serve static files for mastodon correctly

2022-11-26 21:13:04 +00:00 · 2022-11-26 21:13:04 +00:00 · ac3ecc749b
parent d247beb91e
commit ac3ecc749b
1 changed files with 26 additions and 26 deletions
--- a/nixos/boxes/vpsfree1/mastodon.nix
+++ b/nixos/boxes/vpsfree1/mastodon.nix
@ -13,6 +13,20 @@ let
  gid = 3049;
  systemUserName = "mastodon";
  systemGroupName = "mastodon";
+  users = {
+    users."${systemUserName}" = {
+      uid = uid;
+      isSystemUser = true;
+      isNormalUser = false;
+      group = systemGroupName;
+    };
+    groups."${systemGroupName}" = {
+      gid = gid;
+      members = [ "${systemUserName}" "nginx" ];
+    };
+  };
+  package =
+    inputs.nixpkgs-nixos-unstable.legacyPackages."${pkgs.system}".mastodon;
 in {
  imports = [ ../nginx.nix ];

@ -21,18 +35,17 @@ in {
      "${domain}" = {
        forceSSL = true;
        enableACME = true;
-        root = "${config.services.mastodon.package}/public/";
-
-        locations."/system/".alias = "${path}/public-system/";
+        root = "${package}/public/";

        locations."/" = { tryFiles = "$uri @proxy"; };
+        locations."/system/".alias = "${path}/public-system/";

        locations."@proxy" = {
-          proxyPass = "http://localhost:" + toString webPort;
+          proxyPass = "http://127.0.0.1:" + toString webPort;
          proxyWebsockets = true;
        };
        locations."/api/v1/streaming/" = {
-          proxyPass = "http://localhost:" + toString streamingPort;
+          proxyPass = "http://127.0.0.1:" + toString streamingPort;
          proxyWebsockets = true;
        };
      };
@ -51,16 +64,9 @@ in {
    owner = systemUserName;
    group = systemGroupName;
  };
-  users.users."${systemUserName}" = {
-    uid = uid;
-    isSystemUser = true;
-    isNormalUser = false;
-    group = systemGroupName;
-  };
-  users.groups."${systemGroupName}" = {
-    gid = gid;
-    members = [ "${systemUserName}" ];
-  };
+
+  inherit users;
+
  containers.mastodon = {
    autoStart = true;
    forwardPorts = [
@ -90,20 +96,13 @@ in {
    config = { config, pkgs, lib, ... }: {
      system.stateVersion = "22.05";
      services.postgresql.port = postgresPort;
-      users.mutableUsers = false;
-      users.allowNoPasswordLogin = true;
-      users.users."${systemUserName}" = {
-        uid = uid;
-        isSystemUser = true;
-        isNormalUser = false;
-        group = systemGroupName;
-      };
-      users.groups."${systemGroupName}" = {
-        gid = gid;
-        members = [ "${systemUserName}" ];
+      users = users // {
+        mutableUsers = false;
+        allowNoPasswordLogin = true;
      };
      services.mastodon = {
        enable = true;
+        inherit package;
        localDomain = "${domain}";
        user = systemUserName;
        group = systemGroupName;
@ -120,6 +119,7 @@ in {
          SMTP_TLS = "true";
          SMTP_ENABLE_STARTTLS_AUTO = "true";
          SINGLE_USER_MODE = "true";
+          RAILS_SERVE_STATIC_FILES = "true";
        };
        inherit streamingPort;
        inherit webPort;