From 8e9a4c67784000b3d0d2c074771e79bc6f6fa5b8 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Thu, 23 Oct 2025 00:13:42 +0200
Subject: [PATCH] feat: adds `prosody`

---
 modules/services/prosody.nix | 41 ++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 modules/services/prosody.nix

diff --git a/modules/services/prosody.nix b/modules/services/prosody.nix
new file mode 100644
index 0000000..2d37eec
--- /dev/null
+++ b/modules/services/prosody.nix
@@ -0,0 +1,41 @@
+{ pkgs, config, ... }:
+{
+  services.prosody = {
+    enable = true;
+    # user = "prosody";
+    user = config.services.nginx.user;
+    modules = {
+      welcome = true;
+      websocket = true;
+      watchregistrations = true;
+    };
+    httpFileShare.domain = "uploads.liv.town";
+    admins = [ "liv@liv.town" ];
+    allowRegistration = false;
+    ssl.cert = "/var/lib/acme/liv.town/cert.pem";
+    ssl.key = "/var/lib/acme/liv.town/key.pem";
+    virtualHosts."liv.town" = {
+      enabled = true;
+      domain = "liv.town";
+      ssl.cert = "/var/lib/acme/liv.town/fullchain.pem";
+      ssl.key = "/var/lib/acme/liv.town/key.pem";
+    };
+    muc = [
+      {
+        domain = "conference.liv.town";
+      }
+    ];
+  };
+  networking.firewall.allowedTCPPorts = [
+    # File transfer proxy
+    5000
+    # Client connections
+    5222
+    # Client connections (direct TLS)
+    5223
+    # Server-to-server connections
+    5269
+    # Server-to-server connections (direct TLS)
+    5270
+  ];
+}