-- Reference snippet for the PoliticTalk VPS.
-- Apply this manually inside:
-- /etc/prosody/conf.avail/politictalk.parallelglobe.io.cfg.lua
--
-- Do not commit real app secrets. The app_id/app_secret values must match
-- POLITICTALK_JITSI_JWT_APP_ID and POLITICTALK_JITSI_JWT_APP_SECRET in PgApi.

VirtualHost "politictalk.parallelglobe.io"
    authentication = "token"
    app_id = "POLITICTALK_JITSI_JWT_APP_ID"
    app_secret = "POLITICTALK_JITSI_JWT_APP_SECRET"
    allow_empty_token = false
    enable_domain_verification = false

Component "conference.politictalk.parallelglobe.io" "muc"
    politictalk_room_inactive_callback_url = "https://api.parallelglobe.is/events/politictalk/jitsi/room-inactive"
    politictalk_room_inactive_callback_secret = "POLITICTALK_JITSI_LIFECYCLE_SECRET"

    modules_enabled = {
        -- keep the existing modules already present in the VPS file
        "token_verification";
        "politictalk_roles";
    }

-- Also set the equivalent Jicofo options so only PgApi JWT moderator
-- claims can create room moderators:
--
-- /etc/jitsi/jicofo/jicofo.conf
--
-- jicofo {
--   conference {
--     enable-auto-owner = false
--     enable-moderator-checks = true
--   }
-- }