mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-24 20:18:56 +08:00
84 lines
2.7 KiB
Nix
84 lines
2.7 KiB
Nix
inputs:
|
|
{
|
|
options.nixos.services.mastodon = let inherit (inputs.lib) mkOption types; in
|
|
{
|
|
enable = mkOption { type = types.bool; default = false; };
|
|
hostname = mkOption { type = types.str; default = "dudu.chn.moe"; };
|
|
};
|
|
config =
|
|
let
|
|
inherit (inputs.config.nixos.services) mastodon;
|
|
inherit (inputs.lib) mkIf;
|
|
inherit (builtins) toString;
|
|
in mkIf mastodon.enable
|
|
{
|
|
services.mastodon =
|
|
{
|
|
enable = true;
|
|
streamingProcesses = 1;
|
|
enableUnixSocket = false;
|
|
localDomain = mastodon.hostname;
|
|
database =
|
|
{
|
|
createLocally = false;
|
|
host = "127.0.0.1";
|
|
passwordFile = inputs.config.sops.secrets."mastodon/postgresql".path;
|
|
};
|
|
redis.createLocally = false;
|
|
smtp =
|
|
{
|
|
createLocally = false;
|
|
user = "bot@chn.moe";
|
|
port = 465;
|
|
passwordFile = inputs.config.sops.secrets."mastodon/mail".path;
|
|
host = "mail.chn.moe";
|
|
fromAddress = "bot@chn.moe";
|
|
authenticate = true;
|
|
};
|
|
extraEnvFiles = [ inputs.config.sops.templates."mastodon/env".path ];
|
|
};
|
|
nixos.services =
|
|
{
|
|
postgresql = { enable = true; instances.mastodon = {}; };
|
|
redis.instances.mastodon.port = inputs.config.services.mastodon.redis.port;
|
|
nginx =
|
|
{
|
|
enable = true;
|
|
https."${mastodon.hostname}".location =
|
|
{
|
|
"/system/".alias.path = "/var/lib/mastodon/public-system/";
|
|
"/".static =
|
|
{ root = "${inputs.config.services.mastodon.package}/public"; tryFiles = [ "$uri" "@proxy" ]; };
|
|
"@proxy".proxy =
|
|
{ upstream = "http://127.0.0.1:${toString inputs.config.services.mastodon.webPort}"; websocket = true; };
|
|
"/api/v1/streaming/".proxy =
|
|
{
|
|
upstream = "http://unix:/run/mastodon-streaming/streaming-1.socket";
|
|
websocket = true;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
sops =
|
|
{
|
|
secrets =
|
|
{
|
|
"mastodon/mail" = { owner = "mastodon"; key = "mail/bot"; };
|
|
"mastodon/postgresql" = { owner = "mastodon"; key = "postgresql/mastodon"; };
|
|
};
|
|
templates."mastodon/env" =
|
|
{
|
|
owner = "mastodon";
|
|
content =
|
|
''
|
|
REDIS_PASSWORD=${inputs.config.sops.placeholder."redis/mastodon"}
|
|
SMTP_SSL=true
|
|
SMTP_AUTH_METHOD=plain
|
|
'';
|
|
};
|
|
};
|
|
environment.systemPackages = [ inputs.config.services.mastodon.package ];
|
|
# sudo -u mastodon mastodon-tootctl accounts modify chn --role Owner
|
|
};
|
|
}
|