pastila wip: prosody

common/configuration.nix

@@ -40,6 +40,7 @@
     git
     tig
     restic
+    dig
   ];
 
   # required when using kitty

pastila/configuration.nix

@@ -14,6 +14,7 @@ in
       ./letsencrypt.nix
       ./srv.nix
       ./weechat-relay.nix
+      ./prosody.nix
     ];
 
   # Use the GRUB 2 boot loader.
@@ -56,6 +57,7 @@ in
       (builtins.filter (port: port.proto == "udp") vars.ovenNat.forwardPorts);
 
   environment.systemPackages = with pkgs; [
+    irssi
     weechat
     transmission
     tremc

pastila/prosody.nix

@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+
+{
+  services.prosody = {
+    enable = true;
+
+    # TODO: setup a MUC to be compliant
+    xmppComplianceSuite = false;
+
+    uploadHttp = {
+      domain = "xu.isomorphis.me";
+    };
+
+    ssl = {
+      cert = config.security.acme.certs."prosody".directory + "/cert.pem";
+      key = config.security.acme.certs."prosody".directory + "/key.pem";
+    };
+
+    virtualHosts."isomorphisme" = {
+      enabled = true;
+      domain = "isomorphis.me";
+    };
+
+    admins = [ "armael@isomorphis.me" ];
+  };
+
+  security.acme.certs."prosody" = {
+    domain = "isomorphis.me";
+    extraDomainNames = [
+      "xmpp.isomorphis.me"
+      "xmppproxy.isomorphis.me"
+      "xu.isomorphis.me"
+    ];
+    group = config.services.prosody.group;
+  };
+
+}

vars.nix

@@ -8,6 +8,16 @@
       { num = 80; proto = "tcp"; }
       { num = 443; proto = "tcp"; }
       { num = 22; proto = "tcp"; }
+      # XMPP
+      { num = 5222; proto = "tcp"; }
+      { num = 5222; proto = "udp"; }
+      { num = 5269; proto = "tcp"; }
+      { num = 5269; proto = "udp"; }
+      # Prosody HTTP
+      { num = 5280; proto = "tcp"; }
+      { num = 5281; proto = "tcp"; }
+      # Prosody proxy65
+      { num = 5000; proto = "tcp"; }
     ];
   };
   onlineNetDNS = [