macronova/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix secret permission

Browse source
This commit is contained in:
Invariantspace 2024-09-01 00:25:35 -07:00
parent b08a27c475
commit 5477c80ec6
No known key found for this signature in database
GPG key ID: EBC4A20067373921
2 changed files with 10 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

6
linux/nebula/jellyfin.nix
View file

@ -1,8 +1,4 @@
{
config,
pkgs,
...
}:
{config, ...}:
with config.constants; {
hardware.graphics.enable = true;

15
linux/singularity/coturn.nix
View file

@ -1,8 +1,10 @@
{config, ...}: {
services.coturn = with config.constants; let
acmeDir = config.security.acme.certs.${coturn-realm}.directory;
coturn-realm = "turn.${domain}";
in {
{config, ...}:
with config.constants; let
acmeDir = config.security.acme.certs.${coturn-realm}.directory;
coturn-realm = "turn.${domain}";
coturn-user = config.users.users.turnserver;
in {
services.coturn = {
enable = true;
cert = "${acmeDir}/fullchain.pem";
listening-port = port.coturn;
@ -15,5 +17,6 @@
use-auth-secret = true;
};
sops.secrets.coturn = {};
security.acme.certs.${coturn-realm}.group = coturn-user.group;
sops.secrets.coturn.owner = coturn-user.name;
}