diff options
Diffstat (limited to 'nixos/modules/services/networking/prosody.md')
-rw-r--r-- | nixos/modules/services/networking/prosody.md | 56 |
1 files changed, 30 insertions, 26 deletions
diff --git a/nixos/modules/services/networking/prosody.md b/nixos/modules/services/networking/prosody.md index 8f48b5adb280..d6eee4e29f0a 100644 --- a/nixos/modules/services/networking/prosody.md +++ b/nixos/modules/services/networking/prosody.md @@ -26,24 +26,26 @@ A good configuration to start with, including a endpoint as well as a [HTTP File Upload](https://xmpp.org/extensions/xep-0363.html) endpoint will look like this: ```nix -services.prosody = { - enable = true; - admins = [ "root@example.org" ]; - ssl.cert = "/var/lib/acme/example.org/fullchain.pem"; - ssl.key = "/var/lib/acme/example.org/key.pem"; - virtualHosts."example.org" = { - enabled = true; - domain = "example.org"; - ssl.cert = "/var/lib/acme/example.org/fullchain.pem"; - ssl.key = "/var/lib/acme/example.org/key.pem"; - }; - muc = [ { - domain = "conference.example.org"; - } ]; - uploadHttp = { - domain = "upload.example.org"; +{ + services.prosody = { + enable = true; + admins = [ "root@example.org" ]; + ssl.cert = "/var/lib/acme/example.org/fullchain.pem"; + ssl.key = "/var/lib/acme/example.org/key.pem"; + virtualHosts."example.org" = { + enabled = true; + domain = "example.org"; + ssl.cert = "/var/lib/acme/example.org/fullchain.pem"; + ssl.key = "/var/lib/acme/example.org/key.pem"; + }; + muc = [ { + domain = "conference.example.org"; + } ]; + uploadHttp = { + domain = "upload.example.org"; + }; }; -}; +} ``` ## Let's Encrypt Configuration {#module-services-prosody-letsencrypt} @@ -58,15 +60,17 @@ certificate by leveraging the ACME Provided the setup detailed in the previous section, you'll need the following acme configuration to generate a TLS certificate for the three endponits: ```nix -security.acme = { - email = "root@example.org"; - acceptTerms = true; - certs = { - "example.org" = { - webroot = "/var/www/example.org"; - email = "root@example.org"; - extraDomainNames = [ "conference.example.org" "upload.example.org" ]; +{ + security.acme = { + email = "root@example.org"; + acceptTerms = true; + certs = { + "example.org" = { + webroot = "/var/www/example.org"; + email = "root@example.org"; + extraDomainNames = [ "conference.example.org" "upload.example.org" ]; + }; }; }; -}; +} ``` |