From 2e5167de1560ad0d7b8e294c72e1913f694160c2 Mon Sep 17 00:00:00 2001
From: lassulus <git@lassul.us>
Date: Thu, 7 Sep 2023 12:26:31 +0200
Subject: lass: migrate away

---
 lass/2configs/services/coms/default.nix |  6 -----
 lass/2configs/services/coms/jitsi.nix   | 43 ------------------------------
 lass/2configs/services/coms/murmur.nix  | 47 ---------------------------------
 lass/2configs/services/coms/proxy.nix   | 41 ----------------------------
 4 files changed, 137 deletions(-)
 delete mode 100644 lass/2configs/services/coms/default.nix
 delete mode 100644 lass/2configs/services/coms/jitsi.nix
 delete mode 100644 lass/2configs/services/coms/murmur.nix
 delete mode 100644 lass/2configs/services/coms/proxy.nix

(limited to 'lass/2configs/services/coms')

diff --git a/lass/2configs/services/coms/default.nix b/lass/2configs/services/coms/default.nix
deleted file mode 100644
index 4bc5f744..00000000
--- a/lass/2configs/services/coms/default.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-  imports = [
-    ./jitsi.nix
-    ./murmur.nix
-  ];
-}
diff --git a/lass/2configs/services/coms/jitsi.nix b/lass/2configs/services/coms/jitsi.nix
deleted file mode 100644
index bbcb3616..00000000
--- a/lass/2configs/services/coms/jitsi.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-
-  services.jitsi-meet = {
-    enable = true;
-    hostName = "jitsi.lassul.us";
-    config = {
-      enableWelcomePage = true;
-      requireDisplayName = true;
-      analytics.disabled = true;
-      startAudioOnly = true;
-      channelLastN = 4;
-      stunServers = [
-        # - https://www.kuketz-blog.de/jitsi-meet-server-einstellungen-fuer-einen-datenschutzfreundlichen-betrieb/
-        { urls = "turn:turn.matrix.org:3478?transport=udp"; }
-        { urls = "turn:turn.matrix.org:3478?transport=tcp"; }
-        # - services.coturn:
-        #{ urls = "turn:turn.${domainName}:3479?transport=udp"; }
-        #{ urls = "turn:turn.${domainName}:3479?transport=tcp"; }
-      ];
-      constraints.video.height = {
-        ideal = 720;
-        max = 1080;
-        min = 240;
-      };
-    };
-    interfaceConfig = {
-      SHOW_JITSI_WATERMARK = false;
-      SHOW_WATERMARK_FOR_GUESTS = false;
-      DISABLE_PRESENCE_STATUS = true;
-      GENERATE_ROOMNAMES_ON_WELCOME_PAGE = false;
-    };
-  };
-
-  services.jitsi-videobridge.config = {
-    org.jitsi.videobridge.TRUST_BWE = false;
-  };
-
-  krebs.iptables.tables.filter.INPUT.rules = [
-    { predicate = "-p tcp --dport 4443"; target = "ACCEPT"; }
-    { predicate = "-p udp --dport 10000"; target = "ACCEPT"; }
-  ];
-}
diff --git a/lass/2configs/services/coms/murmur.nix b/lass/2configs/services/coms/murmur.nix
deleted file mode 100644
index 40c53da3..00000000
--- a/lass/2configs/services/coms/murmur.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-  services.murmur = {
-    enable = true;
-    # allowHtml = false;
-    bandwidth = 10000000;
-    registerName = "lassul.us";
-    autobanTime = 30;
-    sslCert = "/var/lib/acme/lassul.us/cert.pem";
-    sslKey = "/var/lib/acme/lassul.us/key.pem";
-    extraConfig = ''
-      opusthreshold=0
-      # rememberchannelduration=10000
-    '';
-  };
-  krebs.iptables.tables.filter.INPUT.rules = [
-    { predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
-    { predicate = "-p udp --dport 64738"; target = "ACCEPT";}
-  ];
-
-  # services.botamusique = {
-  #   enable = true;
-  #   settings = {
-  #     server.host = "lassul.us";
-  #     bot.auto_check_updates = false;
-  #     bot.max_track_duration = 360;
-  #     webinterface.enabled = true;
-  #   };
-  # };
-
-  services.nginx.virtualHosts."lassul.us" = {
-    enableACME = true;
-  };
-  security.acme.certs."lassul.us" = {
-    group = "lasscert";
-  };
-  users.groups.lasscert.members = [
-    "nginx"
-    "murmur"
-  ];
-
-  # services.nginx.virtualHosts."bota.r" = {
-  #   locations."/" = {
-  #     proxyPass = "http://localhost:8181";
-  #   };
-  # };
-}
diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix
deleted file mode 100644
index fd7b36ca..00000000
--- a/lass/2configs/services/coms/proxy.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
-  tcpports = [
-    4443 # jitsi
-    64738 # murmur
-  ];
-  udpports = [
-    10000 # jitsi
-    64738 # murmur
-  ];
-  target = "orange.r";
-in
-{
-  networking.firewall.allowedTCPPorts = tcpports;
-  networking.firewall.allowedUDPPorts = udpports;
-  services.nginx.streamConfig = ''
-    ${lib.concatMapStringsSep "\n" (port: ''
-      server {
-        listen [::]:${toString port};
-        listen ${toString port};
-        proxy_pass ${target}:${toString port};
-      }
-    '') tcpports}
-  '';
-
-  krebs.iptables.tables.nat.PREROUTING.rules = lib.flatten (map (port: [
-    { predicate = "-p udp --dport ${toString port}"; target = "DNAT --to-destination ${config.krebs.hosts.orange.nets.retiolum.ip4.addr}:${toString port}"; v6 = false; }
-    { predicate = "-p udp --dport ${toString port}"; target = "DNAT --to-destination [${config.krebs.hosts.orange.nets.retiolum.ip6.addr}]:${toString port}"; v4 = false; }
-  ]) udpports);
-
-  services.nginx.virtualHosts."jitsi.lassul.us" = {
-    enableACME = true;
-    acmeFallbackHost = "${target}";
-    addSSL = true;
-    locations."/" = {
-      recommendedProxySettings = true;
-      proxyWebsockets = true;
-      proxyPass = "https://${target}";
-    };
-  };
-}
-- 
cgit v1.2.3