tsuki/coturn: remove usage of secrets module

2024-11-28 16:36:03 +01:00 · 2024-11-28 16:36:03 +01:00 · 4082011c98
commit 4082011c98
parent 45c51639ca
1 changed files with 5 additions and 3 deletions
--- a/hosts/tsuki/services/matrix/coturn.nix
+++ b/hosts/tsuki/services/matrix/coturn.nix
@ -1,20 +1,22 @@
-{ config, lib, secrets, ... }:
+{ config, lib, ... }:
 let
  cfg = config.services.coturn;
 in
 {
+  sops.secrets."matrix_synapse/turn_shared_secret" = { };
+
  services.coturn = let
    # certName = config.services.nginx.virtualHosts.${cfg.realm}.useACMEHost;
    certName = "nani.wtf";
    certDir = config.security.acme.certs.${certName}.directory;
  in rec {
-    enable = true;
+    enable = false;
    no-cli = true;
    no-tcp-relay = true;
    min-port = 46000;
    max-port = 47000;
    use-auth-secret = true;
-    static-auth-secret = secrets.keys.matrix.static-auth-secret;
+    static-auth-secret-file = config.sops.secrets."matrix_synapse/turn_shared_secret".path;
    realm = "turn.nani.wtf";
    cert = "${certDir}/cert.pem";
    pkey = "${certDir}/key.pem";