serve static files for mastodon correctly

This commit is contained in:
Cyryl Płotnicki 2022-11-26 21:13:04 +00:00
parent d247beb91e
commit ac3ecc749b

View file

@ -13,6 +13,20 @@ let
gid = 3049;
systemUserName = "mastodon";
systemGroupName = "mastodon";
users = {
users."${systemUserName}" = {
uid = uid;
isSystemUser = true;
isNormalUser = false;
group = systemGroupName;
};
groups."${systemGroupName}" = {
gid = gid;
members = [ "${systemUserName}" "nginx" ];
};
};
package =
inputs.nixpkgs-nixos-unstable.legacyPackages."${pkgs.system}".mastodon;
in {
imports = [ ../nginx.nix ];
@ -21,18 +35,17 @@ in {
"${domain}" = {
forceSSL = true;
enableACME = true;
root = "${config.services.mastodon.package}/public/";
locations."/system/".alias = "${path}/public-system/";
root = "${package}/public/";
locations."/" = { tryFiles = "$uri @proxy"; };
locations."/system/".alias = "${path}/public-system/";
locations."@proxy" = {
proxyPass = "http://localhost:" + toString webPort;
proxyPass = "http://127.0.0.1:" + toString webPort;
proxyWebsockets = true;
};
locations."/api/v1/streaming/" = {
proxyPass = "http://localhost:" + toString streamingPort;
proxyPass = "http://127.0.0.1:" + toString streamingPort;
proxyWebsockets = true;
};
};
@ -51,16 +64,9 @@ in {
owner = systemUserName;
group = systemGroupName;
};
users.users."${systemUserName}" = {
uid = uid;
isSystemUser = true;
isNormalUser = false;
group = systemGroupName;
};
users.groups."${systemGroupName}" = {
gid = gid;
members = [ "${systemUserName}" ];
};
inherit users;
containers.mastodon = {
autoStart = true;
forwardPorts = [
@ -90,20 +96,13 @@ in {
config = { config, pkgs, lib, ... }: {
system.stateVersion = "22.05";
services.postgresql.port = postgresPort;
users.mutableUsers = false;
users.allowNoPasswordLogin = true;
users.users."${systemUserName}" = {
uid = uid;
isSystemUser = true;
isNormalUser = false;
group = systemGroupName;
};
users.groups."${systemGroupName}" = {
gid = gid;
members = [ "${systemUserName}" ];
users = users // {
mutableUsers = false;
allowNoPasswordLogin = true;
};
services.mastodon = {
enable = true;
inherit package;
localDomain = "${domain}";
user = systemUserName;
group = systemGroupName;
@ -120,6 +119,7 @@ in {
SMTP_TLS = "true";
SMTP_ENABLE_STARTTLS_AUTO = "true";
SINGLE_USER_MODE = "true";
RAILS_SERVE_STATIC_FILES = "true";
};
inherit streamingPort;
inherit webPort;