From 598308b3763c41ccc0d5263420238ac88e1f8db3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Victor=20I=C8=99an?= <victor@isan.ro>
Date: Wed, 1 Apr 2026 13:59:08 +0200
Subject: [PATCH] containers: added jitsi

---
 hosts/isengard.nix               |  1 +
 modules/containers/jitsi.nix     | 78 ++++++++++++++++++++++++++++++++
 modules/containers/nextcloud.nix |  4 +-
 3 files changed, 81 insertions(+), 2 deletions(-)
 create mode 100644 modules/containers/jitsi.nix

diff --git a/hosts/isengard.nix b/hosts/isengard.nix
index fee4d23..c07a8cd 100644
--- a/hosts/isengard.nix
+++ b/hosts/isengard.nix
@@ -18,6 +18,7 @@
         ../modules/containers/nextcloud.nix
         ../modules/containers/actualbudget.nix
         ../modules/containers/ai.nix
+        ../modules/containers/jitsi.nix
 
     ];
     # Disks
diff --git a/modules/containers/jitsi.nix b/modules/containers/jitsi.nix
new file mode 100644
index 0000000..e4f5915
--- /dev/null
+++ b/modules/containers/jitsi.nix
@@ -0,0 +1,78 @@
+{ config, pkgs, ... }:
+
+let
+  workDir = "/srv/containers/jitsi";
+in
+{
+  # --- directories ---
+  systemd.tmpfiles.rules = [
+    "d ${workDir}/web 2775 root admin -"
+    "d ${workDir}/prosody 2775 root admin -"
+    "d ${workDir}/jicofo 2775 root admin -"
+    "d ${workDir}/jvb 2775 root admin -"
+  ];
+
+  # --- containers ---
+  virtualisation.oci-containers.containers = {
+
+    jitsi-web = {
+      image = "docker.io/jitsi/web:stable";
+      autoStart = true;
+
+      ports = [
+        "0.0.0.0:10006:80"
+      ];
+
+      environmentFiles = [
+        config.age.secrets.jitsi-env.path
+      ];
+
+      volumes = [
+        "${workDir}/web:/config"
+      ];
+    };
+
+    jitsi-prosody = {
+      image = "docker.io/jitsi/prosody:stable";
+      autoStart = true;
+
+      environmentFiles = [
+        config.age.secrets.jitsi-env.path
+      ];
+
+      volumes = [
+        "${workDir}/prosody:/config"
+      ];
+    };
+
+    jitsi-jicofo = {
+      image = "docker.io/jitsi/jicofo:stable";
+      autoStart = true;
+
+      environmentFiles = [
+        config.age.secrets.jitsi-env.path
+      ];
+
+      volumes = [
+        "${workDir}/jicofo:/config"
+      ];
+    };
+
+    jitsi-jvb = {
+      image = "docker.io/jitsi/jvb:stable";
+      autoStart = true;
+
+      ports = [
+        "10000:10000/udp"  # ONLY exposed media port
+      ];
+
+      environmentFiles = [
+        config.age.secrets.jitsi-env.path
+      ];
+
+      volumes = [
+        "${workDir}/jvb:/config"
+      ];
+    };
+  };
+}
\ No newline at end of file
diff --git a/modules/containers/nextcloud.nix b/modules/containers/nextcloud.nix
index 0707522..c220f14 100644
--- a/modules/containers/nextcloud.nix
+++ b/modules/containers/nextcloud.nix
@@ -5,14 +5,14 @@ let
 in
 {
     systemd.tmpfiles.rules = [
-        "d ${workDir}/html 2700 999 999"
+        "d ${workDir}/html 2700 33 33"
         "d ${workDir}/db 2700 999 999"
     ];
 
     virtualisation.oci-containers.containers = {
         nextcloud = {
             autoStart = true;
-            image = "nextcloud:31-apache";
+            image = "nextcloud:32";
 
             ports = [
                 "0.0.0.0:10003:80"