2022-12-02 09:05:42 +01:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
|
|
services.postgresql = {
|
|
|
|
enable = true;
|
|
|
|
dataDir = "/var/state/postgresql/${config.services.postgresql.package.psqlSchema}";
|
2023-12-12 12:18:18 +01:00
|
|
|
package = pkgs.postgresql_16;
|
2022-12-02 09:05:42 +01:00
|
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
|
|
"d /var/state/postgresql 0700 postgres postgres -"
|
|
|
|
];
|
|
|
|
|
|
|
|
services.mastodon = {
|
|
|
|
enable = true;
|
|
|
|
localDomain = "social.krebsco.de";
|
|
|
|
configureNginx = true;
|
2023-12-12 11:54:18 +01:00
|
|
|
streamingProcesses = 3;
|
2022-12-02 09:05:42 +01:00
|
|
|
trustedProxy = config.krebs.hosts.prism.nets.retiolum.ip6.addr;
|
|
|
|
smtp.createLocally = false;
|
2022-12-02 16:30:47 +01:00
|
|
|
smtp.fromAddress = "derp";
|
2022-12-02 09:05:42 +01:00
|
|
|
};
|
|
|
|
|
2023-12-12 19:12:20 +01:00
|
|
|
security.acme.certs."social.krebsco.de".server = "https://acme-staging-v02.api.letsencrypt.org/directory";
|
2022-12-02 09:05:42 +01:00
|
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
80
|
2023-12-12 19:12:20 +01:00
|
|
|
443
|
2022-12-02 09:05:42 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
environment.systemPackages = [
|
2023-08-26 08:24:47 +02:00
|
|
|
(pkgs.writers.writeDashBin "clear-mastodon-cache" ''
|
|
|
|
mastodon-tootctl media remove --prune-profiles --days=14 --concurrency=30
|
|
|
|
mastodon-tootctl media remove-orphans
|
|
|
|
mastodon-tootctl preview_cards remove --days=14
|
2022-12-02 09:05:42 +01:00
|
|
|
'')
|
2022-12-02 16:31:01 +01:00
|
|
|
(pkgs.writers.writeDashBin "create-mastodon-user" ''
|
|
|
|
set -efu
|
|
|
|
nick=$1
|
|
|
|
/run/current-system/sw/bin/tootctl accounts create "$nick" --email "$nick"@krebsco.de --confirmed
|
|
|
|
/run/current-system/sw/bin/tootctl accounts approve "$nick"
|
|
|
|
'')
|
2022-12-02 09:05:42 +01:00
|
|
|
];
|
|
|
|
}
|