SelfPrivacy/selfprivacy-nixos-config
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git synced 2024-11-26 04:51:26 +00:00
Code Issues Projects Releases Wiki Activity

feat(mastodon): Add mastodon

Browse source
This commit is contained in:
Inex Code 2023-03-28 21:33:44 +03:00
parent 82578e3531
commit 5dde39956a
4 changed files with 51 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
ldap/ldap-module.nix
View file

@ -100,6 +100,7 @@ in
"gitea" "gitea"
"nextcloud" "nextcloud"
"pleroma" "pleroma"
"mastodon"
]); ]);
example = [ "gitea" ]; example = [ "gitea" ];
default = [ ]; default = [ ];
@ -174,10 +175,21 @@ in
${mkUsersNamespace "users" cfg.users} ${mkUsersNamespace "users" cfg.users}
# Make a root user for some services to bind
dn: uid=root,ou=users,${domain}
objectClass: inetOrgPerson
cn: root
sn: root
mail: root@${domain}
# Password is "root"
userPassword: {crypt}$6$teiD8ySLE58taSvY$veZS9QRSmfBcox2JfgYH/AWv24cpHD4P7IUzFv8WgxUaio.j7Y4aqMcC4a17v3PvOdCu8vgkKAtu/jhhKjVQm0
${mkGroupsNamespace "users" cfg.users "groups" [ ${mkGroupsNamespace "users" cfg.users "groups" [
"admin" "admin"
"gitea" "gitea"
"nextcloud" "nextcloud"
"mastodon"
]} ]}
# pleroma has no support for ldap filters # pleroma has no support for ldap filters
@ -250,7 +262,6 @@ in
# https://docs.gitea.io/en-us/command-line/#admin # https://docs.gitea.io/en-us/command-line/#admin
${config.services.gitea.package}/bin/gitea admin auth $auth_command \ ${config.services.gitea.package}/bin/gitea admin auth $auth_command \
--id $ldap_id \
--name nixos-ldap \ --name nixos-ldap \
--security-protocol unencrypted \ --security-protocol unencrypted \
--host 127.0.0.1 \ --host 127.0.0.1 \
@ -320,6 +331,19 @@ in
''} ''}
''; '';
}) })
(lib.mkIf (config.services.mastodon.enable && cfg.enable) {
services.mastodon.extraConfig = {
LDAP_ENABLED = true;
LDAP_HOST = "127.0.0.1";
LDAP_PORT = 389;
LDAP_BASE = "ou=users,${domain}";
LDAP_BIND_DN = "uid=root,ou=users,${domain}";
LDAP_BIND_PASSWORD = "root";
LDAP_UID = "uid";
LDAP_MAIL = "mail";
LDAP_SEARCH_FILTER = "(&(objectClass=shadowAccount)(memberOf=cn=mastodon,ou=groups,${domain})(uid=%{username}))";
};
})
(lib.mkIf (config.services.pleroma.enable && cfg.enable) { (lib.mkIf (config.services.pleroma.enable && cfg.enable) {
services.pleroma.configs = [ services.pleroma.configs = [
'' ''

12
social/mastodon.nix Normal file
View file

@ -0,0 +1,12 @@
{ pkgs, lib, config, ... }:
let
cfg = config.services.userdata;
in
{
services.mastodon = {
enable = cfg.mastodon.enable;
localDomain = "mastodon.${cfg.domain}";
configureNginx = true;
smtp.fromAddress = "noreply@${cfg.domain}";
};
}

10
variables-module.nix
View file

@ -175,6 +175,16 @@ in
type = types.nullOr types.bool; type = types.nullOr types.bool;
}; };
}; };
mastodon = {
enable = mkOption {
default = false;
type = types.nullOr types.bool;
};
location = mkOption {
default = "sda1";
type = types.nullOr types.str;
};
};
######### #########
# SSH # # SSH #
######### #########

4
variables.nix
View file

@ -51,6 +51,10 @@ in
ocserv = { ocserv = {
enable = lib.attrsets.attrByPath [ "ocserv" "enable" ] false jsonData; enable = lib.attrsets.attrByPath [ "ocserv" "enable" ] false jsonData;
}; };
mastodon = {
enable = lib.attrsets.attrByPath [ "mastodon" "enable" ] false jsonData;
location = lib.attrsets.attrByPath [ "mastodon" "location" ] "sda1" jsonData;
};
ssh = { ssh = {
enable = lib.attrsets.attrByPath [ "ssh" "enable" ] true jsonData; enable = lib.attrsets.attrByPath [ "ssh" "enable" ] true jsonData;
rootKeys = lib.attrsets.attrByPath [ "ssh" "rootKeys" ] [ "" ] jsonData; rootKeys = lib.attrsets.attrByPath [ "ssh" "rootKeys" ] [ "" ] jsonData;