From 03a5caa59b57482f34c90912fb2a445068fafb65 Mon Sep 17 00:00:00 2001 From: Aaron Bieber Date: Mon, 12 Sep 2022 21:48:43 -0600 Subject: [PATCH] h: enable gotosocial - Add a _rough_ module for gotosocial - Add a package for gotosocial --- hosts/h/default.nix | 50 +++++++++++++++++++++++---- modules/gotosocial.nix | 76 ++++++++++++++++++++++++++++++++++++++++++ pkgs/gotosocial.nix | 43 ++++++++++++++++++++++++ 3 files changed, 163 insertions(+), 6 deletions(-) create mode 100644 modules/gotosocial.nix create mode 100644 pkgs/gotosocial.nix diff --git a/hosts/h/default.nix b/hosts/h/default.nix index 721808e..0800216 100644 --- a/hosts/h/default.nix +++ b/hosts/h/default.nix @@ -16,7 +16,7 @@ let in { _module.args.isUnstable = true; - imports = [ ./hardware-configuration.nix ]; + imports = [ ./hardware-configuration.nix ../../modules/gotosocial.nix ]; boot.loader.grub.enable = true; boot.loader.grub.version = 2; @@ -127,6 +127,34 @@ in { }; services = { + gotosocial = { + enable = true; + # https://github.com/superseriousbusiness/gotosocial/blob/v0.5.0-rc1/example/config.yaml + configuration = { + log-level = "info"; + log-db-queries = false; + host = "mammothcircus.com"; + protocol = "http"; + bind-address = "127.0.0.1"; + port = 8778; + trusted-proxies = [ "127.0.0.1/32" ]; + db-type = "postgres"; + db-address = "127.0.0.1"; + db-port = 5432; + db-user = "gotosocial"; + dp-password = ""; + db-database = "gotosocial"; + db-tls-ca-cert = ""; + accounts-registration-open = false; + accounts-reason-required = true; + accounts-approval-required = true; + storage-backend = "local"; + storage-local-base-path = "/var/lib/gotosocial/storage"; + web-template-base-dir = "${config.services.gotosocial.package}/assets/web/template/"; + web-asset-base-dir = "${config.services.gotosocial.package}/assets/web/assets/"; + + }; + }; promtail = { enable = true; configuration = { @@ -351,6 +379,10 @@ in { forceSSL = true; enableACME = true; root = "/var/www/mammothcircus.com"; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://127.0.0.1:${toString config.services.gotosocial.configuration.port}"; + }; }; "akb.io" = { forceSSL = true; @@ -398,11 +430,17 @@ in { LC_COLLATE = "C" LC_CTYPE = "C"; ''; - ensureDatabases = [ "synapse" ]; - ensureUsers = [{ - name = "synapse_user"; - ensurePermissions."DATABASE synapse" = "ALL PRIVILEGES"; - }]; + ensureDatabases = [ "synapse" "gotosocial" ]; + ensureUsers = [ + { + name = "synapse_user"; + ensurePermissions."DATABASE synapse" = "ALL PRIVILEGES"; + } + { + name = "gotosocial"; + ensurePermissions."DATABASE gotosocial" = "ALL PRIVILEGES"; + } + ]; }; mjolnir = { diff --git a/modules/gotosocial.nix b/modules/gotosocial.nix new file mode 100644 index 0000000..f423a43 --- /dev/null +++ b/modules/gotosocial.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, prettyJSON, ... }: +with pkgs; +let + cfg = config.services.gotosocial; + gotosocial = callPackage ../pkgs/gotosocial.nix { }; + prettyJSON = conf: + pkgs.runCommandLocal "gotosocial-config.json" { } '' + echo '${ + builtins.toJSON conf + }' | ${pkgs.buildPackages.jq}/bin/jq 'del(._module)' > $out + ''; +in { + options = with lib; { + services.gotosocial = { + enable = mkEnableOption "Enable gotosocial"; + + user = mkOption { + type = with types; oneOf [ str int ]; + default = "gotosocial"; + description = '' + The user the service will use. + ''; + }; + + group = mkOption { + type = with types; oneOf [ str int ]; + default = "gotosocial"; + description = '' + The user the service will use. + ''; + }; + + configuration = mkOption { + type = (pkgs.formats.json { }).type; + description = '' + Specify the configuration for GoToSocial in Nix. + ''; + }; + + package = mkOption { + type = types.package; + default = gotosocial; + defaultText = literalExpression "pkgs.gotosocial"; + description = "The package to use for gotosocial"; + }; + }; + }; + + config = lib.mkIf cfg.enable { + users.groups.gotosocial = { }; + users.users.gotosocial = { + description = "Gotosocial service user"; + isSystemUser = true; + home = "/var/lib/gotosocial"; + createHome = true; + group = "gotosocial"; + }; + + systemd.services.gotosocial = { + enable = true; + description = "GoToSocial server"; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + User = cfg.user; + Group = cfg.group; + + RuntimeDirectory = "/var/lib/gotosocial"; + + ExecStart = "${cfg.package}/bin/gotosocial --config-path ${ + prettyJSON cfg.configuration + } server start"; + }; + }; + }; +} diff --git a/pkgs/gotosocial.nix b/pkgs/gotosocial.nix new file mode 100644 index 0000000..f2ec741 --- /dev/null +++ b/pkgs/gotosocial.nix @@ -0,0 +1,43 @@ +{ stdenv, lib, buildGoModule, fetchFromGitHub, makeWrapper, go, git, ... }: +let + gotosocialVersion = "0.5.0-rc1"; + gotosocialWebAssets = builtins.fetchurl { + url = "https://github.com/superseriousbusiness/gotosocial/releases/download/v${gotosocialVersion}/gotosocial_${gotosocialVersion}_web-assets.tar.gz"; + sha256 = "sha256-jmciiSRW73aoZu8WCVpEpMR0xemJUQ12h7ZUFFqmmko="; + }; + in with lib; +buildGoModule rec { + pname = "gotosocial"; + version = gotosocialVersion; + + src = fetchFromGitHub { + owner = "superseriousbusiness"; + repo = pname; + rev = "v${version}"; + hash = "sha256-xq+hebQaJZ1C2Tgc9MwWf8fYTpSu8B6EZMC8CKB2nu0="; + }; + + doCheck = false; + + #ldflags = [ "-X github.com/gomods/athens/pkg/build.version=${version}" ]; + + #nativeBuildInputs = lib.optionals stdenv.isLinux [ makeWrapper go ]; + + proxyVendor = false; + + #subPackages = [ "cmd/proxy" ]; + + vendorSha256 = null; + + postInstall = '' + mkdir -p $out/assets + tar -C $out/assets/ -zxvf ${gotosocialWebAssets} + ''; + + meta = { + description = "Fast, fun, ActivityPub server, powered by Go."; + homepage = "https://github.com/superseriousbusiness/gotosocial"; + license = licenses.agpl3; + maintainers = with maintainers; [ qbit ]; + }; +}