diff options
Diffstat (limited to 'nix/prosody.nix')
-rw-r--r-- | nix/prosody.nix | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/nix/prosody.nix b/nix/prosody.nix new file mode 100644 index 0000000..cfbc551 --- /dev/null +++ b/nix/prosody.nix @@ -0,0 +1,60 @@ +{ lib, config, ... }: + +with lib; +let + cfg = config.services.brook; +in +{ + options.services.brook.prosody = { + enable = mkEnableOption "brook XMPP chat with prosody"; + + port = mkOption { + type = types.int; + default = 5281; + description = '' + Specify the port that prosody's web server is listening on. + ''; + }; + + guest-domain = mkOption { + type = types.string; + description = '' + The virtualhost prosody uses as an anonymous user scope. + By default prosody can either run in normal user mode, or in + anonymous mode. Becuase the stream chat doesn't require registration, + this creates a new virtualhost to achieve this. + ''; + }; + + certRoot = mkOption { + type = types.string; + description = '' + Pass in the root path to the certificates that the + prosody virtualhost should use. + ''; + }; + }; + + config = mkIf cfg.prosody.enable { + services.prosody = { + modules = { bosh = true; websocket = true; }; + + virtualHosts."${cfg.prosody.guest-domain}" = { + enable = true; + domain = "${cfg.prosody.guest-domain}"; + ssl = { + cert = "${cfg.prosody.certRoot}/fullchain.pem"; + key = "${cfg.prosody.certRoot}/key.pem"; + }; + extraConfig = '' + authentication = "anonymous" + http_host = ${cfg.prosody.guest-domain} + ''; + }; + + extraConfig = services.prosody.extraConfig + '' + consider_bosh_secure = true + ''; + }; + }; +} |