52 lines
1.4 KiB
Nix
52 lines
1.4 KiB
Nix
{ zentralwerk, config, lib, pkgs, ... }:
|
|
{
|
|
networking.hostName = "mastodon";
|
|
c3d2.hq.statistics.enable = true;
|
|
deployment = {
|
|
mem = 4096;
|
|
vcpu = 8;
|
|
};
|
|
|
|
system.stateVersion = "22.11";
|
|
|
|
services.postgresql.enable = true;
|
|
|
|
services.mastodon = {
|
|
enable = true;
|
|
localDomain = "c3d2.social";
|
|
|
|
smtp.host = "c3d2.social";
|
|
smtp.fromAddress = "mail@c3d2.social";
|
|
# smtp.authenticate = true;
|
|
# smtp.user = secrets.email.smtp-user;
|
|
# smtp.passwordFile = "${pkgs.runCommand "smtp-password" {} ''
|
|
# echo "${secrets.email.smtp-password}" > $out
|
|
# ''}";
|
|
|
|
extraConfig.WEB_DOMAIN = "c3d2.social";
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
virtualHosts."c3d2.social" = {
|
|
root = "${config.services.mastodon.package}/public/";
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
|
|
locations."/system/".alias = "/var/lib/mastodon/public-system/";
|
|
locations."/".tryFiles = "$uri @proxy";
|
|
|
|
locations."@proxy".proxyPass = "http://unix:/run/mastodon-web/web.socket";
|
|
locations."@proxy".proxyWebsockets = true;
|
|
|
|
locations."/api/v1/streaming/".proxyPass = "http://unix:/run/mastodon-streaming/streaming.socket";
|
|
locations."/api/v1/streaming/".proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
users.groups.mastodon.members = [ config.services.nginx.user ];
|
|
}
|