2022-12-02 09:05:42 +01:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
|
|
services.postgresql = {
|
|
|
|
enable = true;
|
|
|
|
dataDir = "/var/state/postgresql/${config.services.postgresql.package.psqlSchema}";
|
2023-12-12 12:18:18 +01:00
|
|
|
package = pkgs.postgresql_16;
|
2022-12-02 09:05:42 +01:00
|
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
|
|
"d /var/state/postgresql 0700 postgres postgres -"
|
|
|
|
];
|
|
|
|
|
|
|
|
services.mastodon = {
|
|
|
|
enable = true;
|
|
|
|
localDomain = "social.krebsco.de";
|
|
|
|
configureNginx = true;
|
2023-12-12 11:54:18 +01:00
|
|
|
streamingProcesses = 3;
|
2022-12-02 09:05:42 +01:00
|
|
|
trustedProxy = config.krebs.hosts.prism.nets.retiolum.ip6.addr;
|
|
|
|
smtp.createLocally = false;
|
2022-12-02 16:30:47 +01:00
|
|
|
smtp.fromAddress = "derp";
|
2022-12-02 09:05:42 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
services.nginx.virtualHosts.${config.services.mastodon.localDomain} = {
|
|
|
|
forceSSL = lib.mkForce false;
|
|
|
|
enableACME = lib.mkForce false;
|
|
|
|
locations."@proxy".extraConfig = ''
|
|
|
|
proxy_redirect off;
|
|
|
|
proxy_pass_header Server;
|
|
|
|
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
80
|
|
|
|
];
|
|
|
|
|
|
|
|
environment.systemPackages = [
|
2023-08-26 08:24:47 +02:00
|
|
|
(pkgs.writers.writeDashBin "clear-mastodon-cache" ''
|
|
|
|
mastodon-tootctl media remove --prune-profiles --days=14 --concurrency=30
|
|
|
|
mastodon-tootctl media remove-orphans
|
|
|
|
mastodon-tootctl preview_cards remove --days=14
|
2022-12-02 09:05:42 +01:00
|
|
|
'')
|
2022-12-02 16:31:01 +01:00
|
|
|
(pkgs.writers.writeDashBin "create-mastodon-user" ''
|
|
|
|
set -efu
|
|
|
|
nick=$1
|
|
|
|
/run/current-system/sw/bin/tootctl accounts create "$nick" --email "$nick"@krebsco.de --confirmed
|
|
|
|
/run/current-system/sw/bin/tootctl accounts approve "$nick"
|
|
|
|
'')
|
2022-12-02 09:05:42 +01:00
|
|
|
];
|
|
|
|
}
|