depot/hosts/prophet/services/meet/default.nix

{ config, lib, hosts, tools, ... }:
let
  host = hosts.${config.networking.hostName};
  inherit (host) interfaces;

  isNAT = interfaces.primary ? addrPublic;
in
{
  services.jitsi-meet = {
    enable = true;
    hostName = "meet.${tools.meta.domain}";
    nginx.enable = true;
    jicofo.enable = true;
    videobridge.enable = true;
    prosody.enable = true;
    config.p2p.enabled = false;
  };
  services.jitsi-videobridge.openFirewall = true;
  services.nginx.virtualHosts."meet.${tools.meta.domain}" = {
    enableACME = true;
    forceSSL = true;
    locations."=/images/watermark.svg" = {
      return = "200";
    };
  };
  systemd.services = lib.genAttrs [ "jicofo" "jitsi-meet-init-secrets" "jitsi-videobridge2" "prosody" ] (_: {
    serviceConfig = {
      LogNamespace = "meet";
      Slice = "communications.slice";
    };
  });
  boot.kernel.sysctl."net.core.rmem_max" = lib.mkForce 10485760;

  environment.etc."jitsi/videobridge/sip-communicator.properties" = lib.optionalAttrs isNAT {
    text = ''
      org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=${interfaces.primary.addr}
      org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=${interfaces.primary.addrPublic}
    '';
  };
}
meet: move service: VEGAS -> prophet 2022-02-04 01:08:05 +02:00			`{ config, lib, hosts, tools, ... }:`
			`let`
			`host = hosts.${config.networking.hostName};`
			`inherit (host) interfaces;`

			`isNAT = interfaces.primary ? addrPublic;`
			`in`
move Jitsi to VEGAS 2021-10-16 21:24:57 +03:00			`{`
			`services.jitsi-meet = {`
			`enable = true;`
			`hostName = "meet.${tools.meta.domain}";`
			`nginx.enable = true;`
			`jicofo.enable = true;`
			`videobridge.enable = true;`
			`prosody.enable = true;`
			`config.p2p.enabled = false;`
			`};`
VEGAS/meet: open ICE ports in firewall 2022-01-06 21:28:53 +02:00			`services.jitsi-videobridge.openFirewall = true;`
move Jitsi to VEGAS 2021-10-16 21:24:57 +03:00			`services.nginx.virtualHosts."meet.${tools.meta.domain}" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`locations."=/images/watermark.svg" = {`
			`return = "200";`
			`};`
			`};`
			`systemd.services = lib.genAttrs [ "jicofo" "jitsi-meet-init-secrets" "jitsi-videobridge2" "prosody" ] (_: {`
			`serviceConfig = {`
			`LogNamespace = "meet";`
			`Slice = "communications.slice";`
			`};`
			`});`
VEGAS/meet: force large UDP receive buffer setting 2021-12-02 22:45:05 +02:00			`boot.kernel.sysctl."net.core.rmem_max" = lib.mkForce 10485760;`
meet: move service: VEGAS -> prophet 2022-02-04 01:08:05 +02:00
			`environment.etc."jitsi/videobridge/sip-communicator.properties" = lib.optionalAttrs isNAT {`
			`text = ''`
			`org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=${interfaces.primary.addr}`
			`org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=${interfaces.primary.addrPublic}`
			`'';`
			`};`
move Jitsi to VEGAS 2021-10-16 21:24:57 +03:00			`}`