dosei: enable journald-remote

This commit is contained in:
Oystein Kristoffer Tveit 2024-09-04 10:33:16 +02:00
parent e8db1d6612
commit fbd5b3798b
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146

View File

@ -0,0 +1,19 @@
{ ... }:
{
# TODO: Reproducible certificates
services.journald.remote = {
enable = true;
settings.Remote = {
# ServerKeyFile = "/run/credentials/systemd-journald-remote.service/key.pem";
# ServerCertificateFile = "/run/credentials/systemd-journald-remote.service/.pem";
ServerKeyFile = "/etc/journald-remote-certs/key.pem";
ServerCertificateFile = "/etc/journald-remote-certs/cert.pem";
TrustedCertificateFile = "-";
};
};
# systemd.services.systemd-journal-remote.serviceConfig.LoadCredential = [
# "key.pem:/etc/journald-remote-certs/key.pem"
# "cert.pem:/etc/journald-remote-certs/cert.pem"
# ];
}