41 lines
1.1 KiB
Nix
41 lines
1.1 KiB
Nix
|
{ config, lib, pkgs, ... }:
|
||
|
{
|
||
|
services.postgresql = {
|
||
|
enable = true;
|
||
|
dataDir = "/var/state/postgresql/${config.services.postgresql.package.psqlSchema}";
|
||
|
package = pkgs.postgresql_11;
|
||
|
};
|
||
|
systemd.tmpfiles.rules = [
|
||
|
"d /var/state/postgresql 0700 postgres postgres -"
|
||
|
];
|
||
|
|
||
|
services.mastodon = {
|
||
|
enable = true;
|
||
|
localDomain = "social.krebsco.de";
|
||
|
configureNginx = true;
|
||
|
trustedProxy = config.krebs.hosts.prism.nets.retiolum.ip6.addr;
|
||
|
smtp.createLocally = false;
|
||
|
smtp.fromAddress = "mastodon@social.krebsco.de";
|
||
|
};
|
||
|
|
||
|
services.nginx.virtualHosts.${config.services.mastodon.localDomain} = {
|
||
|
forceSSL = lib.mkForce false;
|
||
|
enableACME = lib.mkForce false;
|
||
|
locations."@proxy".extraConfig = ''
|
||
|
proxy_redirect off;
|
||
|
proxy_pass_header Server;
|
||
|
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
|
||
|
'';
|
||
|
};
|
||
|
|
||
|
networking.firewall.allowedTCPPorts = [
|
||
|
80
|
||
|
];
|
||
|
|
||
|
environment.systemPackages = [
|
||
|
(pkgs.writers.writeDashBin "tootctl" ''
|
||
|
sudo -u mastodon /etc/profiles/per-user/mastodon/bin/mastodon-env /etc/profiles/per-user/mastodon/bin/tootctl "$@"
|
||
|
'')
|
||
|
];
|
||
|
}
|