TheWanderingCrow/CrOS
1
0
Fork 0
mirror of https://github.com/TheWanderingCrow/CrOS.git synced 2026-01-11 09:44:08 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

migrate secrets to new structure

Browse source
This commit is contained in:
TheWanderingCrow 2025-11-02 11:10:45 -05:00
parent 957225dd0d
commit ca8a707ae2
7 changed files with 124 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

13
modules/services/matrix/default.nix
View file

@ -3,7 +3,11 @@
inputs,
pkgs,
...
}: {
}:
let
sopsFolder = builtins.toString inputs.nix-secrets + "/sops";
in
{
imports = [
"${inputs.nixpkgs-unstable}/nixos/modules/services/matrix/tuwunel.nix"
];
@ -15,6 +19,7 @@
sops.secrets."matrix/registration_token" = {
owner = "tuwunel";
sopsFile = "${sopsFolder}/services.yaml";
};
services.matrix-tuwunel = {
@ -32,14 +37,14 @@
allow_encryption = true;
allow_federation = true;
require_auth_for_profile_requests = true; # no user enumeration
trusted_servers = ["matrix.org"];
trusted_servers = [ "matrix.org" ];
};
};
};
networking.firewall.allowedTCPPorts = [8448];
networking.firewall.allowedTCPPorts = [ 8448 ];
users.users.caddy.extraGroups = ["tuwunel"];
users.users.caddy.extraGroups = [ "tuwunel" ];
services.caddy = {
enable = true;