peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

refactor(matrix.nix): centralize matrix-synapse secrets and remove hardcoded database name

Browse Source 
- Added `age.secrets.matrix` to manage secrets in a centralized `.age` file
- Removed hardcoded `db_name` and used `extraConfigFiles` to include the database configuration from the `.age` file
- Updated comments to reflect changes
This commit is contained in:
Giulio De Pasquale 2024-12-06 20:50:09 +00:00
parent 9b1cef61f2
commit 847677fc2f
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
hosts/architect/matrix.nix
View File

@ -2,18 +2,22 @@
let let
domain = "runas.rocks"; domain = "runas.rocks";
db_name = "matrix-synapse-runas.rocks";
utilities = import ./utilities.nix { inherit lib config; }; utilities = import ./utilities.nix { inherit lib config; };
inherit (utilities) architectInterfaceAddress; inherit (utilities) architectInterfaceAddress;
in in
{ {
age.secrets.matrix = {
file = ../../secrets/matrix-synapse.age;
owner = "matrix-synapse";
};
services = { services = {
matrix-synapse = { matrix-synapse = {
enable = true; enable = true;
# Database config is in the .age file
extraConfigFiles = [ config.age.secrets.matrix.path ];
settings = { settings = {
server_name = "${domain}"; server_name = "${domain}";
database.args.database = db_name;
public_baseurl = "https://${domain}"; public_baseurl = "https://${domain}";
registration_shared_secret = "runas!"; registration_shared_secret = "runas!";
url_preview_enabled = true; url_preview_enabled = true;