mirror of
https://github.com/Stunkymonkey/nixos.git
synced 2025-05-24 18:04:41 +02:00
39 lines
1.1 KiB
Nix
39 lines
1.1 KiB
Nix
|
# Have a good quality voice chat
|
||
|
|
{ config, lib, pkgs, ... }:
|
||
|
|
let
|
||
|
|
cfg = config.my.services.mumble-server;
|
||
|
|
#domain = "voice.${config.networking.domain}";
|
||
|
|
domain = "voice.buehler.rocks";
|
||
|
|
in
|
||
|
|
{
|
||
|
|
options.my.services.mumble-server = {
|
||
|
|
enable = lib.mkEnableOption "RSS-Bridge service";
|
||
|
|
};
|
||
|
|
|
||
|
|
config = lib.mkIf cfg.enable {
|
||
|
|
services.murmur = {
|
||
|
|
enable = true;
|
||
|
|
# TODO enable in 22.11
|
||
|
|
#openFirewall = true;
|
||
|
|
welcometext = "Welcome to the Mumble-Server!";
|
||
|
|
sslCert = "/var/lib/acme/${domain}/fullchain.pem";
|
||
|
|
sslKey = "/var/lib/acme/${domain}/key.pem";
|
||
|
|
};
|
||
|
|
|
||
|
|
services.nginx.virtualHosts.${domain}.enableACME = true;
|
||
|
|
security.acme.certs."${domain}" = {
|
||
|
|
group = "voice-buehler-rocks";
|
||
|
|
postRun = ''
|
||
|
|
if ${pkgs.systemd}/bin/systemctl is-active murmur.service; then
|
||
|
|
${pkgs.systemd}/bin/systemctl kill -s SIGUSR1 murmur.service
|
||
|
|
fi
|
||
|
|
'';
|
||
|
|
};
|
||
|
|
|
||
|
|
users.groups."voice-buehler-rocks".members = [ "murmur" "nginx" ];
|
||
|
|
|
||
|
|
networking.firewall.allowedTCPPorts = [ config.services.murmur.port ];
|
||
|
|
networking.firewall.allowedUDPPorts = [ config.services.murmur.port ];
|
||
|
|
};
|
||
|
|
}
|