enforce new flake schema. formatting.

2026-05-31 18:50:41 +02:00 · 2026-05-31 18:50:41 +02:00 · ecf5132cbb
commit ecf5132cbb
parent 4b0a90e00d
121 changed files with 1606 additions and 1554 deletions
--- a/modules/nixos/matrix-synapse/livekit.nix
+++ b/modules/nixos/matrix-synapse/livekit.nix
@ -6,51 +6,53 @@

 let
  cfg = config.services.matrix-synapse;
-  domain = config.networking.domain;
+  inherit (config.networking) domain;

  inherit (lib) mkIf mkDefault;
 in
 {
  config = mkIf cfg.enable {
-    services.livekit = {
-      enable = true;
-      settings.port = mkDefault 7880;
-      settings.room.auto_create = mkDefault false;
-      openFirewall = mkDefault true;
-      keyFile = mkIf cfg.sops config.sops.templates."livekit/key".path;
-    };
+    services = {
+      livekit = {
+        enable = true;
+        settings.port = mkDefault 7880;
+        settings.room.auto_create = mkDefault false;
+        openFirewall = mkDefault true;
+        keyFile = mkIf cfg.sops config.sops.templates."livekit/key".path;
+      };

-    services.lk-jwt-service = {
-      enable = true;
-      port = mkDefault 8080;
-      livekitUrl = "wss://${domain}/livekit/sfu";
-      keyFile = mkIf cfg.sops config.sops.templates."livekit/key".path;
-    };
+      lk-jwt-service = {
+        enable = true;
+        port = mkDefault 8080;
+        livekitUrl = "wss://${domain}/livekit/sfu";
+        keyFile = mkIf cfg.sops config.sops.templates."livekit/key".path;
+      };

-    systemd.services.lk-jwt-service.environment.LIVEKIT_FULL_ACCESS_HOMESERVERS = domain;
-
-    services.nginx.virtualHosts = {
-      "${domain}".locations = {
-        "^~ /livekit/jwt/" = {
-          priority = 400;
-          proxyPass = "http://127.0.0.1:${toString config.services.lk-jwt-service.port}/";
-        };
-        "^~ /livekit/sfu/" = {
-          priority = 400;
-          proxyPass = "http://127.0.0.1:${toString config.services.livekit.settings.port}/";
-          proxyWebsockets = true;
-          extraConfig = ''
-            proxy_send_timeout 120;
-            proxy_read_timeout 120;
-            proxy_buffering off;
-            proxy_set_header Accept-Encoding gzip;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "upgrade";
-          '';
+      nginx.virtualHosts = {
+        "${domain}".locations = {
+          "^~ /livekit/jwt/" = {
+            priority = 400;
+            proxyPass = "http://127.0.0.1:${toString config.services.lk-jwt-service.port}/";
+          };
+          "^~ /livekit/sfu/" = {
+            priority = 400;
+            proxyPass = "http://127.0.0.1:${toString config.services.livekit.settings.port}/";
+            proxyWebsockets = true;
+            extraConfig = ''
+              proxy_send_timeout 120;
+              proxy_read_timeout 120;
+              proxy_buffering off;
+              proxy_set_header Accept-Encoding gzip;
+              proxy_set_header Upgrade $http_upgrade;
+              proxy_set_header Connection "upgrade";
+            '';
+          };
        };
      };
    };

+    systemd.services.lk-jwt-service.environment.LIVEKIT_FULL_ACCESS_HOMESERVERS = domain;
+
    sops = mkIf cfg.sops {
      secrets."livekit/key" = { };
      templates."livekit/key".content = ''