1
0
Fork 0
forked from pub-solar/infra

modules/matrix: rename secrets to not include hostnames

This commit is contained in:
b12f 2024-10-30 17:14:47 +01:00 committed by teutat3s
parent 472f9aa68b
commit 4434a90136
Signed by untrusted user: teutat3s
GPG key ID: 4FA1D3FA524F22C1
8 changed files with 19 additions and 19 deletions

View file

@ -61,22 +61,22 @@
}; };
# matrix-synapse # matrix-synapse
age.secrets."nachtigall-matrix-synapse-signing-key" = { age.secrets."matrix-synapse-signing-key" = {
file = "${flake.self}/secrets/nachtigall-matrix-synapse-signing-key.age"; file = "${flake.self}/secrets/matrix-synapse-signing-key.age";
path = "/run/agenix/matrix-synapse-signing-key"; path = "/run/agenix/matrix-synapse-signing-key";
mode = "400"; mode = "400";
owner = "matrix-synapse"; owner = "matrix-synapse";
}; };
age.secrets."nachtigall-matrix-synapse-secret-config.yaml" = { age.secrets."matrix-synapse-secret-config.yaml" = {
file = "${flake.self}/secrets/nachtigall-matrix-synapse-secret-config.yaml.age"; file = "${flake.self}/secrets/matrix-synapse-secret-config.yaml.age";
path = "/run/agenix/matrix-synapse-secret-config.yaml"; path = "/run/agenix/matrix-synapse-secret-config.yaml";
mode = "400"; mode = "400";
owner = "matrix-synapse"; owner = "matrix-synapse";
}; };
age.secrets."nachtigall-matrix-synapse-sliding-sync-secret" = { age.secrets."matrix-synapse-sliding-sync-secret" = {
file = "${flake.self}/secrets/nachtigall-matrix-synapse-sliding-sync-secret.age"; file = "${flake.self}/secrets/matrix-synapse-sliding-sync-secret.age";
path = "/run/agenix/matrix-synapse-sliding-sync-secret"; path = "/run/agenix/matrix-synapse-sliding-sync-secret";
mode = "400"; mode = "400";
owner = "matrix-synapse"; owner = "matrix-synapse";
@ -85,9 +85,9 @@
pub-solar-os.matrix-synapse = { pub-solar-os.matrix-synapse = {
enable = true; enable = true;
sliding-sync.enable = true; sliding-sync.enable = true;
signing_key_path = config.age.secrets."nachtigall-matrix-synapse-signing-key".path; signing_key_path = config.age.secrets."matrix-synapse-signing-key".path;
extra-config-files = [ extra-config-files = [
config.age.secrets."nachtigall-matrix-synapse-secret-config.yaml".path config.age.secrets."matrix-synapse-secret-config.yaml".path
# The registration file is automatically generated after starting the # The registration file is automatically generated after starting the
# appservice for the first time. # appservice for the first time.

View file

@ -30,14 +30,14 @@
forceSSL = true; forceSSL = true;
}; };
age.secrets."underground-matrix-synapse-secret-config.yaml" = { age.secrets."staging-matrix-synapse-secret-config.yaml" = {
file = "${flake.self}/secrets/underground-matrix-synapse-secret-config.yaml.age"; file = "${flake.self}/secrets/staging-matrix-synapse-secret-config.yaml.age";
mode = "400"; mode = "400";
owner = "matrix-synapse"; owner = "matrix-synapse";
}; };
age.secrets."underground-matrix-authentication-service-secret-config.yml" = { age.secrets."staging-matrix-authentication-service-secret-config.yml" = {
file = "${flake.self}/secrets/underground-matrix-authentication-service-secret-config.yml.age"; file = "${flake.self}/secrets/staging-matrix-authentication-service-secret-config.yml.age";
mode = "400"; mode = "400";
owner = "matrix-authentication-service"; owner = "matrix-authentication-service";
}; };
@ -45,7 +45,7 @@
pub-solar-os.matrix-synapse = { pub-solar-os.matrix-synapse = {
enable = true; enable = true;
extra-config-files = [ extra-config-files = [
config.age.secrets."underground-matrix-synapse-secret-config.yaml".path config.age.secrets."staging-matrix-synapse-secret-config.yaml".path
# The registration file is automatically generated after starting the # The registration file is automatically generated after starting the
# appservice for the first time. # appservice for the first time.
@ -65,7 +65,7 @@
enable = true; enable = true;
createDatabase = true; createDatabase = true;
extraConfigFiles = [ extraConfigFiles = [
config.age.secrets."underground-matrix-authentication-service-secret-config.yml".path config.age.secrets."staging-matrix-authentication-service-secret-config.yml".path
]; ];
settings = { settings = {
http.public_base = "https://mas.${config.pub-solar-os.networking.domain}"; http.public_base = "https://mas.${config.pub-solar-os.networking.domain}";

View file

@ -65,12 +65,12 @@ in
"forgejo-ssh-private-key.age".publicKeys = nachtigallKeys ++ adminKeys; "forgejo-ssh-private-key.age".publicKeys = nachtigallKeys ++ adminKeys;
"matrix-mautrix-telegram-env-file.age".publicKeys = nachtigallKeys ++ adminKeys; "matrix-mautrix-telegram-env-file.age".publicKeys = nachtigallKeys ++ adminKeys;
"nachtigall-matrix-synapse-signing-key.age".publicKeys = nachtigallKeys ++ adminKeys; "matrix-synapse-signing-key.age".publicKeys = nachtigallKeys ++ adminKeys;
"nachtigall-matrix-synapse-secret-config.yaml.age".publicKeys = nachtigallKeys ++ adminKeys; "matrix-synapse-secret-config.yaml.age".publicKeys = nachtigallKeys ++ adminKeys;
"nachtigall-matrix-synapse-sliding-sync-secret.age".publicKeys = nachtigallKeys ++ adminKeys; "matrix-synapse-sliding-sync-secret.age".publicKeys = nachtigallKeys ++ adminKeys;
"underground-matrix-synapse-secret-config.yaml.age".publicKeys = undergroundKeys ++ adminKeys; "staging-matrix-synapse-secret-config.yaml.age".publicKeys = undergroundKeys ++ adminKeys;
"underground-matrix-authentication-service-secret-config.yml.age".publicKeys = "staging-matrix-authentication-service-secret-config.yml.age".publicKeys =
undergroundKeys ++ adminKeys; undergroundKeys ++ adminKeys;
"nextcloud-secrets.age".publicKeys = nachtigallKeys ++ adminKeys; "nextcloud-secrets.age".publicKeys = nachtigallKeys ++ adminKeys;