diff options
| author | ajs124 <ajs124@users.noreply.github.com> | 2022-06-29 21:09:19 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-06-29 21:09:19 +0200 |
| commit | 15e41e3edfaa82c4a3aa2d1527fd142d59bdba7f (patch) | |
| tree | 00721475fa4aff395253c8471a07ae9f8100b2b4 /nixos/modules | |
| parent | 693b31853e75b39a50dd8171d97715e8fc66202e (diff) | |
| parent | 729764a32d6569e692e44620bd98b552a9f72c33 (diff) | |
| download | nixpkgs-15e41e3edfaa82c4a3aa2d1527fd142d59bdba7f.tar nixpkgs-15e41e3edfaa82c4a3aa2d1527fd142d59bdba7f.tar.gz nixpkgs-15e41e3edfaa82c4a3aa2d1527fd142d59bdba7f.tar.bz2 nixpkgs-15e41e3edfaa82c4a3aa2d1527fd142d59bdba7f.tar.lz nixpkgs-15e41e3edfaa82c4a3aa2d1527fd142d59bdba7f.tar.xz nixpkgs-15e41e3edfaa82c4a3aa2d1527fd142d59bdba7f.tar.zst nixpkgs-15e41e3edfaa82c4a3aa2d1527fd142d59bdba7f.zip | |
Merge pull request #179358 from helsinki-systems/upd/jitsi
jitsi: update
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/services/web-apps/jitsi-meet.nix | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/nixos/modules/services/web-apps/jitsi-meet.nix b/nixos/modules/services/web-apps/jitsi-meet.nix index be0b5b94fb2..8ad92706b06 100644 --- a/nixos/modules/services/web-apps/jitsi-meet.nix +++ b/nixos/modules/services/web-apps/jitsi-meet.nix @@ -253,9 +253,20 @@ in ''; }; }; - systemd.services.prosody.serviceConfig = mkIf cfg.prosody.enable { - EnvironmentFile = [ "/var/lib/jitsi-meet/secrets-env" ]; - SupplementaryGroups = [ "jitsi-meet" ]; + systemd.services.prosody = mkIf cfg.prosody.enable { + preStart = let + videobridgeSecret = if cfg.videobridge.passwordFile != null then cfg.videobridge.passwordFile else "/var/lib/jitsi-meet/videobridge-secret"; + in '' + ${config.services.prosody.package}/bin/prosodyctl register focus auth.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jicofo-user-secret)" + ${config.services.prosody.package}/bin/prosodyctl register jvb auth.${cfg.hostName} "$(cat ${videobridgeSecret})" + ${config.services.prosody.package}/bin/prosodyctl mod_roster_command subscribe focus.${cfg.hostName} focus@auth.${cfg.hostName} + ${config.services.prosody.package}/bin/prosodyctl register jibri auth.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jibri-auth-secret)" + ${config.services.prosody.package}/bin/prosodyctl register recorder recorder.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jibri-recorder-secret)" + ''; + serviceConfig = { + EnvironmentFile = [ "/var/lib/jitsi-meet/secrets-env" ]; + SupplementaryGroups = [ "jitsi-meet" ]; + }; }; users.groups.jitsi-meet = {}; @@ -266,14 +277,12 @@ in systemd.services.jitsi-meet-init-secrets = { wantedBy = [ "multi-user.target" ]; before = [ "jicofo.service" "jitsi-videobridge2.service" ] ++ (optional cfg.prosody.enable "prosody.service"); - path = [ config.services.prosody.package ]; serviceConfig = { Type = "oneshot"; }; script = let secrets = [ "jicofo-component-secret" "jicofo-user-secret" "jibri-auth-secret" "jibri-recorder-secret" ] ++ (optional (cfg.videobridge.passwordFile == null) "videobridge-secret"); - videobridgeSecret = if cfg.videobridge.passwordFile != null then cfg.videobridge.passwordFile else "/var/lib/jitsi-meet/videobridge-secret"; in '' cd /var/lib/jitsi-meet @@ -291,12 +300,6 @@ in chmod 640 secrets-env '' + optionalString cfg.prosody.enable '' - prosodyctl register focus auth.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jicofo-user-secret)" - prosodyctl register jvb auth.${cfg.hostName} "$(cat ${videobridgeSecret})" - prosodyctl mod_roster_command subscribe focus.${cfg.hostName} focus@auth.${cfg.hostName} - prosodyctl register jibri auth.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jibri-auth-secret)" - prosodyctl register recorder recorder.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jibri-recorder-secret)" - # generate self-signed certificates if [ ! -f /var/lib/jitsi-meet.crt ]; then ${getBin pkgs.openssl}/bin/openssl req \ |