2023-08-25 18:25:34 +08:00
|
|
|
inputs:
|
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
options.nixos.services.misskey.instances = let inherit (inputs.lib) mkOption types; in mkOption
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
type = types.attrsOf (types.submodule { options =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
autoStart = mkOption { type = types.bool; default = true; };
|
|
|
|
port = mkOption { type = types.ints.unsigned; default = 9726; };
|
|
|
|
redis.port = mkOption { type = types.ints.unsigned; default = 3545; };
|
2023-11-12 17:29:40 +08:00
|
|
|
hostname = mkOption { type = types.nonEmptyStr; default = "misskey.chn.moe"; };
|
2024-04-18 21:46:41 +08:00
|
|
|
meilisearch =
|
|
|
|
{
|
2024-04-18 21:50:22 +08:00
|
|
|
enable = mkOption { type = types.bool; default = false; };
|
2024-04-18 21:46:41 +08:00
|
|
|
port = mkOption { type = types.ints.unsigned; default = 7700; };
|
|
|
|
};
|
2023-10-03 20:11:43 +08:00
|
|
|
};});
|
|
|
|
default = {};
|
2023-09-01 21:05:26 +08:00
|
|
|
};
|
|
|
|
config =
|
|
|
|
let
|
2023-10-03 20:11:43 +08:00
|
|
|
inherit (inputs.config.nixos.services) misskey;
|
|
|
|
inherit (inputs.localLib) attrsToList;
|
2023-10-08 10:53:28 +08:00
|
|
|
inherit (inputs.lib) mkMerge mkIf;
|
2023-10-03 19:00:33 +08:00
|
|
|
inherit (builtins) map listToAttrs toString replaceStrings filter;
|
2023-10-03 20:11:43 +08:00
|
|
|
in
|
|
|
|
{
|
|
|
|
systemd = mkMerge (map
|
|
|
|
(instance:
|
|
|
|
{
|
|
|
|
services."misskey-${instance.name}" = rec
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
enable = instance.value.autoStart;
|
|
|
|
description = "misskey ${instance.name}";
|
2024-04-18 21:46:41 +08:00
|
|
|
after = [ "network.target" "redis-misskey-${instance.name}.service" "postgresql.service" ]
|
|
|
|
++ (if instance.value.meilisearch.enable then [ "meilisearch-misskey-${instance.name}.service" ]
|
|
|
|
else []);
|
2023-10-03 20:11:43 +08:00
|
|
|
requires = after;
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
environment.MISSKEY_CONFIG_YML = inputs.config.sops.templates."misskey/${instance.name}.yml".path;
|
|
|
|
serviceConfig = rec
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
User = inputs.config.users.users."misskey-${instance.name}".name;
|
|
|
|
Group = inputs.config.users.users."misskey-${instance.name}".group;
|
|
|
|
WorkingDirectory = "/var/lib/misskey/${instance.name}/work";
|
|
|
|
ExecStart = "${WorkingDirectory}/bin/misskey";
|
|
|
|
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
|
|
|
|
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
|
|
|
Restart = "always";
|
2023-09-01 21:05:26 +08:00
|
|
|
};
|
2023-10-03 20:11:43 +08:00
|
|
|
};
|
2023-12-15 20:20:30 +08:00
|
|
|
tmpfiles.rules = let dir = "/var/lib/misskey/${instance.name}/files"; owner = "misskey-${instance.name}"; in
|
|
|
|
[ "d ${dir} 0700 ${owner} ${owner}" "Z ${dir} - ${owner} ${owner}" ];
|
2023-10-03 20:11:43 +08:00
|
|
|
})
|
|
|
|
(attrsToList misskey.instances));
|
|
|
|
fileSystems = mkMerge (map
|
|
|
|
(instance:
|
|
|
|
{
|
|
|
|
"/var/lib/misskey/${instance.name}/work" =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
device = "${inputs.pkgs.localPackages.misskey}";
|
2023-10-23 10:36:19 +08:00
|
|
|
options = [ "bind" "private" "x-gvfs-hide" "X-fstrim.notrim" ];
|
2023-10-03 20:11:43 +08:00
|
|
|
};
|
|
|
|
"/var/lib/misskey/${instance.name}/work/files" =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
device = "/var/lib/misskey/${instance.name}/files";
|
2023-10-23 10:36:19 +08:00
|
|
|
options = [ "bind" "private" "x-gvfs-hide" "X-fstrim.notrim" ];
|
2023-10-03 20:11:43 +08:00
|
|
|
};
|
|
|
|
})
|
|
|
|
(attrsToList misskey.instances));
|
|
|
|
sops.templates = listToAttrs (map
|
|
|
|
(instance:
|
|
|
|
{
|
|
|
|
name = "misskey/${instance.name}.yml";
|
|
|
|
value =
|
2023-10-02 21:38:06 +08:00
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
content =
|
|
|
|
let
|
|
|
|
placeholder = inputs.config.sops.placeholder;
|
|
|
|
redis = inputs.config.nixos.services.redis.instances."misskey-${instance.name}";
|
2024-04-18 21:46:41 +08:00
|
|
|
meilisearch = inputs.config.nixos.services.meilisearch.instances."misskey-${instance.name}";
|
2023-10-03 20:11:43 +08:00
|
|
|
in
|
|
|
|
''
|
|
|
|
url: https://${instance.value.hostname}/
|
|
|
|
port: ${toString instance.value.port}
|
|
|
|
db:
|
|
|
|
host: 127.0.0.1
|
|
|
|
port: 5432
|
|
|
|
db: misskey_${replaceStrings [ "-" ] [ "_" ] instance.name}
|
|
|
|
user: misskey_${replaceStrings [ "-" ] [ "_" ] instance.name}
|
|
|
|
pass: ${placeholder."postgresql/misskey_${replaceStrings [ "-" ] [ "_" ] instance.name}"}
|
|
|
|
extra:
|
2023-12-24 14:58:20 +08:00
|
|
|
statement_timeout: 600000
|
2023-10-03 20:11:43 +08:00
|
|
|
dbReplications: false
|
2023-10-14 19:57:17 +08:00
|
|
|
redis:
|
|
|
|
host: 127.0.0.1
|
|
|
|
port: ${toString redis.port}
|
|
|
|
pass: ${placeholder."redis/misskey-${instance.name}"}
|
2023-10-03 20:11:43 +08:00
|
|
|
id: 'aid'
|
|
|
|
proxyBypassHosts:
|
|
|
|
- api.deepl.com
|
|
|
|
- api-free.deepl.com
|
|
|
|
- www.recaptcha.net
|
|
|
|
- hcaptcha.com
|
|
|
|
- challenges.cloudflare.com
|
|
|
|
proxyRemoteFiles: true
|
|
|
|
signToActivityPubGet: true
|
|
|
|
maxFileSize: 1073741824
|
2024-04-18 21:46:41 +08:00
|
|
|
''
|
|
|
|
+ (if instance.value.meilisearch.enable then
|
|
|
|
''
|
|
|
|
meilisearch:
|
|
|
|
host: 127.0.0.1
|
|
|
|
port: ${toString meilisearch.port}
|
|
|
|
apiKey: ${placeholder."meilisearch/misskey-${instance.name}"}
|
|
|
|
ssl: false
|
|
|
|
index: misskey
|
|
|
|
scope: global
|
|
|
|
'' else "");
|
2023-10-03 20:11:43 +08:00
|
|
|
owner = inputs.config.users.users."misskey-${instance.name}".name;
|
|
|
|
};
|
|
|
|
})
|
|
|
|
(attrsToList misskey.instances));
|
|
|
|
users = mkMerge (map
|
|
|
|
(instance:
|
2023-10-02 22:27:35 +08:00
|
|
|
{
|
2023-10-03 20:11:43 +08:00
|
|
|
users."misskey-${instance.name}" =
|
2023-10-02 22:27:35 +08:00
|
|
|
{
|
2024-03-19 20:12:16 +08:00
|
|
|
uid = inputs.config.nixos.user.uid."misskey-${instance.name}";
|
2023-10-03 20:11:43 +08:00
|
|
|
group = "misskey-${instance.name}";
|
|
|
|
home = "/var/lib/misskey/${instance.name}";
|
|
|
|
createHome = true;
|
2023-12-09 20:01:50 +08:00
|
|
|
isSystemUser = true;
|
2023-10-02 21:38:06 +08:00
|
|
|
};
|
2024-03-19 20:12:16 +08:00
|
|
|
groups."misskey-${instance.name}".gid = inputs.config.nixos.user.gid."misskey-${instance.name}";
|
2023-10-03 20:11:43 +08:00
|
|
|
})
|
|
|
|
(attrsToList misskey.instances));
|
|
|
|
nixos.services =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2024-05-30 13:04:39 +08:00
|
|
|
redis.instances = listToAttrs (map
|
2023-11-16 15:51:47 +08:00
|
|
|
(instance: { name = "misskey-${instance.name}"; value.port = instance.value.redis.port; })
|
2024-05-30 13:04:39 +08:00
|
|
|
(attrsToList misskey.instances));
|
2024-05-30 12:59:57 +08:00
|
|
|
postgresql.instances = listToAttrs (map
|
2024-05-10 15:56:42 +08:00
|
|
|
(instance: { name = "misskey_${replaceStrings [ "-" ] [ "_" ] instance.name}"; value = {}; })
|
2024-05-30 12:59:57 +08:00
|
|
|
(attrsToList misskey.instances));
|
2024-05-30 15:15:27 +08:00
|
|
|
meilisearch.instances =
|
2024-05-10 15:56:42 +08:00
|
|
|
let instances = filter (instance: instance.value.meilisearch.enable) (attrsToList misskey.instances);
|
2024-05-30 15:15:27 +08:00
|
|
|
in listToAttrs (map
|
2024-05-10 15:56:42 +08:00
|
|
|
(instance:
|
2024-04-18 21:46:41 +08:00
|
|
|
{
|
2024-05-10 15:56:42 +08:00
|
|
|
name = "misskey-${instance.name}";
|
|
|
|
value =
|
|
|
|
{
|
|
|
|
user = inputs.config.users.users."misskey-${instance.name}".name;
|
|
|
|
port = instance.value.meilisearch.port;
|
|
|
|
};
|
|
|
|
})
|
2024-05-30 15:15:27 +08:00
|
|
|
instances);
|
2023-11-09 12:41:25 +08:00
|
|
|
nginx =
|
|
|
|
{
|
|
|
|
enable = mkIf (misskey.instances != {}) true;
|
|
|
|
https = listToAttrs (map
|
|
|
|
(instance: with instance.value;
|
|
|
|
{
|
|
|
|
name = hostname;
|
2023-11-11 00:57:49 +08:00
|
|
|
value.location."/".proxy = { upstream = "http://127.0.0.1:${toString port}"; websocket = true; };
|
2023-11-09 12:41:25 +08:00
|
|
|
})
|
|
|
|
(attrsToList misskey.instances));
|
|
|
|
};
|
2023-10-03 20:11:43 +08:00
|
|
|
};
|
|
|
|
};
|
2023-08-25 18:25:34 +08:00
|
|
|
}
|