mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 07:08:45 +08:00
services.mastodon: init
This commit is contained in:
parent
4e44953e75
commit
c38d84a1b1
@ -349,6 +349,7 @@
|
||||
fz-new-order.enable = true;
|
||||
nginx.applications = { kkmeeting.enable = true; webdav.instances."webdav.chn.moe" = {}; };
|
||||
httpapi.enable = true;
|
||||
mastodon.enable = true;
|
||||
};
|
||||
};})
|
||||
];
|
||||
|
@ -34,6 +34,7 @@ inputs:
|
||||
./fz-new-order
|
||||
./httpapi.nix
|
||||
./mirism.nix
|
||||
./mastodon.nix
|
||||
];
|
||||
options.nixos.services = let inherit (inputs.lib) mkOption types; in
|
||||
{
|
||||
|
@ -3,6 +3,7 @@ inputs:
|
||||
options.nixos.services.mastodon = let inherit (inputs.lib) mkOption types; in
|
||||
{
|
||||
enable = mkOption { type = types.bool; default = false; };
|
||||
hostname = mkOption { type = types.str; default = "dudu.chn.moe"; };
|
||||
};
|
||||
config =
|
||||
let
|
||||
@ -15,11 +16,12 @@ inputs:
|
||||
{
|
||||
enable = true;
|
||||
enableUnixSocket = false;
|
||||
localDomain = mastodon.hostname;
|
||||
database =
|
||||
{
|
||||
{
|
||||
createLocally = false;
|
||||
host = "127.0.0.1";
|
||||
passwordFile = inputs.sops.secrets."mastodon/postgresql".path;
|
||||
passwordFile = inputs.config.sops.secrets."mastodon/postgresql".path;
|
||||
};
|
||||
redis.createLocally = false;
|
||||
smtp =
|
||||
@ -27,26 +29,32 @@ inputs:
|
||||
createLocally = false;
|
||||
user = "bot@chn.moe";
|
||||
port = 465;
|
||||
passwordFile = inputs.sops.secrets."mastodon/mail".path;
|
||||
passwordFile = inputs.config.sops.secrets."mastodon/mail".path;
|
||||
host = "mail.chn.moe";
|
||||
fromAddress = "bot@chn.moe";
|
||||
authenticate = true;
|
||||
};
|
||||
extraEnvFiles = [ inputs.sops.templates."mastodon/redis".path ];
|
||||
extraEnvFiles = [ inputs.config.sops.templates."mastodon/redis.env".path ];
|
||||
};
|
||||
nixos =
|
||||
nixos.services =
|
||||
{
|
||||
postgresql = { enable = true; instances.mastodon = {}; };
|
||||
redis.instances.mastodon.port = inputs.config.services.mastodon.redis.port;
|
||||
nginx =
|
||||
{
|
||||
enable = true;
|
||||
https.location =
|
||||
https."${mastodon.hostname}".location =
|
||||
{
|
||||
"/system/".alias.path = "/var/lib/mastodon/public-system/";
|
||||
"/".static =
|
||||
{ root = "${inputs.config.services.mastodon.package}/public"; tryFiles = [ "$uri" "@proxy" ]; };
|
||||
"@proxy".proxy.upstream = "http://127.0.0.1:${toString inputs.config.services.mastodon.port}";
|
||||
"/system".static =
|
||||
"@proxy".proxy =
|
||||
{ upstream = "http://127.0.0.1:${toString inputs.config.services.mastodon.webPort}"; websocket = true; };
|
||||
"/api/v1/streaming/".proxy =
|
||||
{
|
||||
upstream = "http://127.0.0.1:${toString inputs.config.services.mastodon.streamingPort}";
|
||||
websocket = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
@ -58,7 +66,7 @@ inputs:
|
||||
"mastodon/postgresql" = { owner = "mastodon"; key = "postgresql/mastodon"; };
|
||||
};
|
||||
templates."mastodon/redis.env" =
|
||||
{ owner = "mastodon"; content = "REDIS_PASSWORD=${inputs.sops.placeholders."redis/mastodon"}"; };
|
||||
{ owner = "mastodon"; content = "REDIS_PASSWORD=${inputs.config.sops.placeholder."redis/mastodon"}"; };
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -19,7 +19,7 @@ inputs:
|
||||
{
|
||||
httpsPort = 3065;
|
||||
httpsPortShift = { http2 = 1; proxyProtocol = 2; };
|
||||
httpsLocationTypes = [ "proxy" "static" "php" "return" "cgi" ];
|
||||
httpsLocationTypes = [ "proxy" "static" "php" "return" "cgi" "alias" ];
|
||||
httpTypes = [ "rewriteHttps" "php" ];
|
||||
streamPort = 5575;
|
||||
streamPortShift = { proxyProtocol = 1; };
|
||||
@ -179,6 +179,14 @@ inputs:
|
||||
type = types.nullOr (types.submodule { options = { inherit (genericOptions) detectAuth root; };});
|
||||
default = null;
|
||||
};
|
||||
alias = mkOption
|
||||
{
|
||||
type = types.nullOr (types.submodule { options =
|
||||
{
|
||||
path = mkOption { type = types.nonEmptyStr; };
|
||||
};});
|
||||
default = null;
|
||||
};
|
||||
};});
|
||||
default = {};
|
||||
};
|
||||
@ -611,6 +619,7 @@ inputs:
|
||||
fastcgi_pass unix:${inputs.config.services.fcgiwrap.socketAddress};
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
'';
|
||||
alias.alias = location.value.path;
|
||||
}.${location.value.type};
|
||||
})
|
||||
site.value.locations);
|
||||
|
@ -12,6 +12,7 @@ redis:
|
||||
misskey-misskey-old: ENC[AES256_GCM,data:amUqMycdXUFvjg66pXKnlZqiESBYMci0k8iYzj824SaEqHl3Nq/I0TjYX++xEUg+RGYyTIcSaj96HUANTKpc1A==,iv:ND1mQLHxltRlOdpJ80ywheGo6hkl7OgRyk9TguJMuTw=,tag:dhCCwnCOnyT2iXdEMK0szg==,type:str]
|
||||
nextcloud: ENC[AES256_GCM,data:jwN/CqwkU/5Rd6w75/bV2Yej9b0CoxZaiJEcZXFx+9XUPY3Xg1tQdEr1SALG8xzOEdoL6WBVs14NvrrL25GeTQ==,iv:p5+0AB52QqScJwMhNIrM/7HAcRPdD9Z8xV6uwIDOwIg=,tag:f1XbNDDRXvGl/dkV9Wp2Ug==,type:str]
|
||||
send: ENC[AES256_GCM,data:IGxj3cgp+fQBdupfK+IgPEQSPuXdM9LRSLGSATNIkzUWC6sQw1aaKTDuRc8cU2BG6quthRwuWnK/F7k3KrUi8Q==,iv:LI9MkaF4e47FPUyL7AXZpO+CdgF91ScdiqjrE8PZjJ4=,tag:eNugln5M0AhU1xmVWFN7Aw==,type:str]
|
||||
mastodon: ENC[AES256_GCM,data:E5aMRzqd1dqcw66uZwWoT+LDH30mg1vZjk3lhKIXKPd36MANE6z04aBPcAHyHT71jEYsect9JXagC4MUJBuSSQ==,iv:4IjTTNSTraL33fInlTkB2ZylcEaaKi5pgvugZIk24e0=,tag:32JSTNpF2cxYh/NEAS6jZQ==,type:str]
|
||||
postgresql:
|
||||
wallabag: ENC[AES256_GCM,data:ANwvEE3K/W/hU34Y7RvlbUuJNo2bOaRfeusYM9pRxXQOdG4XpwYfd/DprsrVjlkrMFuTurUR5j6UNHWh+ILDbQ==,iv:K8doqhVosz+OosMrLJXrSxairr84EeGs3EWgVQjpkS8=,tag:WjDzy7ubm/GVlBkW0O3znQ==,type:str]
|
||||
misskey_misskey: ENC[AES256_GCM,data:lRbSz7bbiWEdK/cRD41fLvFJF4WYsclKHVykFcU3LIz9vnKlR3VdczzznVqpT7JvG6OUi+TmipJii+0KzXHtdA==,iv:8sBKgVwuDJdThup0KQ6cnAV5O2liwVra1yIpDHVfpMI=,tag:DyUpaHai8ZUyllvZBUm8sg==,type:str]
|
||||
@ -19,6 +20,7 @@ postgresql:
|
||||
synapse: ENC[AES256_GCM,data:Orfse2arRGMujA8MloqOp+iVr0+uCVtlMZJNAA36J3UCog5ExE8HE6G5wIvvoP0o/PNToYc9Jgn8T7iWdU6FIA==,iv:XQ6/bDfIRmvZ3VdTqH5Gaiu2emd5kV+q6RjNXDQEtkc=,tag:Yq+w9oxv2yhpsQfMRp4HaQ==,type:str]
|
||||
vaultwarden: ENC[AES256_GCM,data:Uz8GJMaLUTQ9pQbZyZLWS4bL5wmt9RvbAwNctAIDt9JrV3FaXxgKjE0MJSGklS55yj/Z/wbO6RCuCK2AWR2VKw==,iv:7hA8YcB88M1qCV8EhFYpHbfPmAZ/7xNqvTMJYZ/UcAY=,tag:mkDHJYmRoYZ/Ct0UmOp9FA==,type:str]
|
||||
nextcloud: ENC[AES256_GCM,data:5UpYSMsZgUgEJHg0ou9Z1RTE+YFFUKuXwPtc6L5XxD4GNo8Gd3CvcQSNGAol+5DtyPKF3q1+ZgtScWGrqU1RyA==,iv:Zfm+Oa4eON8WiJzYUkMFawafDwo9pOnOpWkwHYLIKkk=,tag:4ECMla1dFfCrn7lILwWFNA==,type:str]
|
||||
mastodon: ENC[AES256_GCM,data:IQxoNjZILazu5cxkEzFAqqmGSsOffMQHoRB7AC2NqI/+CJSVsfdwiSVfxN+Jc9dmrqCjscUSxaWCMHnrZj/JyQ==,iv:d6tyj/w0uH2E3qHjEcopVhnmE/Pq0qN9PHthSArryyw=,tag:kfJsxqkErFcG11B0CmiIKw==,type:str]
|
||||
meilisearch:
|
||||
misskey-misskey: ENC[AES256_GCM,data:4s+qqd6mmstioC0XmG/vA6ED9mzu1vRJVPFFalRiqnnsFy0dYEU87H+y12eOp/KDSLdTNvpp6Z6jCNvxnpDXzQ==,iv:x6L9OPu/dwVsD9pYb4dqavw9NesMbo7LB+rwz6veAR4=,tag:/BBqV2sHIgPas7XsZydh2g==,type:str]
|
||||
rsshub:
|
||||
@ -102,8 +104,8 @@ sops:
|
||||
SnFHS1Z0SXUzTFdEd29KTy9DU3Y3R0UKfhh+rUmWDrf+UGjclP57dHipPLFoXSqy
|
||||
HdelmfV6q4/c7ppx2E+oZw3VNgoZCsrxxzYZfwxHJiZb+5vkE0D8iA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-11-16T05:14:07Z"
|
||||
mac: ENC[AES256_GCM,data:rhF6HFubRyk+zk8nVddoXLQ3j6rzZjf2tRwl+B6inX9DKy32zbXKF29nzzk25KSrJOY1rsafiS2pza1eRPRs+I3aJ0v9oWi1qRwoHzSX34ZkGil8uZ5CWh0Xx8md3Zp1bz7JmMYA9IiGbBGty4gjMaJG/7AfP2447eLaJyFADAI=,iv:3g+QKrPGiGzKefp3m1t01QeaF7uJzRZ+NoWJ7h6gQHQ=,tag:wO7eQ3tCGzMUtTrSxdpK+w==,type:str]
|
||||
lastmodified: "2023-11-19T12:44:11Z"
|
||||
mac: ENC[AES256_GCM,data:BQstF4X79Fgdx0TCr3LbqQszrXddf6qKGFTggUgsd6JMteA79RHJvQM0VF8alb90pPjvMOqPocOIm4yEx2P/Wc5yIvEipZcj3b9CBYKEUiH0x2QdWGsYPkSFRtDJuzrrGBqWQkiy3FAchC7xuBxIGDMU0XxGaGetV2sv2s/asjg=,iv:iVjng//gR++x7lVguXD2ZEvjswDwl4qBkQEwVIlL8Bs=,tag:gEvVrfelyUcYelG1oBjbPA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
|
Loading…
Reference in New Issue
Block a user