38 lines
998 B
Nix
38 lines
998 B
Nix
{ pkgs, modulesPath, ... }: {
|
|
|
|
imports = [
|
|
(modulesPath + "/virtualisation/qemu-vm.nix")
|
|
];
|
|
|
|
fediversity = {
|
|
enable = true;
|
|
domain = "localhost";
|
|
pixelfed.enable = true;
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
services.pixelfed = {
|
|
# TODO: secrets management!
|
|
secretFile = pkgs.writeText "secrets.env" ''
|
|
APP_KEY=adKK9EcY8Hcj3PLU7rzG9rJ6KKTOtYfA
|
|
'';
|
|
settings = {
|
|
OPEN_REGISTRATION = true;
|
|
FORCE_HTTPS_URLS = false;
|
|
};
|
|
# I feel like this should have an `enable` option and be configured via `services.nginx` rather than mirroring those options in services.pixelfed.nginx
|
|
# TODO: If that indeed makes sense, upstream it.
|
|
nginx = {
|
|
# locations."/public/".proxyPass = "${config.fediversity.internal.garage.web.urlFor "pixelfed"}/public/";
|
|
};
|
|
};
|
|
virtualisation.memorySize = 2048;
|
|
virtualisation.forwardPorts = [
|
|
{
|
|
from = "host";
|
|
host.port = 8000;
|
|
guest.port = 80;
|
|
}
|
|
];
|
|
}
|