matrix: use shared secret
This commit is contained in:
parent
76ceb26707
commit
d5eb537b5e
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
||||||
borg-backup-repo
|
/secrets/borg-backup-repo
|
||||||
miniflux-admin-credentials
|
/secrets/miniflux-admin-credentials
|
||||||
|
/secrets/matrix-registration-shared-secret
|
||||||
|
|
|
@ -88,7 +88,13 @@
|
||||||
privatePort = 8080;
|
privatePort = 8080;
|
||||||
};
|
};
|
||||||
|
|
||||||
matrix.enable = true;
|
matrix = {
|
||||||
|
enable = true;
|
||||||
|
registration_shared_secret =
|
||||||
|
(lib.removeSuffix "\n" (
|
||||||
|
builtins.readFile ./secrets/matrix-registration-shared-secret
|
||||||
|
));
|
||||||
|
};
|
||||||
|
|
||||||
monitoring = {
|
monitoring = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
1
secrets/matrix-registration-shared-secret.example
Normal file
1
secrets/matrix-registration-shared-secret.example
Normal file
|
@ -0,0 +1 @@
|
||||||
|
0000000000000000000000000000000000000000000000000000000000000000
|
|
@ -21,6 +21,13 @@ let
|
||||||
in {
|
in {
|
||||||
options.my.services.matrix = {
|
options.my.services.matrix = {
|
||||||
enable = lib.mkEnableOption "Matrix Synapse";
|
enable = lib.mkEnableOption "Matrix Synapse";
|
||||||
|
|
||||||
|
registration_shared_secret = lib.mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = null;
|
||||||
|
example = "deadbeef";
|
||||||
|
description = "Shared secret to register users";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
@ -38,6 +45,8 @@ in {
|
||||||
server_name = domain;
|
server_name = domain;
|
||||||
public_baseurl = "https://matrix.${domain}";
|
public_baseurl = "https://matrix.${domain}";
|
||||||
|
|
||||||
|
registration_shared_secret = cfg.registration_shared_secret;
|
||||||
|
|
||||||
listeners = [
|
listeners = [
|
||||||
# Federation
|
# Federation
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue