hedgedoc: persists session secret
This commit is contained in:
parent
4cbdb88057
commit
1ea91a0166
|
@ -397,6 +397,9 @@
|
|||
hedgedoc = nixosSystem' {
|
||||
modules = [
|
||||
self.nixosModules.microvm
|
||||
{
|
||||
sops.defaultSopsFile = "${secrets}/hosts/hedgedoc/secrets.yaml";
|
||||
}
|
||||
./hosts/containers/hedgedoc
|
||||
];
|
||||
};
|
||||
|
|
|
@ -33,6 +33,7 @@
|
|||
};
|
||||
defaultPermission = "freely";
|
||||
domain = "codimd.c3d2.de";
|
||||
sessionSecret = "$sessionSecret";
|
||||
useSSL = true;
|
||||
};
|
||||
};
|
||||
|
@ -74,4 +75,11 @@
|
|||
package = pkgs.postgresql_14;
|
||||
};
|
||||
};
|
||||
|
||||
sops = {
|
||||
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
secrets = {
|
||||
"hedgedoc".owner = config.systemd.services.hedgedoc.serviceConfig.User;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue