From 46bb78039507e79d5e87c0f086bead8165f6fbeb Mon Sep 17 00:00:00 2001
From: Kabbone <tobias@opel-online.de>
Date: Sun, 18 Dec 2022 19:09:48 +0100
Subject: [PATCH] services: add tls for coturn

---
 modules/services/server/coturn.nix | 12 ++++++------
 modules/services/server/jitsi.nix  |  1 +
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/modules/services/server/coturn.nix b/modules/services/server/coturn.nix
index 5af37f9..e55eb8c 100644
--- a/modules/services/server/coturn.nix
+++ b/modules/services/server/coturn.nix
@@ -62,14 +62,14 @@
     group = "turnserver";
   };
   # configure synapse to point users to coturn
-  services.matrix-synapse = with config.services.coturn; {
-    turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];
-    turn_shared_secret = static-auth-secret;
-    turn_user_lifetime = "1h";
-  };
+#  services.matrix-synapse = with config.services.coturn; {
+#    turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];
+#    turn_shared_secret = static-auth-secret;
+#    turn_user_lifetime = "1h";
+#  };
 
   age.secrets."services/coturn/static-auth" = {
       file = ../../../secrets/services/coturn/static-auth.age;
       owner = "turnserver";
-  }
+  };
 }
diff --git a/modules/services/server/jitsi.nix b/modules/services/server/jitsi.nix
index af4104e..0918ae9 100644
--- a/modules/services/server/jitsi.nix
+++ b/modules/services/server/jitsi.nix
@@ -17,5 +17,6 @@
 
     services.jitsi-videobridge.openFirewall = true;
     security.acme.defaults.email = "webmaster@kabtop.de";
+    security.acme.defaults.webroot = "/var/lib/acme/acme-challenge";
     security.acme.acceptTerms = true;
 }