Remove obsolete Matrix TLS keys

This commit is contained in:
Alex 2022-12-25 23:54:55 +01:00
parent 0becfc2571
commit 0d8c6a2d45
No known key found for this signature in database
GPG key ID: 09EC5284AA804D3C
3 changed files with 0 additions and 45 deletions

View file

@ -1,22 +1,6 @@
# vim:ft=yaml # vim:ft=yaml
server_name: "deuxfleurs.fr" server_name: "deuxfleurs.fr"
# PEM encoded X509 certificate for TLS.
# You can replace the self-signed certificate that synapse
# autogenerates on launch with your own SSL certificate + key pair
# if you like. Any required intermediary certificates can be
# appended after the primary certificate in hierarchical order.
tls_certificate_path: "/etc/matrix-synapse/homeserver.tls.crt"
# PEM encoded private key for TLS
tls_private_key_path: "/etc/matrix-synapse/homeserver.tls.key"
# PEM dh parameters for ephemeral keys
tls_dh_params_path: "/etc/matrix-synapse/homeserver.tls.dh"
# Don't bind to the https port
no_tls: True
## Server ## ## Server ##

View file

@ -54,21 +54,6 @@ job "matrix" {
} }
# --- secrets --- # --- secrets ---
template {
data = "{{ key \"secrets/chat/synapse/homeserver.tls.crt\" }}"
destination = "secrets/conf/homeserver.tls.crt"
}
template {
data = "{{ key \"secrets/chat/synapse/homeserver.tls.dh\" }}"
destination = "secrets/conf/homeserver.tls.dh"
}
template {
data = "{{ key \"secrets/chat/synapse/homeserver.tls.key\" }}"
destination = "secrets/conf/homeserver.tls.key"
}
template { template {
data = "{{ key \"secrets/chat/synapse/homeserver.signing.key\" }}" data = "{{ key \"secrets/chat/synapse/homeserver.signing.key\" }}"
destination = "secrets/conf/homeserver.signing.key" destination = "secrets/conf/homeserver.signing.key"

View file

@ -33,20 +33,6 @@ description = 'S3 secret access key for Matrix bucket'
# Keys & stuff # Keys & stuff
[secrets."chat/synapse/homeserver.tls.dh"]
type = 'user'
multiline = true
description = 'DH parameters for matrix ssl key? how does this work?'
[secrets."chat/synapse/homeserver.tls.crt"]
type = 'SSL_CERT'
name = 'synapse'
cert_domains = "['im.deuxfleurs.fr']"
[secrets."chat/synapse/homeserver.tls.key"]
type = 'SSL_KEY'
name = 'synapse'
[secrets."chat/synapse/homeserver.signing.key"] [secrets."chat/synapse/homeserver.signing.key"]
type = 'user' type = 'user'
description = 'Synapse homeserver ed25519 signing key' description = 'Synapse homeserver ed25519 signing key'