diff --git a/flake.lock b/flake.lock index d35dec83..74999b6d 100644 --- a/flake.lock +++ b/flake.lock @@ -716,11 +716,11 @@ "misskey": { "flake": false, "locked": { - "lastModified": 1765875583, - "narHash": "sha256-nwdLJfY7ltQz2812Mq79RUAj+yjl4Hfw4ed9i+GtJx4=", + "lastModified": 1765853869, + "narHash": "sha256-iqQ33UDp4CIfAgvoGBvKLQ40n7AtyAEq/Q1YfIOwaig=", "ref": "refs/heads/chn-mod", - "rev": "8853b0bf6f16684261a8761c044b28ffec829e69", - "revCount": 28248, + "rev": "eed3e133a6fc263f60fbe958659c9ac81a9b2e57", + "revCount": 28247, "submodules": true, "type": "git", "url": "https://github.com/CHN-beta/misskey" diff --git a/modules/services/misskey.nix b/modules/services/misskey.nix index b0ca10eb..7c8153e9 100644 --- a/modules/services/misskey.nix +++ b/modules/services/misskey.nix @@ -22,7 +22,8 @@ inputs: after = [ "network.target" "redis-misskey-${instance.name}.service" "postgresql.service" ]; requires = after; wantedBy = [ "multi-user.target" ]; - environment.MISSKEY_CONFIG_HAVE_COMPILED = "1"; + environment.MISSKEY_CONFIG_YML = + inputs.config.nixos.system.sops.templates."misskey/${instance.name}.yml".path; serviceConfig = rec { User = "misskey-${instance.name}"; @@ -46,11 +47,6 @@ inputs: device = "${inputs.pkgs.localPackages.misskey}"; options = [ "bind" "private" "x-gvfs-hide" "X-fstrim.notrim" ]; }; - "/var/lib/misskey/${instance.name}/built/.config.json" = - { - device = inputs.config.nixos.system.sops.templates."misskey/${instance.name}.json".path; - options = [ "bind" "private" "x-gvfs-hide" "X-fstrim.notrim" ]; - }; "/var/lib/misskey/${instance.name}/work/files" = { device = "/var/lib/misskey/${instance.name}/files"; @@ -93,45 +89,43 @@ inputs: system.sops.templates = builtins.listToAttrs (builtins.map (instance: { - name = "misskey/${instance.name}.json"; + name = "misskey/${instance.name}.yml"; value = { content = let placeholder = inputs.config.nixos.system.sops.placeholder; redis = inputs.config.nixos.services.redis.instances."misskey-${instance.name}"; - in builtins.toJSON - { - url = "https://${instance.value.hostname}/"; - port = instance.value.port; - db = - { - host = "127.0.0.1"; - port = 5432; - db = "misskey_${builtins.replaceStrings [ "-" ] [ "_" ] instance.name}"; - user = "misskey_${builtins.replaceStrings [ "-" ] [ "_" ] instance.name}"; - pass = placeholder."postgresql/misskey_${builtins.replaceStrings [ "-" ] [ "_" ] instance.name}"; - extra.statement_timeout = 600000; - }; - dbReplications = false; - redis = - { - host = "127.0.0.1"; - port = redis.port; - pass = placeholder."redis/misskey-${instance.name}"; - }; - id = "aid"; - proxyBypassHosts = - [ - "api.deepl.com" "api-free.deepl.com" "www.recaptcha.net" "hcaptcha.com" - "challenges.cloudflare.com" - ]; - proxyRemoteFiles = true; - signToActivityPubGet = true; - maxFileSize = 1073741824; - fulltextSearch.provider = "sqlPgroonga"; - trustProxy = true; - }; + in + '' + url: https://${instance.value.hostname}/ + port: ${toString instance.value.port} + db: + host: 127.0.0.1 + port: 5432 + db: misskey_${builtins.replaceStrings [ "-" ] [ "_" ] instance.name} + user: misskey_${builtins.replaceStrings [ "-" ] [ "_" ] instance.name} + pass: ${placeholder."postgresql/misskey_${builtins.replaceStrings [ "-" ] [ "_" ] instance.name}"} + extra: + statement_timeout: 600000 + dbReplications: false + redis: + host: 127.0.0.1 + port: ${builtins.toString redis.port} + pass: ${placeholder."redis/misskey-${instance.name}"} + id: 'aid' + proxyBypassHosts: + - api.deepl.com + - api-free.deepl.com + - www.recaptcha.net + - hcaptcha.com + - challenges.cloudflare.com + proxyRemoteFiles: true + signToActivityPubGet: true + maxFileSize: 1073741824 + fulltextSearch: + provider: sqlPgroonga + ''; owner = "misskey-${instance.name}"; }; })