titaniumtown/server-config
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

secrets: migrate build-time secrets to agenix runtime

Browse Source 
- coturn: switch static-auth-secret to static-auth-secret-file
- matrix: switch registration_token and turn_secret to file-based
- murmur: switch password to environmentFile with agenix
- p2pool: move public wallet address to service-configs.nix
This commit is contained in:
Simon Gardling
2026-03-30 17:14:47 -04:00
parent eaeeed7f45
commit e4feaa35ad
9 changed files with 41 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
services/coturn.nix
View File

@@ -9,7 +9,7 @@
enable = true;
realm = service_configs.https.domain;
use-auth-secret = true;
static-auth-secret = lib.strings.trim (builtins.readFile ../secrets/coturn_static_auth_secret);
static-auth-secret-file = config.age.secrets.coturn-auth-secret.path;
listening-port = service_configs.ports.public.coturn.port;
tls-listening-port = service_configs.ports.public.coturn_tls.port;
no-cli = true;