fediversity/simple-nixos-fediverse
Archived
14
1
Fork 2
Code Issues Pull requests Projects Wiki Activity Actions

Some fixes for Pixelfed on metal (#27)

Browse source
This commit is contained in:
Nicolas Jeannerod 2024-10-29 17:09:19 +01:00
commit 1de8f5bc17
2 changed files with 30 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
fediversity/garage.nix
View file

@ -14,6 +14,7 @@ let
inherit (builtins) toString; inherit (builtins) toString;
inherit (lib) types mkOption mkEnableOption optionalString concatStringsSep; inherit (lib) types mkOption mkEnableOption optionalString concatStringsSep;
inherit (lib.strings) escapeShellArg; inherit (lib.strings) escapeShellArg;
inherit (lib.attrsets) filterAttrs mapAttrs';
cfg = config.services.garage; cfg = config.services.garage;
fedicfg = config.fediversity.internal.garage; fedicfg = config.fediversity.internal.garage;
concatMapAttrs = scriptFn: attrset: concatStringsSep "\n" (lib.mapAttrsToList scriptFn attrset); concatMapAttrs = scriptFn: attrset: concatStringsSep "\n" (lib.mapAttrsToList scriptFn attrset);
@ -159,17 +160,23 @@ in
}; };
}; };
services.nginx.virtualHosts.${fedicfg.web.rootDomain} = { ## Create a proxy from <bucket>.web.garage.<domain> to localhost:3902 for
forceSSL = true; ## each bucket that has `website = true`.
enableACME = true; services.nginx.virtualHosts =
serverAliases = lib.mapAttrsToList (bucket: _: fedicfg.web.domainForBucket bucket) cfg.ensureBuckets; ## TODO: use wildcard certificates? let
locations."/" = { value = {
proxyPass = "http://localhost:3902"; forceSSL = true;
extraConfig = '' enableACME = true;
proxy_set_header Host $host; locations."/" = {
''; proxyPass = "http://localhost:3902";
}; extraConfig = ''
}; proxy_set_header Host $host;
'';
};
};
in mapAttrs'
(bucket: _: {name = fedicfg.web.domainForBucket bucket; inherit value;})
(filterAttrs (_: {website, ...}: website) cfg.ensureBuckets);
systemd.services.ensure-garage = { systemd.services.ensure-garage = {
after = [ "garage.service" ]; after = [ "garage.service" ];

17
vm/garage-vm.nix
View file

@ -1,17 +1,24 @@
{ lib, config, modulesPath, ... }: { lib, config, modulesPath, ... }:
let let
inherit (lib) mkVMOverride; inherit (lib) mkVMOverride mapAttrs' filterAttrs;
cfg = config.services.garage;
fedicfg = config.fediversity.internal.garage; fedicfg = config.fediversity.internal.garage;
in { in {
imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ]; imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
services.nginx.virtualHosts.${fedicfg.web.rootDomain} = { services.nginx.virtualHosts =
forceSSL = mkVMOverride false; let
enableACME = mkVMOverride false; value = {
}; forceSSL = mkVMOverride false;
enableACME = mkVMOverride false;
};
in mapAttrs'
(bucket: _: {name = fedicfg.web.domainForBucket bucket; inherit value;})
(filterAttrs (_: {website, ...}: website) cfg.ensureBuckets);
virtualisation.diskSize = 2048; virtualisation.diskSize = 2048;
virtualisation.forwardPorts = [ virtualisation.forwardPorts = [