feat(matrix): make secrets configurable HEAD main

author: Silas Schöffel <sils@sils.li> 2025-01-25 22:12:04 +0100
committer: Silas Schöffel <sils@sils.li> 2025-01-25 22:12:04 +0100
commit: 87b0880423e4306e156af709a63ab1b565970204 (patch)
tree: 5f66ae2e06474ac4c6cda6469cd5b51eeb6d0a84 /modules/by-name/ma
parent: feat(mastodon): make secrets configurable (diff)
download: nixos-server-main.zip
2 files changed, 5 insertions, 1 deletions
diff --git a/modules/by-name/ma/matrix/passwd.age b/hosts/by-name/server3/secrets/matrix/passwd.age
index 6386ed6..6386ed6 100644
--- a/modules/by-name/ma/matrix/passwd.age
+++ b/hosts/by-name/server3/secrets/matrix/passwd.age
diff --git a/modules/by-name/ma/matrix/module.nix b/modules/by-name/ma/matrix/module.nix
index a73fd13..4b730da 100644
--- a/modules/by-name/ma/matrix/module.nix
+++ b/modules/by-name/ma/matrix/module.nix
@@ -24,10 +24,14 @@ in {
       type = lib.types.str;
       description = "The url the matrix-server should be known under.";
     };
+    sharedSecretFile = lib.mkOption {
+      type = lib.types.path;
+      description = "The age encrypted shared secret file for synapse, passed to agenix";
+    };
   };
   config = lib.mkIf cfg.enable {
     age.secrets.matrix-synapse_registration_shared_secret = {
-      file = ./passwd.age;
+      file = cfg.sharedSecretFile;
       mode = "700";
       owner = "matrix-synapse";
       group = "matrix-synapse";
author	Silas Schöffel <sils@sils.li>	2025-01-25 22:12:04 +0100
committer	Silas Schöffel <sils@sils.li>	2025-01-25 22:12:04 +0100
commit	87b0880423e4306e156af709a63ab1b565970204 (patch)
tree	5f66ae2e06474ac4c6cda6469cd5b51eeb6d0a84 /modules/by-name/ma
parent	feat(mastodon): make secrets configurable (diff)
download	nixos-server-main.zip