commit 8224ddeae18dce3dae92ccc0daaa082f8085b4bc · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

nixos/jitsi-meet: updated prosody config

genesis 2 years ago 8224ddea 645bc49f

+96 -13

1 changed file

expand all

unified split

nixos

modules

services

web-apps

jitsi-meet.nix

+96 -13

nixos/modules/services/web-apps/jitsi-meet.nix

··· 192 roomLocking = false; 193 roomDefaultPublicJids = true; 194 extraConfig = '' 195 storage = "memory" 196 ''; 197 } 198 { 199 - domain = "internal.${cfg.hostName}"; 200 name = "Jitsi Meet Videobridge MUC"; 201 extraConfig = '' 202 storage = "memory" 203 admins = { "focus@auth.${cfg.hostName}", "jvb@auth.${cfg.hostName}" } 204 ''; 205 #-- muc_room_cache_size = 1000 206 } 207 ]; 208 - extraModules = [ "pubsub" "smacks" ]; 209 extraPluginPaths = [ "${pkgs.jitsi-meet-prosody}/share/prosody-plugins" ]; 210 - extraConfig = lib.mkMerge [ (mkAfter '' 211 - Component "focus.${cfg.hostName}" "client_proxy" 212 - target_address = "focus@auth.${cfg.hostName}" 213 '') 214 (mkBefore '' 215 cross_domain_websocket = true; 216 consider_websocket_secure = true; 217 '') 218 ]; 219 virtualHosts.${cfg.hostName} = { 220 enabled = true; 221 domain = cfg.hostName; 222 extraConfig = '' 223 - authentication = "anonymous" 224 c2s_require_encryption = false 225 admins = { "focus@auth.${cfg.hostName}" } 226 smacks_max_unacked_stanzas = 5 227 smacks_hibernation_time = 60 228 smacks_max_hibernated_sessions = 1 229 smacks_max_old_sessions = 1 230 ''; 231 ssl = { 232 cert = "/var/lib/jitsi-meet/jitsi-meet.crt"; ··· 237 enabled = true; 238 domain = "auth.${cfg.hostName}"; 239 extraConfig = '' 240 - authentication = "internal_plain" 241 ''; 242 ssl = { 243 cert = "/var/lib/jitsi-meet/jitsi-meet.crt"; ··· 270 reloadIfChanged = true; 271 }; 272 273 - users.groups.jitsi-meet = {}; 274 systemd.tmpfiles.rules = [ 275 "d '/var/lib/jitsi-meet' 0750 root jitsi-meet - -" 276 ]; ··· 345 locations."=/external_api.js" = mkDefault { 346 alias = "${pkgs.jitsi-meet}/libs/external_api.min.js"; 347 }; 348 locations."=/config.js" = mkDefault { 349 alias = overrideJs "${pkgs.jitsi-meet}/config.js" "config" (recursiveUpdate defaultCfg cfg.config) cfg.extraConfig; 350 }; ··· 359 virtualHosts.${cfg.hostName} = { 360 extraConfig = 361 let 362 - templatedJitsiMeet = pkgs.runCommand "templated-jitsi-meet" {} '' 363 cp -R ${pkgs.jitsi-meet}/* . 364 for file in *.html **/*.html ; do 365 ${pkgs.sd}/bin/sd '' '{{ include "$1" }}' $file ··· 396 userName = "jvb"; 397 domain = "auth.${cfg.hostName}"; 398 passwordFile = "/var/lib/jitsi-meet/videobridge-secret"; 399 - mucJids = "jvbbrewery@internal.${cfg.hostName}"; 400 disableCertificateVerification = true; 401 }; 402 }; ··· 409 userName = "focus"; 410 userPasswordFile = "/var/lib/jitsi-meet/jicofo-user-secret"; 411 componentPasswordFile = "/var/lib/jitsi-meet/jicofo-component-secret"; 412 - bridgeMuc = "jvbbrewery@internal.${cfg.hostName}"; 413 config = mkMerge [{ 414 jicofo.xmpp.service.disable-certificate-verification = true; 415 jicofo.xmpp.client.disable-certificate-verification = true; 416 #} (lib.mkIf cfg.jibri.enable { 417 } (lib.mkIf (config.services.jibri.enable || cfg.jibri.enable) { 418 jicofo.jibri = { 419 - brewery-jid = "JibriBrewery@internal.${cfg.hostName}"; 420 pending-timeout = "90"; 421 }; 422 })]; ··· 430 xmppDomain = cfg.hostName; 431 432 control.muc = { 433 - domain = "internal.${cfg.hostName}"; 434 roomName = "JibriBrewery"; 435 nickname = "jibri"; 436 };

··· 192 roomLocking = false; 193 roomDefaultPublicJids = true; 194 extraConfig = '' 195 + restrict_room_creation = true 196 storage = "memory" 197 + admins = { "focus@auth.${cfg.hostName}" } 198 ''; 199 } 200 { 201 + domain = "breakout.${cfg.hostName}"; 202 + name = "Jitsi Meet Breakout MUC"; 203 + roomLocking = false; 204 + roomDefaultPublicJids = true; 205 + extraConfig = '' 206 + restrict_room_creation = true 207 + storage = "memory" 208 + admins = { "focus@auth.${cfg.hostName}" } 209 + ''; 210 + } 211 + { 212 + domain = "internal.auth.${cfg.hostName}"; 213 name = "Jitsi Meet Videobridge MUC"; 214 + roomLocking = false; 215 + roomDefaultPublicJids = true; 216 extraConfig = '' 217 storage = "memory" 218 admins = { "focus@auth.${cfg.hostName}", "jvb@auth.${cfg.hostName}" } 219 ''; 220 #-- muc_room_cache_size = 1000 221 } 222 + { 223 + domain = "lobby.${cfg.hostName}"; 224 + name = "Jitsi Meet Lobby MUC"; 225 + roomLocking = false; 226 + roomDefaultPublicJids = true; 227 + extraConfig = '' 228 + restrict_room_creation = true 229 + storage = "memory" 230 + ''; 231 + } 232 ]; 233 + extraModules = [ 234 + "pubsub" 235 + "smacks" 236 + "speakerstats" 237 + "external_services" 238 + "conference_duration" 239 + "end_conference" 240 + "muc_lobby_rooms" 241 + "muc_breakout_rooms" 242 + "av_moderation" 243 + "muc_hide_all" 244 + "muc_meeting_id" 245 + "muc_domain_mapper" 246 + "muc_rate_limit" 247 + "limits_exception" 248 + "persistent_lobby" 249 + ]; 250 extraPluginPaths = [ "${pkgs.jitsi-meet-prosody}/share/prosody-plugins" ]; 251 + extraConfig = lib.mkMerge [ 252 + (mkAfter '' 253 + Component "focus.${cfg.hostName}" "client_proxy" 254 + target_address = "focus@auth.${cfg.hostName}" 255 + 256 + Component "speakerstats.${cfg.hostName}" "speakerstats_component" 257 + muc_component = "conference.${cfg.hostName}" 258 + 259 + Component "conferenceduration.${cfg.hostName}" "conference_duration_component" 260 + muc_component = "conference.${cfg.hostName}" 261 + 262 + Component "endconference.${cfg.hostName}" "end_conference" 263 + muc_component = "conference.${cfg.hostName}" 264 + 265 + Component "avmoderation.${cfg.hostName}" "av_moderation_component" 266 + muc_component = "conference.${cfg.hostName}" 267 + 268 + Component "metadata.${cfg.hostName}" "room_metadata_component" 269 + muc_component = "conference.${cfg.hostName}" 270 + breakout_rooms_component = "breakout.${cfg.hostName}" 271 '') 272 (mkBefore '' 273 + muc_mapper_domain_base = "${cfg.hostName}" 274 + 275 cross_domain_websocket = true; 276 consider_websocket_secure = true; 277 + 278 + unlimited_jids = { 279 + "focus@auth.${cfg.hostName}", 280 + "jvb@auth.${cfg.hostName}" 281 + } 282 '') 283 ]; 284 virtualHosts.${cfg.hostName} = { 285 enabled = true; 286 domain = cfg.hostName; 287 extraConfig = '' 288 + authentication = "jitsi-anonymous" 289 c2s_require_encryption = false 290 admins = { "focus@auth.${cfg.hostName}" } 291 smacks_max_unacked_stanzas = 5 292 smacks_hibernation_time = 60 293 smacks_max_hibernated_sessions = 1 294 smacks_max_old_sessions = 1 295 + 296 + av_moderation_component = "avmoderation.${cfg.hostName}" 297 + speakerstats_component = "speakerstats.${cfg.hostName}" 298 + conference_duration_component = "conferenceduration.${cfg.hostName}" 299 + end_conference_component = "endconference.${cfg.hostName}" 300 + 301 + c2s_require_encryption = false 302 + lobby_muc = "lobby.${cfg.hostName}" 303 + breakout_rooms_muc = "breakout.${cfg.hostName}" 304 + room_metadata_component = "metadata.${cfg.hostName}" 305 + main_muc = "conference.${cfg.hostName}" 306 ''; 307 ssl = { 308 cert = "/var/lib/jitsi-meet/jitsi-meet.crt"; ··· 313 enabled = true; 314 domain = "auth.${cfg.hostName}"; 315 extraConfig = '' 316 + authentication = "internal_hashed" 317 ''; 318 ssl = { 319 cert = "/var/lib/jitsi-meet/jitsi-meet.crt"; ··· 346 reloadIfChanged = true; 347 }; 348 349 + users.groups.jitsi-meet = { }; 350 systemd.tmpfiles.rules = [ 351 "d '/var/lib/jitsi-meet' 0750 root jitsi-meet - -" 352 ]; ··· 421 locations."=/external_api.js" = mkDefault { 422 alias = "${pkgs.jitsi-meet}/libs/external_api.min.js"; 423 }; 424 + locations."=/_api/room-info" = { 425 + proxyPass = "http://localhost:5280/room-info"; 426 + extraConfig = '' 427 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 428 + proxy_set_header Host $host; 429 + ''; 430 + }; 431 locations."=/config.js" = mkDefault { 432 alias = overrideJs "${pkgs.jitsi-meet}/config.js" "config" (recursiveUpdate defaultCfg cfg.config) cfg.extraConfig; 433 }; ··· 442 virtualHosts.${cfg.hostName} = { 443 extraConfig = 444 let 445 + templatedJitsiMeet = pkgs.runCommand "templated-jitsi-meet" { } '' 446 cp -R ${pkgs.jitsi-meet}/* . 447 for file in *.html **/*.html ; do 448 ${pkgs.sd}/bin/sd '' '{{ include "$1" }}' $file ··· 479 userName = "jvb"; 480 domain = "auth.${cfg.hostName}"; 481 passwordFile = "/var/lib/jitsi-meet/videobridge-secret"; 482 + mucJids = "jvbbrewery@internal.auth.${cfg.hostName}"; 483 disableCertificateVerification = true; 484 }; 485 }; ··· 492 userName = "focus"; 493 userPasswordFile = "/var/lib/jitsi-meet/jicofo-user-secret"; 494 componentPasswordFile = "/var/lib/jitsi-meet/jicofo-component-secret"; 495 + bridgeMuc = "jvbbrewery@internal.auth.${cfg.hostName}"; 496 config = mkMerge [{ 497 jicofo.xmpp.service.disable-certificate-verification = true; 498 jicofo.xmpp.client.disable-certificate-verification = true; 499 #} (lib.mkIf cfg.jibri.enable { 500 } (lib.mkIf (config.services.jibri.enable || cfg.jibri.enable) { 501 jicofo.jibri = { 502 + brewery-jid = "JibriBrewery@internal.auth.${cfg.hostName}"; 503 pending-timeout = "90"; 504 }; 505 })]; ··· 513 xmppDomain = cfg.hostName; 514 515 control.muc = { 516 + domain = "internal.auth.${cfg.hostName}"; 517 roomName = "JibriBrewery"; 518 nickname = "jibri"; 519 };