From 4684cd239a2cd07d2b4a0a5c1a913a4ef6da2ca9 Mon Sep 17 00:00:00 2001 From: Daniel Olsen Date: Mon, 13 Feb 2023 00:19:14 +0100 Subject: [PATCH] matrix: enable shared secret registration --- hosts/jokum/services/matrix/synapse.nix | 6 ++++++ secrets/jokum/jokum.yaml | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/hosts/jokum/services/matrix/synapse.nix b/hosts/jokum/services/matrix/synapse.nix index 0fcf3c6..467b525 100644 --- a/hosts/jokum/services/matrix/synapse.nix +++ b/hosts/jokum/services/matrix/synapse.nix @@ -18,6 +18,11 @@ in { group = config.users.users.matrix-synapse.group; }; + sops.secrets."matrix/synapse/user_registration" = { + owner = config.users.users.matrix-synapse.name; + group = config.users.users.matrix-synapse.group; + }; + services.matrix-synapse-next = { enable = true; @@ -34,6 +39,7 @@ in { extraConfigFiles = [ config.sops.secrets."matrix/synapse/dbconfig".path + config.sops.secrets."matrix/synapse/user_registration".path ]; settings = { diff --git a/secrets/jokum/jokum.yaml b/secrets/jokum/jokum.yaml index 66d2aef..22b264d 100644 --- a/secrets/jokum/jokum.yaml +++ b/secrets/jokum/jokum.yaml @@ -2,6 +2,7 @@ matrix: synapse: dbconfig: ENC[AES256_GCM,data:R7y+867fwnVXHaknUj9RpBtkEATfUo9AoaNId/ODLkHCJyQP1761pJLqeSkQTZAnzZxqACYorV0P57tEQ5bE0aKLOL7tSClx82x7Tki0MiWME4FgxJC2fQk/vP0Ca2zufnw0s697zkfsnyx/1pjjo69amXc207NXAHCtxXO0ztWp0Q==,iv:BsbOLl/hlQIjOLnik8lZWO3+jhMEZ//fisxLon7HdE0=,tag:6sv6ySztGbxAgn+WV0I5NA==,type:str] turnconfig: ENC[AES256_GCM,data:eyUQID6nHiMH1cm418ItI3DEAjAPoR9NR7DvhfYCTvYM1LyHKVg=,iv:Jz7LEOUwTI8LCMOKqB2vN/0Zs+S0IJkHY3wpAC0q5YI=,tag:4SImxB+5JI8VtsZVy0cYIQ==,type:str] + user_registration: ENC[AES256_GCM,data:qWtVuNc0YWetsVVtXt+nlaUPq7QzbsDIb+KV2jgEfLZXU/h+vS0PL+k=,iv:72fvhUo3Bhvxj9A16sTL3teLKA0tGEk7pbgKoooOJSo=,tag:Q5vl2+ZJZqtcmMH+tNqVag==,type:str] signing_key: ENC[AES256_GCM,data:3EeV+9X9TtqhBL7QyULTS7tNyH7ayhe88B7UtNZ/TMlQSW2E1WtSVEecqs+097A1SmdKoYVr6iz0ew==,iv:TDfAdYROu7o7FIwn6oOs60surQ7zFy0+9bqhx8LtwXg=,tag:8MpNBw5TbDMxXHF9+tmZfQ==,type:str] coturn: static-auth-secret: ENC[AES256_GCM,data:bDVbTU3QaanU0fPhQF4Fil4=,iv:MVoFWgqHm88JXaCYa5l57SkX3fSmP97Z7IzvwumHWY8=,tag:ZX121OshXiLC6eRxz2Be0g==,type:str] @@ -40,8 +41,8 @@ sops: SytjNlF0M1J2WDZzV05EQ0dDMU9EcW8KoCFywdfzF7197F3YdF37P43x0D+08+tt V86bls9usaxb3hfx+QS+gS+8TR1gN3fzQ5+zhkuawP0esgvUvSdOaQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-01-21T21:36:51Z" - mac: ENC[AES256_GCM,data:bigb40nyFgIa/HeTmOgAT76z2dJRgxc0tG0CpbvayL4e/o9ctKMpyjA2ogniJfZmwieLv7jMUaq7oR6TZRAmwmO2SV4V+I9z2WQSNvsa1v5IRP+MJcpgZ9yft1SKkAxDgyjizxULs+0dB3/IUI409CetKUAu4CesSWOJxP8+4ZQ=,iv:ond6CECTL+1t6ko2YL6cdlkds63gOJ1qqP38KPEPgOQ=,tag:ihfOwU5+mT6DHxGfreSpdA==,type:str] + lastmodified: "2023-02-12T23:57:03Z" + mac: ENC[AES256_GCM,data:ZqzcX0DcOwvlpZ1GMBdIJL6xbEn+xcA4YRWl0OfTLX0sG45vh8pWiIhsb1aVxtAKW3pYAyQL0vRagPIz1f5/2BwbMW1hJORjH5p4BpFZvYm9/xYn34T8q5YVBsc4FBnH0+TouR8VyXIce017WKDkPqIjsdzYMgbxQ24pPOQSNJw=,iv:guVz8mQ5PSF94Roho0q4+Ihz+ZKCEZYNnpjnv8IbGtg=,tag:CKx+m5zNr5tzjvwd4Effdw==,type:str] pgp: - created_at: "2023-01-21T21:53:31Z" enc: |