services: matrix: use shared registration secret

This commit is contained in:
Bruno BELANYI 2021-02-04 16:46:39 +01:00
parent 6b1de02ea3
commit 6bfa421112
3 changed files with 13 additions and 3 deletions

View file

@ -77,7 +77,10 @@
# Jellyfin media server # Jellyfin media server
jellyfin.enable = true; jellyfin.enable = true;
# Matrix backend and Element chat front-end # Matrix backend and Element chat front-end
matrix.enable = true; matrix = {
enable = true;
secret = lib.fileContents ./secrets/matrix/secret.txt;
};
# The whole *arr software suite # The whole *arr software suite
pirate.enable = true; pirate.enable = true;
# Usenet client # Usenet client

BIN
secrets/matrix/secret.txt Normal file

Binary file not shown.

View file

@ -16,8 +16,13 @@ let
domain = config.networking.domain; domain = config.networking.domain;
in in
{ {
options.my.services.matrix = { options.my.services.matrix = with lib; {
enable = lib.mkEnableOption "Matrix Synapse"; enable = mkEnableOption "Matrix Synapse";
secret = mkOption {
type = types.str;
example = "deadbeef";
description = "Shared secret to register users";
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
@ -45,6 +50,8 @@ in
server_name = domain; server_name = domain;
public_baseurl = "https://matrix.${domain}"; public_baseurl = "https://matrix.${domain}";
registration_shared_secret = cfg.secret;
listeners = [ listeners = [
# Federation # Federation
{ {