blob: d0c1943cc05ffa48503727f57fc56a37f8bf62e9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
{ config, lib, pkgs, ... }:
{
services.postgresql = {
enable = true;
dataDir = "/var/state/postgresql/${config.services.postgresql.package.psqlSchema}";
package = pkgs.postgresql_11;
};
systemd.tmpfiles.rules = [
"d /var/state/postgresql 0700 postgres postgres -"
];
services.mastodon = {
enable = true;
localDomain = "social.krebsco.de";
configureNginx = true;
trustedProxy = config.krebs.hosts.prism.nets.retiolum.ip6.addr;
smtp.createLocally = false;
smtp.fromAddress = "mastodon@social.krebsco.de";
};
services.nginx.virtualHosts.${config.services.mastodon.localDomain} = {
forceSSL = lib.mkForce false;
enableACME = lib.mkForce false;
locations."@proxy".extraConfig = ''
proxy_redirect off;
proxy_pass_header Server;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
'';
};
networking.firewall.allowedTCPPorts = [
80
];
environment.systemPackages = [
(pkgs.writers.writeDashBin "tootctl" ''
sudo -u mastodon /etc/profiles/per-user/mastodon/bin/mastodon-env /etc/profiles/per-user/mastodon/bin/tootctl "$@"
'')
];
}
|
