bicep/synapse: Move database configuration out of secrets
This commit is contained in:
parent
d4bcdeb3b3
commit
f53c0c6eb5
@ -8,14 +8,6 @@ let
|
||||
imap0Attrs = with lib; f: set:
|
||||
listToAttrs (imap0 (i: attr: nameValuePair attr (f i attr set.${attr})) (attrNames set));
|
||||
in {
|
||||
sops.secrets."matrix/synapse/dbconfig" = {
|
||||
sopsFile = ../../../../secrets/bicep/matrix.yaml;
|
||||
key = "synapse/dbconfig";
|
||||
owner = config.users.users.matrix-synapse.name;
|
||||
group = config.users.users.matrix-synapse.group;
|
||||
restartUnits = [ "matrix-synapse.target" ];
|
||||
};
|
||||
|
||||
sops.secrets."matrix/synapse/signing_key" = {
|
||||
key = "synapse/signing_key";
|
||||
sopsFile = ../../../../secrets/bicep/matrix.yaml;
|
||||
@ -44,10 +36,6 @@ in {
|
||||
|
||||
enableNginx = true;
|
||||
|
||||
extraConfigFiles = [
|
||||
config.sops.secrets."matrix/synapse/dbconfig".path
|
||||
];
|
||||
|
||||
settings = {
|
||||
server_name = "pvv.ntnu.no";
|
||||
public_baseurl = "https://matrix.pvv.ntnu.no";
|
||||
@ -56,6 +44,17 @@ in {
|
||||
|
||||
media_store_path = "${cfg.dataDir}/media";
|
||||
|
||||
database = {
|
||||
name = "psycopg2";
|
||||
args = {
|
||||
host = "/var/run/postgresql";
|
||||
dbname = "synapse";
|
||||
user = "matrix-synapse";
|
||||
cp_min = 1;
|
||||
cp_max = 5;
|
||||
};
|
||||
};
|
||||
|
||||
presence.enabled = false;
|
||||
|
||||
event_cache_size = "20K"; # Default is 10K but I can't find the factor for this cache
|
||||
|
@ -1,5 +1,4 @@
|
||||
synapse:
|
||||
dbconfig: ENC[AES256_GCM,data:DzbYi9TUfdxJ9Y/dC26TBvXMu/3rnbuv/jKKcW7RfUORZFIMPYz9ZcL1nl5RwTIAI65PJEDDz9UXkynjiteJppfS1g09vF+UerUg6BWDFi+JLpXwwg3EtTA3WLCX/nZKsoR1rOzT8+wsXghozIs9KhRNQlvBP0t2qcahKrrnznR+cLXBcimmwmgX,iv:VKimpBPerhTaJYgJ9hVfNBAZO8xLCWpwuRqdWx4/DqY=,tag:wxh0qrTHMLSBoTnqDpqV5A==,type:str]
|
||||
turnconfig: ENC[AES256_GCM,data:mASRjYa4C9WRow4x0XYRrlCE5LMJUYaId+o62r1qhsyJPa2LzrI=,iv:5vYdubvMDjLS6soiWx2DzkEAATb9NFbSS/Jhuuz1yI8=,tag:wOW07CQMDbOiZNervee/pg==,type:str]
|
||||
user_registration: ENC[AES256_GCM,data:ZDZfEEvyw8pg0WzhrdC8747ed+ZR2ZA8/WypJd/iDkmIy2RmxOeI0sE=,iv:l61mOlvzpCql4fC/eubBSU6px21et2WcpxQ6rFl14iw=,tag:sVDEAa3xipKIi/6isCjWew==,type:str]
|
||||
signing_key: ENC[AES256_GCM,data:6UpfiRlX9pRM7zhdm7Mc8y8EItLzugWkHSgE0tGpEmudCTa1wc60oNbYfhKDWU81DT/U148pZOoX1A==,iv:UlqCPicPm5eNBz1xBMI3A3Rn4t/GtldNIDdMH5MMnLw=,tag:HHaw6iMjEAv5b9mjHSVpwA==,type:str]
|
||||
@ -42,8 +41,8 @@ sops:
|
||||
cGxZVnFhdXRka2drTGdkVk1iM0pFL1kK2ry7b2cLYPfntWi/BV3K2O+mHt3242Ef
|
||||
sI2JLLQYHeAhxjFdCzP1RDR+Wu/pRxZje6xuTZ9I9TKNmm+LhAXHQw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-09-13T09:02:19Z"
|
||||
mac: ENC[AES256_GCM,data:zmRZCDBwF9h/o9qAdWII4DPjoX+2b1d5+qigIizaXQrRORdlvQHHeRx72uIIcIr6Oi06YJ+nCLuKp3t5YyB2KrFtTHaW0+h7OybfnAt1Xs8LEPKPhoN90isHNr/7V6cZrVQAGg8nWUDP183vkXkADxeYHRHGxydqLKUJ5Mif1E8=,iv:kBQmskPQFVi+T/THmtj0ifbP5VsQMAxGz92Mi0Xu9RY=,tag:g4MYOAhQZHRo4rdg7emC1Q==,type:str]
|
||||
lastmodified: "2023-09-15T04:40:21Z"
|
||||
mac: ENC[AES256_GCM,data:ZJVHLbpSu/nIzl5FJfRdg2ymRN5M+zJXNUpi1hBt2MBmvK+1ed2ElhMe5x7pyasSDdaUtXDo7ghkUF7vE46Wo6Z9dvlAvhwWm7Y2AWfUe5SFVwzqlOCjSKRPFrQrL7PcDBtMj4twtwhc4XsfJoUSuigWW2m21BKtEZSuuxLRqLA=,iv:ufFbfMaNHydbkwq6lxN1dQJldkAbtqais/CZFkoDhb4=,tag:uMj0LaiU0obIlw/+HJJdKg==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-05-06T21:31:39Z"
|
||||
enc: |
|
||||
|
Loading…
Reference in New Issue
Block a user