updated version of secretmgr #5

Merged
lx merged 10 commits from new-secretmgr into main 2023-01-01 18:47:34 +00:00
3 changed files with 0 additions and 45 deletions
Showing only changes of commit 0d8c6a2d45 - Show all commits

View file

@ -1,22 +1,6 @@
# vim:ft=yaml
server_name: "deuxfleurs.fr"
# PEM encoded X509 certificate for TLS.
# You can replace the self-signed certificate that synapse
# autogenerates on launch with your own SSL certificate + key pair
# if you like. Any required intermediary certificates can be
# appended after the primary certificate in hierarchical order.
tls_certificate_path: "/etc/matrix-synapse/homeserver.tls.crt"
# PEM encoded private key for TLS
tls_private_key_path: "/etc/matrix-synapse/homeserver.tls.key"
# PEM dh parameters for ephemeral keys
tls_dh_params_path: "/etc/matrix-synapse/homeserver.tls.dh"
# Don't bind to the https port
no_tls: True
## Server ##

View file

@ -54,21 +54,6 @@ job "matrix" {
}
# --- secrets ---
template {
data = "{{ key \"secrets/chat/synapse/homeserver.tls.crt\" }}"
destination = "secrets/conf/homeserver.tls.crt"
}
template {
data = "{{ key \"secrets/chat/synapse/homeserver.tls.dh\" }}"
destination = "secrets/conf/homeserver.tls.dh"
}
template {
data = "{{ key \"secrets/chat/synapse/homeserver.tls.key\" }}"
destination = "secrets/conf/homeserver.tls.key"
}
template {
data = "{{ key \"secrets/chat/synapse/homeserver.signing.key\" }}"
destination = "secrets/conf/homeserver.signing.key"

View file

@ -33,20 +33,6 @@ description = 'S3 secret access key for Matrix bucket'
# Keys & stuff
[secrets."chat/synapse/homeserver.tls.dh"]
type = 'user'
multiline = true
description = 'DH parameters for matrix ssl key? how does this work?'
[secrets."chat/synapse/homeserver.tls.crt"]
type = 'SSL_CERT'
name = 'synapse'
cert_domains = "['im.deuxfleurs.fr']"
[secrets."chat/synapse/homeserver.tls.key"]
type = 'SSL_KEY'
name = 'synapse'
[secrets."chat/synapse/homeserver.signing.key"]
type = 'user'
description = 'Synapse homeserver ed25519 signing key'