]>
Commit | Line | Data |
---|---|---|
bdaca01e IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | port = 18013; | |
4 | turnPort = 18014; | |
5 | cfg = config.myServices.websites.tools.visio; | |
6 | in { | |
7 | options.myServices.websites.tools.visio = { | |
8 | enable = lib.mkEnableOption "enable visio website"; | |
9 | }; | |
10 | ||
11 | config = lib.mkIf cfg.enable { | |
12 | networking.firewall.allowedTCPPorts = [ turnPort ]; | |
13 | networking.firewall.allowedUDPPorts = [ turnPort ]; | |
14 | services.galene = { | |
15 | enable = true; | |
16 | httpPort = port; | |
17 | insecure = true; | |
18 | # hack to bypass module's limitations | |
19 | dataDir = "/var/lib/galene/data -http localhost:${builtins.toString port} -turn :${builtins.toString turnPort}"; | |
20 | }; | |
21 | services.websites.env.tools.vhostConfs.visio = { | |
22 | certName = "eldiron"; | |
23 | addToCerts = true; | |
24 | hosts = ["visio.immae.eu" ]; | |
25 | root = null; | |
26 | extraConfig = [ | |
27 | '' | |
28 | ProxyPass /ws ws://localhost:${builtins.toString port}/ws | |
29 | ProxyPassReverse /ws ws://localhost:${builtins.toString port}/ws | |
30 | ||
31 | ProxyPass / http://localhost:${builtins.toString port}/ | |
32 | ProxyPassReverse / http://localhost:${builtins.toString port}/ | |
33 | ||
34 | ProxyPreserveHost On | |
35 | '' | |
36 | ]; | |
37 | }; | |
38 | ||
39 | }; | |
40 | } | |
41 |