diff options
| author | makefu <github@syntax-fehler.de> | 2023-07-28 22:24:15 +0200 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2023-07-28 22:24:15 +0200 |
| commit | 060a8f28fa1fc648bdf66afb31a5d1efac868837 (patch) | |
| tree | 2b354eacc7897365ee45244fe7a51720e0d0333f /makefu/2configs/workadventure | |
| parent | cbfcc890e3b76d942b927809bf981a5fa7289e6a (diff) | |
makefu: move out to own repo, add vacation-note
Diffstat (limited to 'makefu/2configs/workadventure')
| -rw-r--r-- | makefu/2configs/workadventure/default.nix | 6 | ||||
| -rw-r--r-- | makefu/2configs/workadventure/jitsi.nix | 59 | ||||
| -rw-r--r-- | makefu/2configs/workadventure/workadventure.nix | 161 |
3 files changed, 0 insertions, 226 deletions
diff --git a/makefu/2configs/workadventure/default.nix b/makefu/2configs/workadventure/default.nix deleted file mode 100644 index 3c68fca8d..000000000 --- a/makefu/2configs/workadventure/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - ./jitsi.nix - ./workadventure.nix - ]; -} diff --git a/makefu/2configs/workadventure/jitsi.nix b/makefu/2configs/workadventure/jitsi.nix deleted file mode 100644 index d5c590746..000000000 --- a/makefu/2configs/workadventure/jitsi.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - # + + - # | | - # | | - # v v - # 80, 443 TCP 443 TCP, 10000 UDP - # +--------------+ +---------------------+ - # | nginx | 5222, 5347 TCP | | - # | jitsi-meet |<-------------------+| jitsi-videobridge | - # | prosody | | | | - # | jicofo | | +---------------------+ - # +--------------+ | - # | +---------------------+ - # | | | - # +----------+| jitsi-videobridge | - # | | | - # | +---------------------+ - # | - # | +---------------------+ - # | | | - # +----------+| jitsi-videobridge | - # | | - # +---------------------+ - - # This is a one server setup - services.jitsi-meet = { - enable = true; - hostName = "meet.euer.krebsco.de"; - - # JItsi COnference FOcus is a server side focus component used in Jitsi Meet conferences. - # https://github.com/jitsi/jicofo - jicofo.enable = true; - - # Whether to enable nginx virtual host that will serve the javascript application and act as a proxy for the XMPP server. - # Further nginx configuration can be done by adapting services.nginx.virtualHosts.<hostName>. When this is enabled, ACME - # will be used to retrieve a TLS certificate by default. To disable this, set the - # services.nginx.virtualHosts.<hostName>.enableACME to false and if appropriate do the same for - # services.nginx.virtualHosts.<hostName>.forceSSL. - nginx.enable = true; - - # https://github.com/jitsi/jitsi-meet/blob/master/config.js - config = { - enableWelcomePage = true; - defaultLang = "en"; - }; - - # https://github.com/jitsi/jitsi-meet/blob/master/interface_config.js - interfaceConfig = { - SHOW_JITSI_WATERMARK = false; - SHOW_WATERMARK_FOR_GUESTS = false; - }; - }; - - networking.firewall = { - allowedTCPPorts = [ 80 443 ]; - allowedUDPPorts = [ 10000 ]; - }; - -} diff --git a/makefu/2configs/workadventure/workadventure.nix b/makefu/2configs/workadventure/workadventure.nix deleted file mode 100644 index 02680aa77..000000000 --- a/makefu/2configs/workadventure/workadventure.nix +++ /dev/null @@ -1,161 +0,0 @@ -{ config, pkgs, lib, ... }: -let - # If your Jitsi environment has authentication set up, - # you MUST set JITSI_PRIVATE_MODE to "true" and - # you MUST pass a SECRET_JITSI_KEY to generate the JWT secret - jitsiPrivateMode = "false"; - - secretJitsiKey = ""; - - jitsiISS = ""; - - workadventureSecretKey = ""; - - jitsiURL = "meet.euer.krebsco.de"; - - domain = "work.euer.krebsco.de"; - # domain will redirect to this map. (not play.${domain}) - defaultMap = "npeguin.github.io/office-map/map.json"; - - apiURL = "api.${domain}"; - apiPort = 9002; - - frontURL = "play.${domain}"; - frontPort = 9004; - - pusherURL = "push.${domain}"; - pusherPort = 9005; - - uploaderURL = "ul.${domain}"; - uploaderPort = 9006; - - frontImage = "thecodingmachine/workadventure-front:develop"; - pusherImage = "thecodingmachine/workadventure-pusher:develop"; - apiImage = "thecodingmachine/workadventure-back:develop"; - uploaderImage = "thecodingmachine/workadventure-uploader:develop"; - -in { - - networking.firewall = { - allowedTCPPorts = [ 80 443 ]; - allowedUDPPorts = [ 80 443 ]; - }; - - services.nginx.enable = true; - services.nginx.recommendedProxySettings = true; - - systemd.services.workadventure-network = { - enable = true; - wantedBy = [ "multi-user.target" ]; - script = '' - ${pkgs.docker}/bin/docker network create --driver bridge workadventure ||: - ''; - after = [ "docker" ]; - before = [ - "docker-workadventure-back.service" - "docker-workadventure-pusher.service" - "docker-workadventure-uploader.service" - "docker-workadventure-website.service" - ]; - }; - - virtualisation.oci-containers.backend = "docker"; - security.acme.certs."${domain}".extraDomainNames = [ apiURL frontURL pusherURL uploaderURL ]; - services.nginx.virtualHosts."${domain}" = { - enableACME = true; - forceSSL = true; - locations."/" = { - return = "301 $scheme://play.${domain}/_/global/${defaultMap}"; - }; - }; - - virtualisation.oci-containers.containers.workadventure-front = { - image = frontImage; - environment = { - API_URL = pusherURL; - JITSI_PRIVATE_MODE = jitsiPrivateMode; - JITSI_URL = jitsiURL; - SECRET_JITSI_KEY = secretJitsiKey; - UPLOADER_URL = uploaderURL; - }; - ports = [ "127.0.0.1:${toString frontPort}:80" ]; - extraOptions = [ "--network=workadventure" ]; - }; - services.nginx.virtualHosts."${frontURL}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { proxyPass = "http://127.0.0.1:${toString frontPort}"; }; - }; - - virtualisation.oci-containers.containers.workadventure-pusher = { - image = pusherImage; - environment = { - API_URL = "workadventure-back:50051"; - JITSI_ISS = jitsiISS; - JITSI_URL = jitsiURL; - SECRET_KEY = workadventureSecretKey; - }; - ports = [ "127.0.0.1:${toString pusherPort}:8080" ]; - extraOptions = [ "--network=workadventure" ]; - }; - services.nginx.virtualHosts."${pusherURL}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString pusherPort}"; - proxyWebsockets = true; - }; - locations."/room" = { - proxyPass = "http://127.0.0.1:${toString pusherPort}"; - proxyWebsockets = true; - }; - }; - - virtualisation.oci-containers.containers.workadventure-back = { - image = apiImage; - environment = { - #DEBUG = "*"; - JITSI_ISS = jitsiISS; - JITSI_URL = jitsiURL; - SECRET_KEY = workadventureSecretKey; - }; - ports = [ "127.0.0.1:${toString apiPort}:8080" "50051" ]; - extraOptions = [ "--network=workadventure" ]; - }; - services.nginx.virtualHosts."${apiURL}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { proxyPass = "http://127.0.0.1:${toString apiPort}"; }; - }; - - virtualisation.oci-containers.containers.workadventure-uploader = { - image = uploaderImage; - ports = [ "127.0.0.1:${toString uploaderPort}:8080" ]; - extraOptions = [ "--network=workadventure" ]; - }; - services.nginx.virtualHosts."${uploaderURL}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString uploaderPort}"; - proxyWebsockets = true; - }; - }; - - systemd.services.docker-workadventure-front.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; - systemd.services.docker-workadventure-uploader.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; - systemd.services.docker-workadventure-pusher.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; - systemd.services.docker-workadventure-back.serviceConfig = { - StandardOutput = lib.mkForce "journal"; - StandardError = lib.mkForce "journal"; - }; -} |