Revert "{modules,test}/jitsi-meet: Init"

This reverts commit 8040a61b373621e3e8a3684aecbb5cbf66d895c7.

Jitsi did not work, and I think that it will need a better approach than
this (i.e., updates to the NixOS module).

1 files changed, 0 insertions, 108 deletions

diff --git a/modules/by-name/ji/jitsi-meet/module.nix b/modules/by-name/ji/jitsi-meet/module.nix
deleted file mode 100644
index d5844be..0000000
--- a/modules/by-name/ji/jitsi-meet/module.nix
+++ /dev/null
@@ -1,108 +0,0 @@
-{
-  config,
-  lib,
-  ...
-}: let
-  cfg = config.vhack.jitsi-meet;
-in {
-  options.vhack.jitsi-meet = {
-    enable = lib.mkEnableOption "jitsi-meet";
-
-    domain = lib.mkOption {
-      type = lib.types.str;
-      description = "The domain jitsi-meet should be served on.";
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    nixpkgs.config.permittedInsecurePackages = [
-      # Jitsi uses libolm for E2EE, which is no longer maintained upstream by the element
-      # team (as they switch to a rust new based crypto library.)
-      #
-      # libolm has two CVEs about timing based side-channel attacks in their crypt
-      # primitives. This is not ideal, but it has not (yet) been exploited in the wild and
-      # upstream (i.e. the matrix/element team) claims, that the CVEs are very difficult to
-      # exploit (they have been know _long_ before element switched to the rust version).
-      #
-      # Considering the lack of deployable video conferencing alternatives, the active
-      # interest in upstream to resolve this issue [1] and the fact, that we are unlikely
-      # to be attacked via a target attack, permitting this package seems viable.
-      #
-      # [1]: https://github.com/jitsi/jitsi-meet/issues/15107
-      "jitsi-meet-1.0.8043"
-    ];
-
-    services = {
-      nginx.virtualHosts.${cfg.domain} = {
-        enableACME = true;
-        forceSSL = true;
-      };
-
-      jitsi-meet = {
-        enable = true;
-        hostName = cfg.domain;
-
-        nginx.enable = true;
-
-        config = {
-          enableWelcomePage = true;
-          requireDisplayName = true;
-          analytics.disabled = true;
-
-          # Don't try to GET gravata stuff.
-          disableThirdPartyRequests = true;
-
-          # Avoids a heavy load on conference start.
-          startAudioOnly = true;
-
-          # Only transmit the last four members.
-          channelLastN = 4;
-
-          constraints.video.height = {
-            ideal = 720;
-            max = 1080;
-            min = 240;
-          };
-
-          remoteVideoMenu.disabled = false;
-          breakoutRooms.hideAddRoomButton = false;
-          maxFullResolutionParticipants = 1;
-
-          prejoinPageEnabled = true;
-          defaultLang = "sv";
-        };
-
-        interfaceConfig = {
-          GENERATE_ROOMNAMES_ON_WELCOME_PAGE = false;
-          DISABLE_PRESENCE_STATUS = true;
-
-          SHOW_CHROME_EXTENSION_BANNER = false;
-
-          # The default google play android apps comes with trackers.
-          MOBILE_DOWNLOAD_LINK_ANDROID = "https://f-droid.org/en/packages/org.jitsi.meet/";
-
-          # Don't try to promote the mobile app.
-          MOBILE_APP_PROMO = false;
-
-          SHOW_JITSI_WATERMARK = false;
-          SHOW_WATERMARK_FOR_GUESTS = false;
-        };
-
-        prosody = {
-          enable = true;
-
-          # We only use prosody for jitsi XMPP communication, and therefore can remove support
-          # for general XMPP server stuff.
-          lockdown = true;
-        };
-      };
-
-      jitsi-videobridge = {
-        openFirewall = true;
-        config.videobridge = {
-          cc.assumed-bandwidth-limit = "1000 Mbps";
-        };
-      };
-    };
-  };
-}