Synapse: Moved secrets to separate file not synced with Git.

This commit is contained in:
Viyurz 2024-01-08 16:56:56 +01:00
parent 43fec5ac1e
commit d352bb7ff8
6 changed files with 9 additions and 8 deletions

View file

@ -23,7 +23,7 @@ services:
command: >
run
--config-path=/data/homeserver.yaml
--config-path=/data/secret.yaml
--config-path=/data/secrets.yaml
environment:
SYNAPSE_SERVER_NAME: viyurz.fr
SYNAPSE_REPORT_STATS: "yes"
@ -36,9 +36,7 @@ services:
volumes:
- /mnt/synapsedata:/data
- ./homeserver.yaml:/data/homeserver.yaml
# Content of turn-secret.yaml:
# turn_shared_secret: "someSecret"
- ../turn-secret.yaml:/data/secret.yaml
- ./secrets.yaml:/data/secrets.yaml
networks:
synapse:

View file

@ -1,7 +1,7 @@
#!/bin/bash
rel_path="$(dirname "$0")"
access_token="$(cat $rel_path/../matrix_access_token.txt)"
access_token="$(cat $rel_path/./matrix_access_token.txt)"
curl --header "Authorization: Bearer $access_token" \
-H "Content-Type: application/json" -w "\n" \

View file

@ -35,8 +35,6 @@ media_store_path: /data/media_store
enable_registration: true
registration_requires_token: true
report_stats: true
macaroon_secret_key: "Ibz1OAyP+:IR_BgLx:*cID82B=pYlDy*76gwh#kQV4,iEUDE~h"
form_secret: "bj5sv.-B:R.2Z@@cK*rBti&J,v^34.gXNNR*5tNPWTUpkrE+Sv"
signing_key_path: "/data/viyurz.fr.signing.key"
trusted_key_servers:
- server_name: "matrix.org"

View file

@ -0,0 +1,6 @@
# Generate random secret:
# $ cat /dev/urandom | tr -dc '[:graph:]' | tr -d '"\\' | head -c 50
turn_shared_secret: "XXX"
macaroon_secret_key: "XXX"
form_secret: "XXX"

View file

@ -1 +0,0 @@
turn_shared_secret: "XXX"