You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
129 lines
4.0 KiB
Nix
129 lines
4.0 KiB
Nix
1 year ago
|
{
|
||
|
inputs = {
|
||
|
utils.url = "github:numtide/flake-utils";
|
||
|
nixpkgs.url = "github:NixOS/nixpkgs/master";
|
||
|
nix-filter.url = "github:numtide/nix-filter";
|
||
|
};
|
||
|
|
||
|
outputs = {
|
||
|
self,
|
||
|
nixpkgs,
|
||
|
utils,
|
||
|
nix-filter
|
||
|
}:
|
||
|
utils.lib.eachDefaultSystem
|
||
|
(system: let
|
||
|
pkgs = import nixpkgs {
|
||
|
inherit system;
|
||
|
};
|
||
|
|
||
|
filter = nix-filter.lib;
|
||
|
|
||
|
pname = "gotosocial";
|
||
|
version = "0.8.0";
|
||
|
in {
|
||
|
packages = {
|
||
|
default = pkgs.stdenv.mkDerivation {
|
||
|
inherit pname version;
|
||
|
|
||
|
sourceRoot = "gtsRelease";
|
||
|
srcs = [ (pkgs.fetchzip {
|
||
|
name = "gtsRelease";
|
||
|
url = "https://github.com/superseriousbusiness/${pname}/releases/download/v${version}/${pname}_${version}_linux_amd64.tar.gz";
|
||
|
sha256 = "sha256-45Tgt+KxYo0NioccpgCUKM1HEWX7+Ay8wNw/wuFM3sg=";
|
||
|
stripRoot = false;
|
||
|
})
|
||
|
(filter {
|
||
|
name = "styleOverrides";
|
||
|
root = ./.;
|
||
|
include = [
|
||
|
./css
|
||
|
];
|
||
|
})
|
||
|
];
|
||
|
|
||
|
installPhase = ''
|
||
|
mkdir -p "$out"/bin
|
||
|
mv gotosocial $out/bin/
|
||
|
mv web $out/
|
||
|
ls ../styleOverrides
|
||
|
cp ../styleOverrides/css/* $out/web/assets/dist/
|
||
|
'';
|
||
|
};
|
||
|
};
|
||
|
}) // {
|
||
|
nixosModule = {config, lib, pkgs, ...}:
|
||
|
with lib;
|
||
|
let cfg = config.ashe.services.social;
|
||
|
|
||
|
in {
|
||
|
options.ashe.services.social = {
|
||
|
enable = mkEnableOption "Enables the gotosocial HTTP service";
|
||
|
|
||
|
port = mkOption rec {
|
||
|
type = types.int;
|
||
|
default = 8080;
|
||
|
example = default;
|
||
|
description = "The port for this service to listen on";
|
||
|
};
|
||
|
|
||
|
appDomain = mkOption rec {
|
||
|
type = types.str;
|
||
|
default = "social.tempest.dev";
|
||
|
example = default;
|
||
|
description = "The domain name for the gotosocial service";
|
||
|
};
|
||
|
|
||
|
accountDomain = mkOption rec {
|
||
|
type = types.str;
|
||
|
default = "tempest.dev";
|
||
|
example = default;
|
||
|
description = "The domain name for the gotosocial accounts";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
config = mkIf cfg.enable {
|
||
|
systemd.services."social.tempest.dev" = {
|
||
|
wantedBy = [ "multi-user.target" ];
|
||
|
|
||
|
serviceConfig = let pkg = self.packages.${pkgs.system}.default;
|
||
|
in {
|
||
|
Restart = "on-failure";
|
||
|
ExecStart = "${pkg}/bin/gotosocial server start";
|
||
|
DynamicUser = "yes";
|
||
|
StateDirectory = "ashe.gotosocial";
|
||
|
StateDirectoryMode = "0700";
|
||
|
WorkingDirectory = "${pkg}";
|
||
|
Environment = [
|
||
|
"GTS_HOST=${cfg.appDomain}"
|
||
|
"GTS_ACCOUNT_DOMAIN=${cfg.accountDomain}"
|
||
|
"GTS_DB_TYPE=sqlite"
|
||
|
"GTS_DB_ADDRESS=/var/lib/ashe.gotosocial/storage/sqlite.db"
|
||
|
"GTS_STORAGE_LOCAL_BASE_PATH=/var/lib/ashe.gotosocial/storage/"
|
||
|
"GTS_LETSENCRYPT_ENABLED=false"
|
||
|
"GTS_LETSENCRYPT_EMAIL_ADDRESS="
|
||
|
"GTS_ACCOUNTS_REGISTRATION_OPEN=false"
|
||
|
"GTS_BIND_ADDRESS=127.0.0.1"
|
||
|
"GTS_PORT=${toString cfg.port}"
|
||
|
"GTS_TRUSTED_PROXIES=127.0.0.1/32"
|
||
|
];
|
||
|
};
|
||
|
};
|
||
|
|
||
|
services.nginx.virtualHosts.${cfg.appDomain} = {
|
||
|
locations."/" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; };
|
||
|
locations."= /" = { return = "301 /@ashe"; };
|
||
|
forceSSL = true;
|
||
|
enableACME = true;
|
||
|
};
|
||
|
|
||
|
services.nginx.virtualHosts.${cfg.accountDomain} = {
|
||
|
locations."/.well-known/webfinger" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; };
|
||
|
forceSSL = true;
|
||
|
enableACME = true;
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
}
|