Fix insecure issue

clients/quadraticserver/element-call.nix

@@ -7,7 +7,7 @@
     lk-jwt-service = {
       enable = true;
       livekit = {
-        url = "ws://livekit.henryhiles.com/sfu";
+        url = "wss://call.henryhiles.com/livekit/sfu";
         keyFile = config.age.secrets."livekitKeys.age".path;
       };
     };
@@ -17,9 +17,9 @@
       keyFile = config.age.secrets."livekitKeys.age".path;
     };
 
-    caddy.virtualHosts = {
+    caddy.virtualHosts."call.henryhiles.com".extraConfig = ''
-      "call.henryhiles.com".extraConfig = ''
       root * ${pkgs.element-call}
+      route {
       	respond /config.json `${builtins.toJSON {
         default_server_config = {
           "m.homeserver" = {
@@ -27,19 +27,21 @@
             "server_name" = "henryhiles.com";
           };
         };
-          livekit.livekit_service_url = "https://livekit.henryhiles.com";
+        livekit.livekit_service_url = "https://call.henryhiles.com/livekit";
       }}` 200
 
-        try_files {path} {path}/ /index.html
+      	handle /livekit/sfu/get {
-        file_server
+      	  uri strip_prefix /livekit
-      '';
-      "livekit.henryhiles.com".extraConfig = ''
-        handle_path /sfu/get {
       	  reverse_proxy 127.0.0.1:8080
       	}
 
+      	handle_path /livekit/sfu* {
       	  reverse_proxy 127.0.0.1:7880
+      	}
+
+      	try_files {path} {path}/ /index.html
+      	file_server
+      }
     '';
   };
-  };
 }

modules/common/services/lk-jwt-service.nix

@@ -14,7 +14,7 @@ in {
     livekit = {
       url = lib.mkOption {
         type = lib.types.str;
-        description = "The URL that livekit runs on, prefixed with `ws://`.";
+        description = "The URL that livekit runs on, prefixed with `ws://` or `wss://` (recommended).";
       };
 
       keyFile = lib.mkOption {