1
0
Fork 0

mastodon: move extra config to age-encrypted file

This commit is contained in:
Daniel Kempkens 2023-02-05 21:08:03 +01:00
parent 014a2fa123
commit e7c94b293c
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
5 changed files with 9 additions and 16 deletions

View file

@ -36,6 +36,12 @@
group = "mastodon";
};
mastodon-extra-config = {
file = ./mastodon/extraConfig.age;
owner = "mastodon";
group = "mastodon";
};
freshrss-user-password = {
file = ./freshrss/userPassword.age;
owner = "freshrss";

Binary file not shown.

Binary file not shown.

View file

@ -13,6 +13,7 @@ in
"agenix/hosts/sail/mastodon/secretKeyBase.age".publicKeys = sail;
"agenix/hosts/sail/mastodon/vapidPrivateKey.age".publicKeys = sail;
"agenix/hosts/sail/mastodon/vapidPublicKey.age".publicKeys = sail;
"agenix/hosts/sail/mastodon/extraConfig.age".publicKeys = sail;
"agenix/hosts/sail/freshrss/userPassword.age".publicKeys = sail;
"agenix/hosts/sail/freshrss/databasePassword.age".publicKeys = sail;

View file

@ -75,23 +75,9 @@ in
extraConfig = {
WEB_DOMAIN = web-domain;
ES_USER = secret.mastodon.elasticsearch.user;
ES_PASS = secret.mastodon.elasticsearch.password;
S3_ENABLED = "true";
S3_BUCKET = secret.mastodon.s3.bucket;
AWS_ACCESS_KEY_ID = secret.mastodon.s3.accessKeyId;
AWS_SECRET_ACCESS_KEY = secret.mastodon.s3.secretAccessKey;
S3_PROTOCOL = "https";
S3_REGION = secret.mastodon.s3.region;
S3_ENDPOINT = secret.mastodon.s3.endpoint;
S3_ALIAS_HOST = "mastodon-cdn.kempkens.io";
S3_HOSTNAME = "mastodon-cdn.kempkens.io";
DEEPL_PLAN = "free";
DEEPL_API_KEY = secret.mastodon.deepl.apiKey;
};
extraEnvFiles = [ config.age.secrets.mastodon-extra-config.path ];
};
services.nginx = {