diff --git a/fediversity/default.nix b/fediversity/default.nix index dfdffc8c..d31df294 100644 --- a/fediversity/default.nix +++ b/fediversity/default.nix @@ -53,5 +53,9 @@ in { urlFor = bucket: "http://${bucket}.${rootDomainAndPort}"; }; }; + + pixelfed.domain = "pixelfed.${config.fediversity.domain}"; + mastodon.domain = "mastdodon.${config.fediversity.domain}"; + peertube.domain = "peertube.${config.fediversity.domain}"; }; } diff --git a/fediversity/mastodon.nix b/fediversity/mastodon.nix index e866b848..8740c8c7 100644 --- a/fediversity/mastodon.nix +++ b/fediversity/mastodon.nix @@ -63,12 +63,14 @@ lib.mkIf (config.fediversity.enable && config.fediversity.mastodon.enable) { services.mastodon = { enable = true; - # TODO: set up a domain name, and a DNS service so that this can run not in a vm - # localDomain = "domain.social"; + localDomain = config.fediversity.mastodon.domain; configureNginx = true; # TODO: configure a mailserver so this works - # smtp.fromAddress = "mastodon@domain.social"; + smtp = { + fromAddress = "noreply@${config.fediversity.mastodon.domain}"; + createLocally = false; + }; # TODO: this is hardware-dependent. let's figure it out when we have hardware # streamingProcesses = 1; @@ -81,4 +83,3 @@ lib.mkIf (config.fediversity.enable && config.fediversity.mastodon.enable) { # defaults.email = "test@example.com"; }; } - diff --git a/fediversity/peertube.nix b/fediversity/peertube.nix index 021e52f0..41c6cd16 100644 --- a/fediversity/peertube.nix +++ b/fediversity/peertube.nix @@ -53,6 +53,14 @@ lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) { }; services.peertube = { + enable = true; + localDomain = config.fediversity.peertube.domain; + + # TODO: in most of nixpkgs, these are true by default. upstream that unless there's a good reason not to. + redis.createLocally = true; + database.createLocally = true; + configureNginx = true; + settings = { object_storage = { enabled = true; diff --git a/fediversity/pixelfed.nix b/fediversity/pixelfed.nix index 38153f54..95703ba5 100644 --- a/fediversity/pixelfed.nix +++ b/fediversity/pixelfed.nix @@ -35,7 +35,10 @@ lib.mkIf (config.fediversity.enable && config.fediversity.pixelfed.enable) { }; }; - services.pixelfed.enable = true; + services.pixelfed = { + enable = true; + domain = config.fediversity.pixelfed.domain; + }; services.pixelfed.settings = { # DANGEROUSLY_SET_FILESYSTEM_DRIVER = "s3"; diff --git a/vm/mastodon-vm.nix b/vm/mastodon-vm.nix index 0bc12aa6..caf1ca6c 100644 --- a/vm/mastodon-vm.nix +++ b/vm/mastodon-vm.nix @@ -14,14 +14,6 @@ }; services.mastodon = { - # redirects to localhost, but allows it to have a proper domain name - localDomain = "mastodon.localhost"; - - smtp = { - fromAddress = "mastodon@mastodon.localhost"; - createLocally = false; - }; - extraConfig = { EMAIL_DOMAIN_ALLOWLIST = "example.com"; }; @@ -65,7 +57,7 @@ BIND = "0.0.0.0"; # for letter_opener (still doesn't work though) REMOTE_DEV = "true"; - LOCAL_DOMAIN = "mastodon.localhost:8443"; + LOCAL_DOMAIN = "${config.fediversity.mastodon.domain}:8443"; }; }; diff --git a/vm/peertube-vm.nix b/vm/peertube-vm.nix index d38a625c..5f40f4f1 100644 --- a/vm/peertube-vm.nix +++ b/vm/peertube-vm.nix @@ -1,9 +1,11 @@ { pkgs, modulesPath, ... }: { - imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ]; + + imports = [ + ../fediversity + (modulesPath + "/virtualisation/qemu-vm.nix") + ]; + services.peertube = { - enable = true; - # redirects to localhost, but allows it to have a proper domain name - localDomain = "peertube.localhost"; enableWebHttps = false; settings = { listen.hostname = "0.0.0.0"; @@ -13,11 +15,6 @@ secrets.secretsFile = pkgs.writeText "secret" '' 574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24 ''; - - # TODO: in most of nixpkgs, these are true by default. upstream that unless there's a good reason not to. - redis.createLocally = true; - database.createLocally = true; - configureNginx = true; }; virtualisation.forwardPorts = [ diff --git a/vm/pixelfed-vm.nix b/vm/pixelfed-vm.nix index be04bfc7..f12b9c51 100644 --- a/vm/pixelfed-vm.nix +++ b/vm/pixelfed-vm.nix @@ -13,7 +13,6 @@ networking.firewall.allowedTCPPorts = [ 80 ]; services.pixelfed = { - domain = "pixelfed.localhost"; # TODO: secrets management! secretFile = pkgs.writeText "secrets.env" '' APP_KEY=adKK9EcY8Hcj3PLU7rzG9rJ6KKTOtYfA