2023-10-28 16:56:22 +00:00
|
|
|
{ config, lib, ... }:
|
|
|
|
let
|
|
|
|
cfg = config.services.mastodon;
|
|
|
|
in
|
|
|
|
{
|
2024-01-16 17:18:07 +00:00
|
|
|
services.nginx = {
|
|
|
|
virtualHosts = {
|
2024-05-08 17:47:47 +00:00
|
|
|
"mastodon.${config.pub-solar-os.networking.domain}" = {
|
2024-01-16 17:18:07 +00:00
|
|
|
root = "${cfg.package}/public/";
|
|
|
|
# mastodon only supports https, but you can override this if you offload tls elsewhere.
|
|
|
|
forceSSL = lib.mkDefault true;
|
|
|
|
enableACME = lib.mkDefault true;
|
2023-10-28 16:56:22 +00:00
|
|
|
|
2024-01-16 17:18:07 +00:00
|
|
|
locations."/auth/sign_up".extraConfig = ''
|
|
|
|
return 302 /auth/sign_in;
|
|
|
|
'';
|
2023-10-28 16:56:22 +00:00
|
|
|
|
2024-01-16 17:18:07 +00:00
|
|
|
locations."/auth/confirmation/new".extraConfig = ''
|
2024-05-08 17:47:47 +00:00
|
|
|
return 302 https://auth.${config.pub-solar-os.networking.domain}/realms/${config.pub-solar-os.auth.realm}/login-actions/reset-credentials?client_id=mastodon;
|
2024-01-16 17:18:07 +00:00
|
|
|
'';
|
2023-10-28 16:56:22 +00:00
|
|
|
|
2024-01-16 17:18:07 +00:00
|
|
|
locations."/auth/password/new".extraConfig = ''
|
2024-05-08 17:47:47 +00:00
|
|
|
return 302 https://auth.${config.pub-solar-os.networking.domain}/realms/${config.pub-solar-os.auth.realm}/login-actions/reset-credentials?client_id=mastodon;
|
2024-01-16 17:18:07 +00:00
|
|
|
'';
|
2023-10-28 21:00:07 +00:00
|
|
|
|
2024-01-16 17:18:07 +00:00
|
|
|
locations."/system/".alias = "/var/lib/mastodon/public-system/";
|
2023-10-28 21:00:07 +00:00
|
|
|
|
2024-01-16 17:18:07 +00:00
|
|
|
locations."/" = {
|
|
|
|
tryFiles = "$uri @proxy";
|
|
|
|
};
|
2023-10-28 21:00:07 +00:00
|
|
|
|
2024-01-16 17:18:07 +00:00
|
|
|
locations."@proxy" = {
|
|
|
|
proxyPass = (if cfg.enableUnixSocket then "http://unix:/run/mastodon-web/web.socket" else "http://127.0.0.1:${toString(cfg.webPort)}");
|
|
|
|
proxyWebsockets = true;
|
|
|
|
};
|
2023-10-28 16:56:22 +00:00
|
|
|
|
2024-01-16 17:18:07 +00:00
|
|
|
locations."/api/v1/streaming/" = {
|
|
|
|
proxyPass = "http://mastodon-streaming";
|
|
|
|
proxyWebsockets = true;
|
|
|
|
};
|
2023-10-28 16:56:22 +00:00
|
|
|
};
|
|
|
|
};
|
2024-01-16 17:18:07 +00:00
|
|
|
|
|
|
|
upstreams.mastodon-streaming = {
|
|
|
|
extraConfig = ''
|
|
|
|
least_conn;
|
|
|
|
'';
|
|
|
|
servers = builtins.listToAttrs
|
|
|
|
(map
|
|
|
|
(i: {
|
|
|
|
name = "unix:/run/mastodon-streaming/streaming-${toString i}.socket";
|
|
|
|
value = { };
|
|
|
|
})
|
|
|
|
(lib.range 1 cfg.streamingProcesses));
|
|
|
|
};
|
2023-10-28 16:56:22 +00:00
|
|
|
};
|
|
|
|
}
|