summaryrefslogtreecommitdiffstats
path: root/lass/2configs/services/coms
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs/services/coms')
-rw-r--r--lass/2configs/services/coms/default.nix6
-rw-r--r--lass/2configs/services/coms/jitsi.nix43
-rw-r--r--lass/2configs/services/coms/murmur.nix47
-rw-r--r--lass/2configs/services/coms/proxy.nix42
4 files changed, 0 insertions, 138 deletions
diff --git a/lass/2configs/services/coms/default.nix b/lass/2configs/services/coms/default.nix
deleted file mode 100644
index 4bc5f744b..000000000
--- a/lass/2configs/services/coms/default.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{
- imports = [
- ./jitsi.nix
- ./murmur.nix
- ];
-}
diff --git a/lass/2configs/services/coms/jitsi.nix b/lass/2configs/services/coms/jitsi.nix
deleted file mode 100644
index bbcb36166..000000000
--- a/lass/2configs/services/coms/jitsi.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-
- services.jitsi-meet = {
- enable = true;
- hostName = "jitsi.lassul.us";
- config = {
- enableWelcomePage = true;
- requireDisplayName = true;
- analytics.disabled = true;
- startAudioOnly = true;
- channelLastN = 4;
- stunServers = [
- # - https://www.kuketz-blog.de/jitsi-meet-server-einstellungen-fuer-einen-datenschutzfreundlichen-betrieb/
- { urls = "turn:turn.matrix.org:3478?transport=udp"; }
- { urls = "turn:turn.matrix.org:3478?transport=tcp"; }
- # - services.coturn:
- #{ urls = "turn:turn.${domainName}:3479?transport=udp"; }
- #{ urls = "turn:turn.${domainName}:3479?transport=tcp"; }
- ];
- constraints.video.height = {
- ideal = 720;
- max = 1080;
- min = 240;
- };
- };
- interfaceConfig = {
- SHOW_JITSI_WATERMARK = false;
- SHOW_WATERMARK_FOR_GUESTS = false;
- DISABLE_PRESENCE_STATUS = true;
- GENERATE_ROOMNAMES_ON_WELCOME_PAGE = false;
- };
- };
-
- services.jitsi-videobridge.config = {
- org.jitsi.videobridge.TRUST_BWE = false;
- };
-
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 4443"; target = "ACCEPT"; }
- { predicate = "-p udp --dport 10000"; target = "ACCEPT"; }
- ];
-}
diff --git a/lass/2configs/services/coms/murmur.nix b/lass/2configs/services/coms/murmur.nix
deleted file mode 100644
index 40c53da36..000000000
--- a/lass/2configs/services/coms/murmur.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
- services.murmur = {
- enable = true;
- # allowHtml = false;
- bandwidth = 10000000;
- registerName = "lassul.us";
- autobanTime = 30;
- sslCert = "/var/lib/acme/lassul.us/cert.pem";
- sslKey = "/var/lib/acme/lassul.us/key.pem";
- extraConfig = ''
- opusthreshold=0
- # rememberchannelduration=10000
- '';
- };
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
- { predicate = "-p udp --dport 64738"; target = "ACCEPT";}
- ];
-
- # services.botamusique = {
- # enable = true;
- # settings = {
- # server.host = "lassul.us";
- # bot.auto_check_updates = false;
- # bot.max_track_duration = 360;
- # webinterface.enabled = true;
- # };
- # };
-
- services.nginx.virtualHosts."lassul.us" = {
- enableACME = true;
- };
- security.acme.certs."lassul.us" = {
- group = "lasscert";
- };
- users.groups.lasscert.members = [
- "nginx"
- "murmur"
- ];
-
- # services.nginx.virtualHosts."bota.r" = {
- # locations."/" = {
- # proxyPass = "http://localhost:8181";
- # };
- # };
-}
diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix
deleted file mode 100644
index e8555f9b7..000000000
--- a/lass/2configs/services/coms/proxy.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
- tcpports = [
- 4443 # jitsi
- 64738 # murmur
- ];
- udpports = [
- 10000 # jitsi
- 64738 # murmur
- ];
- target = "orange.r";
-in
-{
- networking.firewall.allowedTCPPorts = tcpports;
- networking.firewall.allowedUDPPorts = udpports;
- services.nginx.streamConfig = ''
- ${lib.concatMapStringsSep "\n" (port: ''
- server {
- listen [::]:${toString port};
- listen ${toString port};
- proxy_pass ${target}:${toString port};
- }
- '') tcpports}
- ${lib.concatMapStringsSep "\n" (port: ''
- server {
- listen ${toString port} udp;
- proxy_pass ${target}:${toString port};
- }
- '') udpports}
- '';
-
- services.nginx.virtualHosts."jitsi.lassul.us" = {
- enableACME = true;
- acmeFallbackHost = "${target}";
- addSSL = true;
- locations."/" = {
- recommendedProxySettings = true;
- proxyWebsockets = true;
- proxyPass = "http://${target}";
- };
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 08:42:22 +0000
[cgit] Unable to lock slot /tmp/cgit/7c100000.lock: No such file or directory (2)