fi/nix-infra
1
2
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

Migrate matrix to sops-nix

Browse source
This commit is contained in:
fi 2026-05-18 21:21:20 +02:00
commit a01a891495
Signed by: fi
SSH key fingerprint: SHA256:dgX1HRsK+8F1OzYvKfv1VLhMJac/Iv/rsjixuV94+dA
5 changed files with 85 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

11
config/hosts/matrix/matrix-authentication-service.nix
View file

@ -11,7 +11,7 @@ let
{ name = "oauth"; }
{ name = "compat"; }
{ name = "graphql"; }
{
{
name = "assets";
path = "${pkgs.matrix-authentication-service}/share/matrix-authentication-service/assets/";
}
@ -92,7 +92,7 @@ in
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.matrix-authentication-service}/bin/mas-cli server --config=${masSettingsFile} --config=/secrets/matrix-mas-secret-config.secret";
ExecStart = "${pkgs.matrix-authentication-service}/bin/mas-cli server --config=${masSettingsFile} --config=/run/secrets/matrix-mas-secret-config";
WorkingDirectory = "${pkgs.matrix-authentication-service}";
User = "matrix-synapse";
Group = "matrix-synapse";
@ -102,4 +102,11 @@ in
"multi-user.target"
];
};
sops.secrets."matrix-mas-secret-config" = {
mode = "0440";
owner = "matrix-synapse";
group = "matrix-synapse";
restartUnits = [ "matrix-authentication-service.service" ];
};
}