From c4f7c694ea43c7007ad6a913d068c85264963edd Mon Sep 17 00:00:00 2001
From: Alyssa Ross <hi@alyssa.is>
Date: Wed, 15 Apr 2020 14:47:38 +0000
Subject: modules/xmpp: init

---
 modules/server/xmpp/default.nix | 23 +++++++++++++++++++++++
 sys/atuin.nix                   |  1 +
 2 files changed, 24 insertions(+)
 create mode 100644 modules/server/xmpp/default.nix

diff --git a/modules/server/xmpp/default.nix b/modules/server/xmpp/default.nix
new file mode 100644
index 000000000000..9be174cc7edd
--- /dev/null
+++ b/modules/server/xmpp/default.nix
@@ -0,0 +1,23 @@
+{ pkgs, ... }:
+
+{
+  networking.firewall.allowedTCPPorts = [ 5222 5269 ];
+
+  services.prosody.enable = true;
+  services.prosody.modules.http_files = true;
+  services.prosody.modules.mam = true;
+  services.prosody.s2sSecureAuth = true;
+  services.prosody.package = pkgs.prosody.override {
+    withCommunityModules = [ "http_upload" "smacks" "csi" "cloud_notify" ];
+  };
+  services.prosody.ssl.key = "/var/lib/acme/qyliss.net/key.pem";
+  services.prosody.ssl.cert = "/var/lib/acme/qyliss.net/fullchain.pem";
+  services.prosody.virtualHosts."qyliss.net" = {
+    domain = "qyliss.net";
+    enabled = true;
+    ssl.key = "/var/lib/acme/qyliss.net/key.pem";
+    ssl.cert = "/var/lib/acme/qyliss.net/fullchain.pem";
+  };
+
+  users.users.prosody.extraGroups = [ "tls" ];
+}
diff --git a/sys/atuin.nix b/sys/atuin.nix
index e8c8647b27e8..393b743dce82 100644
--- a/sys/atuin.nix
+++ b/sys/atuin.nix
@@ -7,6 +7,7 @@
     ../modules/server/irc
     ../modules/server/nginx
     ../modules/server/tor
+    ../modules/server/xmpp
     ../modules/users
   ];
 
-- 
cgit 1.4.1