From 3ace595938afa5d105af81700937ef5a0a4f606f Mon Sep 17 00:00:00 2001
From: Felix Buehler <account@buehler.rocks>
Date: Sat, 30 Jul 2022 15:38:22 +0200
Subject: [PATCH] mumble-server: move as new config

---
 modules/services/mumble-server/default.nix | 38 ++++++++++++++++++++++
 nixos/modules/service/mumble-server.nix    | 26 ---------------
 nixos/newton/configuration.nix             |  1 -
 nixos/newton/services.nix                  |  2 ++
 4 files changed, 40 insertions(+), 27 deletions(-)
 create mode 100644 modules/services/mumble-server/default.nix
 delete mode 100644 nixos/modules/service/mumble-server.nix

diff --git a/modules/services/mumble-server/default.nix b/modules/services/mumble-server/default.nix
new file mode 100644
index 0000000..fc0b86c
--- /dev/null
+++ b/modules/services/mumble-server/default.nix
@@ -0,0 +1,38 @@
+# Have a good quality voice chat
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.services.mumble-server;
+  #domain = "voice.${config.networking.domain}";
+  domain = "voice.buehler.rocks";
+in
+{
+  options.my.services.mumble-server = {
+    enable = lib.mkEnableOption "RSS-Bridge service";
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.murmur = {
+      enable = true;
+      # TODO enable in 22.11
+      #openFirewall = true;
+      welcometext = "Welcome to the Mumble-Server!";
+      sslCert = "/var/lib/acme/${domain}/fullchain.pem";
+      sslKey = "/var/lib/acme/${domain}/key.pem";
+    };
+
+    services.nginx.virtualHosts.${domain}.enableACME = true;
+    security.acme.certs."${domain}" = {
+      group = "voice-buehler-rocks";
+      postRun = ''
+        if ${pkgs.systemd}/bin/systemctl is-active murmur.service; then
+          ${pkgs.systemd}/bin/systemctl kill -s SIGUSR1 murmur.service
+        fi
+      '';
+    };
+
+    users.groups."voice-buehler-rocks".members = [ "murmur" "nginx" ];
+
+    networking.firewall.allowedTCPPorts = [ config.services.murmur.port ];
+    networking.firewall.allowedUDPPorts = [ config.services.murmur.port ];
+  };
+}
diff --git a/nixos/modules/service/mumble-server.nix b/nixos/modules/service/mumble-server.nix
deleted file mode 100644
index 785e008..0000000
--- a/nixos/modules/service/mumble-server.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{ config, pkgs, ... }:
-{
-  services.murmur = {
-    enable = true;
-    # TODO enable in 22.11
-    #openFirewall = true;
-    welcometext = "Welcome to the Mumble-Server!";
-    sslCert = "/var/lib/acme/voice.buehler.rocks/fullchain.pem";
-    sslKey = "/var/lib/acme/voice.buehler.rocks/key.pem";
-  };
-
-  services.nginx.virtualHosts."voice.buehler.rocks".enableACME = true;
-  security.acme.certs."voice.buehler.rocks" = {
-    group = "voice-buehler-rocks";
-    postRun = ''
-      if ${pkgs.systemd}/bin/systemctl is-active murmur.service; then
-        ${pkgs.systemd}/bin/systemctl kill -s SIGUSR1 murmur.service
-      fi
-    '';
-  };
-
-  users.groups."voice-buehler-rocks".members = [ "murmur" "nginx" ];
-
-  networking.firewall.allowedTCPPorts = [ config.services.murmur.port ];
-  networking.firewall.allowedUDPPorts = [ config.services.murmur.port ];
-}
diff --git a/nixos/newton/configuration.nix b/nixos/newton/configuration.nix
index 41903e7..2d56922 100644
--- a/nixos/newton/configuration.nix
+++ b/nixos/newton/configuration.nix
@@ -10,7 +10,6 @@
     ../modules/compression.nix
     ../modules/docker.nix
     ../modules/networkdecrypt.nix
-    ../modules/service/mumble-server.nix
     ../modules/nix.nix
     ../modules/ssh.nix
     ../modules/users.nix
diff --git a/nixos/newton/services.nix b/nixos/newton/services.nix
index 259ad50..8c0e11e 100644
--- a/nixos/newton/services.nix
+++ b/nixos/newton/services.nix
@@ -8,5 +8,7 @@ in
   my.services = {
     # RSS provider for websites that do not provide any feeds
     rss-bridge.enable = true;
+    # Voice-chat server
+    mumble-server.enable = true;
   };
 }