commit a88b4d4db1d6ca57235d18b60a4d802b46a2f8e7

pyrox.dev / nixpkgs

lol

nixos/matrix-synapse: Add module parameter extraConfigFiles (#33276)

This allows to configure additional configuration files for Synapse. This way
secrets can be kept in a secure place on the file system without a need to go
through the Nix store.

authored by

Johannes Bornhold and committed by

Joachim F 8 years ago a88b4d4d 3d8e5fe7

+17 -1

1 changed file

expand all

unified split

nixos

modules

services

misc

matrix-synapse.nix

+17 -1

nixos/modules/services/misc/matrix-synapse.nix

··· 578 Extra config options for matrix-synapse. 579 ''; 580 }; 581 logConfig = mkOption { 582 type = types.lines; 583 default = readFile ./matrix-synapse-log_config.yaml; ··· 627 Group = "matrix-synapse"; 628 WorkingDirectory = cfg.dataDir; 629 PermissionsStartOnly = true; 630 - ExecStart = "${cfg.package}/bin/homeserver --config-path ${configFile} --keys-directory ${cfg.dataDir}"; 631 Restart = "on-failure"; 632 }; 633 };

··· 578 Extra config options for matrix-synapse. 579 ''; 580 }; 581 + extraConfigFiles = mkOption { 582 + type = types.listOf types.path; 583 + default = []; 584 + description = '' 585 + Extra config files to include. 586 + 587 + The configuration files will be included based on the command line 588 + argument --config-path. This allows to configure secrets without 589 + having to go through the Nix store, e.g. based on deployment keys if 590 + NixOPS is in use. 591 + ''; 592 + }; 593 logConfig = mkOption { 594 type = types.lines; 595 default = readFile ./matrix-synapse-log_config.yaml; ··· 639 Group = "matrix-synapse"; 640 WorkingDirectory = cfg.dataDir; 641 PermissionsStartOnly = true; 642 + ExecStart = '' 643 + ${cfg.package}/bin/homeserver \ 644 + ${ concatMapStringsSep "\n " (x: "--config-path ${x} \\") ([ configFile ] ++ cfg.extraConfigFiles) } 645 + --keys-directory ${cfg.dataDir} 646 + ''; 647 Restart = "on-failure"; 648 }; 649 };