New host: meet.services.privatevoid.net

This commit is contained in:
Max Headroom 2021-06-12 22:28:09 +02:00
parent b1e9b98d1a
commit cdcd4f7b67
4 changed files with 50 additions and 1 deletions

View file

@ -49,7 +49,7 @@
in {
nixosModules = aspect.modules;
nixosConfigurations =
(lib.genAttrs [ "styx" ] mkNixOS);
(lib.genAttrs [ "styx" "meet" ] mkNixOS);
deploy.nodes = with deploy-rs-lib; {
styx = {
@ -59,6 +59,13 @@
path = activate.nixos self.nixosConfigurations.styx;
};
};
meet = {
hostname = "meet.services.privatevoid.net";
profiles.system = {
user = "root";
path = activate.nixos self.nixosConfigurations.meet;
};
};
};
packages.${system} = import ./packages {

View file

@ -4,6 +4,7 @@ in with tools.dns; {
# NixOS machines
styx = import ./styx tools;
meet = import ./meet tools;
# Non-NixOS machine metadata
VEGAS = {

7
hosts/meet/default.nix Normal file
View file

@ -0,0 +1,7 @@
tools: {
ssh.id = with tools.dns; {
publicKey = "ssh-invalid";
hostNames = subResolve "meet" "services";
};
nixos = import ./system.nix;
}

34
hosts/meet/system.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, pkgs, modulesPath, aspect, inputs, ... }:
{
imports = [
(modulesPath + "/virtualisation/lxc-container.nix")
inputs.agenix.nixosModules.age
]
++ (import ../../users "server").groups.admin
++ aspect.sets.server
++ (with aspect.modules; [ ]);
networking.hostName = "meet";
networking.firewall.enable = false;
nix.trustedUsers = [ "root" "@wheel" ];
security.sudo.wheelNeedsPassword = false;
services.jitsi-meet = {
enable = true;
hostName = "meet.privatevoid.net";
nginx.enable = true;
jicofo.enable = true;
videobridge.enable = true;
prosody.enable = true;
};
services.nginx.virtualHosts."meet.privatevoid.net" = {
enableACME = false;
forceSSL = false;
locations."=/images/watermark.svg" = {
return = "200";
};
};
environment.noXlibs = false;
}