noe/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixos/nixos/hosts/sapphic-engineer/akkoma.nix
noe b4a2cf21ea s-e: update emoji flake
2024-04-24 23:01:45 -04:00

213 lines
6.9 KiB
Nix
Raw Blame History

{ pkgs, inputs, config, lib, ... }: let
nameValuePair = name: value: { inherit name value; };
defaultSecret = {
sopsFile = ../../../secrets/sapphic-engineer/default.yaml;
};
secrets = keys: builtins.listToAttrs (map (name: nameValuePair name defaultSecret) keys);
secretRef = key: { _secret = config.sops.secrets.${key}.path; };
in {
imports = [
inputs.tachikoma.nixosModules.default
inputs.fedi-emotes.nixosModules.akkoma
];
sops.secrets = secrets [
"s3--access_key_id"
"s3--host"
"s3--secret_access_key"
"joken--default_signer"
"pleroma--secret_key_base"
"pleroma--signing_salt"
"pleroma--live_view--signing_salt"
"vapid--private_key"
"vapid--public_key"
];
services.akkoma = {
enable = true;
initSecrets = lib.mkForce false;
package = pkgs.master.akkoma;
emoji = {
enable = true;
emojiPackages = let
lightrunner = inputs.lightrunner-emotes.packages.${pkgs.system}.lightrunner;
in [
lightrunner.hearts
lightrunner.anime
pkgs.akkoma-emoji.blobs_gg
];
};
config = with (pkgs.formats.elixirConf { }).lib; {
":pleroma" = {
":instance" = {
name = "sapphic.engineer";
description = ''
Private instance for @noe@sapphic.engineer and friends.
gex!
'';
email = "admin@sapphic.engineer";
registrations_open = false;
account_approval_required = true;
upload_limit = 100000000;
avatar_upload_limit = 1000000;
banner_upload_limit = 3000000;
background_upload_limit = 10000000;
max_pinned_statuses = 10;
};
":activitypub" = {
sign_object_fetches = true;
authorized_fetch_mode = true;
};
":media_proxy" = {
enabled = true;
proxy_opts.redirect_on_failure = true;
base_url = "https://media.sapphic.engineer";
};
":media_preview_proxy" = {
enabled = true;
thumbnail_max_width = 1920;
thumbnail_max_height = 1080;
};
":mrf" = {
transparency = false;
policies =
map mkRaw [
"Pleroma.Web.ActivityPub.MRF.SimplePolicy"
"Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy"
"Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy"
];
};
":mrf_simple" = {
reject = mkMap (import ../../utils/fedi-blocklist.nix).akkoma;
media_nsfw = mkMap {
};
federated_timeline_removal = mkMap {
"mastodon.social" = "";
};
};
":mrf_object_age" = {
threshold = 60 * 60 * 24 * 90;
actions = map mkRaw [ ":reject" ];
};
"Pleroma.Web.Endpoint" = {
http = {
ip = "0.0.0.0";
port = 4000;
};
url.host = "sapphic.engineer";
live_view.signing_salt = secretRef "pleroma--live_view--signing_salt";
signing_salt = secretRef "pleroma--signing_salt";
secret_key_base = secretRef "pleroma--secret_key_base";
};
"Pleroma.Upload" = {
filters =
map (pkgs.formats.elixirConf { }).lib.mkRaw [
"Pleroma.Upload.Filter.OnlyMedia"
"Pleroma.Upload.Filter.Exiftool"
"Pleroma.Upload.Filter.Mogrify"
"Pleroma.Upload.Filter.Dedupe"
"Pleroma.Upload.Filter.AnonymizeFilename"
];
link_name = true;
uploader = mkRaw "Pleroma.Uploaders.S3";
base_url = "https://i.sapphic.engineer/";
};
"Pleroma.Upload.Filter.Mogrify" = {
args = [ "strip" "auto-orient" ];
};
"Pleroma.Uploaders.S3" = {
bucket = "sapphicengineer-akkoma-uploads";
truncated_namespace = "";
streaming_enabled = true;
};
};
":ex_aws".":s3" = {
access_key_id = secretRef "s3--access_key_id";
secret_access_key = secretRef "s3--secret_access_key";
host = secretRef "s3--host";
};
":joken".":default_signer" = secretRef "joken--default_signer";
":web_push_encryption".":vapid_details" = {
private_key = secretRef "vapid--private_key";
public_key = secretRef "vapid--public_key";
};
};
nginx = null;
extraPackages = with pkgs; [ exiftool imagemagick ffmpeg_5-full ];
extraStatic = {
"robots.txt" = pkgs.writeText "robots.txt" ''
User-agent: *
Disallow: /
'';
"favicon.png" = pkgs.stdenvNoCC.mkDerivation {
name = "favicon.png";
src = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/foxxolay/foxxolay.com/main/akkoma/favicon.png";
sha256 = "sha256-6L+1P+qAXxksss8U9GUcbMQQk8C32LTe/rznNXaf72c=";
};
dontUnpack = true;
installPhase = ''
cp $src $out
'';
};
"static/logo.png" = pkgs.stdenvNoCC.mkDerivation {
name = "static/logo.png";
src = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/foxxolay/foxxolay.com/main/akkoma/logo.png";
sha256 = "sha256-drYYZxeeRkTrRlp1weh4xRVm/6tdWAnF7KHmfYWQg6M=";
};
dontUnpack = true;
installPhase = ''
cp $src $out
'';
};
"static/logo.svg" = pkgs.stdenvNoCC.mkDerivation {
name = "static/logo.svg";
src = ./.;
dontUnpack = true;
installPhase = ''
touch $out
'';
};
# "static/logo.png" = pkgs.stdenvNoCC.mkDerivation {
# name = "files/static/logo.png";
# src = ./files;
# phases = [ "unpackPhase" "installPhase" ];
# installPhase = ''
# mkdir -p $out/static
# cp static/logo.png $out/static/logo.png
# '';
# };
# "emoji/foxes" = pkgs.stdenvNoCC.mkDerivation {
# name = "emoji/foxes";
# src = ./emotes;
# dontUnpack = true;
# installPhase = ''
# cp -r $src $out
# '';
# };
"static/terms-of-service.html" = pkgs.writeText "terms-of-service.html" ''
This is a private instance. Requests are not accepted.
<div>
<a href="https://noe.sh" target="_blank"><img src="https://noe.sh/yay/88x31.png" width="88" height="31" alt="noe" /></a>
<a href="https://noe.sh/pronouns/" target="_blank"><img src="https://noe.sh/yay/88x31-vp.png" width="88" height="31" alt="it/its" /></a>
<img src="https://noe.sh/yay/88x31-nap.png" width="88" height="31" alt="not a person" />
<a href="https://sapphic.engineer" target="_blank"><img src="https://noe.sh/yay/88x31-se.png" width="88" height="31" alt="sapphic.engineer" /></a>
</div>
'';
};
};
services.postgresql.enable = true;
services.postgresql.package = pkgs.postgresql_15;
}
Reference in a new issue View git blame Copy permalink