42 lines
1.1 KiB
Nix
42 lines
1.1 KiB
Nix
|
{ lib, config, ... }:
|
||
|
|
|
||
|
|
let
|
||
|
|
domain = "xmpp.giugl.io";
|
||
|
|
conference_domain = "conference.${domain}";
|
||
|
|
upload_domain = "uploads.${domain}";
|
||
|
|
network = import ./network.nix;
|
||
|
|
in {
|
||
|
|
services = {
|
||
|
|
prosody = {
|
||
|
|
enable = true;
|
||
|
|
virtualHosts = {
|
||
|
|
"${domain}" = {
|
||
|
|
domain = domain;
|
||
|
|
enabled = true;
|
||
|
|
ssl.key = "${config.security.acme.certs.${domain}.directory}/key.pem";
|
||
|
|
ssl.cert =
|
||
|
|
"${config.security.acme.certs.${domain}.directory}/fullchain.pem";
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
muc = [{ domain = conference_domain; }];
|
||
|
|
uploadHttp = { domain = upload_domain; };
|
||
|
|
|
||
|
|
admins = [ "giulio@${domain}" ];
|
||
|
|
httpInterfaces = [ "wg0" ];
|
||
|
|
httpsInterfaces = [ "wg0" ];
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
services.nginx.virtualHosts."${domain}".enableACME = true;
|
||
|
|
#services.nginx.virtualHosts."${conference_domain}".enableACME = true;
|
||
|
|
#services.nginx.virtualHosts."${upload_domain}".enableACME = true;
|
||
|
|
|
||
|
|
networking.extraHosts = ''
|
||
|
|
${network.architect-lan} ${domain}
|
||
|
|
${network.architect-wg} ${domain}
|
||
|
|
'';
|
||
|
|
|
||
|
|
users.groups.acme.members = [ "prosody" ];
|
||
|
|
}
|