forked from DGNum/infrastructure
Tom Hubrecht
88d9b8c3e3
Signed-off-by: Tom Hubrecht <tom.hubrecht@dgnum.eu> Acked-by: Ryan Lahfa <ryan.lahfa@dgnum.eu> Acked-by: Maurice Debray <maurice.debray@dgnum.eu> Acked-by: Lubin Bailly <lubin.bailly@dgnum.eu> Acked-by: Jean-Marc Gailis <jean-marc.gailis@dgnum.eu> as the legal authority, at the time of writing, in DGNum. Acked-by: Elias Coppens <elias.coppens@dgnum.eu> as a member, at the time of writing, of the DGNum executive counsel.
54 lines
1.2 KiB
Nix
54 lines
1.2 KiB
Nix
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
|
|
# SPDX-FileContributor: Maurice Debray <maurice.debray@dgnum.eu>
|
|
#
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
|
|
{ config, ... }:
|
|
|
|
let
|
|
host = "social.dgnum.eu";
|
|
in
|
|
{
|
|
services.mastodon = {
|
|
enable = true;
|
|
|
|
localDomain = host;
|
|
smtp = {
|
|
fromAddress = "noreply@infra.dgnum.eu";
|
|
host = "kurisu.lahfa.xyz";
|
|
port = 465;
|
|
user = "web-services@infra.dgnum.eu";
|
|
passwordFile = config.age.secrets.mastodon-smtp-password.path;
|
|
authenticate = true;
|
|
};
|
|
|
|
streamingProcesses = 4;
|
|
|
|
configureNginx = true;
|
|
|
|
extraConfig = {
|
|
# https://docs.codeberg.org/codeberg-pages/redirects/ is not yet active
|
|
# LOCAL_DOMAIN = "dgnum.eu";
|
|
WEB_DOMAIN = host;
|
|
|
|
SMTP_TLS = "true";
|
|
|
|
RAILS_LOG_LEVEL = "warn";
|
|
|
|
# ObjectStorage configuration
|
|
S3_ENABLED = "true";
|
|
S3_BUCKET = "mastodon-dgnum";
|
|
S3_REGION = "garage";
|
|
S3_HOSTNAME = "s3.dgnum.eu";
|
|
S3_ALIAS_HOST = "cdn.dgnum.eu";
|
|
|
|
# TODO: Setup SAML & OIDC
|
|
# OIDC_ENABLED = true;
|
|
# SAML_ENABLED = true;
|
|
};
|
|
|
|
extraEnvFiles = [ config.age.secrets."mastodon-extra_env_file".path ];
|
|
};
|
|
|
|
age-secrets.autoMatch = [ "mastodon" ];
|
|
}
|