nixos/hosts/architect/prosody.nix

{ lib, config, ... }:

let
  domain = "xmpp.giugl.io";
  conference_domain = "conference.${domain}";
  upload_domain = "uploads.${domain}";
  network = import ./network.nix;
in {
  services = {
    prosody = {
      enable = true;
      virtualHosts = {
        "${domain}" = {
          domain = domain;
          enabled = true;
          ssl.key = "${config.security.acme.certs.${domain}.directory}/key.pem";
          ssl.cert =
            "${config.security.acme.certs.${domain}.directory}/fullchain.pem";
        };
      };

      muc = [{ domain = conference_domain; }];
      uploadHttp = { domain = upload_domain; };

      admins = [ "giulio@${domain}" ];
      #httpInterfaces = [ "wg0" ];
      #httpsInterfaces = [ "wg0" ];
    };
  };

  services.nginx.virtualHosts."${domain}".enableACME = true;
  #services.nginx.virtualHosts."${conference_domain}".enableACME = true;
  #services.nginx.virtualHosts."${upload_domain}".enableACME = true;

  networking.extraHosts = ''
    ${network.architect-lan} ${domain}
    ${network.architect-wg} ${domain}
    ${network.architect-ts} ${domain}
  '';

  users.groups = {
    acme.members = [ "prosody" ];
    nginx.members = [ "prosody" ];
  };
}
prossima volta committo seriamente 2022-02-15 10:58:08 +00:00			`{ lib, config, ... }:`

			`let`
			`domain = "xmpp.giugl.io";`
			`conference_domain = "conference.${domain}";`
			`upload_domain = "uploads.${domain}";`
			`network = import ./network.nix;`
			`in {`
			`services = {`
			`prosody = {`
			`enable = true;`
			`virtualHosts = {`
			`"${domain}" = {`
			`domain = domain;`
			`enabled = true;`
			`ssl.key = "${config.security.acme.certs.${domain}.directory}/key.pem";`
			`ssl.cert =`
			`"${config.security.acme.certs.${domain}.directory}/fullchain.pem";`
			`};`
			`};`

			`muc = [{ domain = conference_domain; }];`
			`uploadHttp = { domain = upload_domain; };`

			`admins = [ "giulio@${domain}" ];`
many updates, yasssss 2022-03-15 15:58:04 +00:00			`#httpInterfaces = [ "wg0" ];`
			`#httpsInterfaces = [ "wg0" ];`
prossima volta committo seriamente 2022-02-15 10:58:08 +00:00			`};`
			`};`

			`services.nginx.virtualHosts."${domain}".enableACME = true;`
			`#services.nginx.virtualHosts."${conference_domain}".enableACME = true;`
			`#services.nginx.virtualHosts."${upload_domain}".enableACME = true;`

			`networking.extraHosts = ''`
			`${network.architect-lan} ${domain}`
			`${network.architect-wg} ${domain}`
architect: Add tailscale IP to hosts for every service 2023-02-01 20:55:32 +00:00			`${network.architect-ts} ${domain}`
Add prosody to nginx group 2022-10-11 20:30:49 +01:00			`'';`
prossima volta committo seriamente 2022-02-15 10:58:08 +00:00
Add prosody to nginx group 2022-10-11 20:30:49 +01:00			`users.groups = {`
			`acme.members = [ "prosody" ];`
			`nginx.members = [ "prosody" ];`
			`};`
prossima volta committo seriamente 2022-02-15 10:58:08 +00:00			`}`