diff options
-rw-r--r-- | modules/server/prosody/default.nix | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/modules/server/prosody/default.nix b/modules/server/prosody/default.nix new file mode 100644 index 00000000000..65a1cf7b8c7 --- /dev/null +++ b/modules/server/prosody/default.nix @@ -0,0 +1,49 @@ +/* PROSODY XMPP SERVER + * + * Convenient XMPP server with lots of XEP extentions, that also + * sets up ACME certificates specifically for the XMPP domain + */ + +{ config, pkgs, ... }: + +let + ssl = { + cert = "/var/lib/acme/xmpp.spacekookie.de/fullchain.pem"; + key = "/var/lib/acme/xmpp.spacekookie.de/key.pem"; + }; +in +{ + networking.firewall.allowedTCPPorts = [ 5222 5269 ]; + + security.acme.certs."xmpp.spacekookie.de" = { + email = "letsencrypt@spacekookie.de"; + webroot = "/var/lib/acme/acme-challenge"; + extraDomains = { + "spacekookie.de" = null; + }; + user = "prosody"; + }; + + services.prosody = { + enable = true; + modules = { + register = false; + http_files = true; + carbons = true; + mam = true; + pep = true; + }; + inherit ssl; + virtualHosts."spacekookie.de" = { + domain = "spacekookie.de"; + enabled = true; + inherit ssl; + }; + package = pkgs.prosody.override { + withCommunityModules = [ "http_upload" "smacks" "csi" "cloud_notify" ]; + }; + extraConfig = '' + http_upload_file_size_limit = 0 -- No limit + ''; + }; +} |