mirror of
https://gitlab.com/upRootNutrition/dotfiles.git
synced 2025-12-06 21:17:14 -06:00
feat: removed fedifetcher
This commit is contained in:
Nick
parent
1469c9c4af
commit
1d25722930
1 changed files with 20 additions and 80 deletions
|
|
@ -14,48 +14,18 @@ let
|
||||||
host = serviceCfg.domains.url0;
|
host = serviceCfg.domains.url0;
|
||||||
dns0 = instances.web.dns.provider0;
|
dns0 = instances.web.dns.provider0;
|
||||||
dns0Path = "dns/${dns0}";
|
dns0Path = "dns/${dns0}";
|
||||||
|
|
||||||
fedifetcherConfig = pkgs.writeText "fedifetcher-config.json" (
|
|
||||||
builtins.toJSON {
|
|
||||||
server = host;
|
|
||||||
home-timeline-length = 200;
|
|
||||||
max-followings = 80;
|
|
||||||
from-notifications = 1;
|
|
||||||
max-bookmarks = 80;
|
|
||||||
max-favourites = 40;
|
|
||||||
backfill-with-context = 1;
|
|
||||||
backfill-mentioned-users = 1;
|
|
||||||
remember-users-for-hours = 168;
|
|
||||||
remember-hosts-for-days = 30;
|
|
||||||
http-timeout = 5;
|
|
||||||
lock-hours = 24;
|
|
||||||
log-level = "INFO";
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
fedifetcherPython = pkgs.python3.withPackages (
|
|
||||||
ps: with ps; [
|
|
||||||
requests
|
|
||||||
pytz
|
|
||||||
beautifulsoup4
|
|
||||||
]
|
|
||||||
);
|
|
||||||
|
|
||||||
fedifetcherSrc = pkgs.fetchFromGitHub {
|
|
||||||
owner = "nanos";
|
|
||||||
repo = "FediFetcher";
|
|
||||||
rev = "main";
|
|
||||||
sha256 = "sha256-J7psV/mA7okuuO7/aXVVWS9p63eMncG2CEEGN38ip0=";
|
|
||||||
};
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
# If you need to start fresh for some reason, run these to create the new Admin account:
|
# If you need to start fresh for some reason, run these to create the new Admin account:
|
||||||
# sudo -u mastodon mastodon-tootctl accounts create nick --email=nick@localhost --confirmed --role=Owner
|
# sudo -u mastodon mastodon-tootctl accounts create nick --email=nick@localhost --confirmed --role=Owner
|
||||||
# sudo -u mastodon mastodon-tootctl accounts approve nick
|
# sudo -u mastodon mastodon-tootctl accounts approve nick
|
||||||
|
|
||||||
# If you fuck up and lose the password, use this:
|
# If you fuck up and lose the password, use this:
|
||||||
# sudo mastodon-tootctl accounts modify --reset-password nick
|
# sudo mastodon-tootctl accounts modify --reset-password nick
|
||||||
|
|
||||||
# If you really fuck up and name yourself wrong, use this shit
|
# If you really fuck up and name yourself wrong, use this shit
|
||||||
# sudo mastodon-tootctl accounts modify username --remove-role
|
# sudo mastodon-tootctl accounts modify username --remove-role
|
||||||
|
|
||||||
# nixpkgs.overlays = [
|
# nixpkgs.overlays = [
|
||||||
# (
|
# (
|
||||||
# final: prev: {
|
# final: prev: {
|
||||||
|
|
@ -69,6 +39,7 @@ in
|
||||||
# }
|
# }
|
||||||
# )
|
# )
|
||||||
# ];
|
# ];
|
||||||
|
|
||||||
microvm.vms = {
|
microvm.vms = {
|
||||||
${serviceCfg.name} = {
|
${serviceCfg.name} = {
|
||||||
autostart = true;
|
autostart = true;
|
||||||
|
|
@ -161,12 +132,14 @@ in
|
||||||
root /var/lib/mastodon/public-system
|
root /var/lib/mastodon/public-system
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
handle /api/v1/streaming/* {
|
handle /api/v1/streaming/* {
|
||||||
reverse_proxy unix//run/mastodon-streaming/streaming.socket {
|
reverse_proxy unix//run/mastodon-streaming/streaming.socket {
|
||||||
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
|
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
|
||||||
header_up X-Forwarded-Host {http.request.header.X-Forwarded-Host}
|
header_up X-Forwarded-Host {http.request.header.X-Forwarded-Host}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
route * {
|
route * {
|
||||||
file_server * {
|
file_server * {
|
||||||
root ${pkgs.mastodon}/public
|
root ${pkgs.mastodon}/public
|
||||||
|
|
@ -177,15 +150,19 @@ in
|
||||||
header_up X-Forwarded-Host {http.request.header.X-Forwarded-Host}
|
header_up X-Forwarded-Host {http.request.header.X-Forwarded-Host}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
handle_errors {
|
handle_errors {
|
||||||
root * ${pkgs.mastodon}/public
|
root * ${pkgs.mastodon}/public
|
||||||
rewrite 500.html
|
rewrite 500.html
|
||||||
file_server
|
file_server
|
||||||
}
|
}
|
||||||
|
|
||||||
encode gzip
|
encode gzip
|
||||||
|
|
||||||
header /* {
|
header /* {
|
||||||
Strict-Transport-Security "max-age=31536000;"
|
Strict-Transport-Security "max-age=31536000;"
|
||||||
}
|
}
|
||||||
|
|
||||||
header /emoji/* Cache-Control "public, max-age=31536000, immutable"
|
header /emoji/* Cache-Control "public, max-age=31536000, immutable"
|
||||||
header /packs/* Cache-Control "public, max-age=31536000, immutable"
|
header /packs/* Cache-Control "public, max-age=31536000, immutable"
|
||||||
header /system/accounts/avatars/* Cache-Control "public, max-age=31536000, immutable"
|
header /system/accounts/avatars/* Cache-Control "public, max-age=31536000, immutable"
|
||||||
|
|
@ -194,9 +171,11 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
postgresql = {
|
postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
openssh = {
|
openssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
|
|
@ -205,12 +184,14 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.${serviceCfg.name}.extraGroups = [
|
users.users.${serviceCfg.name}.extraGroups = [
|
||||||
"postgres"
|
"postgres"
|
||||||
];
|
];
|
||||||
users.users.caddy.extraGroups = [
|
users.users.caddy.extraGroups = [
|
||||||
serviceCfg.name
|
serviceCfg.name
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
22 # SSH
|
22 # SSH
|
||||||
80 # Caddy
|
80 # Caddy
|
||||||
|
|
@ -220,6 +201,7 @@ in
|
||||||
2525 # SMTP
|
2525 # SMTP
|
||||||
5432 # Postgres
|
5432 # Postgres
|
||||||
];
|
];
|
||||||
|
|
||||||
systemd = {
|
systemd = {
|
||||||
services = {
|
services = {
|
||||||
mastodon-init-dirs = {
|
mastodon-init-dirs = {
|
||||||
|
|
@ -252,57 +234,23 @@ in
|
||||||
description = "Copy secrets from virtiofs to local filesystem";
|
description = "Copy secrets from virtiofs to local filesystem";
|
||||||
before = [ "mastodon-init-dirs.service" ];
|
before = [ "mastodon-init-dirs.service" ];
|
||||||
requiredBy = [ "mastodon-init-dirs.service" ];
|
requiredBy = [ "mastodon-init-dirs.service" ];
|
||||||
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
RemainAfterExit = true;
|
RemainAfterExit = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
script = ''
|
script = ''
|
||||||
mkdir -p /etc/mastodon-secrets
|
mkdir -p /etc/mastodon-secrets
|
||||||
cp /run/secrets/pass /etc/mastodon-secrets/pass
|
cp /run/secrets/pass /etc/mastodon-secrets/pass
|
||||||
cp /run/secrets/database /etc/mastodon-secrets/database
|
cp /run/secrets/database /etc/mastodon-secrets/database
|
||||||
cp /run/secrets/redis /etc/mastodon-secrets/redis
|
cp /run/secrets/redis /etc/mastodon-secrets/redis
|
||||||
cp /run/secrets/smtp /etc/mastodon-secrets/smtp
|
cp /run/secrets/smtp /etc/mastodon-secrets/smtp
|
||||||
cp /run/secrets/fedifetcher-token /etc/mastodon-secrets/fedifetcher-token
|
|
||||||
chmod 755 /etc/mastodon-secrets
|
chmod 755 /etc/mastodon-secrets
|
||||||
chmod 644 /etc/mastodon-secrets/*
|
chmod 644 /etc/mastodon-secrets/*
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
fedifetcher = {
|
|
||||||
description = "FediFetcher Service";
|
|
||||||
after = [
|
|
||||||
"network.target"
|
|
||||||
"mastodon-web.service"
|
|
||||||
];
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
User = serviceCfg.name;
|
|
||||||
WorkingDirectory = "/var/lib/fedifetcher";
|
|
||||||
ExecStart =
|
|
||||||
let
|
|
||||||
script = pkgs.writeShellScript "fedifetcher-run" ''
|
|
||||||
set -e
|
|
||||||
export ACCESS_TOKEN=$(cat /etc/mastodon-secrets/fedifetcher-token)
|
|
||||||
${fedifetcherPython}/bin/python ${fedifetcherSrc}/find_posts.py \
|
|
||||||
-c=${fedifetcherConfig} \
|
|
||||||
--access-token="$ACCESS_TOKEN"
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
"${script}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
timers.fedifetcher = {
|
|
||||||
description = "FediFetcher Timer";
|
|
||||||
wantedBy = [ "timers.target" ];
|
|
||||||
timerConfig = {
|
|
||||||
OnCalendar = "*:0/15"; # Run every 15 minutes
|
|
||||||
Persistent = true;
|
|
||||||
Unit = "fedifetcher.service";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
network = {
|
network = {
|
||||||
enable = true;
|
enable = true;
|
||||||
networks."20-lan" = {
|
networks."20-lan" = {
|
||||||
|
|
@ -320,7 +268,6 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
mastodon-init-db = {
|
mastodon-init-db = {
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
|
|
@ -329,7 +276,6 @@ in
|
||||||
};
|
};
|
||||||
systemd-tmpfiles-setup.after = [ "var-lib-mastodon.mount" ];
|
systemd-tmpfiles-setup.after = [ "var-lib-mastodon.mount" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
tmpfiles.rules = [
|
tmpfiles.rules = [
|
||||||
"d /var/lib/mastodon 0755 mastodon mastodon -"
|
"d /var/lib/mastodon 0755 mastodon mastodon -"
|
||||||
"Z /var/lib/mastodon 0755 mastodon mastodon -"
|
"Z /var/lib/mastodon 0755 mastodon mastodon -"
|
||||||
|
|
@ -340,7 +286,6 @@ in
|
||||||
"d /var/lib/mastodon/public-system/media_attachments 0755 mastodon mastodon -"
|
"d /var/lib/mastodon/public-system/media_attachments 0755 mastodon mastodon -"
|
||||||
"d /var/lib/mastodon/public-system/media_attachments/files 0755 mastodon mastodon -"
|
"d /var/lib/mastodon/public-system/media_attachments/files 0755 mastodon mastodon -"
|
||||||
"d /var/lib/mastodon/public-system/site_uploads 0755 mastodon mastodon -"
|
"d /var/lib/mastodon/public-system/site_uploads 0755 mastodon mastodon -"
|
||||||
"d /var/lib/fedifetcher 0755 mastodon mastodon -"
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -392,17 +337,12 @@ in
|
||||||
source = "/run/secrets/${serviceCfg.name}";
|
source = "/run/secrets/${serviceCfg.name}";
|
||||||
tag = "host_secrets";
|
tag = "host_secrets";
|
||||||
}
|
}
|
||||||
{
|
|
||||||
mountPoint = "/var/lib/fedifetcher";
|
|
||||||
proto = "virtiofs";
|
|
||||||
source = "${serviceCfg.mntPaths.path0}/fedifetcher";
|
|
||||||
tag = "fedifetcher_data";
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
sops = {
|
sops = {
|
||||||
secrets = builtins.listToAttrs (
|
secrets = builtins.listToAttrs (
|
||||||
map
|
map
|
||||||
|
|
@ -419,7 +359,6 @@ in
|
||||||
"database"
|
"database"
|
||||||
"redis"
|
"redis"
|
||||||
"pass"
|
"pass"
|
||||||
"fedifetcher-token"
|
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
@ -428,7 +367,6 @@ in
|
||||||
"d ${serviceCfg.mntPaths.path0} 0751 microvm wheel - -"
|
"d ${serviceCfg.mntPaths.path0} 0751 microvm wheel - -"
|
||||||
"d ${serviceCfg.mntPaths.path0}/data 0751 microvm wheel - -"
|
"d ${serviceCfg.mntPaths.path0}/data 0751 microvm wheel - -"
|
||||||
"d ${serviceCfg.mntPaths.path0}/database 0751 microvm wheel - -"
|
"d ${serviceCfg.mntPaths.path0}/database 0751 microvm wheel - -"
|
||||||
"d ${serviceCfg.mntPaths.path0}/fedifetcher 0751 microvm wheel - -"
|
|
||||||
];
|
];
|
||||||
|
|
||||||
services.caddy.virtualHosts."${host}" = {
|
services.caddy.virtualHosts."${host}" = {
|
||||||
|
|
@ -438,7 +376,9 @@ in
|
||||||
header_up X-Real-IP {remote_host}
|
header_up X-Real-IP {remote_host}
|
||||||
header_up X-Forwarded-For {remote_host}
|
header_up X-Forwarded-For {remote_host}
|
||||||
}
|
}
|
||||||
|
|
||||||
tls ${serviceCfg.ssl.cert} ${serviceCfg.ssl.key}
|
tls ${serviceCfg.ssl.cert} ${serviceCfg.ssl.key}
|
||||||
|
|
||||||
encode zstd gzip
|
encode zstd gzip
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue