commit 8224ddeae18dce3dae92ccc0daaa082f8085b4bc · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

nixos/jitsi-meet: updated prosody config

genesis 2 years ago 8224ddea 645bc49f

+96 -13

1 changed file

expand all

unified split

nixos

modules

services

web-apps

jitsi-meet.nix

+96 -13

nixos/modules/services/web-apps/jitsi-meet.nix

··· 192 192 roomLocking = false; 193 193 roomDefaultPublicJids = true; 194 194 extraConfig = '' 195 + restrict_room_creation = true 195 196 storage = "memory" 197 + admins = { "focus@auth.${cfg.hostName}" } 196 198 ''; 197 199 } 198 200 { 199 - domain = "internal.${cfg.hostName}"; 201 + domain = "breakout.${cfg.hostName}"; 202 + name = "Jitsi Meet Breakout MUC"; 203 + roomLocking = false; 204 + roomDefaultPublicJids = true; 205 + extraConfig = '' 206 + restrict_room_creation = true 207 + storage = "memory" 208 + admins = { "focus@auth.${cfg.hostName}" } 209 + ''; 210 + } 211 + { 212 + domain = "internal.auth.${cfg.hostName}"; 200 213 name = "Jitsi Meet Videobridge MUC"; 214 + roomLocking = false; 215 + roomDefaultPublicJids = true; 201 216 extraConfig = '' 202 217 storage = "memory" 203 218 admins = { "focus@auth.${cfg.hostName}", "jvb@auth.${cfg.hostName}" } 204 219 ''; 205 220 #-- muc_room_cache_size = 1000 206 221 } 222 + { 223 + domain = "lobby.${cfg.hostName}"; 224 + name = "Jitsi Meet Lobby MUC"; 225 + roomLocking = false; 226 + roomDefaultPublicJids = true; 227 + extraConfig = '' 228 + restrict_room_creation = true 229 + storage = "memory" 230 + ''; 231 + } 207 232 ]; 208 - extraModules = [ "pubsub" "smacks" ]; 233 + extraModules = [ 234 + "pubsub" 235 + "smacks" 236 + "speakerstats" 237 + "external_services" 238 + "conference_duration" 239 + "end_conference" 240 + "muc_lobby_rooms" 241 + "muc_breakout_rooms" 242 + "av_moderation" 243 + "muc_hide_all" 244 + "muc_meeting_id" 245 + "muc_domain_mapper" 246 + "muc_rate_limit" 247 + "limits_exception" 248 + "persistent_lobby" 249 + ]; 209 250 extraPluginPaths = [ "${pkgs.jitsi-meet-prosody}/share/prosody-plugins" ]; 210 - extraConfig = lib.mkMerge [ (mkAfter '' 211 - Component "focus.${cfg.hostName}" "client_proxy" 212 - target_address = "focus@auth.${cfg.hostName}" 251 + extraConfig = lib.mkMerge [ 252 + (mkAfter '' 253 + Component "focus.${cfg.hostName}" "client_proxy" 254 + target_address = "focus@auth.${cfg.hostName}" 255 + 256 + Component "speakerstats.${cfg.hostName}" "speakerstats_component" 257 + muc_component = "conference.${cfg.hostName}" 258 + 259 + Component "conferenceduration.${cfg.hostName}" "conference_duration_component" 260 + muc_component = "conference.${cfg.hostName}" 261 + 262 + Component "endconference.${cfg.hostName}" "end_conference" 263 + muc_component = "conference.${cfg.hostName}" 264 + 265 + Component "avmoderation.${cfg.hostName}" "av_moderation_component" 266 + muc_component = "conference.${cfg.hostName}" 267 + 268 + Component "metadata.${cfg.hostName}" "room_metadata_component" 269 + muc_component = "conference.${cfg.hostName}" 270 + breakout_rooms_component = "breakout.${cfg.hostName}" 213 271 '') 214 272 (mkBefore '' 273 + muc_mapper_domain_base = "${cfg.hostName}" 274 + 215 275 cross_domain_websocket = true; 216 276 consider_websocket_secure = true; 277 + 278 + unlimited_jids = { 279 + "focus@auth.${cfg.hostName}", 280 + "jvb@auth.${cfg.hostName}" 281 + } 217 282 '') 218 283 ]; 219 284 virtualHosts.${cfg.hostName} = { 220 285 enabled = true; 221 286 domain = cfg.hostName; 222 287 extraConfig = '' 223 - authentication = "anonymous" 288 + authentication = "jitsi-anonymous" 224 289 c2s_require_encryption = false 225 290 admins = { "focus@auth.${cfg.hostName}" } 226 291 smacks_max_unacked_stanzas = 5 227 292 smacks_hibernation_time = 60 228 293 smacks_max_hibernated_sessions = 1 229 294 smacks_max_old_sessions = 1 295 + 296 + av_moderation_component = "avmoderation.${cfg.hostName}" 297 + speakerstats_component = "speakerstats.${cfg.hostName}" 298 + conference_duration_component = "conferenceduration.${cfg.hostName}" 299 + end_conference_component = "endconference.${cfg.hostName}" 300 + 301 + c2s_require_encryption = false 302 + lobby_muc = "lobby.${cfg.hostName}" 303 + breakout_rooms_muc = "breakout.${cfg.hostName}" 304 + room_metadata_component = "metadata.${cfg.hostName}" 305 + main_muc = "conference.${cfg.hostName}" 230 306 ''; 231 307 ssl = { 232 308 cert = "/var/lib/jitsi-meet/jitsi-meet.crt"; ··· 237 313 enabled = true; 238 314 domain = "auth.${cfg.hostName}"; 239 315 extraConfig = '' 240 - authentication = "internal_plain" 316 + authentication = "internal_hashed" 241 317 ''; 242 318 ssl = { 243 319 cert = "/var/lib/jitsi-meet/jitsi-meet.crt"; ··· 270 346 reloadIfChanged = true; 271 347 }; 272 348 273 - users.groups.jitsi-meet = {}; 349 + users.groups.jitsi-meet = { }; 274 350 systemd.tmpfiles.rules = [ 275 351 "d '/var/lib/jitsi-meet' 0750 root jitsi-meet - -" 276 352 ]; ··· 345 421 locations."=/external_api.js" = mkDefault { 346 422 alias = "${pkgs.jitsi-meet}/libs/external_api.min.js"; 347 423 }; 424 + locations."=/_api/room-info" = { 425 + proxyPass = "http://localhost:5280/room-info"; 426 + extraConfig = '' 427 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 428 + proxy_set_header Host $host; 429 + ''; 430 + }; 348 431 locations."=/config.js" = mkDefault { 349 432 alias = overrideJs "${pkgs.jitsi-meet}/config.js" "config" (recursiveUpdate defaultCfg cfg.config) cfg.extraConfig; 350 433 }; ··· 359 442 virtualHosts.${cfg.hostName} = { 360 443 extraConfig = 361 444 let 362 - templatedJitsiMeet = pkgs.runCommand "templated-jitsi-meet" {} '' 445 + templatedJitsiMeet = pkgs.runCommand "templated-jitsi-meet" { } '' 363 446 cp -R ${pkgs.jitsi-meet}/* . 364 447 for file in *.html **/*.html ; do 365 448 ${pkgs.sd}/bin/sd '' '{{ include "$1" }}' $file ··· 396 479 userName = "jvb"; 397 480 domain = "auth.${cfg.hostName}"; 398 481 passwordFile = "/var/lib/jitsi-meet/videobridge-secret"; 399 - mucJids = "jvbbrewery@internal.${cfg.hostName}"; 482 + mucJids = "jvbbrewery@internal.auth.${cfg.hostName}"; 400 483 disableCertificateVerification = true; 401 484 }; 402 485 }; ··· 409 492 userName = "focus"; 410 493 userPasswordFile = "/var/lib/jitsi-meet/jicofo-user-secret"; 411 494 componentPasswordFile = "/var/lib/jitsi-meet/jicofo-component-secret"; 412 - bridgeMuc = "jvbbrewery@internal.${cfg.hostName}"; 495 + bridgeMuc = "jvbbrewery@internal.auth.${cfg.hostName}"; 413 496 config = mkMerge [{ 414 497 jicofo.xmpp.service.disable-certificate-verification = true; 415 498 jicofo.xmpp.client.disable-certificate-verification = true; 416 499 #} (lib.mkIf cfg.jibri.enable { 417 500 } (lib.mkIf (config.services.jibri.enable || cfg.jibri.enable) { 418 501 jicofo.jibri = { 419 - brewery-jid = "JibriBrewery@internal.${cfg.hostName}"; 502 + brewery-jid = "JibriBrewery@internal.auth.${cfg.hostName}"; 420 503 pending-timeout = "90"; 421 504 }; 422 505 })]; ··· 430 513 xmppDomain = cfg.hostName; 431 514 432 515 control.muc = { 433 - domain = "internal.${cfg.hostName}"; 516 + domain = "internal.auth.${cfg.hostName}"; 434 517 roomName = "JibriBrewery"; 435 518 nickname = "jibri"; 436 519 };