oysteikt/nix-dotfiles
oysteikt/nix-dotfiles
2
1
Fork 0
Code Issues Pull Requests Activity

tsuki/coturn: remove usage of secrets module

Browse Source
This commit is contained in:
Oystein Kristoffer Tveit 2024-11-28 16:36:03 +01:00
parent 45c51639ca
commit 4082011c98
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/tsuki/services/matrix/coturn.nix
View File

@ -1,20 +1,22 @@
{ config, lib, secrets, ... }: { config, lib, ... }:
let let
cfg = config.services.coturn; cfg = config.services.coturn;
in in
{ {
sops.secrets."matrix_synapse/turn_shared_secret" = { };
services.coturn = let services.coturn = let
# certName = config.services.nginx.virtualHosts.${cfg.realm}.useACMEHost; # certName = config.services.nginx.virtualHosts.${cfg.realm}.useACMEHost;
certName = "nani.wtf"; certName = "nani.wtf";
certDir = config.security.acme.certs.${certName}.directory; certDir = config.security.acme.certs.${certName}.directory;
in rec { in rec {
enable = true; enable = false;
no-cli = true; no-cli = true;
no-tcp-relay = true; no-tcp-relay = true;
min-port = 46000; min-port = 46000;
max-port = 47000; max-port = 47000;
use-auth-secret = true; use-auth-secret = true;
static-auth-secret = secrets.keys.matrix.static-auth-secret; static-auth-secret-file = config.sops.secrets."matrix_synapse/turn_shared_secret".path;
realm = "turn.nani.wtf"; realm = "turn.nani.wtf";
cert = "${certDir}/cert.pem"; cert = "${certDir}/cert.pem";
pkey = "${certDir}/key.pem"; pkey = "${certDir}/key.pem";