From f553bdbb07743d06c73c68bee31db4520ab0c435 Mon Sep 17 00:00:00 2001
From: traxys <quentin+dev@familleboyer.net>
Date: Thu, 28 Dec 2023 17:54:28 +0100
Subject: [PATCH] nixos/jitsi-meet: allow to customize jitsi auth

This allows to set different prosody auth providers for jitsi, like PAM
authentication
---
 nixos/modules/services/web-apps/jitsi-meet.nix | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/services/web-apps/jitsi-meet.nix b/nixos/modules/services/web-apps/jitsi-meet.nix
index c4505534d635..f907aa68f55e 100644
--- a/nixos/modules/services/web-apps/jitsi-meet.nix
+++ b/nixos/modules/services/web-apps/jitsi-meet.nix
@@ -188,7 +188,14 @@ in
       description = lib.mdDoc ''The port which the Excalidraw backend for Jitsi should listen to.'';
     };
 
-    secureDomain.enable = mkEnableOption (lib.mdDoc "Authenticated room creation");
+    secureDomain = {
+      enable = mkEnableOption (lib.mdDoc "Authenticated room creation");
+      authentication = mkOption {
+        type = types.str;
+        default = "internal_hashed";
+        description = lib.mdDoc ''The authentication type to be used by jitsi'';
+      };
+    };
   };
 
   config = mkIf cfg.enable {
@@ -309,7 +316,7 @@ in
         enabled = true;
         domain = cfg.hostName;
         extraConfig = ''
-          authentication = ${if cfg.secureDomain.enable then "\"internal_hashed\"" else "\"jitsi-anonymous\""}
+          authentication = ${if cfg.secureDomain.enable then "\"${cfg.secureDomain.authentication}\"" else "\"jitsi-anonymous\""}
           c2s_require_encryption = false
           admins = { "focus@auth.${cfg.hostName}" }
           smacks_max_unacked_stanzas = 5