darkkirb/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests 2 Projects Releases Packages Wiki Activity Actions

fix eval

Browse source
This commit is contained in:
Charlotte 🦝 Delenk 2022-04-29 21:30:14 +01:00
parent d1e2a1b5cd
commit 800dcd36ba
Signed by: darkkirb
GPG key ID: AB2BD8DAF2E37122
2 changed files with 18 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
config/services/dendrite.nix
View file

@ -13,6 +13,7 @@
enable_inbound = true;
enable_outbound = true;
};
private_key = config.sops.secrets."services/dendrite/private_key".path;
};
app_service_api.database.connection_string = "postgresql:///dendrite_app_service";
client_api = {
@ -33,6 +34,7 @@
};
};
sops.secrets."services/dendrite/secrets" = { owner = "dendrite"; };
sops.secrets."services/dendrite/private_key" = { owner = "dendrite"; };
services.postgresql.ensureDatabases = [
"dendrite_app_service"
"dendrite_federation"
@ -56,6 +58,19 @@
"DATABASE dendrite_userapi" = "ALL PRIVILEGES";
};
}];
systemd.services.dendrite.serviceConfig = {
User = "dendrite";
Group = "dendrite";
DynamicUser = lib.mkForce false;
};
users.users.dendrite = {
description = "Matrix Media Repository";
home = "/var/lib/dendrite";
useDefaultShell = true;
group = "dendrite";
isSystemUser = true;
};
users.groups.dendrite = { };
services.nginx.virtualHosts =
let
listenIPs = (import ../../utils/getInternalIP.nix config).listenIPs;

5
secrets/nas.yaml
View file

@ -4,6 +4,7 @@ network:
services:
dendrite:
secrets: ENC[AES256_GCM,data:NTm9xCA51s3ASIhIKy/wET4MqNQ=,iv:ktv+IAtbFTu6MI7HfKnT8a4m9KnFiA3hbOrhUFG6sUw=,tag:X/6O6iheQ24KbFl7XFOJpw==,type:str]
private_key: ENC[AES256_GCM,data:WODNoOxyNF0TjS98abNseCsXrAPQpNRGAg7qUKLxc0MaSnq4OxXQvP4jZ/AFQeOOyy1J0OeKnzg4WSiOXMWVf1+WCy4OL2IOIQQa733BTLhBsl3OzvZ/wKN0aLSdnTN32bN7srUkPTxhAE9C1eHApW0v7/mxxo4XUHcVViy2Lhq4n09LxswgHOY=,iv:G7ovMcU+Fs41OV9Prqi9NoxBiwciIBdFi/YPswBemdU=,tag:QmNsYGrPjJKY+Uss5ZMuTg==,type:str]
hydra:
cache-key: ENC[AES256_GCM,data:359HiOnMunY5vQowyl79OOYX7ELs1jGkyCMjvuUXUaVnPWu/Nui5UM51O4VKD6+cLvVKyy5QXJxxOVfPO5DHL7gb+rlcbcusdBs8iCLaqlxD7yHqDE6FsncFSB7OqqUKNw==,iv:/NBm6p/vpurdhFzrN7HA9Tu13g6FbWREbKh4yNPryB4=,tag:xTs/KwTOgAQwaukU8+ek0A==,type:str]
gitea_token: ENC[AES256_GCM,data:v0Ej8841I1F/dK5ZplRzZlvngpueMQKspM5USzX9VkOEmpCs2NA3+Q==,iv:fZisAuyqk7ATFx6qHYkScUeS8SsikjiPzVovZjGnUYM=,tag:7+O+Sn7unPDy88a6T70Jmg==,type:str]
@ -55,8 +56,8 @@ sops:
WnV3QWxtalIzWFdoQmpDTmJsNGdNOW8K++rFGXy0G6Gcu2gQwSP6xfXInQ/y5nh5
2oGp8sfOLFWnNI4SWL0ChP47K3C/9ysUHwQnUYPbRafZ/4X6cN40ZQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-04-29T20:21:19Z"
mac: ENC[AES256_GCM,data:5U2GHLDb1fTUaPIh1ou71QUyjPMNYGH2p9KqOHi61PJjH9LEWP78wQjPxqdLlqqXYOW0ffc+43+iq+txZXuGW83J7NW/+195d17bn8KWe6f+C8JzaViajhsDMj0ClcHftK2U9d9rAVujotnyO2n+nX0Zsn5iW/zvr4Ie9EzeuLg=,iv:TzVy/n6qN+Va0xeHIgrEu+iG3BGtfjbitUu9puaQTvM=,tag:pZ2awsN1sgWcK1wX5id3DQ==,type:str]
lastmodified: "2022-04-29T20:26:18Z"
mac: ENC[AES256_GCM,data:/1akUfawMsiMKOZ6N+C1MsEHMukrKXDe+lqlIG1KvShjTvDhko6b2YQMc2jKckk+lfVnIqCyR0HK6iToZbr++8KOBql1c4Q7DW37PC2tGhFrb8j5bCKj2Eo/pRR1RIw0WqAliWQoW+a85A4gg0XlGNPO47i2u7e1NYxBFqcxIkY=,iv:J8FNX3Ihio+Esfe23wY/p8R+Xn6em9Fn/74AWzXZfP4=,tag:bRw1Tw/khmjW8E12MH3NLQ==,type:str]
pgp:
- created_at: "2022-04-24T10:34:20Z"
enc: |