Use dynamic toggle for prosody

3 files changed, 15 insertions, 14 deletions

diff --git a/nixos-switch.sh b/nixos-switch.sh
index b74b8b5..2c1d10c 100755
--- a/nixos-switch.sh
+++ b/nixos-switch.sh
@@ -17,8 +17,7 @@ scp bash-profile.sh "${TLD}:.bash_profile"
 
 echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S systemctl restart pires-prod.service
 
-# shellcheck disable=2050
-if [[ true = false ]]; then
+if [[ "$PROSODY_ENABLE" = true ]]; then
 echo Ugly hack to change TLS certificates permissions
 echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S "\
 sudo chown -R nginx:prosody /var/lib/acme/;                                   \
diff --git a/secrets/secret-envrc.sh b/secrets/secret-envrc.sh
index 7ad34ca..87656dc 100644
--- a/secrets/secret-envrc.sh
+++ b/secrets/secret-envrc.sh
diff --git a/vps-configuration.env.nix b/vps-configuration.env.nix
index e25b63f..d5a7f54 100644
--- a/vps-configuration.env.nix
+++ b/vps-configuration.env.nix
@@ -37,6 +37,7 @@ let
     prosodyMUCTLD = "$PROSODY_MUC_TLD";
     prosodyPort = "$PROSODY_PORT";
     prosodyHTTPPort = "$PROSODY_HTTP_PORT";
+    prosodyEnable = $PROSODY_ENABLE;
   };
   staticSiteFromRepo = repoName:
     pkgs.stdenv.mkDerivation {
@@ -100,17 +101,18 @@ in {
     # HTTP and HTPPS: NGINX
     80
     443
-
-    # XMPP: Prosody
-    # https://prosody.im/doc/ports
-    5000
-    5222
-    5269
-    5280
-    5281
-    5347
-    5582
-  ];
+  ] ++ (if prosodyEnable then
+    [
+      # XMPP: Prosody
+      # https://prosody.im/doc/ports
+      5000
+      5222
+      5269
+      5280
+      5281
+      5347
+      5582
+    ] else []);
 
   security.acme = {
     acceptTerms = true;
@@ -274,7 +276,7 @@ in {
           "/var/lib/acme/${envsubstConfiguration.prosodyConverseTLD}/key.pem";
       };
     in {
-      enable = false;
+      enable = prosodyEnable;
       admins = [ envsubstConfiguration.prosodyAdminUser ];
       allowRegistration = false;
       modules = { websocket = true; };