flake update
This commit is contained in:
parent
297479eb9a
commit
052a649ed7
12
flake.lock
12
flake.lock
|
@ -439,11 +439,11 @@
|
||||||
"wlroots": "wlroots"
|
"wlroots": "wlroots"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1664617133,
|
"lastModified": 1664648355,
|
||||||
"narHash": "sha256-ogDblDyvM8KgJEmidcmrQbBEFVYleAPLeoyuioCXYa4=",
|
"narHash": "sha256-Qi7fh9jD0PeQw80YBjAv191Ye+MecudUOTYFwByH3CU=",
|
||||||
"owner": "hyprwm",
|
"owner": "hyprwm",
|
||||||
"repo": "Hyprland",
|
"repo": "Hyprland",
|
||||||
"rev": "590fbf808b60baceef3b021050dae4c409121bf5",
|
"rev": "a97621b1cb203b0e3a7dd07d88c5422b798cbfd8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -698,11 +698,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1664477516,
|
"lastModified": 1664708903,
|
||||||
"narHash": "sha256-kdOex16l/HV0zDFXLcR1ksjQlZDaCZt8a7EXMybuirM=",
|
"narHash": "sha256-JxJNpWBIvtO1RX4ENW2aKgmyCIr0CwxcxQNxc+NGqv4=",
|
||||||
"owner": "NULLx76",
|
"owner": "NULLx76",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "dddab957d2cdae5a11b3104e5eaec28995ef2ebf",
|
"rev": "325d5202f74b9feea0ab59a3fce1076dd0f36298",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
84
nixos/hosts/hades/mastodon/configuration.nix
Normal file
84
nixos/hosts/hades/mastodon/configuration.nix
Normal file
|
@ -0,0 +1,84 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
let vs = config.vault-secrets.secrets;
|
||||||
|
in {
|
||||||
|
system.stateVersion = "21.05";
|
||||||
|
# Use DHCP with static leases
|
||||||
|
networking.interfaces.eth0.useDHCP = true;
|
||||||
|
|
||||||
|
# Better cache hits
|
||||||
|
environment.noXlibs = lib.mkForce false;
|
||||||
|
|
||||||
|
services.elasticsearch = {
|
||||||
|
enable = true;
|
||||||
|
cluster_name = "mastodon-es";
|
||||||
|
package = pkgs.elasticsearch7;
|
||||||
|
};
|
||||||
|
|
||||||
|
vault-secrets.secrets.mastodon = { };
|
||||||
|
|
||||||
|
services.mastodon = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.v.glitch-soc;
|
||||||
|
streamingPort = 55000;
|
||||||
|
webPort = 55001;
|
||||||
|
enableUnixSocket = false;
|
||||||
|
localDomain = "xirion.net";
|
||||||
|
trustedProxy = "192.168.0.123";
|
||||||
|
|
||||||
|
configureNginx = false;
|
||||||
|
|
||||||
|
redis = { createLocally = true; };
|
||||||
|
|
||||||
|
elasticsearch = {
|
||||||
|
host = "127.0.0.1";
|
||||||
|
port = config.services.elasticsearch.port;
|
||||||
|
};
|
||||||
|
|
||||||
|
database = {
|
||||||
|
createLocally = false;
|
||||||
|
user = "mastodon";
|
||||||
|
passwordFile = "${vs.mastodon}/db-password";
|
||||||
|
port = 5432;
|
||||||
|
name = "mastodon";
|
||||||
|
host = "192.168.0.126";
|
||||||
|
};
|
||||||
|
|
||||||
|
smtp = {
|
||||||
|
createLocally = false;
|
||||||
|
fromAddress = "mastodon@xirion.net";
|
||||||
|
host = "mail.xirion.net";
|
||||||
|
user = "mastodon@xirion.net";
|
||||||
|
authenticate = true;
|
||||||
|
port = 587;
|
||||||
|
passwordFile = "${vs.mastodon}/smtp-password";
|
||||||
|
};
|
||||||
|
|
||||||
|
extraConfig = {
|
||||||
|
BIND = "0.0.0.0";
|
||||||
|
SINGLE_USER_MODE = "false";
|
||||||
|
EMAIL_DOMAIN_ALLOWLIST = "xirion.net";
|
||||||
|
DEFAULT_LOCALE = "en";
|
||||||
|
|
||||||
|
WEB_DOMAIN = "fedi.xirion.net";
|
||||||
|
|
||||||
|
SMTP_AUTH_METHOD = "plain";
|
||||||
|
SMTP_OPENSSL_VERIFY_MODE = "none";
|
||||||
|
|
||||||
|
# TODO: Don't?
|
||||||
|
RAILS_SERVE_STATIC_FILES = "true";
|
||||||
|
|
||||||
|
# https://github.com/cybrespace/cybrespace-meta/blob/master/s3.md;
|
||||||
|
# https://shivering-isles.com/Mastodon-and-Amazon-S3
|
||||||
|
S3_ENABLED = "true";
|
||||||
|
S3_BUCKET = "mastodon";
|
||||||
|
S3_PROTOCOL = "https";
|
||||||
|
AWS_ACCESS_KEY_ID = secrets.awsAccessKey;
|
||||||
|
AWS_SECRET_ACCESS_KEY = secrets.awsSecretKey;
|
||||||
|
S3_HOSTNAME = "o.xirion.net";
|
||||||
|
S3_ENDPOINT = "https://o.xirion.net/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall = let cfg = config.services.mastodon;
|
||||||
|
in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; };
|
||||||
|
}
|
Loading…
Reference in a new issue