diff options
Diffstat (limited to 'flora/services/murmur.nix')
| -rw-r--r-- | flora/services/murmur.nix | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/flora/services/murmur.nix b/flora/services/murmur.nix new file mode 100644 index 0000000..0b92816 --- /dev/null +++ b/flora/services/murmur.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, ... }: + +{ + services.murmur = { + enable = true; + logDays = -1; + welcometext = ""; + sslKey = "/var/lib/acme/meow.noms.ing/key.pem"; + sslCert = "/var/lib/acme/meow.noms.ing/fullchain.pem"; + bandwidth = 128000; + }; + + # the mumble cert has its own group so that both nginx and murmur can read it + users.groups.mumblecert = { }; + security.acme.certs."meow.noms.ing" = { + group = "mumblecert"; + reloadServices = [ "murmur" ]; + }; + users.users.nginx.extraGroups = [ "mumblecert" ]; + users.users.murmur.extraGroups = [ "mumblecert" ]; + + networking.firewall.allowedTCPPorts = [ config.services.murmur.port ]; + networking.firewall.allowedUDPPorts = [ config.services.murmur.port ]; +} |