Switch to Caddy

default
dump_stack() 2023-01-12 12:19:13 +00:00
parent 792484834f
commit ef3e171cd3
Signed by: dump_stack
GPG Key ID: BE44DA8C062D87DC
2 changed files with 40 additions and 8 deletions

View File

@ -1,8 +1,6 @@
{ lib, ... }:
{
services."nginx".virtualHosts."lor.sh".enableACME = lib.mkForce false;
services."nginx".virtualHosts."lor.sh".forceSSL = lib.mkForce false;
systemd.services."mastodon-init-db".wantedBy = lib.mkForce [ ];
systemd.services."mastodon-init-dirs".wantedBy = lib.mkForce [ ];
systemd.services."mastodon-media-auto-remove".startAt = lib.mkForce [ ];
@ -10,8 +8,6 @@
systemd.services."mastodon-sidekiq".wantedBy = lib.mkForce [ ];
systemd.services."mastodon-streaming".wantedBy = lib.mkForce [ ];
systemd.services."mastodon-web".wantedBy = lib.mkForce [ ];
systemd.services."nginx".wantedBy = lib.mkForce [ ];
systemd.services."nginx-config-reload".wantedBy = lib.mkForce [ ];
systemd.services."postgresqlBackup-mastodon".startAt = lib.mkForce [ ];
systemd.services."postgresqlBackup-mastodon".wantedBy = lib.mkForce [ ];
systemd.services."redis-mastodon".wantedBy = lib.mkForce [ ];

View File

@ -62,7 +62,10 @@ let
--host-bucket='${secrets.backup.hostBucket}' \
$@
'';
bucket = secrets.backup.bucket;
domainName = "lor.sh";
in {
services.postgresqlBackup = {
enable = true;
@ -91,21 +94,54 @@ in {
# https://github.com/mperham/sidekiq/wiki/Memory#bloat
systemd.services.mastodon-sidekiq.environment.MALLOC_ARENA_MAX = "2";
services.caddy = {
enable = true;
virtualHosts."${domainName}".extraConfig = ''
root * ${mastodon-lor-sh}/public
encode gzip
@static file
handle @static {
file_server
}
handle /api/v1/streaming* {
reverse_proxy unix//run/mastodon-streaming/streaming.socket
}
handle {
reverse_proxy unix//run/mastodon-web/web.socket
}
header {
Strict-Transport-Security "max-age=31536000;"
}
@5xx expression `{err.status_code} >= 500 && {err.status_code} < 600`
handle_errors {
rewrite @5xx /500.html
file_server
}
'';
};
users.users.caddy.extraGroups = [ "mastodon" ];
services.mastodon = {
enable = true;
package = mastodon-lor-sh;
localDomain = "lor.sh";
configureNginx = true;
localDomain = "${domainName}";
configureNginx = false;
smtp = {
createLocally = false;
authenticate = true;
host = "smtp.eu.mailgun.org";
port = 587;
fromAddress = "Mastodon <mastodon@m.lor.sh>";
user = "mastodon@m.lor.sh";
fromAddress = "Mastodon <mastodon@m.${domainName}>";
user = "mastodon@m.${domainName}";
passwordFile = builtins.toFile "smtp-password" secrets.smtpPassword;
};