meet: move service: VEGAS -> prophet
This commit is contained in:
parent
58560480e7
commit
7b065d47f0
4 changed files with 56 additions and 2 deletions
|
|
@ -27,7 +27,6 @@
|
|||
./services/hyprspace
|
||||
./services/ipfs
|
||||
./services/jokes
|
||||
./services/meet
|
||||
./services/nextcloud
|
||||
./services/nfs
|
||||
./services/mail
|
||||
|
|
|
|||
39
hosts/prophet/modules/nginx/default.nix
Normal file
39
hosts/prophet/modules/nginx/default.nix
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
{ lib, config, tools, ... }:
|
||||
|
||||
let
|
||||
inherit (tools.meta) domain adminEmail;
|
||||
in
|
||||
with tools.nginx.vhosts;
|
||||
with tools.nginx.mappers;
|
||||
{
|
||||
security.acme.email = adminEmail;
|
||||
security.acme.acceptTerms = true;
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
recommendedTlsSettings = true;
|
||||
recommendedOptimisation = true;
|
||||
recommendedGzipSettings = true;
|
||||
proxyResolveWhileRunning = false;
|
||||
resolver = {
|
||||
addresses = [ "127.0.0.1" ];
|
||||
valid = "30s";
|
||||
};
|
||||
appendHttpConfig = ''
|
||||
server_names_hash_bucket_size 128;
|
||||
proxy_headers_hash_max_size 4096;
|
||||
proxy_headers_hash_bucket_size 128;
|
||||
'';
|
||||
};
|
||||
services.phpfpm.pools.www = {
|
||||
inherit (config.services.nginx) user group;
|
||||
settings = {
|
||||
pm = "ondemand";
|
||||
"pm.max_children" = 16;
|
||||
"listen.owner" = config.services.nginx.user;
|
||||
"listen.group" = config.services.nginx.group;
|
||||
};
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
systemd.services.nginx.after = [ "network-online.target" ];
|
||||
}
|
||||
|
|
@ -1,4 +1,10 @@
|
|||
{ lib, tools, ... }:
|
||||
{ config, lib, hosts, tools, ... }:
|
||||
let
|
||||
host = hosts.${config.networking.hostName};
|
||||
inherit (host) interfaces;
|
||||
|
||||
isNAT = interfaces.primary ? addrPublic;
|
||||
in
|
||||
{
|
||||
services.jitsi-meet = {
|
||||
enable = true;
|
||||
|
|
@ -24,4 +30,11 @@
|
|||
};
|
||||
});
|
||||
boot.kernel.sysctl."net.core.rmem_max" = lib.mkForce 10485760;
|
||||
|
||||
environment.etc."jitsi/videobridge/sip-communicator.properties" = lib.optionalAttrs isNAT {
|
||||
text = ''
|
||||
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=${interfaces.primary.addr}
|
||||
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=${interfaces.primary.addrPublic}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
@ -6,10 +6,13 @@
|
|||
# Hardware
|
||||
./hardware-configuration.nix
|
||||
|
||||
./modules/nginx
|
||||
inputs.agenix.nixosModules.age
|
||||
|
||||
./services/meet
|
||||
aspect.modules.ipfs
|
||||
|
||||
|
||||
]
|
||||
++ aspect.sets.server;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue