thary/sp-mastodon-module
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Thary
2025-09-11 22:38:06 +03:00
parent 440a8c3e25
commit 0af8898d93
1 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
module.nix
View File

@@ -17,6 +17,9 @@ let
oauthClientSecretFP = auth-passthru.mkOAuth2ClientSecretFP oauthClientID; oauthClientSecretFP = auth-passthru.mkOAuth2ClientSecretFP oauthClientID;
oauthRedirectURL = "https://${cfg.subdomain}.${sp.domain}/auth/auth/openid_connect/callback"; oauthRedirectURL = "https://${cfg.subdomain}.${sp.domain}/auth/auth/openid_connect/callback";
# emailPassword = pkgs.runCommand "genpassword" {} "echo `head -c 32 /dev/urandom | base64 | sed 's/[+=\\/A-Z]//g'` > $out";
# emailPasswordHash = pkgs.runCommand "genpassword" {} "echo `head -c 32 /dev/urandom | base64 | sed 's/[+=\\/A-Z]//g'` > $out";
in in
{ {
options.selfprivacy.modules.mastodon = { options.selfprivacy.modules.mastodon = {
@@ -89,10 +92,47 @@ in
configureNginx = true; configureNginx = true;
database.createLocally = true; database.createLocally = true;
streamingProcesses = 3; streamingProcesses = 3;
smtp = {
createLocally = false;
user = "noreply.mastodon@${sp.domain}";
passwordFile = "/var/lib/mastodon/secrets/smtp-password";
authenticate = true;
};
}; };
mailserver.loginAccounts."noreply.mastodon@${sp.domain}" = {
hashedPassword = "";
sendOnly = true;
};
services.postfix.config.virtual_mailbox_maps = [ "hash:/run/postfix/mastodon.cf" ];
systemd = { systemd = {
services.mastodon-email-password-setup = {
enable = true;
wantedBy = [ "multi-user.target" "mastodon-web.service" "postfix.service" ];
serviceConfig = {
Type = "oneshot";
ExecStart = pkgs.writeShellScript "gen-mastodon-email-password" ''
export password=$(head -c 32 /dev/urandom | base64 | sed 's/[+=\\/A-Z]//g')
rm -f /run/keys/mastodon/email_password || true
mkdir /run/keys/mastodon/ || true # Create /run/keys/mastodon if it doesn't exist
echo $password > /run/keys/mastodon/email_password
chmod 400 /run/keys/mastodon/email_password
chown ${config.services.mastodon.user}:${config.services.mastodon.group} /run/keys/mastodon/email_password
rm -f /run/postfix/mastodon.cf || true
mkdir /run/postfix/ || true # Create /run/postfix if it doesn't exist
export hashedPassword=$(mkpasswd -sm bcrypt "$password")
echo "noreply.mastodon@${sp.domain}: $hashedPassword" > /run/postfix/mastodon.cf
chmod 440 /run/postfix/mastodon.cf
chown ${config.services.postfix.user}:${config.services.postfix.group} /run/postfix/mastodon.cf
'';
};
};
services.mastodon-web = { services.mastodon-web = {
unitConfig.RequiresMountsFor = lib.mkIf sp.useBinds "/volumes/${cfg.location}/mastodon"; unitConfig.RequiresMountsFor = lib.mkIf sp.useBinds "/volumes/${cfg.location}/mastodon";
serviceConfig = { serviceConfig = {