Bun/nixos-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Agenix secrets overhaul

Browse source
This commit is contained in:
Jimbo 2024-10-28 23:24:12 -04:00
parent 83796f7cb2
commit 55dcb2fca7
56 changed files with 530 additions and 137 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/system/services/server/social/lemmy/default.nix
View file

@ -14,7 +14,7 @@
smtp_server = "mx.${config.domains.jim1}:587";
smtp_login = "noreply@${config.domains.jim1}";
smtp_from_address = "Jimbo's Lemmy <noreply@${config.domains.jim1}>";
smtp_password = config.secrets.noreplyPassword;
smtp_password = "${builtins.readFile config.age.secrets.noreplyMailPass.path}";
tls_type = "starttls";
};
};

2
modules/system/services/server/social/mastodon/default.nix
View file

@ -12,7 +12,7 @@
authenticate = true;
fromAddress = "Jimbo's Mastodon <noreply@${config.domains.jim1}>";
user = "noreply@${config.domains.jim1}";
passwordFile = pkgs.writeText "smtp_pass.txt" config.secrets.noreplyPassword;
passwordFile = config.age.secrets.noreplyMailPass.path;
};
};
}

2
modules/system/services/server/social/matrix/synapse/default.nix
View file

@ -26,7 +26,7 @@
notif_from = "Jimbo's Matrix <noreply@${config.domains.jim1}>";
smtp_host = "mx.${config.domains.jim1}";
smtp_user = "noreply@${config.domains.jim1}";
smtp_pass = config.secrets.noreplyPassword;
smtp_pass = "${builtins.readFile config.age.secrets.noreplyMailPass.path}";
enable_tls = true;
smtp_port = 587;
require_transport_security = true;

2
modules/system/services/server/social/matrix/synapse/slidingsync/default.nix
View file

@ -7,7 +7,7 @@
SYNCV3_BINDADDR = "0.0.0.0:8009";
};
environmentFile = "${pkgs.writeText "matrixsecret" ''
SYNCV3_SECRET=${config.secrets.matrixSecret}
SYNCV3_SECRET="${builtins.readFile config.age.secrets.matrixSecret.path}"
''}";
};
}

4
modules/system/services/server/social/pixelfed/default.nix
View file

@ -3,7 +3,7 @@
services.pixelfed = {
enable = true;
domain = "pics.${config.domains.jim1}";
secretFile = pkgs.writeText "appkey" config.secrets.pixelfedKey;
secretFile = config.age.secrets.pixelfedKey.path;
settings = {
APP_NAME = ''"Jimbo's Pixelfed"'';
INSTANCE_DESCRIPTION = ''"The Jimbosfiles Pixelfed Instance"'';
@ -22,7 +22,7 @@
MAIL_HOST = "mx.${config.domains.jim1}";
MAIL_PORT = 587;
MAIL_USERNAME = "noreply@${config.domains.jim1}";
MAIL_PASSWORD = "${config.secrets.noreplyPassword}";
MAIL_PASSWORD = "${builtins.readFile config.age.secrets.noreplyMailPass.path}";
};
nginx = {
enableACME = true;