Compare commits
No commits in common. "598c4390024a0d2b4d9316bf83093707ff731314" and "2304711359ff33551d00bc6a90ac1bd88a06ad68" have entirely different histories.
598c439002
...
2304711359
2 changed files with 21 additions and 35 deletions
|
|
@ -1,10 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit (lib.strings) concatMapStringsSep;
|
||||
|
||||
{config, ...}: let
|
||||
cfg = config.services.matrix-conduit;
|
||||
domain = "matrix.${config.services.nginx.domain}";
|
||||
turn-realm = "turn.${config.services.nginx.domain}";
|
||||
|
|
@ -22,6 +16,8 @@ in {
|
|||
in [
|
||||
"turn:${address}?transport=udp"
|
||||
"turn:${address}?transport=tcp"
|
||||
"turns:${tls-address}?transport=udp"
|
||||
"turns:${tls-address}?transport=tcp"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
@ -72,9 +68,11 @@ in {
|
|||
denied-peer-ip=2002::-2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
||||
denied-peer-ip=fc00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
||||
denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
||||
allowed-peer-ip=178.79.137.55
|
||||
|
||||
# *Allow* any IP addresses that we explicitly set as relay IPs
|
||||
${concatMapStringsSep "\n" (ip: "allowed-peer-ip=${ip}") config.services.coturn.relay-ips}
|
||||
# Limit number of rooms
|
||||
user-quota=12
|
||||
total-quota=36
|
||||
|
||||
# Various other security settings
|
||||
no-tlsv1
|
||||
|
|
|
|||
40
flake.nix
40
flake.nix
|
|
@ -72,15 +72,13 @@
|
|||
lib = nixpkgs.lib;
|
||||
};
|
||||
|
||||
###################
|
||||
# Utility scripts #
|
||||
###################
|
||||
packages.${system} = let
|
||||
####################
|
||||
# VM launch script #
|
||||
####################
|
||||
apps.${system} = let
|
||||
inherit (nixpkgs.legacyPackages.${system}) writeShellScript;
|
||||
in {
|
||||
default = self.packages.${system}.run-vm;
|
||||
|
||||
run-vm = let
|
||||
default = let
|
||||
vm = self.lib.makeNixosSystem {
|
||||
inherit system;
|
||||
extraModules = [(import ./configuration/hardware-specific/vm.nix)];
|
||||
|
|
@ -93,33 +91,23 @@
|
|||
"8448" = "8448"; # Matrix
|
||||
"21025" = "21025"; # Starbound
|
||||
};
|
||||
in
|
||||
writeShellScript "run-vm" ''
|
||||
in {
|
||||
type = "app";
|
||||
program = builtins.toString (writeShellScript "run-vm" ''
|
||||
export QEMU_OPTS="-m 3941 -smp 2 -display curses"
|
||||
export QEMU_NET_OPTS="${qemuNetOpts}"
|
||||
"${vm.config.system.build.vm}/bin/run-tlaternet-vm"
|
||||
'';
|
||||
'');
|
||||
};
|
||||
|
||||
update-nextcloud-apps = let
|
||||
nvfetcher-bin = "${nvfetcher.defaultPackage.${system}}/bin/nvfetcher";
|
||||
in
|
||||
writeShellScript "update-nextcloud-apps" ''
|
||||
in {
|
||||
type = "app";
|
||||
program = builtins.toString (writeShellScript "update-nextcloud-apps" ''
|
||||
cd "$(git rev-parse --show-toplevel)/pkgs"
|
||||
${nvfetcher-bin} -o _sources_nextcloud -c nextcloud-apps.toml
|
||||
'';
|
||||
};
|
||||
|
||||
apps.${system} = let
|
||||
inherit (nixpkgs.legacyPackages.${system}) writeShellScript;
|
||||
in {
|
||||
default = {
|
||||
type = "app";
|
||||
program = builtins.toString self.packages.${system}.run-vm;
|
||||
};
|
||||
|
||||
update-nextcloud-apps = {
|
||||
type = "app";
|
||||
program = builtins.toString self.packages.${system}.update-nextcloud-apps;
|
||||
'');
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue