{ inputs = { utils.url = "github:numtide/flake-utils"; nixpkgs.url = "github:NixOS/nixpkgs/master"; nix-filter.url = "github:numtide/nix-filter"; }; outputs = { self, nixpkgs, utils, nix-filter }: utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; }; filter = nix-filter.lib; pname = "gotosocial"; version = "0.16.0"; in { packages = { default = pkgs.stdenv.mkDerivation { inherit pname version; sourceRoot = "gtsRelease"; srcs = [ (pkgs.fetchzip { name = "gtsRelease"; url = "https://github.com/superseriousbusiness/${pname}/releases/download/v${version}/${pname}_${version}_linux_amd64.tar.gz"; sha256 = "sha256-koqkbRXnnozhAOCLRjDnlMW3CYf2F5xCLNehpZs2770="; stripRoot = false; }) (filter { name = "styleOverrides"; root = ./.; include = [ ./overrides ./patches ]; }) ]; installPhase = '' mkdir -p "$out"/bin mv gotosocial $out/bin/ mv web $out/ mkdir -p "$out"/web/assets/overrides patch -i ../styleOverrides/patches/base.css.patch $out/web/assets/dist/base.css cp ../styleOverrides/overrides/* $out/web/assets/overrides/ ''; }; }; }) // { nixosModule = {config, lib, pkgs, ...}: with lib; let cfg = config.ashe.services.social; in { options.ashe.services.social = { enable = mkEnableOption "Enables the gotosocial HTTP service"; port = mkOption rec { type = types.int; default = 8080; example = default; description = "The port for this service to listen on"; }; appDomain = mkOption rec { type = types.str; default = "social.tempest.dev"; example = default; description = "The domain name for the gotosocial service"; }; accountDomain = mkOption rec { type = types.str; default = "tempest.dev"; example = default; description = "The domain name for the gotosocial accounts"; }; }; config = mkIf cfg.enable { systemd.services."social.tempest.dev" = { wantedBy = [ "multi-user.target" ]; serviceConfig = let pkg = self.packages.${pkgs.system}.default; in { Restart = "on-failure"; ExecStart = "${pkg}/bin/gotosocial server start"; DynamicUser = "yes"; StateDirectory = "ashe.gotosocial"; StateDirectoryMode = "0700"; WorkingDirectory = "${pkg}"; Environment = [ "GTS_HOST=${cfg.appDomain}" "GTS_ACCOUNT_DOMAIN=${cfg.accountDomain}" "GTS_DB_TYPE=sqlite" "GTS_DB_ADDRESS=/var/lib/ashe.gotosocial/storage/sqlite.db" "GTS_STORAGE_LOCAL_BASE_PATH=/var/lib/ashe.gotosocial/storage/" "GTS_LETSENCRYPT_ENABLED=false" "GTS_LETSENCRYPT_EMAIL_ADDRESS=" "GTS_ACCOUNTS_REGISTRATION_OPEN=false" "GTS_BIND_ADDRESS=127.0.0.1" "GTS_PORT=${toString cfg.port}" "GTS_TRUSTED_PROXIES=127.0.0.1/32" ]; }; }; services.nginx.virtualHosts.${cfg.appDomain} = { locations."/" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; proxyWebsockets = true; }; locations."= /" = { return = "301 /@ashe"; }; forceSSL = true; enableACME = true; }; services.nginx.virtualHosts.${cfg.accountDomain} = { locations."/.well-known/webfinger" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; }; forceSSL = true; enableACME = true; }; }; }; }; }