gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixes to fusionpbx module

Browse source
This commit is contained in:
kat witch 2021-08-15 17:32:42 +01:00
parent a74450a8de
commit 1aea979f18
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
1 changed files with 22 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

35
depot/modules/nixos/fusionpbx.nix
View file

@ -157,12 +157,6 @@ in {
ensureUsers = [
{
name = "fusionpbx";
ensurePermissions = {
"DATABASE fusionpbx" = "ALL PRIVILEGES";
};
}
{
name = "freeswitch";
ensurePermissions = {
"DATABASE fusionpbx" = "ALL PRIVILEGES";
"DATABASE freeswitch" = "ALL PRIVILEGES";
@ -173,11 +167,24 @@ in {
};
# ACME
security.acme.certs = mkIf cfg.useWebrootACME {
${cfg.domain} = {
group = "fusionpbx";
};
};
security.acme.certs = mkMerge [
(mkIf cfg.useWebrootACME {
${cfg.domain} = {
group = "fusionpbx";
};
})
(mkIf (cfg.useACMEHost != null) {
${cfg.useACMEHost} = {
postRun = ''
cat {cert,key,chain}.pem >> all.pem
ln -s all.pem agent.pem
ln -s all.pem dlts-srtp.pem
ln -s all.pem tls.pem
ln -s all.pem wss.pem
'';
};
})
];
# NGINX
services.nginx = {
@ -320,6 +327,8 @@ in {
# FreeSWITCH
systemd.tmpfiles.rules = [
"v /etc/freeswitch 5777 fusionpbx fusionpbx"
"v /etc/fusionpbx 5777 fusionpbx fusionpbx"
"v /var/cache/fusionpbx 5777 fusionpbx fusionpbx"
];
systemd.services.freeswitch = let
@ -390,7 +399,7 @@ in {
network.firewall = mkIf cfg.openFirewall {
public = {
tcp = {
ports = [ 5060 5160 ];
ports = [ 5060 5061 ];
ranges = [
{
from = 10000;
@ -399,7 +408,7 @@ in {
];
};
udp = {
ports = [ 5060 5160 ];
ports = [ 5060 5061 ];
ranges = [
{
from = 10000;