Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated agenix system

Browse Source
This commit is contained in:
naturallaw77 2024-12-16 19:05:24 -08:00
parent 1ee7088733
commit e55a6e9f8e
2 changed files with 8 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
configuration.nix
View File

@ -304,27 +304,7 @@ in
owner = "matrix-synapse";
group = "matrix-synapse";
};
age.secrets.matrixdb = {
file = /var/lib/agenix-secrets/matrixdb.age;
mode = "770";
owner = "postgres";
group = "postgres";
};
age.secrets.nextclouddb = {
file = /var/lib/agenix-secrets/nextclouddb.age;
mode = "770";
owner = "postgres";
group = "postgres";
};
age.secrets.wordpressdb = {
file = /var/lib/agenix-secrets/wordpressdb.age;
mode = "770";
owner = "mysql";
group = "mysql";
};
###### CREATE DATABASE (WORDPRESS, MATRIX_SYNAPSE, AND NEXTCLOUD) #######
@ -349,14 +329,14 @@ in
services.postgresql.initialScript = pkgs.writeText "begin-init.sql" ''
CREATE ROLE "ncusr" WITH LOGIN PASSWORD '${personalization.nextclouddb}';
CREATE ROLE "ncusr" WITH LOGIN PASSWORD '${personalization.age.secrets.nextclouddb.file}';
CREATE DATABASE "nextclouddb" WITH OWNER "ncusr"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD '${personalization.matrixdb}';
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD '${personalization.age.secrets.matrixdb.file}';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
TEMPLATE template0
LC_COLLATE = "C"
@ -367,7 +347,7 @@ in
services.mysql.initialScript = pkgs.writeText "wordpress-init.sql" ''
CREATE DATABASE wordpressdb;
GRANT ALL ON *.* TO 'wpusr'@'localhost' IDENTIFIED BY '${personalization.wordpressdb}';
GRANT ALL ON *.* TO 'wpusr'@'localhost' IDENTIFIED BY '${personalization.age.secrets.wordpressdb.file}';
FLUSH PRIVILEGES;
''
;

8
modules/personalization.nix
View File

@ -14,10 +14,10 @@ coturn_static_auth_secret = builtins.readFile /var/lib/secrets/turn;
##
matrixdb = builtins.readFile /var/lib/secrets/matrixdb;
nextclouddb = builtins.readFile /var/lib/secrets/nextclouddb;
wordpressdb = builtins.readFile /var/lib/secrets/wordpressdb;
age.secrets.matrix_reg_secret.file = /var/lib/agenix-secrets/matrix_reg_secret.age;
age.secrets.matrixdb.file = /var/lib/agenix-secrets/matrixdb.age;
age.secrets.nextclouddb.file = /var/lib/agenix-secrets/nextclouddb.age;
age.secrets.wordpressdb.file = /var/lib/agenix-secrets/wordpressdb.age;