From c3886d9793aaf4dc75d36c9969e6ee3e95d3e61b Mon Sep 17 00:00:00 2001
From: pigeonmoelleux <pigeonmoelleux@crans.org>
Date: Wed, 5 Mar 2025 14:32:47 +0100
Subject: [PATCH] Ajout OIDC note
---
modules/services/matrix.nix | 6 ++++++
secrets.nix | 11 +++++++----
secrets/neo/note_oidc_extra_config.age | Bin 0 -> 1347 bytes
3 files changed, 13 insertions(+), 4 deletions(-)
create mode 100644 secrets/neo/note_oidc_extra_config.age
diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix
index 8d46c6d..5a88360 100644
--- a/modules/services/matrix.nix
+++ b/modules/services/matrix.nix
@@ -19,6 +19,11 @@
owner = "matrix-synapse";
};
+ note_oidc_extra_config = {
+ file = ../../secrets/neo/note_oidc_extra_config.age;
+ owner = "matrix-synapse";
+ };
+
appservice_irc_db_env = {
file = ../../secrets/neo/appservice_irc_db_env.age;
};
@@ -119,6 +124,7 @@
extraConfigFiles = [
config.age.secrets.database_extra_config.path
+ config.age.secrets.note_oidc_extra_config.path
];
};
diff --git a/secrets.nix b/secrets.nix
index bc03267..230e432 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -94,10 +94,12 @@ in
let
key = hosts.${name};
in
- genAttrs [
- "restic/${name}/base-repo"
- "restic/${name}/base-password"
- ] [ key ]
+ genAttrs
+ [
+ "restic/${name}/base-repo"
+ "restic/${name}/base-password"
+ ]
+ [ key ]
)
) { } (remove "thot" hostnames)
// builtins.mapAttrs (name: value: { publicKeys = value.publicKeys ++ nounous; }) {
@@ -106,5 +108,6 @@ in
"secrets/neo/appservice_irc_db_env.age".publicKeys = [ neo ];
"secrets/neo/coturn_auth_secret.age".publicKeys = [ neo ];
"secrets/neo/database_extra_config.age".publicKeys = [ neo ];
+ "secrets/neo/note_oidc_extra_config.age".publicKeys = [ neo ];
"secrets/neo/ldap_synapse_password.age".publicKeys = [ neo ];
}
diff --git a/secrets/neo/note_oidc_extra_config.age b/secrets/neo/note_oidc_extra_config.age
new file mode 100644
index 0000000000000000000000000000000000000000..e593a11cedb89b9d2045957c4fb32c35b06df861
GIT binary patch
literal 1347
zcmZ9J`%e=G0LM2)qgA96d~8Ilj~TJn>w~seono)_1@v03?e$7x#?fA%*WS^)K5>e?
z1VxP+H$;cq#GuR>7Db~>6J9=;(Wy}o-_hVB%QObT3?`fVY4b1me7>JA?j{68&=HE$
ztd|O|ph9jSBH{?v@EFD;Ae>^URHWbmS~^Zdd7&`shFyr!qVkcx0+Xs(f}&Ci2$?`*
zeqJ5~<9vh2o(Kh_UOh(+m|=;{fb)w1x!6S-Sql-#B0XUl3&_JjRH$?)bP<O-rt(nl
zX|y*Ypv6)dkBF)qk|<9}3l+AY(wPs_ZY|*w#l%+CdqZJ7WWu~2tKSUBh1z0@vX?kG
zV$A0+EEfAg#;<1Z1VZy;FlkH3Wr$cJ4alex4{gN5SiT2j{>PH3@&VI7tORX`@(?Vh
z6H*SRg2YS0VSsU)Aj0RPW0);~ib;`MqSvEtCnrt-1~KfH*^n?4f}O^wT^TT;0XZBu
zz>1*6qNUXuMGTFS2IYqp^<uR%R=|@m9<5WQ;Co1G2+_neTF@;s`J6c}RSdFf`K~;J
z3i8WUP(j?liGT$tKO{rL8l@D)Fun=#Ir98OvAqOD11yfyCOfNhmw1)3e=Gj?GcD{f
zYoojXhO#+u9)@Tzz{+U(8aChwBqR=VftI#{Q7XzO{W`lXhej!m-b*1qI7%20Jpq~U
z98!sd2zRbGkuZZ<GP2OCv4>bl?i7=b54RDRLCGq4kk*ioSpm7k>=L3vtIWetU>G;D
z4DQ1rC<lSnA|@PGuwIdp6S0SUkU5we5z$er2Z{(|DisNU62hq$!9pVrTGfgi3{%L>
zQI0?$;OPpr9@b@%MSX!Fs$gt(%50bE%_xXSSsfhIBrszj0&B8dq?*%`lg6zdvJLI~
zxO(N@+=joduA!d3K;Bi9FYTpY-AJofWp{qFuld3Y>9=Rn?XS5DN9PO+q0*bqnOkOU
zytb10v!{^lve>dZmcL!r;otT0Mzs9WwCvznVqk0XhTrtvjh}G4Z?8YguiE%FdBy=o
z?5rQ&J+r;YuBqCV)&Jnx8K!ee&C(tIVO{U=^A!z;8?qM+(D=K6H|fQdOkL&J+|2$3
z$4T)HbxL|_qo_gsXuP9%O2+k_o9EVzjHTtR<t8fHxNqAVR<};Q)pc>5sj>T`;HfJe
zSAMS#-*$sVN7xZ+e<Lg8g6Jr>yy=f~^1APi_Rs1&R@8DdSvRo0%A>{Qi<Y@xt^LWk
z@ZheNB$egf*5Xq;Ph9BP)Oz*)xz}U0=c_F>nYTLoK36qY?&?~#J%2)WY{trygOv^O
z>7x(U4NOixGSF7GsgIQZSbwOeXmfc}N@`?(YT4|Gg}LXsryEaxUjbyy8()y|CS%W;
z<xdSM)md^60_>fC@z`-~ntBP*KVh4sM|iUq3`mD8MC+4Z?#+L>ziRvSPp2ZImXSzG
zQn_>Qy}5^&H(1-A$7SsozFchgF8gdSoi|k5Uc)sE?%s4X{cB2=x2k)~>`uM_xWgy!
zZ@<j^JQnbhvj-n%l|G-e6FIo5C<4Whrh`?rok|7psQnbQTs;xh*411a!3XmbUpzCe
zDZ6^$=EM5bN!b<Ss|Wdg#$G{_`%drO(s|P^kHwd?6Rsa78P;B!%<{f65?$4m(>FW>
z9WA->q8+m8MW+kK4<8$w)AqWuKeIJSFymcqU2|yhuVoEWOYZ_tg3VrA_P$rdiN67?
C(;Phj
literal 0
HcmV?d00001
--
GitLab