oysteikt/nix-dotfiles
oysteikt
/
nix-dotfiles
2
1
Fork 0
Code Issues Pull Requests Activity

dosei: enable journald-remote

This commit is contained in:
Oystein Kristoffer Tveit 2024-09-04 10:33:16 +02:00
parent e8db1d6612
commit fbd5b3798b
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
hosts/dosei/services/journald-remote.nix Normal file
View File

@ -0,0 +1,19 @@
{ ... }:
{
# TODO: Reproducible certificates
services.journald.remote = {
enable = true;
settings.Remote = {
# ServerKeyFile = "/run/credentials/systemd-journald-remote.service/key.pem";
# ServerCertificateFile = "/run/credentials/systemd-journald-remote.service/.pem";
ServerKeyFile = "/etc/journald-remote-certs/key.pem";
ServerCertificateFile = "/etc/journald-remote-certs/cert.pem";
TrustedCertificateFile = "-";
};
};
# systemd.services.systemd-journal-remote.serviceConfig.LoadCredential = [
# "key.pem:/etc/journald-remote-certs/key.pem"
# "cert.pem:/etc/journald-remote-certs/cert.pem"
# ];
}