atridad/haschel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cert and cors
All checks were successful
Deploy NixOS / deploy (push) Successful in 32s
Details

Browse Source
This commit is contained in:
Atridad Lahiji
2026-02-13 00:25:20 -07:00
parent 3ea2e7eaaa
commit 14d9c8bec6
2 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
modules/matrix.nix
View File

@@ -65,8 +65,8 @@ in
domain = matrixRtcDomain;
tls_port = 5349;
udp_port = 3478;
cert_file = "/var/lib/acme/${matrixRtcDomain}/fullchain.pem";
key_file = "/var/lib/acme/${matrixRtcDomain}/key.pem";
cert_file = "/run/credentials/livekit.service/turn-cert";
key_file = "/run/credentials/livekit.service/turn-key";
};
};
keyFile = livekitKeyFile;
@@ -80,7 +80,10 @@ in
systemd.services.lk-jwt-service.environment.LIVEKIT_FULL_ACCESS_HOMESERVERS = serverName;
systemd.services.livekit.serviceConfig.SupplementaryGroups = [ "acme" ];
systemd.services.livekit.serviceConfig.LoadCredential = [
"turn-cert:/var/lib/acme/${matrixRtcDomain}/fullchain.pem"
"turn-key:/var/lib/acme/${matrixRtcDomain}/key.pem"
];
systemd.services.livekit.after = [ "acme-${matrixRtcDomain}.service" ];
systemd.services.livekit.requires = [ "acme-${matrixRtcDomain}.service" ];