mirror of
https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git
synced 2026-07-04 17:51:48 +02:00
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 6cca1db3b3 | |||
| bfd83c4c64 |
@@ -210,6 +210,8 @@ in {
|
|||||||
|
|
||||||
# EXT:WikiEditor
|
# EXT:WikiEditor
|
||||||
$wgWikiEditorRealtimePreview = true;
|
$wgWikiEditorRealtimePreview = true;
|
||||||
|
|
||||||
|
$wgSecretKey = file_get_contents("${config.sops.secrets."mediawiki/secret-key".path}");
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -273,8 +275,6 @@ in {
|
|||||||
systemd.services.mediawiki-init = lib.mkIf cfg.enable {
|
systemd.services.mediawiki-init = lib.mkIf cfg.enable {
|
||||||
after = [ "sops-install-secrets.service" ];
|
after = [ "sops-install-secrets.service" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
BindReadOnlyPaths = [ "/run/credentials/mediawiki-init.service/secret-key:/var/lib/mediawiki/secret.key" ];
|
|
||||||
LoadCredential = [ "secret-key:${config.sops.secrets."mediawiki/secret-key".path}" ];
|
|
||||||
UMask = lib.mkForce "0007";
|
UMask = lib.mkForce "0007";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@@ -282,8 +282,6 @@ in {
|
|||||||
systemd.services.phpfpm-mediawiki = lib.mkIf cfg.enable {
|
systemd.services.phpfpm-mediawiki = lib.mkIf cfg.enable {
|
||||||
after = [ "sops-install-secrets.service" ];
|
after = [ "sops-install-secrets.service" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
BindReadOnlyPaths = [ "/run/credentials/phpfpm-mediawiki.service/secret-key:/var/lib/mediawiki/secret.key" ];
|
|
||||||
LoadCredential = [ "secret-key:${config.sops.secrets."mediawiki/secret-key".path}" ];
|
|
||||||
UMask = lib.mkForce "0007";
|
UMask = lib.mkForce "0007";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -19,7 +19,7 @@ in {
|
|||||||
locations."/".proxyPass = "http://${cfg.settings.HOST}:${cfg.settings.PORT}";
|
locations."/".proxyPass = "http://${cfg.settings.HOST}:${cfg.settings.PORT}";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/var/lib/uptime-kuma" = {
|
fileSystems."/var/lib/private/uptime-kuma" = {
|
||||||
device = stateDir;
|
device = stateDir;
|
||||||
fsType = "bind";
|
fsType = "bind";
|
||||||
options = [ "bind" ];
|
options = [ "bind" ];
|
||||||
|
|||||||
Reference in New Issue
Block a user