commit 3145ef255d66296b17633abe167c24da7a009d5c
parent b96fc05aca3a71f3076c2e88986282bd74097179
Author: Leah (ctucx) <leah@ctu.cx>
Date: Tue, 13 Sep 2022 18:57:11 +0200
parent b96fc05aca3a71f3076c2e88986282bd74097179
Author: Leah (ctucx) <leah@ctu.cx>
Date: Tue, 13 Sep 2022 18:57:11 +0200
modules/gotosocial: settings are now defined with nix types!
2 files changed, 78 insertions(+), 35 deletions(-)
M
|
74
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------
diff --git a/machines/lollo/gotosocial.nix b/machines/lollo/gotosocial.nix @@ -13,35 +13,32 @@ }; services.gotosocial = { - enable = true; - config = '' - web-template-base-dir: "${pkgs.gotosocial}/share/template/" - web-asset-base-dir: "${pkgs.gotosocial}/share/assets/" + enable = true; + settings = { + application-name = "ctucx.gts"; - application-name: "ctucx.gts" + host = "fedi.home.ctu.cx"; + account-domain = "fedi.home.ctu.cx"; + protocol = "https"; - host: "fedi.home.ctu.cx" - account-domain: "fedi.home.ctu.cx" - protocol: "https" + bind-address = "127.0.0.1"; + port = 8085; - bind-address: "127.0.0.1" - port: 8085 + trusted-proxies = [ "127.0.0.1/32" ]; - trusted-proxies: - - "127.0.0.1/32" + db-type = "sqlite"; + db-address = "/var/lib/gotosocial/db.sqlite"; - db-type: "sqlite" - db-address: "/var/lib/gotosocial/db.sqlite" + accounts-registration-open = false; - accounts-registration-open: false + instance-expose-peers = true; - instance-expose-peers: true + storage-backend = "local"; + storage-local-base-path = "/var/lib/gotosocial/storage"; - storage-backend: "local" - storage-local-base-path: "/var/lib/gotosocial/storage" - - media-image-max-size: 10000000 - media-remote-cache-days: 6''; + media-image-max-size = 10000000; + media-remote-cache-days = 6; + }; }; services.nginx.virtualHosts."fedi.home.ctu.cx" = {
diff --git a/modules/gotosocial.nix b/modules/gotosocial.nix @@ -3,13 +3,14 @@ with lib; let - cfg = config.services.gotosocial; + cfg = config.services.gotosocial; + settingsFormat = pkgs.formats.json {}; in { options = { services.gotosocial = with lib; { - enable = mkEnableOption "gotosocial"; + enable = mkEnableOption "GoToSocial ActivityPub Server"; package = mkOption { type = types.package; @@ -32,19 +33,65 @@ in { readOnly = true; }; - config = mkOption { - type = types.lines; + settings = lib.mkOption { + type = lib.types.submodule { + freeformType = settingsFormat.type; + + options.host = lib.mkOption { + type = lib.types.nullOr lib.types.str; + default = null; + description = '' + Hostname that this server will be reachable at. Defaults to localhost for local testing, + but you should *definitely* change this when running for real, or your server won't work at all. + DO NOT change this after your server has already run once, or you will break things! + ''; + }; + + options.port = lib.mkOption { + type = lib.types.port; + default = 8080; + description = '' + Int. Listen port for the GoToSocial webserver + API. If you're running behind a reverse proxy and/or in a docker, + container, just set this to whatever you like (or leave the default), and make sure it's forwarded properly. + If you are running with built-in letsencrypt enabled, and running GoToSocial directly on a host machine, you will + probably want to set this to 443 (standard https port), unless you have other services already using that port. + This *MUST NOT* be the same as the letsencrypt port specified below, unless letsencrypt is turned off. + ''; + }; + }; + + default = {}; + description = '' + Configuration for GoToSocial, see + <link xlink:href="https://docs.gotosocial.org/en/latest/"> + for supported values. + ''; }; }; }; config = lib.mkIf cfg.enable { + assertions = [ + { + assertion = cfg.settings.host != null; + message = "You have to define a hostname for GoToSocial, it cannot be changed later without starting over!"; + } + ]; + + services.gotosocial.settings = { # Defaults + user = lib.mkDefault "gotosocial"; + group = lib.mkDefault "gotosocial"; + + storage-local-base-path = lib.mkDefault "/var/lib/gotosocial"; # SystemD StateDirectory + + web-template-base-dir = lib.mkDefault "${cfg.package}/share/web/template/"; + web-asset-base-dir = lib.mkDefault "${cfg.package}/share/web/assets/"; + }; users = { users."${cfg.user}" = { - description = "Pleroma user"; - home = cfg.stateDir; - group = cfg.group; + home = cfg.stateDir; + group = cfg.group; isSystemUser = true; }; groups."${cfg.group}" = {}; @@ -56,8 +103,6 @@ in { '') ]; - environment.etc."/gotosocial/config.yaml".text = "${cfg.config}"; - systemd.services = { gotosocial-export = { description = "gotosocial export"; @@ -79,10 +124,9 @@ in { }; gotosocial = { - description = "gotosocial"; + description = "GoToSocial ActivityPub Server"; after = [ "network-online.target" ]; wantedBy = [ "multi-user.target" ]; - restartTriggers = [ config.environment.etc."/gotosocial/config.yaml".source ]; onFailure = [ "notify-failure@%i.service" ]; serviceConfig = { @@ -90,11 +134,13 @@ in { Group = cfg.group; Type = "exec"; - WorkingDirectory = "~"; - StateDirectory = "gotosocial gotosocial/storage"; + WorkingDirectory = "~"; + StateDirectory = lib.mkIf (cfg.settings.storage-local-base-path != "/var/lib/gotosocial") "gotosocial"; + ReadOnlyPaths = [ cfg.package ]; + ReadWritePaths = [ cfg.settings.storage-local-base-path ]; StateDirectoryMode = "700"; - ExecStart = "${cfg.package}/bin/gotosocial --config-path /etc/gotosocial/config.yaml server start"; + ExecStart = "${cfg.package}/bin/gotosocial --config-path ${settingsFormat.generate "gotosocial-config.yaml" cfg.settings} server start"; NoNewPrivileges = true; PrivateTmp = true;