diff --git a/nixos/machines/ghatanothoa/.configuration.nix.swp b/nixos/machines/ghatanothoa/.configuration.nix.swp new file mode 100644 index 0000000..9361e04 Binary files /dev/null and b/nixos/machines/ghatanothoa/.configuration.nix.swp differ diff --git a/nixos/machines/ghatanothoa/configuration.nix b/nixos/machines/ghatanothoa/configuration.nix index 54f3211..4e60e1b 100644 --- a/nixos/machines/ghatanothoa/configuration.nix +++ b/nixos/machines/ghatanothoa/configuration.nix @@ -3,13 +3,17 @@ flake-inputs: imports = [ ./hardware-configuration.nix - (import ./jitsi.nix flake-inputs) + ../../modules/jitsi.nix ../../roles ./network.nix ]; -# System configuration here + services.mathebau-jitsi = { + enable = true; + hostName = "meet.mathebau.de"; + }; +# System configuration here networking.hostName = "ghatanothoa"; system.stateVersion = "23.11"; } diff --git a/nixos/machines/ghatanothoa/jitsi.nix b/nixos/machines/ghatanothoa/jitsi.nix deleted file mode 100644 index 547e3c7..0000000 --- a/nixos/machines/ghatanothoa/jitsi.nix +++ /dev/null @@ -1,23 +0,0 @@ -flake-inputs: -{pkgs, config, lib, modulesPath, ...}: { - imports = [(modulesPath + "/services/web-apps/jitsi-meet.nix")]; - - services.jitsi-meet = { - enable = true; - hostName = "meet.mathebau.de"; - config = { - defaultLang = "de"; - }; - }; - services.jitsi-videobridge = { - openFirewall = true; - nat = { - publicAddress = "130.83.2.184"; - localAddress = "192.168.0.25"; - }; - }; - services.nginx.virtualHosts."meet.mathebau.de".enableACME = false; - services.nginx.virtualHosts."meet.mathebau.de".forceSSL = false; - networking.firewall.allowedTCPPorts = [ 80 443 ]; - networking.firewall.allowedUDPPorts = [ 10000 ]; -} diff --git a/nixos/modules/jitsi.nix b/nixos/modules/jitsi.nix new file mode 100644 index 0000000..3f05c7f --- /dev/null +++ b/nixos/modules/jitsi.nix @@ -0,0 +1,50 @@ +{pkgs, config, lib, modulesPath, ...}: +let + inherit (lib) + mkIf + mkEnableOption + mkOption + head; + inherit (lib.types) str; + cfg = config.services.mathebau-jitsi; +in +{ + imports = [(modulesPath + "/services/web-apps/jitsi-meet.nix")]; + + options.services.mathebau-jitsi = { + enable = mkEnableOption "mathebau jitsi service"; + hostName = mkOption { + type = str; + default = null; + }; + localAddress = mkOption { + type = str; + default = (head config.networking.interfaces.enX0.ipv4.addresses).address; + }; + }; + + config = mkIf cfg.enable { + services.jitsi-meet = { + enable = true; + hostName = cfg.hostName; + config = { + defaultLang = "de"; + }; + }; + services.jitsi-videobridge = { + openFirewall = true; + nat = { + publicAddress = "130.83.2.184"; + localAddress = cfg.localAddress; + }; + }; + #We are behind a reverse proxy that handles TLS + services.nginx.virtualHosts."${cfg.hostName}" = { + enableACME = false; + forceSSL = false; + }; + + #The network ports for HTTP(S) are not opened automatically + networking.firewall.allowedTCPPorts = [ 80 443 ]; + }; +}