nixos-config/machines/vueko/services/murmur.nix

36 lines
999 B
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SPDX-FileCopyrightText: 2021-2024 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
{ config, ... }:
{
sops.secrets.murmur-superuser = {
owner = config.users.users.murmur.name;
sopsFile = ../secrets.yaml;
};
users.users.murmur.isSystemUser = true; # Infinisils module does not set that
services.murmur = {
enable = true;
openFirewall = true;
superuserPasswordFile = config.sops.secrets.murmur-superuser.path;
acmeDomain = "mumble.sbruder.de";
config = {
bandwidth = "128000";
obfuscate = true;
logfile = ""; # log to stdout
username = ''[ \\-=\\w\\[\\]\\{\\}\\(\\)\\@\\|\\.]+'';
channelname = ''[ \\-=\\w\\#\\[\\]\\{\\}\\(\\)\\@\\|]+'';
};
};
# upstream (out-of-tree) does not define this, but nixpkgs wants (🥁) it
systemd.services.murmur.wants = [ "network-online.target" ];
services.nginx.virtualHosts."mumble.sbruder.de" = {
enableACME = true;
forceSSL = true;
};
}