From 2411e6eecda23e653aed377f0cc75d9e9905227c Mon Sep 17 00:00:00 2001
From: Marcel Novotny <marceln@xcroco.com>
Date: Tue, 25 Mar 2025 23:17:58 +0100
Subject: [PATCH] Added Allowners muc module to prosody and jitsi-meet

---
 .../modules/services/networking/jitsi-videobridge.nix |  1 +
 nixos/modules/services/networking/prosody.nix         | 11 +++++++++--
 nixos/modules/services/web-apps/jitsi-meet.nix        | 11 +++++++++++
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/services/networking/jitsi-videobridge.nix b/nixos/modules/services/networking/jitsi-videobridge.nix
index 3303aeb7f78c..e488b07caa4a 100644
--- a/nixos/modules/services/networking/jitsi-videobridge.nix
+++ b/nixos/modules/services/networking/jitsi-videobridge.nix
@@ -280,6 +280,7 @@ in
           User = "jitsi-videobridge";
           Group = "jitsi-meet";
 
+          AmbientCapabilities = "CAP_NET_BIND_SERVICE";
           CapabilityBoundingSet = "";
           NoNewPrivileges = true;
           ProtectSystem = "strict";
diff --git a/nixos/modules/services/networking/prosody.nix b/nixos/modules/services/networking/prosody.nix
index 9e54dfc17dfe..b181e53c6f5f 100644
--- a/nixos/modules/services/networking/prosody.nix
+++ b/nixos/modules/services/networking/prosody.nix
@@ -342,7 +342,14 @@ let
           question can be created again.
         '';
       };
-
+      allowners_muc = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          Add module allowners, any user in chat is able to
+          kick other. Usefull in jitsi-meet to kick ghosts.
+        '';
+      };
       vcard_muc = mkOption {
         type = types.bool;
         default = true;
@@ -856,7 +863,7 @@ in
 
       ${lib.concatMapStrings (muc: ''
         Component ${toLua muc.domain} "muc"
-            modules_enabled = { "muc_mam"; ${optionalString muc.vcard_muc ''"vcard_muc";'' } }
+            modules_enabled = { "muc_mam"; ${optionalString muc.vcard_muc ''"vcard_muc";'' } ${optionalString muc.allowners_muc ''"muc_allowners";'' }  }
             name = ${toLua muc.name}
             restrict_room_creation = ${toLua muc.restrictRoomCreation}
             max_history_messages = ${toLua muc.maxHistoryMessages}
diff --git a/nixos/modules/services/web-apps/jitsi-meet.nix b/nixos/modules/services/web-apps/jitsi-meet.nix
index aecddd814d9a..fa9ea8e698c6 100644
--- a/nixos/modules/services/web-apps/jitsi-meet.nix
+++ b/nixos/modules/services/web-apps/jitsi-meet.nix
@@ -187,6 +187,16 @@ in
         off if you want to configure it manually.
       '';
     };
+
+    prosody.allowners_muc = mkOption {
+      type = bool;
+      default = false;
+      description = ''
+        Add module allowners, any user in chat is able to
+        kick other. Usefull in jitsi-meet to kick ghosts.
+      '';
+    };
+
     prosody.lockdown = mkOption {
       type = bool;
       default = false;
@@ -240,6 +250,7 @@ in
         {
           domain = "conference.${cfg.hostName}";
           name = "Jitsi Meet MUC";
+          allowners_muc = cfg.prosody.allowners_muc;
           roomLocking = false;
           roomDefaultPublicJids = true;
           extraConfig = ''