mastodon: move extra config to age-encrypted file
This commit is contained in:
parent
014a2fa123
commit
e7c94b293c
5 changed files with 9 additions and 16 deletions
|
@ -36,6 +36,12 @@
|
|||
group = "mastodon";
|
||||
};
|
||||
|
||||
mastodon-extra-config = {
|
||||
file = ./mastodon/extraConfig.age;
|
||||
owner = "mastodon";
|
||||
group = "mastodon";
|
||||
};
|
||||
|
||||
freshrss-user-password = {
|
||||
file = ./freshrss/userPassword.age;
|
||||
owner = "freshrss";
|
||||
|
|
BIN
agenix/hosts/sail/mastodon/extraConfig.age
Normal file
BIN
agenix/hosts/sail/mastodon/extraConfig.age
Normal file
Binary file not shown.
Binary file not shown.
|
@ -13,6 +13,7 @@ in
|
|||
"agenix/hosts/sail/mastodon/secretKeyBase.age".publicKeys = sail;
|
||||
"agenix/hosts/sail/mastodon/vapidPrivateKey.age".publicKeys = sail;
|
||||
"agenix/hosts/sail/mastodon/vapidPublicKey.age".publicKeys = sail;
|
||||
"agenix/hosts/sail/mastodon/extraConfig.age".publicKeys = sail;
|
||||
|
||||
"agenix/hosts/sail/freshrss/userPassword.age".publicKeys = sail;
|
||||
"agenix/hosts/sail/freshrss/databasePassword.age".publicKeys = sail;
|
||||
|
|
|
@ -75,23 +75,9 @@ in
|
|||
|
||||
extraConfig = {
|
||||
WEB_DOMAIN = web-domain;
|
||||
|
||||
ES_USER = secret.mastodon.elasticsearch.user;
|
||||
ES_PASS = secret.mastodon.elasticsearch.password;
|
||||
|
||||
S3_ENABLED = "true";
|
||||
S3_BUCKET = secret.mastodon.s3.bucket;
|
||||
AWS_ACCESS_KEY_ID = secret.mastodon.s3.accessKeyId;
|
||||
AWS_SECRET_ACCESS_KEY = secret.mastodon.s3.secretAccessKey;
|
||||
S3_PROTOCOL = "https";
|
||||
S3_REGION = secret.mastodon.s3.region;
|
||||
S3_ENDPOINT = secret.mastodon.s3.endpoint;
|
||||
S3_ALIAS_HOST = "mastodon-cdn.kempkens.io";
|
||||
S3_HOSTNAME = "mastodon-cdn.kempkens.io";
|
||||
|
||||
DEEPL_PLAN = "free";
|
||||
DEEPL_API_KEY = secret.mastodon.deepl.apiKey;
|
||||
};
|
||||
|
||||
extraEnvFiles = [ config.age.secrets.mastodon-extra-config.path ];
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
|
|
Loading…
Reference in a new issue