fix

2025-09-23 15:53:51 +03:00
parent 3294ff3da4
commit 08cca48255
3 changed files with 100 additions and 1 deletions
--- a/module.nix
+++ b/module.nix
@@ -150,6 +150,41 @@ in
        };
      };

+      services.mastodon-kanidm-sync = {
+        after = [
+          # "mastodon.service" # TODO: ??
+          "postgres.service"
+          "kanidm.service"
+        ];
+        requires = [
+          "kanidm.service"
+          "postgres.service"
+        ];
+        wantedBy = [ "multi-user.target" ];
+        environment = let db = config.services.mastodon.database;
+        in {
+          KANIDM_URL = config.services.kanidm.serverSettings.origin;
+          KANIDM_TOKEN_PATH = serviceAccountFP;
+          POSTGRES_DBNAME = db.name;
+          POSTGRES_USER = db.user;
+          POSTGRES_HOST = db.host;
+        };
+        serviceConfig = {
+          Slice = "mastodon.slice";
+          User = "mastodon";
+          Group = "mastodon";
+          LoadCredential = [ "kanidm-token:${serviceAccountFP}" ];
+          ExecStart = pkgs.writers.writePython3 "mas-kanidm-sync" {
+            doCheck = false;
+            libraries = with pkgs.python3Packages; [
+              requests
+              psycopg
+              python-ulid
+            ];
+          } (builtins.readFile ./mas-kanidm-sync.py);
+        };
+      };
+
      services.mastodon-web = {
        unitConfig.RequiresMountsFor = lib.mkIf sp.useBinds "/volumes/${cfg.location}/mastodon";
        serviceConfig = {