From cfb471a9ce83992f03df5c77ae769fdc2a8cb67e Mon Sep 17 00:00:00 2001
From: nhnn <nhnn@nhnn.dev>
Date: Fri, 16 May 2025 12:25:12 +0300
Subject: [PATCH] fix: remove E2E support in jitsi

---
 sp-modules/jitsi-meet/module.nix | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/sp-modules/jitsi-meet/module.nix b/sp-modules/jitsi-meet/module.nix
index 87cf429..96c3ff6 100644
--- a/sp-modules/jitsi-meet/module.nix
+++ b/sp-modules/jitsi-meet/module.nix
@@ -39,9 +39,15 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    nixpkgs.config.permittedInsecurePackages = [
-      "jitsi-meet-1.0.7952"
+    nixpkgs.overlays = [
+      (_: prev: {
+        # We disable E2E for clients below
+        jitsi-meet = prev.jitsi-meet.overrideAttrs (old: {
+          meta = old.meta // { knownVulnerabilities = [ ]; };
+        });
+      })
     ];
+
     services.jitsi-meet = {
       enable = true;
       hostName = "${cfg.subdomain}.${domain}";
@@ -55,6 +61,7 @@ in
         prejoinConfig = {
           enabled = true;
         };
+        e2ee.disabled = true; # libolm is vulnerable and E2E is generally broken.
       };
     };
     services.prosody.extraConfig = ''