summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/workadventure
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2023-07-28 22:24:15 +0200
committermakefu <github@syntax-fehler.de>2023-07-28 22:24:15 +0200
commit060a8f28fa1fc648bdf66afb31a5d1efac868837 (patch)
tree2b354eacc7897365ee45244fe7a51720e0d0333f /makefu/2configs/workadventure
parentcbfcc890e3b76d942b927809bf981a5fa7289e6a (diff)
makefu: move out to own repo, add vacation-note
Diffstat (limited to 'makefu/2configs/workadventure')
-rw-r--r--makefu/2configs/workadventure/default.nix6
-rw-r--r--makefu/2configs/workadventure/jitsi.nix59
-rw-r--r--makefu/2configs/workadventure/workadventure.nix161
3 files changed, 0 insertions, 226 deletions
diff --git a/makefu/2configs/workadventure/default.nix b/makefu/2configs/workadventure/default.nix
deleted file mode 100644
index 3c68fca8d..000000000
--- a/makefu/2configs/workadventure/default.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{
- imports = [
- ./jitsi.nix
- ./workadventure.nix
- ];
-}
diff --git a/makefu/2configs/workadventure/jitsi.nix b/makefu/2configs/workadventure/jitsi.nix
deleted file mode 100644
index d5c590746..000000000
--- a/makefu/2configs/workadventure/jitsi.nix
+++ /dev/null
@@ -1,59 +0,0 @@
-{
- # + +
- # | |
- # | |
- # v v
- # 80, 443 TCP 443 TCP, 10000 UDP
- # +--------------+ +---------------------+
- # | nginx | 5222, 5347 TCP | |
- # | jitsi-meet |<-------------------+| jitsi-videobridge |
- # | prosody | | | |
- # | jicofo | | +---------------------+
- # +--------------+ |
- # | +---------------------+
- # | | |
- # +----------+| jitsi-videobridge |
- # | | |
- # | +---------------------+
- # |
- # | +---------------------+
- # | | |
- # +----------+| jitsi-videobridge |
- # | |
- # +---------------------+
-
- # This is a one server setup
- services.jitsi-meet = {
- enable = true;
- hostName = "meet.euer.krebsco.de";
-
- # JItsi COnference FOcus is a server side focus component used in Jitsi Meet conferences.
- # https://github.com/jitsi/jicofo
- jicofo.enable = true;
-
- # Whether to enable nginx virtual host that will serve the javascript application and act as a proxy for the XMPP server.
- # Further nginx configuration can be done by adapting services.nginx.virtualHosts.<hostName>. When this is enabled, ACME
- # will be used to retrieve a TLS certificate by default. To disable this, set the
- # services.nginx.virtualHosts.<hostName>.enableACME to false and if appropriate do the same for
- # services.nginx.virtualHosts.<hostName>.forceSSL.
- nginx.enable = true;
-
- # https://github.com/jitsi/jitsi-meet/blob/master/config.js
- config = {
- enableWelcomePage = true;
- defaultLang = "en";
- };
-
- # https://github.com/jitsi/jitsi-meet/blob/master/interface_config.js
- interfaceConfig = {
- SHOW_JITSI_WATERMARK = false;
- SHOW_WATERMARK_FOR_GUESTS = false;
- };
- };
-
- networking.firewall = {
- allowedTCPPorts = [ 80 443 ];
- allowedUDPPorts = [ 10000 ];
- };
-
-}
diff --git a/makefu/2configs/workadventure/workadventure.nix b/makefu/2configs/workadventure/workadventure.nix
deleted file mode 100644
index 02680aa77..000000000
--- a/makefu/2configs/workadventure/workadventure.nix
+++ /dev/null
@@ -1,161 +0,0 @@
-{ config, pkgs, lib, ... }:
-let
- # If your Jitsi environment has authentication set up,
- # you MUST set JITSI_PRIVATE_MODE to "true" and
- # you MUST pass a SECRET_JITSI_KEY to generate the JWT secret
- jitsiPrivateMode = "false";
-
- secretJitsiKey = "";
-
- jitsiISS = "";
-
- workadventureSecretKey = "";
-
- jitsiURL = "meet.euer.krebsco.de";
-
- domain = "work.euer.krebsco.de";
- # domain will redirect to this map. (not play.${domain})
- defaultMap = "npeguin.github.io/office-map/map.json";
-
- apiURL = "api.${domain}";
- apiPort = 9002;
-
- frontURL = "play.${domain}";
- frontPort = 9004;
-
- pusherURL = "push.${domain}";
- pusherPort = 9005;
-
- uploaderURL = "ul.${domain}";
- uploaderPort = 9006;
-
- frontImage = "thecodingmachine/workadventure-front:develop";
- pusherImage = "thecodingmachine/workadventure-pusher:develop";
- apiImage = "thecodingmachine/workadventure-back:develop";
- uploaderImage = "thecodingmachine/workadventure-uploader:develop";
-
-in {
-
- networking.firewall = {
- allowedTCPPorts = [ 80 443 ];
- allowedUDPPorts = [ 80 443 ];
- };
-
- services.nginx.enable = true;
- services.nginx.recommendedProxySettings = true;
-
- systemd.services.workadventure-network = {
- enable = true;
- wantedBy = [ "multi-user.target" ];
- script = ''
- ${pkgs.docker}/bin/docker network create --driver bridge workadventure ||:
- '';
- after = [ "docker" ];
- before = [
- "docker-workadventure-back.service"
- "docker-workadventure-pusher.service"
- "docker-workadventure-uploader.service"
- "docker-workadventure-website.service"
- ];
- };
-
- virtualisation.oci-containers.backend = "docker";
- security.acme.certs."${domain}".extraDomainNames = [ apiURL frontURL pusherURL uploaderURL ];
- services.nginx.virtualHosts."${domain}" = {
- enableACME = true;
- forceSSL = true;
- locations."/" = {
- return = "301 $scheme://play.${domain}/_/global/${defaultMap}";
- };
- };
-
- virtualisation.oci-containers.containers.workadventure-front = {
- image = frontImage;
- environment = {
- API_URL = pusherURL;
- JITSI_PRIVATE_MODE = jitsiPrivateMode;
- JITSI_URL = jitsiURL;
- SECRET_JITSI_KEY = secretJitsiKey;
- UPLOADER_URL = uploaderURL;
- };
- ports = [ "127.0.0.1:${toString frontPort}:80" ];
- extraOptions = [ "--network=workadventure" ];
- };
- services.nginx.virtualHosts."${frontURL}" = {
- useACMEHost = domain;
- forceSSL = true;
- locations."/" = { proxyPass = "http://127.0.0.1:${toString frontPort}"; };
- };
-
- virtualisation.oci-containers.containers.workadventure-pusher = {
- image = pusherImage;
- environment = {
- API_URL = "workadventure-back:50051";
- JITSI_ISS = jitsiISS;
- JITSI_URL = jitsiURL;
- SECRET_KEY = workadventureSecretKey;
- };
- ports = [ "127.0.0.1:${toString pusherPort}:8080" ];
- extraOptions = [ "--network=workadventure" ];
- };
- services.nginx.virtualHosts."${pusherURL}" = {
- useACMEHost = domain;
- forceSSL = true;
- locations."/" = {
- proxyPass = "http://127.0.0.1:${toString pusherPort}";
- proxyWebsockets = true;
- };
- locations."/room" = {
- proxyPass = "http://127.0.0.1:${toString pusherPort}";
- proxyWebsockets = true;
- };
- };
-
- virtualisation.oci-containers.containers.workadventure-back = {
- image = apiImage;
- environment = {
- #DEBUG = "*";
- JITSI_ISS = jitsiISS;
- JITSI_URL = jitsiURL;
- SECRET_KEY = workadventureSecretKey;
- };
- ports = [ "127.0.0.1:${toString apiPort}:8080" "50051" ];
- extraOptions = [ "--network=workadventure" ];
- };
- services.nginx.virtualHosts."${apiURL}" = {
- useACMEHost = domain;
- forceSSL = true;
- locations."/" = { proxyPass = "http://127.0.0.1:${toString apiPort}"; };
- };
-
- virtualisation.oci-containers.containers.workadventure-uploader = {
- image = uploaderImage;
- ports = [ "127.0.0.1:${toString uploaderPort}:8080" ];
- extraOptions = [ "--network=workadventure" ];
- };
- services.nginx.virtualHosts."${uploaderURL}" = {
- useACMEHost = domain;
- forceSSL = true;
- locations."/" = {
- proxyPass = "http://127.0.0.1:${toString uploaderPort}";
- proxyWebsockets = true;
- };
- };
-
- systemd.services.docker-workadventure-front.serviceConfig = {
- StandardOutput = lib.mkForce "journal";
- StandardError = lib.mkForce "journal";
- };
- systemd.services.docker-workadventure-uploader.serviceConfig = {
- StandardOutput = lib.mkForce "journal";
- StandardError = lib.mkForce "journal";
- };
- systemd.services.docker-workadventure-pusher.serviceConfig = {
- StandardOutput = lib.mkForce "journal";
- StandardError = lib.mkForce "journal";
- };
- systemd.services.docker-workadventure-back.serviceConfig = {
- StandardOutput = lib.mkForce "journal";
- StandardError = lib.mkForce "journal";
- };
-}