ctucx.git: nixfiles

ctucx' nixfiles

commit a3652714f5013a917d6b6f917e2d350503a9a65d
parent 7da43c299c08666b971273433bb68012e5c22b2c
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 28 Apr 2022 14:32:07 +0200

machines/lollo: gotosocial on fedi.home.ctu.cx!

3 files changed, 56 insertions(+), 0 deletions(-)
M
machines/lollo/configuration.nix
|
1
+
A
machines/lollo/gotosocial.nix
|
54
++++++++++++++++++++++++++++++++++++++++++++++++++++++
M
machines/lollo/router/dnsmasq.nix
|
1
+
diff --git a/machines/lollo/configuration.nix b/machines/lollo/configuration.nix
@@ -18,6 +18,7 @@
     ../../configurations/services/restic-server.nix
     ./syncthing.nix
     ./restic-vnstat.nix
+    ./gotosocial.nix
   ];
 
   age.secrets.restic-server-desastro.file = ../../secrets/restic-server/desastro.age;

diff --git a/machines/lollo/gotosocial.nix b/machines/lollo/gotosocial.nix
@@ -0,0 +1,54 @@
+{ pkgs, ... }:
+
+let
+  gotosocialbin = pkgs.callPackage ../../pkgs/gotosocial-bin.nix {};
+
+in {
+
+  imports = [ ../../modules/gotosocial.nix ];
+
+  services.gotosocial = {
+    enable  = true;
+    package = gotosocialbin;
+    config  = ''
+      web-template-base-dir: "../../../${gotosocialbin}/share/web/template/"
+      web-asset-base-dir: "../../../${gotosocialbin}/share/web/assets/"
+
+      application-name: "ctucx.gts"
+
+      host: "fedi.home.ctu.cx"
+      account-domain: "fedi.home.ctu.cx"
+      protocol: "https"
+
+      bind-address: "127.0.0.1"
+      port: 8085
+
+      trusted-proxies:
+        - "127.0.0.1/32"
+
+      db-type: "sqlite"
+      db-address: "/var/lib/gotosocial/db.sqlite"
+
+      accounts-registration-open: false
+      media-image-max-size: 10000000
+
+      storage-backend: "local"
+      storage-local-base-path: "/var/lib/gotosocial/storage"'';
+  };
+
+  services.nginx.virtualHosts."fedi.home.ctu.cx" = {
+    enableACME = true;
+    forceSSL   = true;
+    locations."/.well-known/host-meta".extraConfig = ''return 200 '<?xml version="1.0" encoding="UTF-8"?><XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0"><Link rel="lrdd" template="https://fedi.home.ctu.cx/.well-known/webfinger?resource={uri}" type="application/xrd+xml" /></XRD>';'';
+    locations."/".extraConfig  = ''
+      proxy_pass http://localhost:8085/;
+
+      proxy_set_header Host $host;
+      proxy_set_header Upgrade $http_upgrade;
+      proxy_set_header Connection "upgrade";
+      proxy_set_header X-Forwarded-For $remote_addr;
+      proxy_set_header X-Forwarded-Proto $scheme;
+    '';
+  };
+
+}

diff --git a/machines/lollo/router/dnsmasq.nix b/machines/lollo/router/dnsmasq.nix
@@ -46,6 +46,7 @@ in {
         host-record=music.home.ctu.cx,                  195.39.246.41,      2a0f:4ac0:acab::1
         host-record=influx.home.ctu.cx,                 195.39.246.41,      2a0f:4ac0:acab::1
         host-record=wiki.home.ctu.cx,                   195.39.246.41,      2a0f:4ac0:acab::1
+        host-record=fedi.home.ctu.cx,                   195.39.246.41,      2a0f:4ac0:acab::1
         host-record=pbx.home.ctu.cx,                    195.39.246.46
 
         address=/fritz.box/192.168.178.1