From ba1695c6425af59c46f61034274b7a3881cdcb8b Mon Sep 17 00:00:00 2001
From: Inex Code <inex.code@selfprivacy.org>
Date: Fri, 9 Jun 2023 14:06:22 +0300
Subject: [PATCH 1/3] fix(jitsi): Use the common TLS cert

---
 letsencrypt/acme.nix | 6 ------
 webserver/nginx.nix  | 5 +++++
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/letsencrypt/acme.nix b/letsencrypt/acme.nix
index fd8b3e4..3321b48 100644
--- a/letsencrypt/acme.nix
+++ b/letsencrypt/acme.nix
@@ -20,12 +20,6 @@ in
         dnsProvider = lib.strings.toLower cfg.dns.provider;
         credentialsFile = "/var/lib/cloudflare/Credentials.ini";
       };
-      "meet.${cfg.domain}" = {
-        domain = "meet.${cfg.domain}";
-        group = "acmerecievers";
-        dnsProvider = lib.strings.toLower cfg.dns.provider;
-        credentialsFile = "/var/lib/cloudflare/Credentials.ini";
-      };
     };
   };
 }
diff --git a/webserver/nginx.nix b/webserver/nginx.nix
index dda81fb..adb82ac 100644
--- a/webserver/nginx.nix
+++ b/webserver/nginx.nix
@@ -151,6 +151,11 @@ in
           };
         };
       };
+      "meet.${domain}" = {
+        sslCertificate = "/var/lib/acme/${domain}/fullchain.pem";
+        sslCertificateKey = "/var/lib/acme/${domain}/key.pem";
+        forceSSL = true;
+      };
     };
   };
 }

From dd020c3a7d5597ff150e015a64f592eddd167aa9 Mon Sep 17 00:00:00 2001
From: Inex Code <inex.code@selfprivacy.org>
Date: Fri, 9 Jun 2023 15:57:19 +0300
Subject: [PATCH 2/3] fix(acme): Disable DNS propagation check

---
 letsencrypt/acme.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/letsencrypt/acme.nix b/letsencrypt/acme.nix
index 3321b48..12f2df7 100644
--- a/letsencrypt/acme.nix
+++ b/letsencrypt/acme.nix
@@ -11,6 +11,7 @@ in
     defaults = {
       email = "${cfg.username}@${cfg.domain}";
       server = if cfg.dns.useStagingACME then "https://acme-staging-v02.api.letsencrypt.org/directory" else "https://acme-v02.api.letsencrypt.org/directory";
+      dnsPropagationCheck = false;
     };
     certs = lib.mkForce {
       "${cfg.domain}" = {

From 74d35b16f28558a43ee994560228fb5de744daf0 Mon Sep 17 00:00:00 2001
From: Inex Code <inex.code@selfprivacy.org>
Date: Fri, 9 Jun 2023 15:59:15 +0300
Subject: [PATCH 3/3] fix(jitsi): disable gettings tls certs

---
 webserver/nginx.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/webserver/nginx.nix b/webserver/nginx.nix
index adb82ac..cb7fdf5 100644
--- a/webserver/nginx.nix
+++ b/webserver/nginx.nix
@@ -155,6 +155,8 @@ in
         sslCertificate = "/var/lib/acme/${domain}/fullchain.pem";
         sslCertificateKey = "/var/lib/acme/${domain}/key.pem";
         forceSSL = true;
+        useACMEHost = domain;
+        enableACME = false;
       };
     };
   };