Remove calls from matrix for now.

configuration.nix

@@ -10,7 +10,6 @@
     ./modules/hardware.nix
     ./modules/services.nix
     ./modules/proxy.nix
-    ./modules/matrix.nix
     ./modules/fail2ban.nix
   ];
 

modules/matrix.nix

@@ -1,89 +0,0 @@
-{ pkgs, ... }:
-
-let
-  livekitKeyFile = "/var/lib/livekit/livekit.key";
-  serverName = "atri.dad";
-  matrixRtcDomain = "matrixrtc.atri.dad";
-in
-{
-  services.livekit = {
-    enable = true;
-    openFirewall = true;
-    settings = {
-      port = 7880;
-      rtc = {
-        port_range_start = 50000;
-        port_range_end = 60000;
-        tcp_port = 7881;
-        use_external_ip = true;
-        allow_tcp_fallback = true;
-      };
-      room.auto_create = true;
-      turn = {
-        enabled = true;
-        domain = matrixRtcDomain;
-        tls_port = 5349;
-        udp_port = 3478;
-        relay_range_start = 50000;
-        relay_range_end = 60000;
-        cert_file = "/run/credentials/livekit.service/turn-cert";
-        key_file = "/run/credentials/livekit.service/turn-key";
-      };
-    };
-    keyFile = livekitKeyFile;
-  };
-
-  services.lk-jwt-service = {
-    enable = true;
-    livekitUrl = "wss://${matrixRtcDomain}";
-    keyFile = livekitKeyFile;
-  };
-
-  systemd.services.lk-jwt-service.environment.LIVEKIT_FULL_ACCESS_HOMESERVERS = serverName;
-
-  systemd.services.livekit.serviceConfig.LoadCredential = [
-    "turn-cert:/var/lib/acme/${matrixRtcDomain}/fullchain.pem"
-    "turn-key:/var/lib/acme/${matrixRtcDomain}/key.pem"
-  ];
-  systemd.services.livekit.after = [ "acme-${matrixRtcDomain}.service" ];
-  systemd.services.livekit.requires = [ "acme-${matrixRtcDomain}.service" ];
-
-  systemd.services.livekit-key = {
-    before = [
-      "lk-jwt-service.service"
-      "livekit.service"
-    ];
-    wantedBy = [ "multi-user.target" ];
-    path = with pkgs; [
-      livekit
-      coreutils
-      gawk
-    ];
-    script = ''
-      echo "Key missing, generating key"
-      install -d -m 0700 "$(dirname "${livekitKeyFile}")"
-      install -m 0600 /dev/null "${livekitKeyFile}"
-      echo "lk-jwt-service: $(livekit-server generate-keys | tail -1 | awk '{print $3}')" > "${livekitKeyFile}"
-    '';
-    serviceConfig = {
-      Type = "oneshot";
-      UMask = "0177";
-    };
-    unitConfig.ConditionPathExists = "!${livekitKeyFile}";
-  };
-
-  networking.firewall = {
-    allowedTCPPorts = [
-      7880
-      7881
-      5349
-    ];
-    allowedUDPPorts = [ 3478 ];
-    allowedUDPPortRanges = [
-      {
-        from = 50000;
-        to = 60000;
-      }
-    ];
-  };
-}

modules/proxy.nix

@@ -1,5 +1,4 @@
 {
-  config,
   lib,
   pkgs,
   ...
@@ -10,7 +9,6 @@ let
   atashDotDev = "atash.dev";
 
   matrixDomain = "matrix.${atriDotDad}";
-  matrixRtcDomain = "matrixrtc.${atriDotDad}";
 
   upstream = "lloyd.tadpole-pain.ts.net";
   streamPorts = [
@@ -162,33 +160,10 @@ in
           max_size 1GB
         }
 
-        handle_path /livekit/jwt/* {
-          @allowed path /sfu/get /get_token /healthz
-          handle @allowed {
-            reverse_proxy http://[::1]:${toString config.services.lk-jwt-service.port}
-          }
-          handle {
-            respond 404
-          }
-        }
-
         handle {
           reverse_proxy http://${upstream}:30394
         }
       }
-
-      ${matrixRtcDomain} {
-        handle /.well-known/acme-challenge/* {
-          root * /var/lib/acme/acme-challenge
-          file_server
-        }
-
-        handle {
-          reverse_proxy http://[::1]:${toString config.services.livekit.settings.port} {
-            flush_interval -1
-          }
-        }
-      }
     '';
   };
 
@@ -205,13 +180,4 @@ in
     ++ streamPorts;
     allowedUDPPorts = streamPorts;
   };
-
-  security.acme = {
-    acceptTerms = true;
-    defaults.email = "me@${atriDotDad}";
-
-    certs."${matrixRtcDomain}" = {
-      webroot = "/var/lib/acme/acme-challenge";
-    };
-  };
 }