From 9fbaa9c893c425cae1495d721ae12dbc3a63fe9d Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Mon, 28 Feb 2022 15:33:39 +0100
Subject: surtr: matrix: ...

---
 hosts/surtr/matrix/default.nix | 40 ++++++++++++++++++++--------------------
 1 file changed, 20 insertions(+), 20 deletions(-)

(limited to 'hosts/surtr/matrix/default.nix')

diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix
index 777f9f84..936a0528 100644
--- a/hosts/surtr/matrix/default.nix
+++ b/hosts/surtr/matrix/default.nix
@@ -37,28 +37,28 @@ with lib;
       extraConfigFiles = [
         "/run/credentials/matrix-synapse.service/registration.yaml"
         "/run/credentials/matrix-synapse.service/turn-secret.yaml"
-      ];
-      extraConfig = generators.toYAML {} {
-        "refreshable_access_token_lifetime" = "5m";
-        # "nonrefreshable_access_token_lifetime" = "1w"; # TODO: uncomment once all (relevant) clients have support for refreshable tokens
-        "refresh_token_lifetime" = "1w";
-        "registration_requires_token" = true;
+        (pkgs.writeText "homeserver.yaml" (generators.toYAML {} {
+          "refreshable_access_token_lifetime" = "5m";
+          # "nonrefreshable_access_token_lifetime" = "1w"; # TODO: uncomment once all (relevant) clients have support for refreshable tokens
+          "refresh_token_lifetime" = "1w";
+          "registration_requires_token" = true;
 
-        "admin_contact" = "mailto:matrix-admin@yggdrasil.li";
+          "admin_contact" = "mailto:matrix-admin@yggdrasil.li";
 
-        "url_preview_enabled" = true;
-        "url_preview_ip_range_blacklist" = [
-          "127.0.0.0/8" "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16"
-          "100.64.0.0/10" "192.0.0.0/24" "169.254.0.0/16"
-          "192.88.99.0/24" "198.18.0.0/15" "192.0.2.0/24"
-          "198.51.100.0/24" "203.0.113.0/24" "224.0.0.0/4" "::1/128"
-          "fe80::/10" "fc00::/7" "2001:db8::/32" "ff00::/8"
-          "fec0::/10" "2a03:4000:52:ada::/64"
-        ];
-        "url_preview_ip_range_whitelist" = [
-          "2a03:4000:52:ada::/128"
-        ];
-      };
+          "url_preview_enabled" = true;
+          "url_preview_ip_range_blacklist" = [
+            "127.0.0.0/8" "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16"
+            "100.64.0.0/10" "192.0.0.0/24" "169.254.0.0/16"
+            "192.88.99.0/24" "198.18.0.0/15" "192.0.2.0/24"
+            "198.51.100.0/24" "203.0.113.0/24" "224.0.0.0/4" "::1/128"
+            "fe80::/10" "fc00::/7" "2001:db8::/32" "ff00::/8"
+            "fec0::/10" "2a03:4000:52:ada::/64"
+          ];
+          "url_preview_ip_range_whitelist" = [
+            "2a03:4000:52:ada::/128"
+          ];
+        }))
+      ];
     };
     sops.secrets."matrix-synapse-registration.yaml" = {
       format = "binary";
-- 
cgit v1.2.3