1 files changed, 10 insertions, 15 deletions

diff --git a/vps-configuration.env.nix b/vps-configuration.env.nix
index d72d7f8..dad3a9c 100644
--- a/vps-configuration.env.nix
+++ b/vps-configuration.env.nix
@@ -22,7 +22,7 @@ let
     prosodyAdminUser = "$PROSODY_ADMIN_USER";
     prosodyMUCTLD = "$PROSODY_MUC_TLD";
     prosodyHTTPUploadTLD = "$PROSODY_HTTP_UPLOAD_TLD";
-    prosodyPort = "$PROSODY_PORT";
+    prosodyHTTPPort = "$PROSODY_HTTP_PORT";
   };
   boneco = pkgs.stdenv.mkDerivation {
     name = "boneco";
@@ -73,17 +73,6 @@ in {
   security.acme = {
     acceptTerms = true;
     email = envsubstConfiguration.letsencryptEmail;
-    certs = {
-      "${envsubstConfiguration.prosodyTLD}" = {
-        webroot = "/var/lib/acme/.challenges";
-        user = "prosody";
-        group = "prosody";
-        extraDomains = {
-          "${envsubstConfiguration.prosodyMUCTLD}" = null;
-          "${envsubstConfiguration.prosodyHTTPUploadTLD}" = null;
-        };
-      };
-    };
   };
 
   services = {
@@ -117,11 +106,13 @@ in {
           root = boneco;
         };
         "${envsubstConfiguration.prosodyTLD}" = {
+          forceSSL = true;
+          enableACME = true;
           locations = {
-            "/.well-known/acme-challenge" = {
-              root = "/var/lib/acme/.challenges";
+            "/" = {
+              proxyPass =
+                "http://localhost:${envsubstConfiguration.prosodyHTTPPort}/";
             };
-            "/" = { return = "301 https://${DOLLAR}host${DOLLAR}request_uri"; };
           };
         };
       };
@@ -165,6 +156,10 @@ in {
       enable = true;
       admins = [ envsubstConfiguration.prosodyAdminUser ];
       allowRegistration = true;
+      package = pkgs.prosody.override {
+        withCommunityModules = [ "http_upload" "conversejs" "bookmarks" ];
+      };
+      extraModules = [ "http_upload" "conversejs" "bookmarks" ];
       ssl = {
         cert = fullchainPEM;
         key = keyPEM;