modules: services: matrix: use 'mailConfigFile'

In preparation of the migration to agenix.
2021-09-25 13:20:22 +02:00 · 2021-09-25 13:20:22 +02:00 · 7d37701811
parent 4643690b43
commit 7d37701811
2 changed files with 24 additions and 44 deletions
--- a/machines/porthos/services.nix
+++ b/machines/porthos/services.nix
@ -65,8 +65,18 @@ in
    # Matrix backend and Element chat front-end
    matrix = {
      enable = true;
-      mail = my.secrets.matrix.mail;
-      secret = my.secrets.matrix.secret;
+      mailConfigFile = builtins.toFile "matrix-mail.yaml" ''
+        email:
+          smtp_host: "smtp.migadu.com"
+          smtp_port: 587
+          smtp_user: "${my.secrets.matrix.mail.username}"
+          smtp_pass: "${my.secrets.matrix.mail.password}"
+          notif_from: "${my.secrets.matrix.mail.notifFrom}"
+          # Refuse to connect unless the server supports STARTTLS.
+          require_transport_security: true
+      '';
+      # Only necessary when doing the initial registration
+      # secret = "change-me";
    };
    miniflux = {
      enable = true;
--- a/modules/services/matrix.nix
+++ b/modules/services/matrix.nix
@ -20,43 +20,18 @@ in
    enable = mkEnableOption "Matrix Synapse";

    secret = mkOption {
-      type = types.str;
+      type = with types; nullOr str;
+      default = null;
      example = "deadbeef";
      description = "Shared secret to register users";
    };

-    mail = {
-      host = mkOption {
-        type = types.str;
-        default = "smtp.migadu.com";
-        example = "smtp.example.com";
-        description = "Which host should be used for SMTP";
-      };
-
-      port = mkOption {
-        type = types.port;
-        default = 587;
-        example = 25;
-        description = "Which port should be used for SMTP";
-      };
-
-      username = mkOption {
-        type = types.str;
-        example = "matrix@example.com";
-        description = "Which username should be used to connect";
-      };
-
-      password = mkOption {
-        type = types.str;
-        example = "password";
-        description = "Which password should be used to connect";
-      };
-
-      notifFrom = mkOption {
-        type = types.str;
-        example = "<matrix@example.com>";
-        description = "Which address should be used for `From` field";
-      };
+    mailConfigFile = mkOption {
+      type = types.str;
+      example = "/var/lib/matrix/email-config.yaml";
+      description = ''
+        Configuration file for mail setup.
+      '';
    };
  };

@ -106,16 +81,11 @@ in
      extraConfig = ''
        experimental_features:
          spaces_enabled: true
-
-        email:
-          smtp_host: "${cfg.mail.host}"
-          smtp_port: ${toString cfg.mail.port}
-          smtp_user: "${cfg.mail.username}"
-          smtp_pass: "${cfg.mail.password}"
-          notif_from: "${cfg.mail.notifFrom}"
-          # Refuse to connect unless the server supports STARTTLS.
-          require_transport_security: true
      '';
+
+      extraConfigFiles = [
+        cfg.mailConfigFile
+      ];
    };

    my.services.nginx.virtualHosts = [