imxyy1soope1/nixos-dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Activity

feat(tuwunel): turn server

Browse Source
This commit is contained in:
imxyy_soope_
2025-08-17 00:34:48 +08:00
parent f46ad8a2f3
commit fbc5a9ee8e
2 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
config/hosts/imxyy-nix-server/matrix.nix
View File

@@ -10,6 +10,12 @@
owner = config.services.matrix-tuwunel.user; owner = config.services.matrix-tuwunel.user;
group = config.services.matrix-tuwunel.group; group = config.services.matrix-tuwunel.group;
}; };
sops.secrets.tuwunel-turn-secret = {
sopsFile = secrets.tuwunel-turn-secret;
format = "binary";
owner = config.services.matrix-tuwunel.user;
group = config.services.matrix-tuwunel.group;
};
services.matrix-tuwunel = { services.matrix-tuwunel = {
enable = true; enable = true;
settings.global = { settings.global = {
@@ -22,6 +28,11 @@
server = "matrix.imxyy.top:443"; server = "matrix.imxyy.top:443";
client = "https://matrix.imxyy.top"; client = "https://matrix.imxyy.top";
}; };
turn_uris = [
"turn:hk.vkvm.imxyy.top?transport=udp"
"turn:hk.vkvm.imxyy.top?transport=tcp"
];
turn_secret_file = config.sops.secrets.tuwunel-turn-secret.path;
}; };
}; };
services.caddy.virtualHosts."imxyy.top" = { services.caddy.virtualHosts."imxyy.top" = {

23
secrets/tuwunel-turn-secret.txt Normal file
View File

@@ -0,0 +1,23 @@
{
"data": "ENC[AES256_GCM,data:QBv5QeFY9zfBYycxPEbaoNa0EwXLJ5Sm0MdK54ZKHncTGt/brw==,iv:e3Cpw3A3OkcHMvnAw02scTyxwVlpv9Cb7iDD90hGPAY=,tag:WKe4ZC4vRwdLT8mBJGRGiQ==,type:str]",
"sops": {
"age": [
{
"recipient": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDltTWRrUSBvOFJL\ncmtwS0lrd3dueDRVaXVhS2RtSnlYV3JDZ3paMmJiY0NxNXloVEVvClE1YzJRYURQ\nMGlXU2dydDhuRVMyS0JzQno5bHpFQ0c3UnJUeklqNkgrSkUKLS0tIDBnVDVXSjJ4\nS2UxRHl2ZzhQNFFqMHZrQTg4c3BNajh6YktVTDEwVFpvaU0Kd6wwf5ANZpaOUXiW\ngBGom+ZUB7zhYIgyQEtwzSJS1aOrRhDI16rCBcjvhp8zfSQoX9/W3OwiJedJhBfC\n1eywTA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB28jpN+h5euh3NtdN+A+EtqgIatC22e4i1TPTioKire",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IHJNY1d1ZyBEUXA3\nYnpCVkJmb08vYmNOcVpxYnllZTdSUGZxZVlmNVZKR0JueS9OV0VVCjNyYndXQkhL\nbm9Zb0t5RWhNZVBuaGJ2RUZkMFBMY1B1Z3V1NENGNW05dzgKLS0tIC9Fb3lUNVU5\nOEpPS3dLVGVybEFOaER0MVlLT0xFaFJoeWhuSU5KOUllcE0Ks+SvTuUEJv1daUwt\ngeyg4MDzUgArKgsFfEQFOqf3BiT3katiQObTwSVJc43VYoNsUmZgpQsxaYXCXEZf\nlK8lTg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMb5G/ieEYBOng66YeyttBQLThyM6W//z2POsNyq4Rw/",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFhGYmtrZyBtTUlN\nSmp3MVpxM1FlMjBuT3VqZ2l6eDZZb0dhZWZEczduaWQ0ZmExaVhVCittcnRWMzda\nbEdFRkNSc0ROWThGYzh6UnNWZzVGMmExRm9qRzIyMFhXdDgKLS0tIDdpbUNFQ0JR\nS0NWQ2N0MW9pTHN5dFREVWdWamtYMFVGckU0clY1QjdrQmMK4SMNnVuOJJSfwZM6\nr457xlH+kHf3ZRHwbvkpIRVJetaguIO2wOs2BMCfr1Thi7BePCm70htEZArEDjOe\nj4OIBA==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-08-16T16:31:47Z",
"mac": "ENC[AES256_GCM,data:xKgNGJsrSzhocBldWG4JbPCRUnP/APLs2ukgFy3Uynfqpd9xROhL/aGRvCR8MSthMLpeD++SYlDcEsaHO8P+uVyweqJ2+XbPP13ZrfWKhmMFgCued4CfVLpAfZF6GUoBEd0uWMWfXMGfYDlB8XBJThfalaibhIxcCOE71eP0voo=,iv:o/G3BLHeL4WfHCIls9l6tofTC1G3GGpEKZTALG5g3+Y=,tag:TkQzX+jJWvMoHGgau0aL5g==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}