fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Enable Keycloak SSO for matrix

Browse source
This commit is contained in:
fi 2024-01-21 21:47:18 +01:00
parent eac0f3a8f5
commit a4cc341098
Signed by: fi
SSH key fingerprint: SHA256:d+6fQoDPMbSFK95zRVflRKZLRKF4cPSQb7VIxYkhFsA
2 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/hosts/matrix/matrix-synapse.nix
View file

@ -54,10 +54,12 @@
}; };
environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret"; environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret";
}; };
extras = [ "oidc" ];
extraConfigFiles = [ extraConfigFiles = [
"/secrets/matrix-registration-shared-secret.secret" "/secrets/matrix-registration-shared-secret.secret"
"/secrets/matrix-turn-shared-secret.secret" "/secrets/matrix-turn-shared-secret.secret"
"/secrets/matrix-email-smtp-pass.secret" "/secrets/matrix-email-smtp-pass.secret"
"/secrets/matrix-keycloak-client-secret.secret"
]; ];
}; };
} }

8
config/hosts/matrix/secrets.nix
View file

@ -41,5 +41,13 @@
permissions = "0640"; permissions = "0640";
uploadAt = "pre-activation"; uploadAt = "pre-activation";
}; };
"matrix-keycloak-client-secret.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "matrix/keycloak-client-secret" ];
destDir = "/secrets";
user = "matrix-synapse";
group = "matrix-synapse";
permissions = "0640";
uploadAt = "pre-activation";
};
}; };
} }