Move Jitsi to a module
This commit is contained in:
parent
4318950142
commit
4b0c3f7948
3 changed files with 62 additions and 25 deletions
|
@ -3,13 +3,17 @@ flake-inputs:
|
|||
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
(import ./jitsi.nix flake-inputs)
|
||||
../../modules/jitsi.nix
|
||||
../../roles
|
||||
./network.nix
|
||||
];
|
||||
|
||||
# System configuration here
|
||||
services.mathebau-jitsi = {
|
||||
enable = true;
|
||||
hostName = "meet.mathebau.de";
|
||||
};
|
||||
|
||||
# System configuration here
|
||||
networking.hostName = "ghatanothoa";
|
||||
system.stateVersion = "23.11";
|
||||
}
|
||||
|
|
|
@ -1,23 +0,0 @@
|
|||
flake-inputs:
|
||||
{pkgs, config, lib, modulesPath, ...}: {
|
||||
imports = [(modulesPath + "/services/web-apps/jitsi-meet.nix")];
|
||||
|
||||
services.jitsi-meet = {
|
||||
enable = true;
|
||||
hostName = "meet.mathebau.de";
|
||||
config = {
|
||||
defaultLang = "de";
|
||||
};
|
||||
};
|
||||
services.jitsi-videobridge = {
|
||||
openFirewall = true;
|
||||
nat = {
|
||||
publicAddress = "130.83.2.184";
|
||||
localAddress = "192.168.0.25";
|
||||
};
|
||||
};
|
||||
services.nginx.virtualHosts."meet.mathebau.de".enableACME = false;
|
||||
services.nginx.virtualHosts."meet.mathebau.de".forceSSL = false;
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 10000 ];
|
||||
}
|
56
nixos/modules/jitsi.nix
Normal file
56
nixos/modules/jitsi.nix
Normal file
|
@ -0,0 +1,56 @@
|
|||
{pkgs, config, lib, modulesPath, ...}:
|
||||
let
|
||||
inherit (lib)
|
||||
mkIf
|
||||
mkEnableOption
|
||||
mkOption
|
||||
head;
|
||||
inherit (lib.types) str;
|
||||
cfg = config.services.mathebau-jitsi;
|
||||
in
|
||||
{
|
||||
imports = [(modulesPath + "/services/web-apps/jitsi-meet.nix")];
|
||||
|
||||
options.services.mathebau-jitsi = {
|
||||
enable = mkEnableOption "mathebau jitsi service";
|
||||
hostName = mkOption {
|
||||
type = str;
|
||||
default = null;
|
||||
};
|
||||
localAddress = mkOption {
|
||||
type = str;
|
||||
default = (head config.networking.interfaces.enX0.ipv4.addresses).address;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.jitsi-meet = {
|
||||
enable = true;
|
||||
hostName = cfg.hostName;
|
||||
config = {
|
||||
defaultLang = "de";
|
||||
};
|
||||
};
|
||||
services.jitsi-videobridge = {
|
||||
openFirewall = true;
|
||||
nat = {
|
||||
publicAddress = "130.83.2.184";
|
||||
localAddress = cfg.localAddress;
|
||||
};
|
||||
};
|
||||
environment.persistence.${config.impermanence.name} = {
|
||||
directories = [
|
||||
"/var/lib/jitsi-meet"
|
||||
"/var/lib/prosody"
|
||||
];
|
||||
};
|
||||
#We are behind a reverse proxy that handles TLS
|
||||
services.nginx.virtualHosts."${cfg.hostName}" = {
|
||||
enableACME = false;
|
||||
forceSSL = false;
|
||||
};
|
||||
|
||||
#The network ports for HTTP(S) are not opened automatically
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue