forked from pub-solar/infra
parent
2424a3ec8b
commit
4923f033f5
|
@ -5,9 +5,8 @@
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
age.secrets."nachtigall-coturn-static-auth-secret" = {
|
age.secrets."coturn-static-auth-secret" = {
|
||||||
file = "${flake.self}/secrets/nachtigall-coturn-static-auth-secret.age";
|
file = "${flake.self}/secrets/coturn-static-auth-secret.age";
|
||||||
path = "/run/agenix/coturn-static-auth-secret";
|
|
||||||
mode = "400";
|
mode = "400";
|
||||||
owner = "turnserver";
|
owner = "turnserver";
|
||||||
};
|
};
|
||||||
|
@ -19,7 +18,7 @@
|
||||||
min-port = 49000;
|
min-port = 49000;
|
||||||
max-port = 50000;
|
max-port = 50000;
|
||||||
use-auth-secret = true;
|
use-auth-secret = true;
|
||||||
static-auth-secret-file = config.age.secrets."nachtigall-coturn-static-auth-secret".path;
|
static-auth-secret-file = config.age.secrets."coturn-static-auth-secret".path;
|
||||||
realm = "turn.${config.pub-solar-os.networking.domain}";
|
realm = "turn.${config.pub-solar-os.networking.domain}";
|
||||||
cert = "${config.security.acme.certs.${realm}.directory}/full.pem";
|
cert = "${config.security.acme.certs.${realm}.directory}/full.pem";
|
||||||
pkey = "${config.security.acme.certs.${realm}.directory}/key.pem";
|
pkey = "${config.security.acme.certs.${realm}.directory}/key.pem";
|
||||||
|
|
|
@ -92,7 +92,7 @@ in
|
||||||
"mediawiki-oidc-client-secret.age".publicKeys = nachtigallKeys ++ adminKeys;
|
"mediawiki-oidc-client-secret.age".publicKeys = nachtigallKeys ++ adminKeys;
|
||||||
"mediawiki-secret-key.age".publicKeys = nachtigallKeys ++ adminKeys;
|
"mediawiki-secret-key.age".publicKeys = nachtigallKeys ++ adminKeys;
|
||||||
|
|
||||||
"nachtigall-coturn-static-auth-secret.age".publicKeys = nachtigallKeys ++ adminKeys;
|
"coturn-static-auth-secret.age".publicKeys = nachtigallKeys ++ adminKeys;
|
||||||
|
|
||||||
"grafana-admin-password.age".publicKeys = trinkgenossinKeys ++ adminKeys;
|
"grafana-admin-password.age".publicKeys = trinkgenossinKeys ++ adminKeys;
|
||||||
"grafana-keycloak-client-secret.age".publicKeys = trinkgenossinKeys ++ adminKeys;
|
"grafana-keycloak-client-secret.age".publicKeys = trinkgenossinKeys ++ adminKeys;
|
||||||
|
|
Loading…
Reference in a new issue