server_config/sys/srv/lib/jitsi.nix

{ lib, pkgs, ... }:
with lib;
{

  services = {

    nginx = {
      virtualHosts."meet.posixlycorrect.com" = {
        enableACME = true;
        forceSSL = true;
        extraConfig = ''
          proxy_headers_hash_max_size 512;
          proxy_headers_hash_bucket_size 128;
        
            ssl_verify_depth 1;
            ssl_verify_client on;
            ssl_client_certificate ${../gatekeeper_ca.pem};

            if ($ssl_client_verify != "SUCCESS") {
              return 403;
            }
        '';
      };
    };


    jitsi-meet = {
      enable = true;
      hostName = "meet.posixlycorrect.com";
      nginx.enable = true;
      config = {
        enableWelcomePage = true;
        prejoinPageEnabled = true;
        defaultLang = "en";
      };
      interfaceConfig = {
        SHOW_JITSI_WATERMARK = false;
        SHOW_WATERMARK_FOR_GUESTS = false;
      };
    };
    jitsi-videobridge.openFirewall = true;
  };
}
initial public commit 2024-08-23 21:01:33 +02:00			`{ lib, pkgs, ... }:`
			`with lib;`
			`{`

			`services = {`

			`nginx = {`
			`virtualHosts."meet.posixlycorrect.com" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`extraConfig = ''`
			`proxy_headers_hash_max_size 512;`
			`proxy_headers_hash_bucket_size 128;`

			`ssl_verify_depth 1;`
			`ssl_verify_client on;`
			`ssl_client_certificate ${../gatekeeper_ca.pem};`

			`if ($ssl_client_verify != "SUCCESS") {`
			`return 403;`
			`}`
			`'';`
			`};`
			`};`


			`jitsi-meet = {`
			`enable = true;`
			`hostName = "meet.posixlycorrect.com";`
			`nginx.enable = true;`
			`config = {`
			`enableWelcomePage = true;`
			`prejoinPageEnabled = true;`
			`defaultLang = "en";`
			`};`
			`interfaceConfig = {`
			`SHOW_JITSI_WATERMARK = false;`
			`SHOW_WATERMARK_FOR_GUESTS = false;`
			`};`
			`};`
			`jitsi-videobridge.openFirewall = true;`
			`};`
			`}`