flake/hosts/aws/tyo0/services/murmur.nix

26 lines
651 B
Nix
Raw Permalink Normal View History

2024-10-02 07:25:23 +00:00
{ config, ... }:
let
inherit (config.networking) fqdn;
in
2024-08-11 10:13:36 +00:00
{
# `journalctl -u murmur.service | grep Password`
services.murmur = {
enable = true;
openFirewall = true;
bandwidth = 256 * 1024; # 256 Kbit/s
2024-10-02 07:25:23 +00:00
sslCert = "/run/credentials/murmur.service/cert";
sslKey = "/run/credentials/murmur.service/key";
2024-08-11 10:13:36 +00:00
};
2024-10-02 07:25:23 +00:00
systemd.services."murmur".serviceConfig.LoadCredential =
let
# FIXME: remove somewhat hardcoded path
path = "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory";
in
[
"cert:${path}/${fqdn}/${fqdn}.crt"
"key:${path}/${fqdn}/${fqdn}.key"
];
2024-08-11 10:13:36 +00:00
}