matrix: use shared secret
This commit is contained in:
parent
76ceb26707
commit
d5eb537b5e
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
|||
borg-backup-repo
|
||||
miniflux-admin-credentials
|
||||
/secrets/borg-backup-repo
|
||||
/secrets/miniflux-admin-credentials
|
||||
/secrets/matrix-registration-shared-secret
|
||||
|
|
|
@ -88,7 +88,13 @@
|
|||
privatePort = 8080;
|
||||
};
|
||||
|
||||
matrix.enable = true;
|
||||
matrix = {
|
||||
enable = true;
|
||||
registration_shared_secret =
|
||||
(lib.removeSuffix "\n" (
|
||||
builtins.readFile ./secrets/matrix-registration-shared-secret
|
||||
));
|
||||
};
|
||||
|
||||
monitoring = {
|
||||
enable = true;
|
||||
|
|
1
secrets/matrix-registration-shared-secret.example
Normal file
1
secrets/matrix-registration-shared-secret.example
Normal file
|
@ -0,0 +1 @@
|
|||
0000000000000000000000000000000000000000000000000000000000000000
|
|
@ -21,6 +21,13 @@ let
|
|||
in {
|
||||
options.my.services.matrix = {
|
||||
enable = lib.mkEnableOption "Matrix Synapse";
|
||||
|
||||
registration_shared_secret = lib.mkOption {
|
||||
type = types.str;
|
||||
default = null;
|
||||
example = "deadbeef";
|
||||
description = "Shared secret to register users";
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
@ -38,6 +45,8 @@ in {
|
|||
server_name = domain;
|
||||
public_baseurl = "https://matrix.${domain}";
|
||||
|
||||
registration_shared_secret = cfg.registration_shared_secret;
|
||||
|
||||
listeners = [
|
||||
# Federation
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue