XMPP setup

2024-05-22 02:06:22 +02:00 · 2024-05-22 02:06:22 +02:00 · f8db5d7e9a
parent 46b52f7aaf
commit f8db5d7e9a
6 changed files with 35 additions and 1 deletions
--- a/common/fragments/graphical/bspwm.nix
+++ b/common/fragments/graphical/bspwm.nix
@ -13,6 +13,7 @@
        startup = startOnce [
          "firefox"
          "element-desktop"
          "dino"
          "telegram-desktop"
          "spotify"
          "geary"
--- a/common/fragments/graphical/default.nix
+++ b/common/fragments/graphical/default.nix
@ -37,6 +37,7 @@
    bspm
    colmena
    darktable
    dino
    element-desktop
    exiftool
    ffmpeg
--- a/common/fragments/prosody.nix
+++ b/common/fragments/prosody.nix
@ -0,0 +1,29 @@
 { config, ... }:
 let
  ssl = {
    cert = "${
        config.security.acme.certs."technogothic.net".directory
      }/fullchain.pem";
    key = "${config.security.acme.certs."technogothic.net".directory}/key.pem";
  };
 in {
  services.prosody = {
    enable = true;
    admins = [ "Agatha@argent.technogothic.net" ];
    inherit ssl;
    virtualHosts."argent.technogothic.net" = {
      enabled = true;
      domain = "argent.technogothic.net";
      inherit ssl;
    };
    muc = [{ domain = "muc.argent.technogothic.net"; }];
    uploadHttp.domain = "upload.argent.technogothic.net";
  };
  users.users."${config.services.prosody.user}".extraGroups =
    [ "acme" "nginx" ];
  networking.firewall.allowedTCPPorts = [ 5000 5222 5269 5281 ];
 }
--- a/hosts/bloodletting/configuration.nix
+++ b/hosts/bloodletting/configuration.nix
@ -14,6 +14,7 @@
    ../../common/fragments/nyandroid.nix
    ../../common/fragments/postgres.nix
    ../../common/fragments/prometheus_exporters.nix
    ../../common/fragments/prosody.nix
    ../../common/fragments/vsftpd.nix
    ../../common/home_manager/common.nix
  ];
@ -89,7 +90,7 @@
    group = "nginx";
  };
-  security.acme.defaults.reloadServices = [ "nginx" "vsftpd" ];
+  security.acme.defaults.reloadServices = [ "nginx" "vsftpd" "prosody" ];
  systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
  # Nginx
--- a/hosts/ritual/configuration.nix
+++ b/hosts/ritual/configuration.nix
@ -39,6 +39,7 @@
      rules = {
        "Element".desktop = "II";
        "TelegramDesktop".desktop = "III";
        "dino".desktop = "III";
        "Spotify".desktop = "IV";
        "Geary".desktop = "V";
        "firefox" = {
--- a/hosts/tears/configuration.nix
+++ b/hosts/tears/configuration.nix
@ -41,6 +41,7 @@
      rules = {
        "Element".desktop = "I";
        "TelegramDesktop".desktop = "II";
        "dino".desktop = "II";
        "Spotify".desktop = "III";
        "Geary".desktop = "IV";
        "firefox" = {