hacc/haccfiles
8
0
Fork 1
Code Issues 1 Pull requests Projects Releases Wiki Activity
haccfiles/services/workadventure.nix
stuebinm 16245e830f
remove truelove-specific workadventure 
This removes the special configuration to make our workadventure useable
for the truelove event and reverts it to just run at void.hacc.space
without authentication etc.

Tbh, not sure if that's actually what we want — do we need a running
workadventure instance at all? Or should we just remove the entire container?
2022-01-01 20:03:32 +01:00

86 lines
2.3 KiB
Nix
Raw Blame History

{ config, lib, pkgs, modules, profiles, evalConfig, sources, ... }:
let
wapkgs = "${sources.workadventure}/wapkgs.nix";
in
{
services.coturn = {
enable = true;
realm = "void.hacc.space";
no-cli = true;
lt-cred-mech = true;
extraConfig = ''
user=turn:a4c9ad080dc51146611eabd15a27b07fc92850a9ae90c53e7745fce6c5a2c457
fingerprint
external-ip=135.181.215.233
server-name=void.hacc.space
prometheus
'';
cert = config.security.acme.certs."void.hacc.space".directory + "full.pem";
pkey = config.security.acme.certs."void.hacc.space".directory + "key.pem";
};
networking.firewall = with config.services.coturn;
let
ports = [ listening-port tls-listening-port ];
in {
allowedTCPPorts = ports ++ [ 9641 ]; # 9641 is the port for the prometheus endpoint
allowedUDPPorts = ports;
allowedUDPPortRanges = [
{ from = min-port; to = max-port; }
];
};
services.nginx.virtualHosts."void.hacc.space" = {
locations."/" = {
proxyPass = "http://192.168.150.3";
proxyWebsockets = true;
};
enableACME = true;
forceSSL = true;
};
containers.wa-void = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.150.1";
localAddress = "192.168.150.3";
path = (evalConfig {hosts = {}; groups = {};} ({ config, lib, pkgs, profiles, modules, sources, ... }: {
boot.isContainer = true;
networking.useDHCP = false;
users.users.root.hashedPassword = "";
imports = [
"${sources.workadventure.outPath}/default.nix"
((import sources.nix-hexchen) {}).profiles.nopersist
];
services.workadventure."void" = {
packageset = (import wapkgs {inherit pkgs;}).workadventure-xce;
nginx = {
default = true;
domain = "https://void.hacc.space";
};
frontend.startRoomUrl = "/_/global/localhost/maps/main.json";
commonConfig = {
webrtc.stun.url = "stun:void.hacc.space:3478";
webrtc.turn = {
url = "turn:135.181.215.233";
user = "turn";
password = "a4c9ad080dc51146611eabd15a27b07fc92850a9ae90c53e7745fce6c5a2c457";
};
jitsi.url = "meet.ffmuc.net";
};
};
})).config.system.build.toplevel;
};
}
Reference in a new issue View git blame Copy permalink