server-configs/machines/gerd/services/murmur.nix

{ config, lib, ... }:

{
  services.murmur = let
    certLocation = config.security.acme.certs."fricloud.dk".directory;
  in {
    enable = true;
    openFirewall = true;

    sslCert = certLocation + "/fullchain.pem";
    sslKey = certLocation + "/key.pem";
    
    environmentFile = config.age.secrets.murmur-env.path;
    password = "$MURMUR_PASSWORD";
    welcometext = "Welcome to Friclouds Mumble server!";
  };

  # set superpassword on start from secrets
  systemd.services.murmur.preStart = lib.mkAfter ''${config.services.murmur.package}/bin/mumble-server -ini /run/murmur/murmurd.ini -readsupw < ${config.age.secrets.murmur-superpassword.path}'';

  # add murmur user to domain group to access cert
  users.groups.fricloud-domain.members = [ config.users.groups.murmur.name ];

  age.secrets = {
    murmur-env.owner = config.users.users.murmur.name;
    murmur-superpassword.owner = config.users.users.murmur.name;
  };

  environment.persistence.root.directories = [
    "/var/lib/murmur"
  ];
}
gerd.murmur: removed unused argument 2024-08-11 11:39:58 +00:00			`{ config, lib, ... }:`
gerd.murmur: adds murmur server 2024-08-09 20:45:15 +00:00
			`{`
			`services.murmur = let`
gerd.murmur: removed subdomain 2024-08-10 15:49:20 +00:00			`certLocation = config.security.acme.certs."fricloud.dk".directory;`
gerd.murmur: adds murmur server 2024-08-09 20:45:15 +00:00			`in {`
			`enable = true;`
			`openFirewall = true;`

			`sslCert = certLocation + "/fullchain.pem";`
			`sslKey = certLocation + "/key.pem";`

			`environmentFile = config.age.secrets.murmur-env.path;`
			`password = "$MURMUR_PASSWORD";`
			`welcometext = "Welcome to Friclouds Mumble server!";`
			`};`

gerd.murmur: set superpassword on boot 2024-08-09 21:07:51 +00:00			`# set superpassword on start from secrets`
			`systemd.services.murmur.preStart = lib.mkAfter ''${config.services.murmur.package}/bin/mumble-server -ini /run/murmur/murmurd.ini -readsupw < ${config.age.secrets.murmur-superpassword.path}'';`

gerd.murmur: removed subdomain 2024-08-10 15:49:20 +00:00			`# add murmur user to domain group to access cert`
			`users.groups.fricloud-domain.members = [ config.users.groups.murmur.name ];`
gerd.murmur: adds murmur server 2024-08-09 20:45:15 +00:00
			`age.secrets = {`
			`murmur-env.owner = config.users.users.murmur.name;`
gerd.murmur: set superpassword on boot 2024-08-09 21:07:51 +00:00			`murmur-superpassword.owner = config.users.users.murmur.name;`
gerd.murmur: adds murmur server 2024-08-09 20:45:15 +00:00			`};`

			`environment.persistence.root.directories = [`
			`"/var/lib/murmur"`
			`];`
			`}`