thary/sp-mastodon-module
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Thary
2025-09-26 15:54:02 +03:00
parent 0050a4130b
commit ac56849a3b
2 changed files with 115 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
mastodon-kanidm-sync.py
View File

@@ -14,12 +14,13 @@ def getenv(name):
print(f"[ERROR] Missing environment variable {name}. You should NOT run this script by hand, please use systemd mastodon-kanidm-sync.service.")
exit(1)
# Import configuration
KANIDM_URL = getenv("KANIDM_URL")
KANIDM_TOKEN = read_file(getenv("KANIDM_TOKEN_PATH")).strip()
OWNER_USERNAME = getenv("OWNER_USERNAME")
SLEEP_TIME = int(getenv("SLEEP_TIME"))
def sync_mastodon():
# Fetch kanidm users list from userdata file
# Userdata file is json list with information about what users are configured by kanidm
try:
@@ -140,3 +141,7 @@ try:
except FileNotFoundError:
print("[INFO] userdata.json file doesn't exist. Creating it")
write_userdata("x")
while True:
sync_mastodon()
time.sleep(SLEEP_TIME)

14
module.nix
View File

@@ -91,7 +91,7 @@ in
enableUnixSocket = false;
configureNginx = true;
database.createLocally = true;
streamingProcesses = 3;
streamingProcesses = 2;
smtp = {
createLocally = false;
@@ -105,8 +105,7 @@ in
port = 465;
};
extraConfig = {
# "SMTP_ENABLE_STARTTLS" = "never";
"SMTP_ENABLE_STARTTLS_AUTO" = "true";
"SMTP_ENABLE_STARTTLS_AUTO" = "true"; # Simple NixOS MailServer doesn't allow connections without SSL
"SMTP_ENABLE_STARTTLS" = "always";
"SMTP_TLS" = "true";
"SMTP_SSL" = "true";
@@ -114,14 +113,7 @@ in
"DISALLOW_UNAUTHENTICATED_API_ACCESS" = lib.boolToString cfg.dissallowUnauthenticatedAPI;
};
};
users.users.mastodon.isSystemUser = lib.mkForce false;
users.users.mastodon.isNormalUser = lib.mkForce true;
users.groups."email-users" = {};
users.users."noreply.mastodon" = {
isSystemUser = true;
group = "email-users";
};
selfprivacy.emails."noreply.mastodon" = {
hashedPasswordFile = secrets.hashedPasswordFile;
systemdTargets = [ "mastodon-email-password-setup.service" ];
@@ -155,7 +147,6 @@ in
services.mastodon-kanidm-sync = {
after = [
# "mastodon.service" # TODO: ??
"postgresql.service"
"kanidm.service"
];
@@ -173,6 +164,7 @@ in
POSTGRES_HOST = db.host;
USERDATA_FILE_PATH = "/var/lib/mastodon/.userdata.json";
OWNER_USERNAME = sp.username;
SLEEP_TIME = "30";
};
serviceConfig = {
Slice = "mastodon.slice";