pub-solar/infra
6
1
Fork 3
Code Issues 24 Pull requests 10 Actions Packages Projects 1 Releases Wiki Activity

feat: mastodon + agenix secrets #13

Merged
teutat3s merged 7 commits from feat-mastodon into main 2023-10-28 16:22:32 +00:00
Conversation 0 Commits 7 Files changed 14 +11 -10
4 changed files with 11 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit c162d46094 - Show all commits

9
hosts/nachtigall/apps/mastodon.nix
View file

@ -32,23 +32,17 @@
owner = config.services.mastodon.user; owner = config.services.mastodon.user;
}; };
services.opensearch.enable = true;
services.mastodon = { services.mastodon = {
enable = true; enable = true;
# Different from WEB_DOMAIN in our case # Different from WEB_DOMAIN in our case
localDomain = "pub.solar"; localDomain = "pub.solar";
# We use caddy, see caddy.nix
configureNginx = true; configureNginx = true;
enableUnixSocket = true; enableUnixSocket = true;
#streamingSocket = "/run/mastodon-streaming/streaming.socket";
#webSocket = "/run/mastodon-web/web.socket";
#sidekiqPort = 55002;
# Processes used by the mastodon-streaming service. Defaults to the number # Processes used by the mastodon-streaming service. Defaults to the number
# of CPU cores minus one # of CPU cores minus one
# This is without affect until this comment is addressed # This is without affect until this comment is addressed
# https://github.com/NixOS/nixpkgs/pull/251950#issuecomment-1732568492 # https://github.com/NixOS/nixpkgs/pull/251950#issuecomment-1732568492
#streamingProcesses = 5; streamingProcesses = 5;
# Processes used by the mastodon-web service # Processes used by the mastodon-web service
webProcesses = 2; webProcesses = 2;
# Threads per process used by the mastodon-web service # Threads per process used by the mastodon-web service
@ -71,6 +65,7 @@
]; ];
extraConfig = { extraConfig = {
WEB_DOMAIN = "mastodon.pub.solar"; WEB_DOMAIN = "mastodon.pub.solar";
# Defined in ./opensearch.nix
ES_HOST = "127.0.0.1"; ES_HOST = "127.0.0.1";
# S3 File storage (optional) # S3 File storage (optional)
# ----------------------- # -----------------------

5
hosts/nachtigall/apps/opensearch.nix Normal file
View file

@ -0,0 +1,5 @@
{ ... }:
{
services.opensearch.enable = true;
}

3
hosts/nachtigall/default.nix
View file

@ -8,10 +8,11 @@
./networking.nix ./networking.nix
./nix.nix ./nix.nix
./apps/nginx.nix ./apps/nginx.nix
./apps/nginx-website.nix ./apps/nginx-website.nix
./apps/mastodon.nix ./apps/mastodon.nix
./apps/opensearch.nix
./apps/postgresql.nix ./apps/postgresql.nix
]; ];
} }

4
secrets/secrets.nix
View file

@ -1,7 +1,7 @@
let let
# set ssh public keys here for your system and user # set ssh public keys here for your system and user
axeman-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNeQYLFauAbzDyIbKC86NUh9yZfiyBm/BtIdkcpZnSU axeman@tuxnix"; axeman-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNeQYLFauAbzDyIbKC86NUh9yZfiyBm/BtIdkcpZnSU axeman@tuxnix";
bbcom = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== hello@benjaminbaedorf.com"; b12f-bbcom = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== hello@benjaminbaedorf.com";
hensoko-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEbaQdxp7Flz6ttELe63rn+Nt9g43qJOLih6VCMP4gPb"; hensoko-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEbaQdxp7Flz6ttELe63rn+Nt9g43qJOLih6VCMP4gPb";
hensoko-2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy"; hensoko-2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy";
teutat3s-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms"; teutat3s-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms";
@ -10,7 +10,7 @@ let
baseKeys = [ baseKeys = [
axeman-1 axeman-1
bbcom b12f-bbcom
hensoko-1 hensoko-1
hensoko-2 hensoko-2
teutat3s-1 teutat3s-1