summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2020-07-12 18:59:58 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2020-07-12 18:59:58 +0200
commit69b1e740b4bcae179f7021d1b24c8a835af9c863 (patch)
tree46cfb105cb86d538d2e3932af2d609c04e1b8300
parente07ec5dcedb050532932d0e123b2b5e60f80e1df (diff)
downloadnixos-69b1e740b4bcae179f7021d1b24c8a835af9c863.tar
nixos-69b1e740b4bcae179f7021d1b24c8a835af9c863.tar.gz
nixos-69b1e740b4bcae179f7021d1b24c8a835af9c863.tar.bz2
nixos-69b1e740b4bcae179f7021d1b24c8a835af9c863.tar.xz
nixos-69b1e740b4bcae179f7021d1b24c8a835af9c863.zip
...
-rw-r--r--ymir.nix48
1 files changed, 21 insertions, 27 deletions
diff --git a/ymir.nix b/ymir.nix
index 6bab76bf..9c01b067 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -20,7 +20,7 @@ let
20 }; 20 };
21 myDomains = [ "dirty-haskell.org" "www.dirty-haskell.org" "lists.dirty-haskell.org" "l.dirty-haskell.org" 21 myDomains = [ "dirty-haskell.org" "www.dirty-haskell.org" "lists.dirty-haskell.org" "l.dirty-haskell.org"
22 "online.141.li" "o.141.li" "ftp.141.li" "files.141.li" "f.141.li" "ymir.141.li" "141.li" "www.141.li" "lists.141.li" "l.141.li" "rpg.141.li" "odin.141.li" 22 "online.141.li" "o.141.li" "ftp.141.li" "files.141.li" "f.141.li" "ymir.141.li" "141.li" "www.141.li" "lists.141.li" "l.141.li" "rpg.141.li" "odin.141.li"
23 "ymir.xmpp.li" "xmpp.li" "www.xmpp.li" "lists.xmpp.li" "l.xmpp.li" "muc.xmpp.li" "proxy.xmpp.li" "upload.xmpp.li" 23 "ymir.xmpp.li" "xmpp.li" "www.xmpp.li" "lists.xmpp.li" "l.xmpp.li" "muc.xmpp.li" "proxy.xmpp.li"
24 "online.yggdrasil.li" "o.yggdrasil.li" "ftp.yggdrasil.li" "files.yggdrasil.li" "f.yggdrasil.li" "ymir.yggdrasil.li" "git.yggdrasil.li" "www.yggdrasil.li" "yggdrasil.li" "lists.yggdrasil.li" "l.yggdrasil.li" "rpg.yggdrasil.li" "odin.yggdrasil.li" 24 "online.yggdrasil.li" "o.yggdrasil.li" "ftp.yggdrasil.li" "files.yggdrasil.li" "f.yggdrasil.li" "ymir.yggdrasil.li" "git.yggdrasil.li" "www.yggdrasil.li" "yggdrasil.li" "lists.yggdrasil.li" "l.yggdrasil.li" "rpg.yggdrasil.li" "odin.yggdrasil.li"
25 "online.praseodym.org" "o.praseodym.org" "ftp.praseodym.org" "files.praseodym.org" "f.praseodym.org" "ymir.praseodym.org" "praseodym.org" "www.praseodym.org" "lists.praseodym.org" "l.praseodym.org" "rpg.praseodym.org" 25 "online.praseodym.org" "o.praseodym.org" "ftp.praseodym.org" "files.praseodym.org" "f.praseodym.org" "ymir.praseodym.org" "praseodym.org" "www.praseodym.org" "lists.praseodym.org" "l.praseodym.org" "rpg.praseodym.org"
26 "git.rheperire.org" "api.rheperire.org" "www.rheperire.org" "rheperire.org" 26 "git.rheperire.org" "api.rheperire.org" "www.rheperire.org" "rheperire.org"
@@ -68,13 +68,13 @@ in rec {
68 68
69 nixpkgs.overlays = [ 69 nixpkgs.overlays = [
70 (self: super: { 70 (self: super: {
71 # prosody = self.callPackage ./customized/prosody.nix ({ 71 prosody = self.callPackage ./customized/prosody.nix ({
72 # inherit (self.lua51Packages) luasocket luaexpat luafilesystem luabitop luaevent luasec luadbi; 72 inherit (self.lua51Packages) luasocket luaexpat luafilesystem luabitop luaevent luasec luadbi;
73 # lua5 = pkgs.lua5_1; 73 lua5 = pkgs.lua5_1;
74 # withCommunityModules = ["carbons" "reload_modules" "csi" "cloud_notify" "csi_pump" "smacks" "track_muc_joins" "watchuntrusted" "auth_pam"]; 74 withCommunityModules = ["carbons" "reload_modules" "csi" "cloud_notify" "csi_pump" "smacks" "track_muc_joins" "watchuntrusted"];
75 # extraModules = [prosodyAuth]; 75 extraModules = [prosodyAuth];
76 # extraLibs = [luaPam luaPosix luaSha2] ++ (with self.lua51Packages; [lua-zlib]); 76 extraLibs = [luaPam luaPosix luaSha2] ++ (with self.lua51Packages; [lua-zlib]);
77 # }); 77 });
78 # uwsgi = pkgs.callPackage ./customized/uwsgi.nix { 78 # uwsgi = pkgs.callPackage ./customized/uwsgi.nix {
79 # extraPlugins = { 79 # extraPlugins = {
80 # cgi = { 80 # cgi = {
@@ -259,10 +259,6 @@ in rec {
259 }; 259 };
260 260
261 services.prosody = { 261 services.prosody = {
262 package = pkgs.prosody.override {
263 withExtraLibs = with pkgs.lua52Packages; [ luaPam luaPosix luafilesystem ];
264 withCommunityModules = [ "auth_pam" ];
265 };
266 enable = true; 262 enable = true;
267 admins = [ 263 admins = [
268 "gkleen@xmpp.li" 264 "gkleen@xmpp.li"
@@ -273,7 +269,7 @@ in rec {
273 allowRegistration = false; 269 allowRegistration = false;
274 extraModules = [ "posix" 270 extraModules = [ "posix"
275 "private" 271 "private"
276 "auth_pam" 272 "auth_custom"
277 "carbons" 273 "carbons"
278 "reload_modules" 274 "reload_modules"
279 "smacks" 275 "smacks"
@@ -287,7 +283,17 @@ in rec {
287 ]; 283 ];
288 extraConfig = '' 284 extraConfig = ''
289 reload_modules = { "group", "tls" } 285 reload_modules = { "group", "tls" }
290 authentication="pam" 286 authentication="custom"
287 custom_alias_file="/etc/prosody/aliases"
288 custom_alias_secret_file="/etc/prosody/alias_secret"
289
290 Component "alias.xmpp.li"
291 Include "/etc/prosody/alias.xmpp.li.cfg.lua"
292
293 Component "muc.xmpp.li" "muc"
294 restrict_room_creation = true
295 max_history_messages = 100
296 name = "Multi-user chats"
291 297
292 Component "proxy.xmpp.li" "proxy65" 298 Component "proxy.xmpp.li" "proxy65"
293 proxy65_acl = {"xmpp.li", "yggdrasil.li", "praseodym.org", "141.li", "nights.email"}; 299 proxy65_acl = {"xmpp.li", "yggdrasil.li", "praseodym.org", "141.li", "nights.email"};
@@ -296,19 +302,7 @@ in rec {
296 virtualHosts = builtins.listToAttrs (map (name: { inherit name; value = prosodyVirtHost name; }) 302 virtualHosts = builtins.listToAttrs (map (name: { inherit name; value = prosodyVirtHost name; })
297 ["xmpp.li" "yggdrasil.li" "praseodym.org" "141.li" "nights.email"]); 303 ["xmpp.li" "yggdrasil.li" "praseodym.org" "141.li" "nights.email"]);
298 304
299 uploadHttp = { 305 xmppComplianceSuite = false;
300 domain = "upload.xmpp.li";
301 uploadFileSizeLimit = "${toString (1024 * 1024 * 1024)}";
302 userQuota = 1024 * 1024 * 1024;
303 };
304
305 muc = [
306 { domain = "muc.xmpp.li";
307 name = "Multi-User Chats";
308 restrictRoomCreation = true;
309 maxHistoryMessages = 250;
310 }
311 ];
312 }; 306 };
313 security.pam.services."xmpp".text = '' 307 security.pam.services."xmpp".text = ''
314 auth requisite pam_succeed_if.so user ingroup xmpp 308 auth requisite pam_succeed_if.so user ingroup xmpp