Merge pull request 'nachtigall: Configure matrix-synapse with telegram integration' (#7) from feat/matrix into main
Reviewed-on: pub-solar/infra-new#7 Reviewed-by: teutat3s <teutates@mailbox.org>
This commit is contained in:
commit
f168a5393f
40
hosts/nachtigall/apps/matrix/matrix-log-config.yaml
Normal file
40
hosts/nachtigall/apps/matrix/matrix-log-config.yaml
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
version: 1
|
||||||
|
|
||||||
|
formatters:
|
||||||
|
precise:
|
||||||
|
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
|
||||||
|
|
||||||
|
filters:
|
||||||
|
context:
|
||||||
|
(): synapse.util.logcontext.LoggingContextFilter
|
||||||
|
request: ""
|
||||||
|
|
||||||
|
handlers:
|
||||||
|
console:
|
||||||
|
class: logging.StreamHandler
|
||||||
|
formatter: precise
|
||||||
|
filters: [context]
|
||||||
|
|
||||||
|
loggers:
|
||||||
|
synapse:
|
||||||
|
level: WARNING
|
||||||
|
|
||||||
|
synapse.storage.SQL:
|
||||||
|
# beware: increasing this to DEBUG will make synapse log sensitive
|
||||||
|
# information such as access tokens.
|
||||||
|
level: WARNING
|
||||||
|
|
||||||
|
synapse.http.matrixfederationclient:
|
||||||
|
level: CRITICAL
|
||||||
|
synapse.federation.sender.per_destination_queue:
|
||||||
|
level: CRITICAL
|
||||||
|
synapse.handlers.device:
|
||||||
|
level: CRITICAL
|
||||||
|
synapse.replication.tcp.handler:
|
||||||
|
level: CRITICAL
|
||||||
|
shared_secret_authenticator:
|
||||||
|
level: INFO
|
||||||
|
|
||||||
|
root:
|
||||||
|
level: WARNING
|
||||||
|
handlers: [console]
|
211
hosts/nachtigall/apps/matrix/mautrix-telegram.nix
Normal file
211
hosts/nachtigall/apps/matrix/mautrix-telegram.nix
Normal file
|
@ -0,0 +1,211 @@
|
||||||
|
{ flake, lib, config, pkgs, ... }:
|
||||||
|
{
|
||||||
|
age.secrets."matrix-mautrix-telegram-env-file" = {
|
||||||
|
file = "${flake.self}/secrets/matrix-mautrix-telegram-env-file.age";
|
||||||
|
mode = "400";
|
||||||
|
owner = "matrix-synapse";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.mautrix-telegram = {
|
||||||
|
enable = true;
|
||||||
|
environmentFile = "/run/agenix/matrix-mautrix-telegram-env-file";
|
||||||
|
settings = {
|
||||||
|
homeserver = {
|
||||||
|
# TODO: Use the port from synapse config
|
||||||
|
address = "http://localhost:8008";
|
||||||
|
domain = "test.pub.solar";
|
||||||
|
verify_ssl = true;
|
||||||
|
};
|
||||||
|
appservice = {
|
||||||
|
address = "http://localhost:8009";
|
||||||
|
bot_avatar = "mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX";
|
||||||
|
bot_displayname = "Telegram bridge bot";
|
||||||
|
bot_username = "telegrambot";
|
||||||
|
# TODO: See if we can use postgresql
|
||||||
|
database = "sqlite:////var/lib/mautrix-telegram/sqlite.db";
|
||||||
|
hostname = "0.0.0.0";
|
||||||
|
id = "telegram";
|
||||||
|
max_body_size = 1;
|
||||||
|
port = 8009;
|
||||||
|
provisioning = {
|
||||||
|
enabled = false;
|
||||||
|
prefix = "/_matrix/provision/v1";
|
||||||
|
shared_secret = "generate";
|
||||||
|
};
|
||||||
|
public = {
|
||||||
|
enabled = true;
|
||||||
|
external = "https://matrix.test.pub.solar/c3c3f34b-29fb-5feb-86e5-98c75ec8214b";
|
||||||
|
prefix = "/c3c3f34b-29fb-5feb-86e5-98c75ec8214b";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
bridge = {
|
||||||
|
alias_template = "telegram_{groupname}";
|
||||||
|
allow_matrix_login = true;
|
||||||
|
# Animated stickers conversion requires additional packages in the
|
||||||
|
# service's path.
|
||||||
|
# If this isn't a fresh installation, clearing the bridge's uploaded
|
||||||
|
# file cache might be necessary (make a database backup first!):
|
||||||
|
# delete from telegram_file where \
|
||||||
|
# mime_type in ('application/gzip', 'application/octet-stream')
|
||||||
|
animated_sticker = {
|
||||||
|
args = {
|
||||||
|
background = "'020202'"; # only for gif, transparency not supported
|
||||||
|
fps = 30; # only for webm
|
||||||
|
height = 256;
|
||||||
|
width = 256;
|
||||||
|
};
|
||||||
|
target = "gif";
|
||||||
|
};
|
||||||
|
bot_messages_as_notices = true;
|
||||||
|
bridge_notices = {
|
||||||
|
default = false;
|
||||||
|
exceptions = [];
|
||||||
|
};
|
||||||
|
command_prefix = "!tg";
|
||||||
|
delivery_error_reports = true;
|
||||||
|
delivery_receipts = false;
|
||||||
|
displayname_max_length = 100;
|
||||||
|
displayname_preference = [
|
||||||
|
"full name"
|
||||||
|
"username"
|
||||||
|
"phone number"
|
||||||
|
];
|
||||||
|
displayname_template = "'{displayname} (Telegram)'";
|
||||||
|
emote_format = "'* $mention $formatted_body'";
|
||||||
|
encryption = {
|
||||||
|
allow = false;
|
||||||
|
database = "default";
|
||||||
|
default = false;
|
||||||
|
key_sharing = {
|
||||||
|
allow = false;
|
||||||
|
require_cross_signing = false;
|
||||||
|
require_verification = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
federate_rooms = true;
|
||||||
|
filter = {
|
||||||
|
list = [];
|
||||||
|
mode = "blacklist";
|
||||||
|
};
|
||||||
|
image_as_file_size = 10;
|
||||||
|
initial_power_level_overrides = {
|
||||||
|
group = {};
|
||||||
|
user = {};
|
||||||
|
};
|
||||||
|
inline_images = false;
|
||||||
|
max_document_size = 100;
|
||||||
|
max_initial_member_sync = 10;
|
||||||
|
max_telegram_delete = 10;
|
||||||
|
message_formats = {
|
||||||
|
"m.audio" = "'<b>$sender_displayname</b> sent an audio file: $message'";
|
||||||
|
"m.emote" = "'* <b>$sender_displayname</b> $message'";
|
||||||
|
"m.file" = "'<b>$sender_displayname</b> sent a file: $message'";
|
||||||
|
"m.image" = "'<b>$sender_displayname</b> sent an image: $message'";
|
||||||
|
"m.location" = "'<b>$sender_displayname</b> sent a location: $message'";
|
||||||
|
"m.notice" = "'<b>$sender_displayname</b>: $message'";
|
||||||
|
"m.text" = "'<b>$sender_displayname</b>: $message'";
|
||||||
|
"m.video" = "'<b>$sender_displayname</b> sent a video: $message'";
|
||||||
|
};
|
||||||
|
parallel_file_transfer = false;
|
||||||
|
plaintext_highlights = false;
|
||||||
|
private_chat_portal_meta = false;
|
||||||
|
public_portals = true;
|
||||||
|
relaybot = {
|
||||||
|
authless_portals = true;
|
||||||
|
group_chat_invite = [];
|
||||||
|
ignore_own_incoming_events = true;
|
||||||
|
ignore_unbridged_group_chat = true;
|
||||||
|
private_chat = {
|
||||||
|
invite = [];
|
||||||
|
message = "This is a Matrix bridge relaybot and does not support direct chats";
|
||||||
|
state_changes = true;
|
||||||
|
};
|
||||||
|
whitelist = [];
|
||||||
|
whitelist_group_admins = true;
|
||||||
|
};
|
||||||
|
resend_bridge_info = false;
|
||||||
|
skip_deleted_members = true;
|
||||||
|
startup_sync = true;
|
||||||
|
state_event_formats = {
|
||||||
|
join = "<b>$displayname</b> joined the room.";
|
||||||
|
leave = "<b>$displayname</b> left the room.";
|
||||||
|
name_change = "<b>$prev_displayname</b> changed their name to <b>$displayname</b>";
|
||||||
|
};
|
||||||
|
sync_channel_members = false;
|
||||||
|
sync_dialog_limit = 30;
|
||||||
|
sync_direct_chats = false;
|
||||||
|
sync_matrix_state = true;
|
||||||
|
sync_with_custom_puppets = true;
|
||||||
|
telegram_link_preview = true;
|
||||||
|
username_template = "telegram_{userid}";
|
||||||
|
|
||||||
|
permissions = {
|
||||||
|
"test.pub.solar" = "full";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
logging = {
|
||||||
|
formatters= {
|
||||||
|
precise = {
|
||||||
|
format = "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
handlers = {
|
||||||
|
console = {
|
||||||
|
class = "logging.StreamHandler";
|
||||||
|
formatter = "precise";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
loggers={
|
||||||
|
aiohttp.level = "WARNING";
|
||||||
|
mau.level = "WARNING";
|
||||||
|
telethon.level = "WARNING";
|
||||||
|
};
|
||||||
|
root = {
|
||||||
|
handlers = [ "console" ];
|
||||||
|
level = "WARNING";
|
||||||
|
};
|
||||||
|
version = 1;
|
||||||
|
};
|
||||||
|
|
||||||
|
telegram = {
|
||||||
|
connection = {
|
||||||
|
flood_sleep_threshold = 60;
|
||||||
|
request_retries = 5;
|
||||||
|
retries = 5;
|
||||||
|
retry_delay = 1;
|
||||||
|
timeout = 120;
|
||||||
|
};
|
||||||
|
device_info = {
|
||||||
|
app_version = "auto";
|
||||||
|
device_model = "auto";
|
||||||
|
lang_code = "en";
|
||||||
|
system_lang_code = "en";
|
||||||
|
system_version = "auto";
|
||||||
|
};
|
||||||
|
proxy = {
|
||||||
|
address = "127.0.0.1";
|
||||||
|
password = "''";
|
||||||
|
port = 1080;
|
||||||
|
rdns = true;
|
||||||
|
type = "disabled";
|
||||||
|
username = "''";
|
||||||
|
};
|
||||||
|
server = {
|
||||||
|
dc = 2;
|
||||||
|
enabled = false;
|
||||||
|
ip = "149.154.167.40";
|
||||||
|
port = 80;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.mautrix-telegram.path = with pkgs; [
|
||||||
|
lottieconverter # for animated stickers conversion, unfree package
|
||||||
|
ffmpeg # if converting animated stickers to webm (very slow!)
|
||||||
|
];
|
||||||
|
systemd.services.mautrix-telegram.serviceConfig = {
|
||||||
|
User = "matrix-synapse";
|
||||||
|
};
|
||||||
|
}
|
236
hosts/nachtigall/apps/matrix/synapse.nix
Normal file
236
hosts/nachtigall/apps/matrix/synapse.nix
Normal file
|
@ -0,0 +1,236 @@
|
||||||
|
{ flake, config, pkgs, ... }:
|
||||||
|
let
|
||||||
|
publicDomain = "matrix.test.pub.solar";
|
||||||
|
serverDomain = "test.pub.solar";
|
||||||
|
in {
|
||||||
|
age.secrets."matrix-synapse-signing-key" = {
|
||||||
|
file = "${flake.self}/secrets/matrix-synapse-signing-key.age";
|
||||||
|
mode = "400";
|
||||||
|
owner = "matrix-synapse";
|
||||||
|
};
|
||||||
|
|
||||||
|
age.secrets."matrix-synapse-secret-config.yaml" = {
|
||||||
|
file = "${flake.self}/secrets/matrix-synapse-secret-config.yaml.age";
|
||||||
|
mode = "400";
|
||||||
|
owner = "matrix-synapse";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.matrix-synapse = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
server_name = serverDomain;
|
||||||
|
public_baseurl = "https://matrix.test.pub.solar/";
|
||||||
|
database = {
|
||||||
|
name = "psycopg2";
|
||||||
|
args = {
|
||||||
|
host = "/run/postgresql";
|
||||||
|
cp_max = 10;
|
||||||
|
cp_min = 5;
|
||||||
|
database = "matrix";
|
||||||
|
};
|
||||||
|
allow_unsafe_locale = false;
|
||||||
|
txn_limit = 0;
|
||||||
|
};
|
||||||
|
|
||||||
|
account_threepid_delegates.msisdn = "";
|
||||||
|
alias_creation_rules = [{
|
||||||
|
action = "allow";
|
||||||
|
alias= "*";
|
||||||
|
room_id = "*" ;
|
||||||
|
user_id = "*";
|
||||||
|
}];
|
||||||
|
allow_guest_access = false;
|
||||||
|
allow_public_rooms_over_federation = false;
|
||||||
|
allow_public_rooms_without_auth = false;
|
||||||
|
auto_join_rooms = [
|
||||||
|
"#community:${serverDomain}"
|
||||||
|
"#general:${serverDomain}"
|
||||||
|
];
|
||||||
|
|
||||||
|
autocreate_auto_join_rooms = true;
|
||||||
|
caches.global_factor = 0.5;
|
||||||
|
|
||||||
|
default_room_version = "10";
|
||||||
|
disable_msisdn_registration = true;
|
||||||
|
email = {
|
||||||
|
app_name = "Matrix";
|
||||||
|
client_base_url = "https://chat.pub.solar";
|
||||||
|
enable_notifs = true;
|
||||||
|
enable_tls = true;
|
||||||
|
# FUTUREWORK: Maybe we should change this
|
||||||
|
invite_client_location = "https://app.element.io";
|
||||||
|
notif_for_new_users = true;
|
||||||
|
notif_from = "Matrix <no-reply@pub.solar>";
|
||||||
|
require_transport_security = false;
|
||||||
|
smtp_host = "matrix-mailer";
|
||||||
|
smtp_port = 8025;
|
||||||
|
};
|
||||||
|
|
||||||
|
enable_media_repo = true;
|
||||||
|
enable_metrics = true;
|
||||||
|
enable_registration = false;
|
||||||
|
enable_registration_captcha = false;
|
||||||
|
enable_registration_without_verification = false;
|
||||||
|
enable_room_list_search = true;
|
||||||
|
encryption_enabled_by_default_for_room_type = "off";
|
||||||
|
event_cache_size = "100K";
|
||||||
|
federation_rr_transactions_per_room_per_second = 50;
|
||||||
|
forget_rooms_on_leave = true;
|
||||||
|
include_profile_data_on_invite = true;
|
||||||
|
instance_map = {};
|
||||||
|
limit_profile_requests_to_users_who_share_rooms = false;
|
||||||
|
|
||||||
|
log_config = ./matrix-log-config.yaml;
|
||||||
|
|
||||||
|
max_spider_size = "10M";
|
||||||
|
max_upload_size = "50M";
|
||||||
|
media_storage_providers = [];
|
||||||
|
|
||||||
|
password_config = {
|
||||||
|
enabled = false;
|
||||||
|
localdb_enabled = false;
|
||||||
|
pepper = "";
|
||||||
|
};
|
||||||
|
|
||||||
|
presencee.enabled = true;
|
||||||
|
push.include_content = false;
|
||||||
|
|
||||||
|
rc_admin_redaction= {
|
||||||
|
burst_count = 50;
|
||||||
|
per_second = 1;
|
||||||
|
};
|
||||||
|
rc_federation= {
|
||||||
|
concurrent = 3;
|
||||||
|
reject_limit = 50;
|
||||||
|
sleep_delay = 500;
|
||||||
|
sleep_limit = 10;
|
||||||
|
window_size = 1000;
|
||||||
|
};
|
||||||
|
rc_invites= {
|
||||||
|
per_issuer= {
|
||||||
|
burst_count = 10;
|
||||||
|
per_second = 0.3;
|
||||||
|
};
|
||||||
|
per_room= {
|
||||||
|
burst_count = 10;
|
||||||
|
per_second = 0.3;
|
||||||
|
};
|
||||||
|
per_user= {
|
||||||
|
burst_count = 5;
|
||||||
|
per_second = 0.003;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
rc_joins= {
|
||||||
|
local= {
|
||||||
|
burst_count = 10;
|
||||||
|
per_second = 0.1;
|
||||||
|
};
|
||||||
|
remote= {
|
||||||
|
burst_count = 10;
|
||||||
|
per_second = 0.01;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
rc_login= {
|
||||||
|
account= {
|
||||||
|
burst_count = 3;
|
||||||
|
per_second = 0.17;
|
||||||
|
};
|
||||||
|
address= {
|
||||||
|
burst_count = 3;
|
||||||
|
per_second = 0.17;
|
||||||
|
};
|
||||||
|
failed_attempts= {
|
||||||
|
burst_count = 3;
|
||||||
|
per_second = 0.17;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
rc_message= {
|
||||||
|
burst_count = 10;
|
||||||
|
per_second = 0.2;
|
||||||
|
};
|
||||||
|
rc_registration= {
|
||||||
|
burst_count = 3;
|
||||||
|
per_second = 0.17;
|
||||||
|
};
|
||||||
|
redaction_retention_period = "7d";
|
||||||
|
redis.enabled = false;
|
||||||
|
registration_requires_token = false;
|
||||||
|
registrations_require_3pid = ["email"];
|
||||||
|
report_stats = false;
|
||||||
|
require_auth_for_profile_requests = false;
|
||||||
|
room_list_publication_rules = [{
|
||||||
|
action = "allow";
|
||||||
|
alias = "*";
|
||||||
|
room_id = "*";
|
||||||
|
user_id = "*";
|
||||||
|
}];
|
||||||
|
|
||||||
|
signing_key_path = "/run/agenix/matrix-synapse-signing-key";
|
||||||
|
|
||||||
|
stream_writers = {};
|
||||||
|
trusted_key_servers = [{ server_name = "matrix.org";}];
|
||||||
|
turn_allow_guests = false;
|
||||||
|
turn_uris = [
|
||||||
|
"turn:matrix.pub.solar?transport=udp"
|
||||||
|
"turn:matrix.pub.solar?transport=tcp"
|
||||||
|
];
|
||||||
|
url_preview_accept_language = [
|
||||||
|
"en-US"
|
||||||
|
"en"
|
||||||
|
];
|
||||||
|
url_preview_enabled = true;
|
||||||
|
url_preview_ip_range_blacklist = [
|
||||||
|
"127.0.0.0/8"
|
||||||
|
"10.0.0.0/8"
|
||||||
|
"172.16.0.0/12"
|
||||||
|
"192.168.0.0/16"
|
||||||
|
"100.64.0.0/10"
|
||||||
|
"192.0.0.0/24"
|
||||||
|
"169.254.0.0/16"
|
||||||
|
"192.88.99.0/24"
|
||||||
|
"198.18.0.0/15"
|
||||||
|
"192.0.2.0/24"
|
||||||
|
"198.51.100.0/24"
|
||||||
|
"203.0.113.0/24"
|
||||||
|
"224.0.0.0/4"
|
||||||
|
"::1/128"
|
||||||
|
"fe80::/10"
|
||||||
|
"fc00::/7"
|
||||||
|
"2001:db8::/32"
|
||||||
|
"ff00::/8"
|
||||||
|
"fec0::/10"
|
||||||
|
];
|
||||||
|
|
||||||
|
user_directory = {
|
||||||
|
prefer_local_users = false;
|
||||||
|
search_all_users = false;
|
||||||
|
};
|
||||||
|
user_ips_max_age = "28d";
|
||||||
|
|
||||||
|
app_service_config_files = [
|
||||||
|
"/var/lib/matrix-synapse/telegram-registration.yaml"
|
||||||
|
# "/matrix-appservice-irc-registration.yaml"
|
||||||
|
# "/matrix-appservice-slack-registration.yaml"
|
||||||
|
# "/hookshot-registration.yml"
|
||||||
|
# "/matrix-mautrix-signal-registration.yaml"
|
||||||
|
# "/matrix-mautrix-telegram-registration.yaml"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
extraConfigFiles = [
|
||||||
|
"/run/agenix/matrix-synapse-secret-config.yaml"
|
||||||
|
|
||||||
|
# The registration file is automatically generated after starting the
|
||||||
|
# appservice for the first time.
|
||||||
|
# cp /var/lib/mautrix-telegram/telegram-registration.yaml \
|
||||||
|
# /var/lib/matrix-synapse/
|
||||||
|
# chown matrix-synapse:matrix-synapse \
|
||||||
|
# /var/lib/matrix-synapse/telegram-registration.yaml
|
||||||
|
"/var/lib/matrix-synapse/telegram-registration.yaml"
|
||||||
|
];
|
||||||
|
|
||||||
|
plugins = [
|
||||||
|
config.services.matrix-synapse.package.plugins.matrix-synapse-shared-secret-auth
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
|
@ -10,6 +10,7 @@
|
||||||
./nix.nix
|
./nix.nix
|
||||||
./apps/nginx.nix
|
./apps/nginx.nix
|
||||||
|
|
||||||
|
./apps/forgejo.nix
|
||||||
./apps/keycloak.nix
|
./apps/keycloak.nix
|
||||||
./apps/mailman.nix
|
./apps/mailman.nix
|
||||||
./apps/mastodon.nix
|
./apps/mastodon.nix
|
||||||
|
@ -18,6 +19,8 @@
|
||||||
./apps/nginx-website.nix
|
./apps/nginx-website.nix
|
||||||
./apps/opensearch.nix
|
./apps/opensearch.nix
|
||||||
./apps/postgresql.nix
|
./apps/postgresql.nix
|
||||||
./apps/forgejo.nix
|
|
||||||
|
./apps/matrix/mautrix-telegram.nix
|
||||||
|
./apps/matrix/synapse.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
BIN
secrets/matrix-mautrix-telegram-env-file.age
Normal file
BIN
secrets/matrix-mautrix-telegram-env-file.age
Normal file
Binary file not shown.
BIN
secrets/matrix-synapse-secret-config.yaml.age
Normal file
BIN
secrets/matrix-synapse-secret-config.yaml.age
Normal file
Binary file not shown.
28
secrets/matrix-synapse-signing-key.age
Normal file
28
secrets/matrix-synapse-signing-key.age
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 iDKjwg DIYhq76lfISisIR1cF5QRAHpUOcY73wh2AAIveZzQEU
|
||||||
|
AaISTQUQHKZPfI3eOmez1LsANCwMiLae6wNDtdGyrk4
|
||||||
|
-> ssh-ed25519 uYcDNw aWo4SN3rJXLWjeQFmHWQsWvq6TZysarvk2/ymPNjSW0
|
||||||
|
Z8dFM+4R/rCzVsAQtmeO/ANFdeqkcOixgcfp5Pe9FIY
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
fNc11rAe6fUi7DaxEGbU84nJ99DCwv2oSs0EXUtXYU7kSQnPzEMvBUmDtsjc/yJK
|
||||||
|
JrER6X3EZpStvveHs12T2bD8sC7qvpGDM0/yxQaD/g2sebdl/PSdly3PcKZPmFJn
|
||||||
|
5a8bdFz6auLoxPtV9Ew83rai7/zSGWomD9MtISmtzofQ6ZUMCTHkyv+JFrSGMlDR
|
||||||
|
/wAPP4AthjlysLgVnpbFixcFaZKA1825H7yk+i+TvIHIZ5YNhcTlvyos5BnKTbjI
|
||||||
|
JJffhvEz4I3c+v6Nb6tssFs/WcnuylDQZa3YqHT8zaL/pXWKZKwSTMkXMXdN5/V6
|
||||||
|
bKwwyuSepbKgcdnYt3qnSRZcGobAD3LISrkyPuh3/6v6mPxX9eriv8A+cCTVFR+H
|
||||||
|
tx2EEa0PQpgQX7erCxu8n3marv43e6tF58ULJHoBtEcUs0ov5ereNWJBRL5NcZcZ
|
||||||
|
1jAg3tJtWFcplghJ8oS4ePrCj87ibNeHUW50zTmpoCWnSdl5coKzPtFRjjWJNf0U
|
||||||
|
mUAqnoCOVSkpy+5tUbCdo3IhxXPwQp70SkBTKqJhLw7AqmqCSEt8IzO7Nmh8Cra7
|
||||||
|
CpRvcqLvOjDNKLpc3FZWcJdZyFoQUd+hjqO3GsmYE+0HQm4Prb9bDqRIyUiGa2y8
|
||||||
|
8Z/Ae7T/X2hvr/h8by/JI+f67fj9n88LMBIc2+VF17M
|
||||||
|
-> ssh-ed25519 YFSOsg 7VxASO8bBrWC66jWnFDr/E4uLrE9Eduk1DrxqKBNeAA
|
||||||
|
ADu0wFcdyO2+Jzb8nbcBl9RArUrA11+Olr+5wT1NpxI
|
||||||
|
-> ssh-ed25519 iHV63A 5its014WusI08tPQDHHPngzWaMWwbTFXUr3uRSjmgU4
|
||||||
|
PjhSqHE9QtLQsOvkTh44TYsf4dlBxlHA+0hbY0P34rI
|
||||||
|
-> ssh-ed25519 BVsyTA /0Lg7IgQ+ziQPB8zW/g+b9B5MBUmxl44zHKlPC2qgiM
|
||||||
|
/nGP+6j9jDh/I0ZW4+nkhVtIRf7rqv0RG+sPoGXq/84
|
||||||
|
-> fd]-grease "J/'r
|
||||||
|
1Gqo8aWuDf5XWFLB+OxHs3sNKf/4Kwv8dXBEtn40oL0uk8UZyUkNaLWZ2/GfdO0t
|
||||||
|
dT7bm5ihzq/7wJsIoNUgGBDprFAZgcEExno
|
||||||
|
--- zpUnJCx+HoeJm0KW3PIwljBvp/94VsyKfDQ2GRSOd+4
|
||||||
|
<1B>1ÃI#áÈC[‡´ý|)Ü<>‡:dŽ±d± Ü3X„øôŒ'Ûõ‚ÀqA±‡ok•èÈCÀTT3ºaBûÒÔþtô'ák\›Ííc&·a|:Rã5
|
|
@ -20,22 +20,19 @@ let
|
||||||
nachtigall-host
|
nachtigall-host
|
||||||
];
|
];
|
||||||
in {
|
in {
|
||||||
|
|
||||||
"mastodon-secret-key-base.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"mastodon-secret-key-base.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"mastodon-otp-secret.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"mastodon-otp-secret.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"mastodon-vapid-private-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"mastodon-vapid-private-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"mastodon-vapid-public-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"mastodon-vapid-public-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"mastodon-smtp-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"mastodon-smtp-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"mastodon-extra-env-secrets.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"mastodon-extra-env-secrets.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"keycloak-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"keycloak-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"forgejo-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"forgejo-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"forgejo-mailer-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"forgejo-mailer-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
|
"matrix-mautrix-telegram-env-file.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
"matrix-synapse-signing-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
"matrix-synapse-secret-config.yaml.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue