 'hosts')
-rw-r--r-- | hosts/surtr/matrix/default.nix (renamed from hosts/surtr/matrix.nix) | 7 | ||||
-rw-r--r-- | hosts/surtr/matrix/registration.yaml | 26 |
2 files changed, 33 insertions, 0 deletions
diff --git a/hosts/surtr/matrix.nix b/hosts/surtr/matrix/default.nix index b6e6d29d..aad9bc90 100644 --- a/hosts/surtr/matrix.nix +++ b/hosts/surtr/matrix/default.nix | |||
@@ -30,6 +30,12 @@ | |||
30 | tls_certificate_path = "/run/credentials/matrix-synapse/synapse.li.pem"; | 30 | tls_certificate_path = "/run/credentials/matrix-synapse/synapse.li.pem"; |
31 | tls_private_key_path = "/run/credentials/matrix-synapse/synapse.li.key.pem"; | 31 | tls_private_key_path = "/run/credentials/matrix-synapse/synapse.li.key.pem"; |
32 | tls_dh_params_path = config.security.dhparams.params.matrix-synapse.path; | 32 | tls_dh_params_path = config.security.dhparams.params.matrix-synapse.path; |
33 | |||
34 | extraConfigFiles = ["/run/credentials/matrix-synapse/registration.yaml"]; | ||
35 | }; | ||
36 | sops.secrets."matrix-synapse-registration.yaml" = { | ||
37 | format = "binary"; | ||
38 | sopsFile = ./registration.yaml; | ||
33 | }; | 39 | }; |
34 | 40 | ||
35 | systemd.services.matrix-synapse = { | 41 | systemd.services.matrix-synapse = { |
@@ -37,6 +43,7 @@ | |||
37 | LoadCredential = [ | 43 | LoadCredential = [ |
38 | "synapse.li.key.pem:${config.security.acme.certs."synapse.li".directory}/key.pem" | 44 | "synapse.li.key.pem:${config.security.acme.certs."synapse.li".directory}/key.pem" |
39 | "synapse.li.pem:${config.security.acme.certs."synapse.li".directory}/fullchain.pem" | 45 | "synapse.li.pem:${config.security.acme.certs."synapse.li".directory}/fullchain.pem" |
46 | "registration.yaml:${config.sops.secrets."matrix-synapse-registration.yaml".path}" | ||
40 | ]; | 47 | ]; |
41 | }; | 48 | }; |
42 | }; | 49 | }; |
diff --git a/hosts/surtr/matrix/registration.yaml b/hosts/surtr/matrix/registration.yaml new file mode 100644 index 00000000..44b9ca89 --- /dev/null +++ b/hosts/surtr/matrix/registration.yaml | |||
@@ -0,0 +1,26 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:RrFw7leN405vBuzzDi8HMMsZ68gGRNuEJ7tuPjgIsGbcI1eYQwaV1+81J3TUMFhqsgpsF3OuPEVcTEBAAaSSPJbPMiUo2dbS1AzZ,iv:+sfQ9yW+rbSDQiRlaPF5plMxwgKI6qa9o/FzLVeVHV0=,tag:Y1dnxQgFDUeRoELbSCiQBg==,type:str]", | ||
3 | "sops": { | ||
4 | "kms": null, | ||
5 | "gcp_kms": null, | ||
6 | "azure_kv": null, | ||
7 | "hc_vault": null, | ||
8 | "age": null, | ||
9 | "lastmodified": "2022-02-24T21:20:09Z", | ||
10 | "mac": "ENC[AES256_GCM,data:llCJ+LjuyaPhslNPzdARtBt67R7EcllGER9u/w8NEPd1kC2RyGGsUiO2y+LywO1SY4OO0JG5M3FAIYuXEefKofzeDMCzFlmDjPRdjts9N6e6ObGyVSppOCcRIn7J1lyy+Ml+qbxuV0VrP0DN6OxLGO/dOcvtsYjftPKxcUiplNQ=,iv:ZtBLC4Tl++1yNGK07/4GL+Qzq+Hy25gfRNRxJTvL53U=,tag:V6NyCT/1ZN0qNd1tc+NRQg==,type:str]", | ||
11 | "pgp": [ | ||
12 | { | ||
13 | "created_at": "2022-02-24T21:18:14Z", | ||
14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAd77XebsH3fPMPEHxFn2zEVKiHBKkhSsCLESuR2PPRksw\nw8zx2eJsnnW7GnjTF7LH/OPYyDEHgSu73ZFcsUebjESupZKbeu/EL/fkNaVdHfFk\n0l4BC8BYAXh22mgnHYV2ZJp0WAfv2WL0nhemY2uQ8Zs2Zdf9866/j57xvj6RQEXP\nbInXWALV1wdXhnBGlYILdEo7U9RPHRVsbqdiRq7KZVi2gNAn93lBk5qcHsQTgIkz\n=4bf7\n-----END PGP MESSAGE-----\n", | ||
15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" | ||
16 | }, | ||
17 | { | ||
18 | "created_at": "2022-02-24T21:18:14Z", | ||
19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAi4YnLeLo0H8uz6DbU8knoDxsgxqFcwp1M7kQp4GllFsw\nNjwT3AdoMxCYOOqFF9dNzcEieI4hqwfeN3pxe8hw5TG7EvlUbiY3x7udzoO0+9Tm\n0l4BdV1+kQsB1tldnVo+II7EvP9HWWtNowmZzZgmVRxHt/wTL2VrB3gS7EZFssoV\nDtHpqD7cQ6Pbe+R1bzg1TDmNRamzvMUKYIaJ8tuUgA2HmZI4SiaNBPLX4XML5Zbz\n=9njW\n-----END PGP MESSAGE-----\n", | ||
20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" | ||
21 | } | ||
22 | ], | ||
23 | "unencrypted_suffix": "_unencrypted", | ||
24 | "version": "3.7.1" | ||
25 | } | ||
26 | } \ No newline at end of file | ||