depot/cluster/services/meet/host.nix

73 lines
1.8 KiB
Nix
Raw Normal View History

2023-02-24 16:16:15 +02:00
{ config, lib, depot, tools, ... }:
2022-02-04 01:08:05 +02:00
let
inherit (config) links;
2023-02-24 16:16:15 +02:00
inherit (depot.reflection) interfaces;
2022-02-04 01:08:05 +02:00
in
2021-10-16 21:24:57 +03:00
{
links = {
jitsi-exporter.protocol = "http";
};
2021-10-16 21:24:57 +03:00
services.jitsi-meet = {
enable = true;
hostName = "meet.${tools.meta.domain}";
nginx.enable = true;
jicofo.enable = true;
videobridge.enable = true;
prosody.enable = true;
config = {
p2p.enabled = false;
startAudioOnly = true;
};
2021-10-16 21:24:57 +03:00
};
services.jitsi-videobridge = {
openFirewall = true;
2023-06-02 17:08:43 +03:00
colibriRestApi = true;
2022-05-15 01:35:02 +03:00
config.videobridge = {
ice = {
tcp.port = 7777;
};
stats.transports = [
{ type = "muc"; }
{ type = "colibri"; }
];
};
2023-02-24 16:16:15 +02:00
nat = lib.optionalAttrs interfaces.primary.isNat {
localAddress = interfaces.primary.addr;
publicAddress = interfaces.primary.addrPublic;
};
};
2021-10-16 21:24:57 +03:00
services.nginx.virtualHosts."meet.${tools.meta.domain}" = {
enableACME = true;
forceSSL = true;
locations."=/images/watermark.svg" = {
return = "200";
};
};
systemd.services = lib.genAttrs [ "jicofo" "jitsi-meet-init-secrets" "jitsi-videobridge2" "prosody" ] (_: {
serviceConfig = {
Slice = "communications.slice";
};
});
boot.kernel.sysctl."net.core.rmem_max" = lib.mkForce 10485760;
services.prometheus.exporters.jitsi = {
enable = true;
interval = "60s";
listenAddress = links.jitsi-exporter.ipv4;
inherit (links.jitsi-exporter) port;
};
services.grafana-agent.settings.metrics.configs = lib.singleton {
name = "metrics-jitsi";
scrape_configs = lib.singleton {
job_name = "jitsi";
static_configs = lib.singleton {
targets = lib.singleton links.jitsi-exporter.tuple;
labels.instance = config.services.jitsi-meet.hostName;
};
};
};
2021-10-16 21:24:57 +03:00
}