haccfiles/services/thelounge.nix

87 lines
2.3 KiB
Nix
Raw Normal View History

2021-08-07 12:27:49 +00:00
{ config, lib, pkgs, evalConfig, ... }:
hainich: hacky version of thelounge as webchat Intended for KontraIAA; requirements were that it should be a simple and non-confusing as possible. I tried both KiwiIRC and thelounge, and found both horrible to package (a fact not helped by the somewhat opaque structure of nixpkgs.nodePackages, which does contain a version of thelounge but will apparently ignore overrides of the src attribute). Instead, this now contains a very hacky version of thelounge, which merely takes the already-built version from nixpkgs and glues some extra css to it which hides potentially confusing fields. Things hidden on the "connect" screen: - the "name" field (since thelounge offers "nick" "name" and "realname" by default, which seems too much for something embedded on a website) - the "I have a password" checkbox Things hidden on the general view: - the button to open the side panel (the panel itself is not hidden, and will appear by itself on wider layouts), so that users will only see that one channel - the "channel options" menu (which includes a "leave channel" option which would effectively break the webchat) Things not addressed: - thelounge has autocompletion for /join /leave, etc. Do we want to disable that as well? - It would probably useful to suppress all the "x joined the channel" messages. Thelounge supports this, but apparently doesn't support setting it as default? Misc: - for now, users will be connected to #thelounge on libera.chat, which appears to be okay with being used as an experimental channel - I allowed prefetching link previews, but only on the server's side (i.e. users' browsers won't fetch content from arbitrary sites) - not yet tested on hainich, but should work (tested in a NixOS container) - currently assumes a "webchat.voc.hacc.space" domain (I think we had a voc domain? but I forgot where it is …)
2021-08-05 17:11:43 +00:00
let
# necessary since overlays won't propagate into the
# container's config
thelounge = pkgs.thelounge-hacked;
in
{
containers.thelounge = {
autoStart = true;
privateNetwork = true;
2021-08-07 12:27:49 +00:00
hostAddress = "192.168.100.1";
localAddress = "192.168.100.4";
hainich: hacky version of thelounge as webchat Intended for KontraIAA; requirements were that it should be a simple and non-confusing as possible. I tried both KiwiIRC and thelounge, and found both horrible to package (a fact not helped by the somewhat opaque structure of nixpkgs.nodePackages, which does contain a version of thelounge but will apparently ignore overrides of the src attribute). Instead, this now contains a very hacky version of thelounge, which merely takes the already-built version from nixpkgs and glues some extra css to it which hides potentially confusing fields. Things hidden on the "connect" screen: - the "name" field (since thelounge offers "nick" "name" and "realname" by default, which seems too much for something embedded on a website) - the "I have a password" checkbox Things hidden on the general view: - the button to open the side panel (the panel itself is not hidden, and will appear by itself on wider layouts), so that users will only see that one channel - the "channel options" menu (which includes a "leave channel" option which would effectively break the webchat) Things not addressed: - thelounge has autocompletion for /join /leave, etc. Do we want to disable that as well? - It would probably useful to suppress all the "x joined the channel" messages. Thelounge supports this, but apparently doesn't support setting it as default? Misc: - for now, users will be connected to #thelounge on libera.chat, which appears to be okay with being used as an experimental channel - I allowed prefetching link previews, but only on the server's side (i.e. users' browsers won't fetch content from arbitrary sites) - not yet tested on hainich, but should work (tested in a NixOS container) - currently assumes a "webchat.voc.hacc.space" domain (I think we had a voc domain? but I forgot where it is …)
2021-08-05 17:11:43 +00:00
2021-08-07 12:27:49 +00:00
path = (evalConfig {hosts = {}; groups = {};} ({ config, lib, pkgs, profiles, modules, sources, ... }: {
boot.isContainer = true;
networking.useDHCP = false;
users.users.root.hashedPassword = "";
nixpkgs.config.allowUnfree = true;
networking.firewall.enable = false;
networking.defaultGateway = {
address = "192.168.100.1";
interface = "eth0";
};
hainich: hacky version of thelounge as webchat Intended for KontraIAA; requirements were that it should be a simple and non-confusing as possible. I tried both KiwiIRC and thelounge, and found both horrible to package (a fact not helped by the somewhat opaque structure of nixpkgs.nodePackages, which does contain a version of thelounge but will apparently ignore overrides of the src attribute). Instead, this now contains a very hacky version of thelounge, which merely takes the already-built version from nixpkgs and glues some extra css to it which hides potentially confusing fields. Things hidden on the "connect" screen: - the "name" field (since thelounge offers "nick" "name" and "realname" by default, which seems too much for something embedded on a website) - the "I have a password" checkbox Things hidden on the general view: - the button to open the side panel (the panel itself is not hidden, and will appear by itself on wider layouts), so that users will only see that one channel - the "channel options" menu (which includes a "leave channel" option which would effectively break the webchat) Things not addressed: - thelounge has autocompletion for /join /leave, etc. Do we want to disable that as well? - It would probably useful to suppress all the "x joined the channel" messages. Thelounge supports this, but apparently doesn't support setting it as default? Misc: - for now, users will be connected to #thelounge on libera.chat, which appears to be okay with being used as an experimental channel - I allowed prefetching link previews, but only on the server's side (i.e. users' browsers won't fetch content from arbitrary sites) - not yet tested on hainich, but should work (tested in a NixOS container) - currently assumes a "webchat.voc.hacc.space" domain (I think we had a voc domain? but I forgot where it is …)
2021-08-05 17:11:43 +00:00
services.thelounge = {
enable = true;
extraConfig = {
public = true;
# respect X-Forwarded-For
reverseProxy = true;
defaults = {
name = "libera chat";
host = "irc.eu.libera.chat";
port = 6697;
# encrypt things!
tls = true;
# yes, please do actually check the cert …
rejectUnauthorized = true;
2021-08-18 20:00:11 +00:00
nick = "haccGuest%%%%";
2021-08-07 12:27:49 +00:00
join = "#hacc-webchat";
hainich: hacky version of thelounge as webchat Intended for KontraIAA; requirements were that it should be a simple and non-confusing as possible. I tried both KiwiIRC and thelounge, and found both horrible to package (a fact not helped by the somewhat opaque structure of nixpkgs.nodePackages, which does contain a version of thelounge but will apparently ignore overrides of the src attribute). Instead, this now contains a very hacky version of thelounge, which merely takes the already-built version from nixpkgs and glues some extra css to it which hides potentially confusing fields. Things hidden on the "connect" screen: - the "name" field (since thelounge offers "nick" "name" and "realname" by default, which seems too much for something embedded on a website) - the "I have a password" checkbox Things hidden on the general view: - the button to open the side panel (the panel itself is not hidden, and will appear by itself on wider layouts), so that users will only see that one channel - the "channel options" menu (which includes a "leave channel" option which would effectively break the webchat) Things not addressed: - thelounge has autocompletion for /join /leave, etc. Do we want to disable that as well? - It would probably useful to suppress all the "x joined the channel" messages. Thelounge supports this, but apparently doesn't support setting it as default? Misc: - for now, users will be connected to #thelounge on libera.chat, which appears to be okay with being used as an experimental channel - I allowed prefetching link previews, but only on the server's side (i.e. users' browsers won't fetch content from arbitrary sites) - not yet tested on hainich, but should work (tested in a NixOS container) - currently assumes a "webchat.voc.hacc.space" domain (I think we had a voc domain? but I forgot where it is …)
2021-08-05 17:11:43 +00:00
};
lockNetwork = true;
# don't log messages (default is text / sqlite)
messageStorage = [];
# darker theme
#theme = "morning";
# these three should result in having link previews
# which are fetched only by the server, then proxied
# (i.e. clients won't directly connect to arbitrary
# domains to get previews)
prefetch = true;
prefetchStorage = true;
disableMediaPreview = true;
leaveMessage = "happy haccing";
};
};
# override the package we use
systemd.services.thelounge.serviceConfig.ExecStart =
pkgs.lib.mkForce "${thelounge}/bin/thelounge start";
2021-08-18 20:00:11 +00:00
services.coredns = {
enable = true;
config = ''
.:53 {
forward . 1.1.1.1
}
'';
};
2021-08-07 12:27:49 +00:00
})).config.system.build.toplevel;
hainich: hacky version of thelounge as webchat Intended for KontraIAA; requirements were that it should be a simple and non-confusing as possible. I tried both KiwiIRC and thelounge, and found both horrible to package (a fact not helped by the somewhat opaque structure of nixpkgs.nodePackages, which does contain a version of thelounge but will apparently ignore overrides of the src attribute). Instead, this now contains a very hacky version of thelounge, which merely takes the already-built version from nixpkgs and glues some extra css to it which hides potentially confusing fields. Things hidden on the "connect" screen: - the "name" field (since thelounge offers "nick" "name" and "realname" by default, which seems too much for something embedded on a website) - the "I have a password" checkbox Things hidden on the general view: - the button to open the side panel (the panel itself is not hidden, and will appear by itself on wider layouts), so that users will only see that one channel - the "channel options" menu (which includes a "leave channel" option which would effectively break the webchat) Things not addressed: - thelounge has autocompletion for /join /leave, etc. Do we want to disable that as well? - It would probably useful to suppress all the "x joined the channel" messages. Thelounge supports this, but apparently doesn't support setting it as default? Misc: - for now, users will be connected to #thelounge on libera.chat, which appears to be okay with being used as an experimental channel - I allowed prefetching link previews, but only on the server's side (i.e. users' browsers won't fetch content from arbitrary sites) - not yet tested on hainich, but should work (tested in a NixOS container) - currently assumes a "webchat.voc.hacc.space" domain (I think we had a voc domain? but I forgot where it is …)
2021-08-05 17:11:43 +00:00
};
services.nginx.virtualHosts."webchat.voc.hacc.space" = {
locations."/".proxyPass =
"http://${config.containers.thelounge.localAddress}:9000";
enableACME = true;
forceSSL = true;
};
}