109 lines
3.3 KiB
Nix
109 lines
3.3 KiB
Nix
{ pkgs, ... }:
|
|
{
|
|
deployment.mem = 2048;
|
|
|
|
networking = {
|
|
hostName = "tmppleroma";
|
|
firewall.allowedTCPPorts = [
|
|
80 443
|
|
];
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [ pleroma-otp ];
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_15;
|
|
};
|
|
|
|
services.pleroma = {
|
|
enable = true;
|
|
secretConfigFile = "/var/lib/pleroma/secrets.exs";
|
|
configs = [
|
|
''
|
|
import Config
|
|
|
|
config :pleroma, Pleroma.Web.Endpoint,
|
|
url: [host: "tmppleroma.hq.c3d2.de", scheme: "https", port: 443],
|
|
http: [ip: {127, 0, 0, 1}, port: 4000],
|
|
secret_key_base: "lcOBbHZPbGMkpfifPgn5UwUNy0twrSnZplGYceWQ6JZtG7vaUu0QpKy/vGkBVi2o",
|
|
signing_salt: "Li+Voq8h"
|
|
|
|
config :pleroma, :instance,
|
|
name: "Temporary Pleroma Instance",
|
|
email: "astro@c3d2.de",
|
|
notify_email: "astro@c3d2.de",
|
|
limit: 5000,
|
|
registrations_open: true
|
|
|
|
config :pleroma, :media_proxy,
|
|
enabled: false,
|
|
redirect_on_failure: true
|
|
#base_url: "https://cache.pleroma.social"
|
|
|
|
config :pleroma, Pleroma.Repo,
|
|
adapter: Ecto.Adapters.Postgres,
|
|
username: "pleroma",
|
|
password: "ZSfzzg93MGLmEBrkKY3H//k2nhWTJZq4IBi/mDaIU9HcGE2gXdLLfSnak+Y5mpyj",
|
|
database: "pleroma",
|
|
hostname: "localhost"
|
|
|
|
# Configure web push notifications
|
|
config :web_push_encryption, :vapid_details,
|
|
subject: "mailto:astro@c3d2.de",
|
|
public_key: "BIRoExJLLKr8qu5CjOcbEvv55DsxvcQrVhCmWKtKoYVi6uZRp6dL7V4_9zdyouolg60wKERt1wFaLr8v3BuZckE",
|
|
private_key: "hch8xAe2KkkpvXKTC6ybwxGJqhfFUPMFNU1ags5dgWU"
|
|
|
|
config :pleroma, :database, rum_enabled: false
|
|
config :pleroma, :instance, static_dir: "/var/lib/pleroma/static"
|
|
config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads"
|
|
|
|
# Enable Strict-Transport-Security once SSL is working:
|
|
# config :pleroma, :http_security,
|
|
# sts: true
|
|
|
|
# Configure S3 support if desired.
|
|
# The public S3 endpoint (base_url) is different depending on region and provider,
|
|
# consult your S3 provider's documentation for details on what to use.
|
|
#
|
|
# config :pleroma, Pleroma.Upload,
|
|
# uploader: Pleroma.Uploaders.S3,
|
|
# base_url: "https://s3.amazonaws.com"
|
|
#
|
|
# config :pleroma, Pleroma.Uploaders.S3,
|
|
# bucket: "some-bucket",
|
|
# bucket_namespace: "my-namespace",
|
|
# truncated_namespace: nil,
|
|
# streaming_enabled: true
|
|
#
|
|
# Configure S3 credentials:
|
|
# config :ex_aws, :s3,
|
|
# access_key_id: "xxxxxxxxxxxxx",
|
|
# secret_access_key: "yyyyyyyyyyyy",
|
|
# region: "us-east-1",
|
|
# scheme: "https://"
|
|
#
|
|
# For using third-party S3 clones like wasabi, also do:
|
|
# config :ex_aws, :s3,
|
|
# host: "s3.wasabisys.com"
|
|
|
|
config :joken, default_signer: "u3DwPUxgU1n2v5DQT6lBt1p1hzq1E1YfIFUoADArzY2ZGRMt1trctw5tfAa9HmNn"
|
|
|
|
config :pleroma, configurable_from_database: true
|
|
''
|
|
];
|
|
};
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts."tmppleroma.hq.c3d2.de" = {
|
|
default = true;
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:4000";
|
|
};
|
|
};
|
|
};
|
|
}
|