nixos/jitsi-meet: allow to customize jitsi auth

This allows to set different prosody auth providers for jitsi, like PAM authentication
2023-12-28 17:54:28 +01:00 · 2023-12-28 17:54:28 +01:00 · f553bdbb07
parent e2b40f6834
commit f553bdbb07
1 changed files with 9 additions and 2 deletions
--- a/nixos/modules/services/web-apps/jitsi-meet.nix
+++ b/nixos/modules/services/web-apps/jitsi-meet.nix
@ -188,7 +188,14 @@ in
      description = lib.mdDoc ''The port which the Excalidraw backend for Jitsi should listen to.'';
    };

-    secureDomain.enable = mkEnableOption (lib.mdDoc "Authenticated room creation");
+    secureDomain = {
+      enable = mkEnableOption (lib.mdDoc "Authenticated room creation");
+      authentication = mkOption {
+        type = types.str;
+        default = "internal_hashed";
+        description = lib.mdDoc ''The authentication type to be used by jitsi'';
+      };
+    };
  };

  config = mkIf cfg.enable {
@ -309,7 +316,7 @@ in
        enabled = true;
        domain = cfg.hostName;
        extraConfig = ''
-          authentication = ${if cfg.secureDomain.enable then "\"internal_hashed\"" else "\"jitsi-anonymous\""}
+          authentication = ${if cfg.secureDomain.enable then "\"${cfg.secureDomain.authentication}\"" else "\"jitsi-anonymous\""}
          c2s_require_encryption = false
          admins = { "focus@auth.${cfg.hostName}" }
          smacks_max_unacked_stanzas = 5