diff options
| author | Alex Auvolat <alex@adnab.me> | 2022-12-25 22:31:18 +0100 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2022-12-25 22:31:18 +0100 |
| commit | 87bb031ed00b7993a29d74aee2e89875c5444caf (patch) | |
| tree | 80ebbf8c3870b3dfa756905fa55af938b503e283 /cluster/prod/app/jitsi | |
| parent | 6d6e48c8fa7f4f38a5b812389d269c025a977790 (diff) | |
| download | nixcfg-87bb031ed00b7993a29d74aee2e89875c5444caf.tar.gz nixcfg-87bb031ed00b7993a29d74aee2e89875c5444caf.zip | |
Migrate prod cluster secrets to new format
Diffstat (limited to 'cluster/prod/app/jitsi')
| -rw-r--r-- | cluster/prod/app/jitsi/secrets.toml | 36 | ||||
| -rw-r--r-- | cluster/prod/app/jitsi/secrets/jitsi/auth.jitsi.crt | 1 | ||||
| -rw-r--r-- | cluster/prod/app/jitsi/secrets/jitsi/auth.jitsi.key | 1 | ||||
| -rw-r--r-- | cluster/prod/app/jitsi/secrets/jitsi/jicofo_pass | 1 | ||||
| -rw-r--r-- | cluster/prod/app/jitsi/secrets/jitsi/jitsi.crt | 1 | ||||
| -rw-r--r-- | cluster/prod/app/jitsi/secrets/jitsi/jitsi.key | 1 | ||||
| -rw-r--r-- | cluster/prod/app/jitsi/secrets/jitsi/jvb_pass | 1 |
7 files changed, 36 insertions, 6 deletions
diff --git a/cluster/prod/app/jitsi/secrets.toml b/cluster/prod/app/jitsi/secrets.toml new file mode 100644 index 0000000..cb6126f --- /dev/null +++ b/cluster/prod/app/jitsi/secrets.toml @@ -0,0 +1,36 @@ +# Jitsi secrets + +[secrets."jitsi/jvb_pass"] +type = 'command' +rotate = true +command = 'openssl rand -base64 24' + +[secrets."jitsi/jicofo_pass"] +type = 'command' +rotate = true +command = 'openssl rand -base64 24' + + +# SSL: Jitsi + +[secrets."jitsi/jitsi.crt"] +type = 'SSL_CERT' +name = 'jitsi' +cert_domains = "['jitsi']" + +[secrets."jitsi/jitsi.key"] +type = 'SSL_KEY' +name = 'jitsi' + + +# SSL: Jitsi auth + +[secrets."jitsi/auth.jitsi.crt"] +type = 'SSL_CERT' +name = 'jitsi_auth' +cert_domains = "['auth.jitsi']" + +[secrets."jitsi/auth.jitsi.key"] +type = 'SSL_KEY' +name = 'jitsi_auth' + diff --git a/cluster/prod/app/jitsi/secrets/jitsi/auth.jitsi.crt b/cluster/prod/app/jitsi/secrets/jitsi/auth.jitsi.crt deleted file mode 100644 index f4ab925..0000000 --- a/cluster/prod/app/jitsi/secrets/jitsi/auth.jitsi.crt +++ /dev/null @@ -1 +0,0 @@ -SSL_CERT jitsi_auth auth.jitsi diff --git a/cluster/prod/app/jitsi/secrets/jitsi/auth.jitsi.key b/cluster/prod/app/jitsi/secrets/jitsi/auth.jitsi.key deleted file mode 100644 index 82e7b6b..0000000 --- a/cluster/prod/app/jitsi/secrets/jitsi/auth.jitsi.key +++ /dev/null @@ -1 +0,0 @@ -SSL_KEY jitsi_auth auth.jitsi diff --git a/cluster/prod/app/jitsi/secrets/jitsi/jicofo_pass b/cluster/prod/app/jitsi/secrets/jitsi/jicofo_pass deleted file mode 100644 index 6a0f5fc..0000000 --- a/cluster/prod/app/jitsi/secrets/jitsi/jicofo_pass +++ /dev/null @@ -1 +0,0 @@ -CMD openssl rand -base64 24 diff --git a/cluster/prod/app/jitsi/secrets/jitsi/jitsi.crt b/cluster/prod/app/jitsi/secrets/jitsi/jitsi.crt deleted file mode 100644 index 2eed97c..0000000 --- a/cluster/prod/app/jitsi/secrets/jitsi/jitsi.crt +++ /dev/null @@ -1 +0,0 @@ -SSL_CERT jitsi jitsi diff --git a/cluster/prod/app/jitsi/secrets/jitsi/jitsi.key b/cluster/prod/app/jitsi/secrets/jitsi/jitsi.key deleted file mode 100644 index af53ca0..0000000 --- a/cluster/prod/app/jitsi/secrets/jitsi/jitsi.key +++ /dev/null @@ -1 +0,0 @@ -SSL_KEY jitsi jitsi diff --git a/cluster/prod/app/jitsi/secrets/jitsi/jvb_pass b/cluster/prod/app/jitsi/secrets/jitsi/jvb_pass deleted file mode 100644 index 6a0f5fc..0000000 --- a/cluster/prod/app/jitsi/secrets/jitsi/jvb_pass +++ /dev/null @@ -1 +0,0 @@ -CMD openssl rand -base64 24 |