forked from pub-solar/infra
fix(mastodon): use working unix sockets for streaming api
The streaming API is currently unusable because we still pass traffic
to the old unix socket path.
Since c82195d9e8 (diff-157b1ef68573bbec951d6e551513a555e2d1ca7a161a68f1978b11d39a0bef1eR789-R803)
there are multiple unix sockets involved.
This commit is contained in:
parent
ebc34e50bc
commit
94ae6c9302
|
@ -3,40 +3,53 @@ let
|
||||||
cfg = config.services.mastodon;
|
cfg = config.services.mastodon;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
services.nginx.virtualHosts = {
|
services.nginx = {
|
||||||
"mastodon.pub.solar" = {
|
virtualHosts = {
|
||||||
root = "${cfg.package}/public/";
|
"mastodon.pub.solar" = {
|
||||||
# mastodon only supports https, but you can override this if you offload tls elsewhere.
|
root = "${cfg.package}/public/";
|
||||||
forceSSL = lib.mkDefault true;
|
# mastodon only supports https, but you can override this if you offload tls elsewhere.
|
||||||
enableACME = lib.mkDefault true;
|
forceSSL = lib.mkDefault true;
|
||||||
|
enableACME = lib.mkDefault true;
|
||||||
|
|
||||||
locations."/system/".alias = "/var/lib/mastodon/public-system/";
|
locations."/auth/sign_up".extraConfig = ''
|
||||||
|
return 302 /auth/sign_in;
|
||||||
|
'';
|
||||||
|
|
||||||
locations."/" = {
|
locations."/auth/confirmation/new".extraConfig = ''
|
||||||
tryFiles = "$uri @proxy";
|
return 302 https://auth.pub.solar/realms/pub.solar/login-actions/reset-credentials?client_id=mastodon;
|
||||||
|
'';
|
||||||
|
|
||||||
|
locations."/auth/password/new".extraConfig = ''
|
||||||
|
return 302 https://auth.pub.solar/realms/pub.solar/login-actions/reset-credentials?client_id=mastodon;
|
||||||
|
'';
|
||||||
|
|
||||||
|
locations."/system/".alias = "/var/lib/mastodon/public-system/";
|
||||||
|
|
||||||
|
locations."/" = {
|
||||||
|
tryFiles = "$uri @proxy";
|
||||||
|
};
|
||||||
|
|
||||||
|
locations."@proxy" = {
|
||||||
|
proxyPass = (if cfg.enableUnixSocket then "http://unix:/run/mastodon-web/web.socket" else "http://127.0.0.1:${toString(cfg.webPort)}");
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
locations."/api/v1/streaming/" = {
|
||||||
|
proxyPass = "http://mastodon-streaming";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
locations."/auth/sign_up".extraConfig = ''
|
upstreams.mastodon-streaming = {
|
||||||
return 302 /auth/sign_in;
|
extraConfig = ''
|
||||||
|
least_conn;
|
||||||
'';
|
'';
|
||||||
|
servers = builtins.listToAttrs
|
||||||
locations."/auth/confirmation/new".extraConfig = ''
|
(map (i: {
|
||||||
return 302 https://auth.pub.solar/realms/pub.solar/login-actions/reset-credentials?client_id=mastodon;
|
name = "unix:/run/mastodon-streaming/streaming-${toString i}.socket";
|
||||||
'';
|
value = { };
|
||||||
|
}) (lib.range 1 cfg.streamingProcesses));
|
||||||
locations."/auth/password/new".extraConfig = ''
|
|
||||||
return 302 https://auth.pub.solar/realms/pub.solar/login-actions/reset-credentials?client_id=mastodon;
|
|
||||||
'';
|
|
||||||
|
|
||||||
locations."@proxy" = {
|
|
||||||
proxyPass = (if cfg.enableUnixSocket then "http://unix:/run/mastodon-web/web.socket" else "http://127.0.0.1:${toString(cfg.webPort)}");
|
|
||||||
proxyWebsockets = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
locations."/api/v1/streaming/" = {
|
|
||||||
proxyPass = (if cfg.enableUnixSocket then "http://unix:/run/mastodon-streaming/streaming.socket" else "http://127.0.0.1:${toString(cfg.streamingPort)}/");
|
|
||||||
proxyWebsockets = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue