From bdace3070957dc6165a3a23246aa0fb63f053318 Mon Sep 17 00:00:00 2001 From: Henry-Hiles Date: Tue, 29 Jul 2025 22:41:42 -0400 Subject: [PATCH] Add another secret --- clients/quadraticserver/docs.nix | 10 +++++++--- secrets/lasuiteSecrets.age | 21 ++++++++++++--------- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/clients/quadraticserver/docs.nix b/clients/quadraticserver/docs.nix index 53243d1..3c20428 100644 --- a/clients/quadraticserver/docs.nix +++ b/clients/quadraticserver/docs.nix @@ -5,9 +5,12 @@ ... }: let s3Domain = "http://127.0.0.1${config.services.minio.listenAddress}"; + cfg = config.services.lasuite-docs; in { imports = [inputs.lasuite-docs-proxy.nixosModules.default]; + systemd.services.lasuite-docs-collaboration-server.serviceConfig.EnvironmentFile = cfg.environmentFile; + services = let proxySocket = "/var/run/lasuite-docs-proxy/socket"; authDomain = "auth.federated.nexus"; @@ -44,6 +47,7 @@ in { OIDC_OP_USER_ENDPOINT = "https://${authDomain}/userinfo"; OIDC_RP_SIGN_ALGO = "HS256"; + COLLABORATION_API_URL = "https://${domain}/collaboration/api/"; LOGIN_REDIRECT_URL = "https://${domain}"; AWS_S3_ENDPOINT_URL = s3Domain; @@ -63,7 +67,7 @@ in { }; caddy.virtualHosts."${domain}".extraConfig = let - cfg = config.services.lasuite-docs; + collabUrl = "http://localhost:${toString cfg.collaborationServer.port}"; in '' handle_errors { rewrite * /{http.error.status_code} @@ -81,8 +85,8 @@ in { reverse_proxy /api/* unix/${socket} reverse_proxy /admin/* unix/${socket} - reverse_proxy /collaboration/ws/* http://localhost:${toString cfg.collaborationServer.port} - reverse_proxy /collaboration/api/* http://localhost:${toString cfg.collaborationServer.port} + reverse_proxy /collaboration/ws/* ${collabUrl} + reverse_proxy /collaboration/api/* ${collabUrl} reverse_proxy /api/v1.0/documents/media-auth/ unix/${socket} diff --git a/secrets/lasuiteSecrets.age b/secrets/lasuiteSecrets.age index 184da59..1ea597d 100644 --- a/secrets/lasuiteSecrets.age +++ b/secrets/lasuiteSecrets.age @@ -1,11 +1,14 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBxcWZ5 -d3R2emhwSFVNTHVFRnFvajNOTDFjb0hqSWpmWWVqVzY0SEFJNEdBClkrUng3NzZ1 -ajcrK2M1SWM5aUJ0ZThBLzhkdVFKN3QxMStkdE9HUVNLeFEKLT4gJj9qX0RzLS1n -cmVhc2UgKHZvTApxTElBcWRZCi0tLSB5MkpXOFpvN0d5cmozOWVTaHo3SlN6NG5J -NXZVZTRRSEV2amFHcDdZdC9VCivwG1lYRICTYcPQpXgAIgWx8xVRBDXvm51jrc2u -ZKoAS/CgoVU48VfFqEEoI3BO4te4ycRh/5kzuia/qafAIJZf4Fyc8cRnr5eBygdw -tiE+X7adMCSAxKQC6Bc7M+Y8pPt3BF0mKqxSrW9vqo6eyDd9LbIPRf17iB2Sstd3 -a662fQDukeq4t0j1qbqQsv7RmQsOh3IrBthRoBPoq077hx+Ijl69+U7ejoRFDi0Y -v8JXDZcOjyo= +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBVNjRa +WjJzTGJvNUpzNG5kclR5UmR3d0NyQkNOMUdoaFJnV1lRL2pqTkdVCjFGSUkxWms3 +QUlNU21Zb29YNkJuWjg5eERlUTJUSXlvNmVLaUhzWXNlNXMKLT4gJC1ncmVhc2Ug +VickMVk8RSB8QXRFKVJiWwpoTjdkcktFMkxLTTdVamd5OFVNUkQwdE1zK0ZXMjVu +TlRwVzZ1bnN6d1BTdDJ3YzZITHR3aHZTSzNsYlN4Z0xjCkoyM3Y4M3M1T0pTRkZ1 +aUhtMGJxcmN3Ci0tLSBzUEMvRjZBQnc3Q0N0REg2N0VwRHVyT3lSaWxpY3pVN2tN +SXdtbHV5UEwwCoXmcuKhAs/6MykLif+AOYRRxZNef+j3tqmZcBQuu0/hJ8oG8tWy +9Tm3PfGq3UVt5gj+FNCsXVsEoHHlJRWt8hP1zzinW59CYNVYDY80wEIqrxhWeGgW +fUzxZH/6wvBzZ4EysiXGKvYgt2pNiwSjcj8y48HNDyOqrYqdaY5T22Ev/BtdBHEX +yeVRmHXaGPm5DAULw0ugIW4NeXgsgsTD9iHxCuVHJhH9TKonLzi6WCu+wtggEMN8 +nfYmm2g3BSO2O+2UIwc2UVKTDQeJ6hIkrq6upPMqPH+HmIabv/Cu89YAbn1qinEr +1FpWNSmnsXu7mzo1qZE= -----END AGE ENCRYPTED FILE-----