hectic-lab/util.nix
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: matrix

Browse Source
This commit is contained in:
yukkop
2026-05-25 23:12:05 +00:00
parent 4ce1945abe
commit 92f55320b5
4 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
nixos/module/generic/matrix-cluster.nix
View File

@@ -494,6 +494,10 @@ ${lib.concatStringsSep "\n" (map mkUserRegistration matrixUsers)}
})
(lib.mkIf (cfg.role == "standby") {
systemd.targets.postgresql.requires = lib.mkForce [
"postgresql.service"
];
# Hot-standby bootstrap: standby.signal + primary_conninfo with passfile.
# pg_basebackup must be run manually (see runbook) before this activates
# for the first time.

4
nixos/system/bfs.poland.xray/bfs.poland.xray.nix
View File

@@ -31,7 +31,7 @@ in {
hectic.generic.matrix-cluster = {
enable = true;
role = "standby";
role = "primary";
matrixDomain = "accord.tube";
signingKeyFile = config.sops.secrets."matrix/signing-key".path;
secretsFile = config.sops.secrets."matrix/secrets".path;
@@ -190,6 +190,8 @@ in {
};
sops.secrets."matrix/turn-secret" = {
key = "matrix/turn-secret";
owner = "turnserver";
group = "turnserver";
mode = "0400";
sopsFile = "${flake}/sus/matrix-cluster.yaml";
};

9
nixos/system/hectic-lab/hectic-lab.nix
View File

@@ -62,7 +62,8 @@ in {
generic.matrix-cluster = {
enable = true;
role = "primary";
overrideEnableSynapse = false;
role = "standby";
inherit matrixDomain;
signingKeyFile = config.sops.secrets."matrix/signing-key".path;
secretsFile = config.sops.secrets."matrix/secrets".path;
@@ -95,7 +96,7 @@ in {
allowedSourceIPs = [ "91.198.166.181/32" ];
};
acme = {
enable = true;
enable = false;
porkbunApiKeyFile = config.sops.secrets."matrix/porkbun-api-key".path;
porkbunSecretApiKeyFile = config.sops.secrets."matrix/porkbun-secret-api-key".path;
};
@@ -187,8 +188,8 @@ in {
};
sops.secrets."matrix/turn-secret" = {
key = "matrix/turn-secret";
owner = "turnserver";
group = "turnserver";
owner = "root";
group = "root";
mode = "0400";
sopsFile = "${flake}/sus/matrix-cluster.yaml";
};