felix/nixos
1
0
Fork 0
mirror of https://github.com/Stunkymonkey/nixos.git synced 2025-05-24 18:04:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

enable mumble with correct certs

Browse source
This commit is contained in:
Felix Buehler 2022-07-23 20:10:49 +02:00
parent 0ca54b14aa
commit 36c6099327
1 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

19
nixos/modules/service/mumble-server.nix
View file

@ -3,7 +3,22 @@
services.murmur = {
enable = true;
welcometext = "Welcome to the Mumble-Server!";
#sslKey = "";
#sslCert = "";
sslCert = "/var/lib/acme/voice.buehler.rocks/fullchain.pem";
sslKey = "/var/lib/acme/voice.buehler.rocks/key.pem";
};
services.nginx.virtualHosts."voice.buehler.rocks".enableACME = true;
security.acme.certs."voice.buehler.rocks" = {
group = "voice-buehler-rocks";
postRun = ''
if ${pkgs.systemd}/bin/systemctl is-active murmur.service; then
${pkgs.systemd}/bin/systemctl kill -s SIGUSR1 murmur.service
fi
'';
};
users.groups."voice-buehler-rocks".members = [ "murmur" "nginx" ];
networking.firewall.allowedTCPPorts = [ config.services.murmur.port ];
networking.firewall.allowedUDPPorts = [ config.services.murmur.port ];
}