Add another secret

2025-07-29 22:41:42 -04:00 · 2025-07-29 22:41:42 -04:00 · bdace30709
commit bdace30709
parent c12ff5b77d
2 changed files with 19 additions and 12 deletions
--- a/clients/quadraticserver/docs.nix
+++ b/clients/quadraticserver/docs.nix
@ -5,9 +5,12 @@
  ...
 }: let
  s3Domain = "http://127.0.0.1${config.services.minio.listenAddress}";
  cfg = config.services.lasuite-docs;
 in {
  imports = [inputs.lasuite-docs-proxy.nixosModules.default];
  systemd.services.lasuite-docs-collaboration-server.serviceConfig.EnvironmentFile = cfg.environmentFile;
  services = let
    proxySocket = "/var/run/lasuite-docs-proxy/socket";
    authDomain = "auth.federated.nexus";
@ -44,6 +47,7 @@ in {
        OIDC_OP_USER_ENDPOINT = "https://${authDomain}/userinfo";
        OIDC_RP_SIGN_ALGO = "HS256";
        COLLABORATION_API_URL = "https://${domain}/collaboration/api/";
        LOGIN_REDIRECT_URL = "https://${domain}";
        AWS_S3_ENDPOINT_URL = s3Domain;
@ -63,7 +67,7 @@ in {
    };
    caddy.virtualHosts."${domain}".extraConfig = let
-      cfg = config.services.lasuite-docs;
+      collabUrl = "http://localhost:${toString cfg.collaborationServer.port}";
    in ''
      handle_errors {
        rewrite * /{http.error.status_code}
@ -81,8 +85,8 @@ in {
      reverse_proxy /api/* unix/${socket}
      reverse_proxy /admin/* unix/${socket}
-      reverse_proxy /collaboration/ws/* http://localhost:${toString cfg.collaborationServer.port}
+      reverse_proxy /collaboration/ws/* ${collabUrl}
-      reverse_proxy /collaboration/api/* http://localhost:${toString cfg.collaborationServer.port}
+      reverse_proxy /collaboration/api/* ${collabUrl}
      reverse_proxy /api/v1.0/documents/media-auth/ unix/${socket}
--- a/secrets/lasuiteSecrets.age
+++ b/secrets/lasuiteSecrets.age
@ -1,11 +1,14 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBxcWZ5
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZLUVVkUSBVNjRa
-d3R2emhwSFVNTHVFRnFvajNOTDFjb0hqSWpmWWVqVzY0SEFJNEdBClkrUng3NzZ1
+WjJzTGJvNUpzNG5kclR5UmR3d0NyQkNOMUdoaFJnV1lRL2pqTkdVCjFGSUkxWms3
-ajcrK2M1SWM5aUJ0ZThBLzhkdVFKN3QxMStkdE9HUVNLeFEKLT4gJj9qX0RzLS1n
+QUlNU21Zb29YNkJuWjg5eERlUTJUSXlvNmVLaUhzWXNlNXMKLT4gJC1ncmVhc2Ug
-cmVhc2UgKHZvTApxTElBcWRZCi0tLSB5MkpXOFpvN0d5cmozOWVTaHo3SlN6NG5J
+VickMVk8RSB8QXRFKVJiWwpoTjdkcktFMkxLTTdVamd5OFVNUkQwdE1zK0ZXMjVu
-NXZVZTRRSEV2amFHcDdZdC9VCivwG1lYRICTYcPQpXgAIgWx8xVRBDXvm51jrc2u
+TlRwVzZ1bnN6d1BTdDJ3YzZITHR3aHZTSzNsYlN4Z0xjCkoyM3Y4M3M1T0pTRkZ1
-ZKoAS/CgoVU48VfFqEEoI3BO4te4ycRh/5kzuia/qafAIJZf4Fyc8cRnr5eBygdw
+aUhtMGJxcmN3Ci0tLSBzUEMvRjZBQnc3Q0N0REg2N0VwRHVyT3lSaWxpY3pVN2tN
-tiE+X7adMCSAxKQC6Bc7M+Y8pPt3BF0mKqxSrW9vqo6eyDd9LbIPRf17iB2Sstd3
+SXdtbHV5UEwwCoXmcuKhAs/6MykLif+AOYRRxZNef+j3tqmZcBQuu0/hJ8oG8tWy
-a662fQDukeq4t0j1qbqQsv7RmQsOh3IrBthRoBPoq077hx+Ijl69+U7ejoRFDi0Y
+9Tm3PfGq3UVt5gj+FNCsXVsEoHHlJRWt8hP1zzinW59CYNVYDY80wEIqrxhWeGgW
-v8JXDZcOjyo=
+fUzxZH/6wvBzZ4EysiXGKvYgt2pNiwSjcj8y48HNDyOqrYqdaY5T22Ev/BtdBHEX
 yeVRmHXaGPm5DAULw0ugIW4NeXgsgsTD9iHxCuVHJhH9TKonLzi6WCu+wtggEMN8
 nfYmm2g3BSO2O+2UIwc2UVKTDQeJ6hIkrq6upPMqPH+HmIabv/Cu89YAbn1qinEr
 1FpWNSmnsXu7mzo1qZE=
 -----END AGE ENCRYPTED FILE-----