]> Git — Sourcephile - sourcephile-nix.git/blob - hosts/mermet/murmur.nix
networking: add patate to wg-intra
[sourcephile-nix.git] / hosts / mermet / murmur.nix
1 { pkgs, lib, config, ... }:
2 let
3 inherit (config.users) users;
4 domain = config.networking.domain;
5 in
6 {
7 networking.nftables.ruleset = ''
8 add rule inet filter net2fw udp dport 64738 counter accept comment "Murmur"
9 add rule inet filter net2fw tcp dport 64738 counter accept comment "Murmur"
10 '';
11 users.groups.acme.members = [ users."murmur".name ];
12 security.acme.certs."${domain}" = {
13 postRun = "systemctl reload murmur";
14 };
15 systemd.services.murmur = {
16 wants = [ "acme-selfsigned-${domain}.service" "acme-${domain}.service"];
17 after = [ "acme-selfsigned-${domain}.service" ];
18 };
19 services.murmur = {
20 enable = true;
21 welcometext = ''
22 Bienvenue sur mumble.sourcephile.fr
23 Avant de commencer à parler, rejoignez un salon ou bien créez en un nouveau !
24 '';
25 bonjour = false;
26 registerName = "sourcephile";
27 registerHostname = "mumble.${domain}";
28 #registerUrl = "https://${domain}";
29 #registerLocation = "FR";
30 allowHtml = true;
31 users = 42;
32 sslKey = "/var/lib/acme/${domain}/full.pem";
33 extraConfig = ''
34 username = "[A-Za-z0-9_-]{2,12}"
35 channelnestinglimit = 10
36 opusthreshold = 50
37 '';
38 };
39 }