48 lines
1.2 KiB
Nix
48 lines
1.2 KiB
Nix
{ config, lib, hosts, tools, ... }:
|
|
let
|
|
host = hosts.${config.networking.hostName};
|
|
inherit (host) interfaces;
|
|
|
|
isNAT = interfaces.primary ? addrPublic;
|
|
in
|
|
{
|
|
services.jitsi-meet = {
|
|
enable = true;
|
|
hostName = "meet.${tools.meta.domain}";
|
|
nginx.enable = true;
|
|
jicofo.enable = true;
|
|
videobridge.enable = true;
|
|
prosody.enable = true;
|
|
config.p2p.enabled = false;
|
|
};
|
|
services.jitsi-videobridge = {
|
|
openFirewall = true;
|
|
apis = [ "colibri" "rest" ];
|
|
config.videobridge = {
|
|
ice = {
|
|
tcp.port = 7777;
|
|
};
|
|
stats.transports = [
|
|
{ type = "muc"; }
|
|
{ type = "colibri"; }
|
|
];
|
|
};
|
|
nat = lib.optionalAttrs isNAT {
|
|
localAddress = interfaces.primary.addr;
|
|
publicAddress = interfaces.primary.addrPublic;
|
|
};
|
|
};
|
|
services.nginx.virtualHosts."meet.${tools.meta.domain}" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."=/images/watermark.svg" = {
|
|
return = "200";
|
|
};
|
|
};
|
|
systemd.services = lib.genAttrs [ "jicofo" "jitsi-meet-init-secrets" "jitsi-videobridge2" "prosody" ] (_: {
|
|
serviceConfig = {
|
|
Slice = "communications.slice";
|
|
};
|
|
});
|
|
boot.kernel.sysctl."net.core.rmem_max" = lib.mkForce 10485760;
|
|
}
|