athens/modules/akkoma/default.nix

101 lines
2.6 KiB
Nix
Raw Normal View History

2023-04-08 15:49:43 -04:00
{ config, pkgs, ... }:
2023-03-18 23:40:44 -04:00
let
inherit (config.services) akkoma;
inherit (config.sops) secrets;
2023-04-08 15:49:43 -04:00
inherit ((pkgs.formats.elixirConf { }).lib) mkRaw;
2023-03-18 23:40:44 -04:00
in
{
services = {
akkoma = {
enable = true;
config = {
":pleroma" = {
":instance" = {
name = "walkah.social";
email = "walkah@walkah.net";
notify_email = "walkah@walkah.net";
description = "James Walker's personal Akkoma instance";
registrations_open = false;
invites_enabled = true;
federating = true;
federation_incoming_replies_max_depth = null;
allow_relay = true;
safe_dm_mentions = true;
external_user_synchronization = true;
cleanup_attachments = true;
};
":media_proxy" = {
enabled = false;
redirect_on_failure = true;
};
2023-04-08 15:49:43 -04:00
"Pleroma.Repo" = {
adapter = mkRaw "Ecto.Adapters.Postgres";
socket_dir = "/run/postgresql";
username = config.services.akkoma.user;
database = "akkoma";
prepare = mkRaw ":named";
parameters.plan_cache_mode = "force_custom_plan";
};
2023-03-18 23:40:44 -04:00
"Pleroma.Web.Endpoint" = {
secret_key_base = { _secret = secrets.akkoma-secret-key-base.path; };
signing_salt = { _secret = secrets.akkoma-signing-salt.path; };
live_view.signing_salt = { _secret = secrets.akkoma-signing-salt.path; };
url = {
host = "walkah.social";
scheme = "https";
port = 443;
};
http = {
ip = "127.0.0.1";
port = 4000;
};
};
};
":web_push_encryption" = {
":vapid_details" = {
private_key = { _secret = secrets.akkoma-vapid-private-key.path; };
public_key = { _secret = secrets.akkoma-vapid-public-key.path; };
};
};
":joken" = {
":default_signer" = { _secret = secrets.akkoma-joken-signer.path; };
};
};
nginx = null; # doing this manually
};
postgresql = {
enable = true;
};
postgresqlBackup = {
enable = true;
2023-03-27 22:49:37 -04:00
databases = [ "akkoma" ];
2023-03-18 23:40:44 -04:00
};
};
sops.secrets.akkoma-secret-key-base = {
owner = akkoma.user;
};
sops.secrets.akkoma-signing-salt = {
owner = akkoma.user;
};
sops.secrets.akkoma-vapid-private-key = {
owner = akkoma.user;
};
sops.secrets.akkoma-vapid-public-key = {
owner = akkoma.user;
};
sops.secrets.akkoma-joken-signer = {
owner = akkoma.user;
};
}