62 lines
1.8 KiB
Nix
62 lines
1.8 KiB
Nix
{ config, lib, ... }:
|
|
let
|
|
mastodonPort = 5328;
|
|
in
|
|
{
|
|
config = lib.mkMerge [
|
|
(lib.mkIf (config.networking.hostName == "nixnas") {
|
|
services.mastodon = {
|
|
enable = true;
|
|
localDomain = "claytonhickey.me";
|
|
smtp.fromAddress = "mastodon@claytonhickey.me";
|
|
streamingProcesses = 3;
|
|
extraConfig.SINGLE_USER_MODE = "true";
|
|
extraConfig.WEB_DOMAIN = "mastodon.claytonhickey.me";
|
|
#webPort = mastodonPort;
|
|
#enableUnixSocket = false;
|
|
trustedProxy = "127.0.0.1,10.100.0.1";
|
|
configureNginx = true;
|
|
};
|
|
networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [
|
|
mastodonPort
|
|
];
|
|
services.nginx.virtualHosts."${config.services.mastodon.localDomain}" = {
|
|
forceSSL = false;
|
|
enableACME = false;
|
|
|
|
serverName = "mastodon.claytonhickey.me";
|
|
|
|
listen = [{
|
|
addr = "10.100.0.2";
|
|
port = mastodonPort;
|
|
} {
|
|
addr = "127.0.0.1";
|
|
port = mastodonPort;
|
|
}];
|
|
|
|
#locations."/" = {
|
|
# proxyPass = "http://unix:/run/mastodon-web/web.socket";
|
|
# tryFiles = lib.mkForce null;
|
|
#};
|
|
locations."@proxy" = {
|
|
recommendedProxySettings = false;
|
|
extraConfig = ''
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto https;
|
|
proxy_set_header Proxy "";
|
|
proxy_pass_header Server;
|
|
|
|
proxy_buffering on;
|
|
proxy_redirect off;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
|
|
tcp_nodelay on;
|
|
'';
|
|
};
|
|
};
|
|
})
|
|
];
|
|
}
|