]>
Commit | Line | Data |
---|---|---|
1a64deeb IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | port = config.myEnv.ports.galene_port; | |
4 | cfg = config.myServices.websites.tools.visio; | |
5 | in { | |
6 | options.myServices.websites.tools.visio = { | |
7 | enable = lib.mkEnableOption "enable visio website"; | |
8 | }; | |
9 | ||
10 | config = lib.mkIf cfg.enable { | |
11 | myServices.dns.zones."immae.eu".subdomains.visio = | |
12 | with config.myServices.dns.helpers; ips servers.eldiron.ips.main; | |
13 | ||
14 | myServices.chatonsProperties.services.galene = { | |
15 | file.datetime = "2022-08-21T22:45:00"; | |
16 | service = { | |
17 | name = "Galene"; | |
18 | description = "The Galène videoconference server"; | |
19 | website = "https://visio.immae.eu/"; | |
20 | status.level = "OK"; | |
21 | status.description = "OK"; | |
22 | registration."" = ["NONE"]; | |
23 | registration.load = "OPEN"; | |
24 | install.type = "PACKAGE"; | |
25 | }; | |
26 | software = { | |
27 | name = "Galene"; | |
28 | website = "https://galene.org/"; | |
29 | license.url = "https://github.com/jech/galene/blob/master/LICENCE"; | |
30 | license.name = "MIT License"; | |
31 | version = pkgs.galene.version; | |
32 | source.url = "https://github.com/jech/galene"; | |
33 | }; | |
34 | }; | |
35 | services.galene = { | |
36 | enable = true; | |
37 | httpPort = port; | |
38 | insecure = true; | |
39 | # hack to bypass module's limitations | |
40 | dataDir = "/var/lib/galene/data -http localhost:${builtins.toString port}"; | |
41 | }; | |
42 | systemd.services.galene.serviceConfig.RestrictAddressFamilies = lib.mkForce [ "AF_INET" "AF_INET6" "AF_NETLINK" ]; | |
43 | security.acme.certs.eldiron.extraDomainNames = [ "visio.immae.eu" ]; | |
44 | services.websites.env.tools.vhostConfs.visio = { | |
45 | certName = "eldiron"; | |
46 | hosts = ["visio.immae.eu" ]; | |
47 | root = null; | |
48 | extraConfig = [ | |
49 | '' | |
50 | ProxyPass /ws ws://localhost:${builtins.toString port}/ws | |
51 | ProxyPassReverse /ws ws://localhost:${builtins.toString port}/ws | |
52 | ||
53 | ProxyPass / http://localhost:${builtins.toString port}/ | |
54 | ProxyPassReverse / http://localhost:${builtins.toString port}/ | |
55 | ||
56 | ProxyPreserveHost On | |
57 | '' | |
58 | ]; | |
59 | }; | |
60 | ||
61 | }; | |
62 | } | |
63 |