thary/sp-mastodon-module
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test

Browse Source
This commit is contained in:
Thary
2025-09-12 19:46:34 +03:00
parent 22d8579f67
commit 88269b9e74
1 changed files with 2 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
module.nix
View File

@@ -17,9 +17,6 @@ let
oauthClientSecretFP = auth-passthru.mkOAuth2ClientSecretFP oauthClientID; oauthClientSecretFP = auth-passthru.mkOAuth2ClientSecretFP oauthClientID;
oauthRedirectURL = "https://${cfg.subdomain}.${sp.domain}/auth/auth/openid_connect/callback"; oauthRedirectURL = "https://${cfg.subdomain}.${sp.domain}/auth/auth/openid_connect/callback";
# emailPassword = pkgs.runCommand "genpassword" {} "echo `head -c 32 /dev/urandom | base64 | sed 's/[+=\\/A-Z]//g'` > $out";
# emailPasswordHash = pkgs.runCommand "genpassword" {} "echo `head -c 32 /dev/urandom | base64 | sed 's/[+=\\/A-Z]//g'` > $out";
in in
{ {
options.selfprivacy.modules.mastodon = { options.selfprivacy.modules.mastodon = {
@@ -68,16 +65,6 @@ in
}; };
}; };
# services.postgresql = {
# ensureDatabases = [ "mastodon" ];
# ensureUsers = [
# {
# name = "mastodon";
# ensureDBOwnership = true;
# }
# ];
# };
services.mastodon = { services.mastodon = {
enable = true; enable = true;
localDomain = "${cfg.subdomain}.${sp.domain}"; localDomain = "${cfg.subdomain}.${sp.domain}";
@@ -95,11 +82,6 @@ in
}; };
}; };
# mailserver.loginAccounts."noreply.mastodon@${sp.domain}" = {
# hashedPasswordFile = "/run/keys/mastodon/email_password";
# sendOnly = true;
# };
services.postfix.config.virtual_mailbox_maps = [ "hash:/run/postfix/mastodon.cf" ]; services.postfix.config.virtual_mailbox_maps = [ "hash:/run/postfix/mastodon.cf" ];
systemd = { systemd = {
@@ -130,6 +112,7 @@ in
services.mastodon-web = { services.mastodon-web = {
unitConfig.RequiresMountsFor = lib.mkIf sp.useBinds "/volumes/${cfg.location}/mastodon"; unitConfig.RequiresMountsFor = lib.mkIf sp.useBinds "/volumes/${cfg.location}/mastodon";
serviceConfig = { serviceConfig = {
Slice = "hedgedoc.slice";
LoadCredential = ["client-secret:${oauthClientSecretFP}"]; LoadCredential = ["client-secret:${oauthClientSecretFP}"];
ExecStart = lib.mkForce (pkgs.writeShellScript "run-mastodon-with-client-secret" '' ExecStart = lib.mkForce (pkgs.writeShellScript "run-mastodon-with-client-secret" ''
export OIDC_CLIENT_SECRET=$(cat $CREDENTIALS_DIRECTORY/client-secret) export OIDC_CLIENT_SECRET=$(cat $CREDENTIALS_DIRECTORY/client-secret)
@@ -137,8 +120,6 @@ in
''); '');
}; };
environment = { environment = {
RAILS_LOG_LEVEL = "debug";
OIDC_ENABLED = "true"; OIDC_ENABLED = "true";
OIDC_DISPLAY_NAME= "Kanidm"; OIDC_DISPLAY_NAME= "Kanidm";
OIDC_ISSUER = issuer; OIDC_ISSUER = issuer;
@@ -163,6 +144,7 @@ in
originUrl = oauthRedirectURL; originUrl = oauthRedirectURL;
clientSystemdUnits = [ "mastodon.service" ]; clientSystemdUnits = [ "mastodon.service" ];
enablePkce = false; enablePkce = false;
useShortPreferredUsername = true;
linuxUserOfClient = "mastodon"; linuxUserOfClient = "mastodon";
linuxGroupOfClient = "mastodon"; linuxGroupOfClient = "mastodon";
}; };