From ac3ecc749b2156f90d535b5143a1938d655ed0bd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= <cyplo@cyplo.dev>
Date: Sat, 26 Nov 2022 21:13:04 +0000
Subject: [PATCH] serve static files for mastodon correctly

---
 nixos/boxes/vpsfree1/mastodon.nix | 52 +++++++++++++++----------------
 1 file changed, 26 insertions(+), 26 deletions(-)

diff --git a/nixos/boxes/vpsfree1/mastodon.nix b/nixos/boxes/vpsfree1/mastodon.nix
index 7c1627ff..fd156501 100644
--- a/nixos/boxes/vpsfree1/mastodon.nix
+++ b/nixos/boxes/vpsfree1/mastodon.nix
@@ -13,6 +13,20 @@ let
   gid = 3049;
   systemUserName = "mastodon";
   systemGroupName = "mastodon";
+  users = {
+    users."${systemUserName}" = {
+      uid = uid;
+      isSystemUser = true;
+      isNormalUser = false;
+      group = systemGroupName;
+    };
+    groups."${systemGroupName}" = {
+      gid = gid;
+      members = [ "${systemUserName}" "nginx" ];
+    };
+  };
+  package =
+    inputs.nixpkgs-nixos-unstable.legacyPackages."${pkgs.system}".mastodon;
 in {
   imports = [ ../nginx.nix ];
 
@@ -21,18 +35,17 @@ in {
       "${domain}" = {
         forceSSL = true;
         enableACME = true;
-        root = "${config.services.mastodon.package}/public/";
-
-        locations."/system/".alias = "${path}/public-system/";
+        root = "${package}/public/";
 
         locations."/" = { tryFiles = "$uri @proxy"; };
+        locations."/system/".alias = "${path}/public-system/";
 
         locations."@proxy" = {
-          proxyPass = "http://localhost:" + toString webPort;
+          proxyPass = "http://127.0.0.1:" + toString webPort;
           proxyWebsockets = true;
         };
         locations."/api/v1/streaming/" = {
-          proxyPass = "http://localhost:" + toString streamingPort;
+          proxyPass = "http://127.0.0.1:" + toString streamingPort;
           proxyWebsockets = true;
         };
       };
@@ -51,16 +64,9 @@ in {
     owner = systemUserName;
     group = systemGroupName;
   };
-  users.users."${systemUserName}" = {
-    uid = uid;
-    isSystemUser = true;
-    isNormalUser = false;
-    group = systemGroupName;
-  };
-  users.groups."${systemGroupName}" = {
-    gid = gid;
-    members = [ "${systemUserName}" ];
-  };
+
+  inherit users;
+
   containers.mastodon = {
     autoStart = true;
     forwardPorts = [
@@ -90,20 +96,13 @@ in {
     config = { config, pkgs, lib, ... }: {
       system.stateVersion = "22.05";
       services.postgresql.port = postgresPort;
-      users.mutableUsers = false;
-      users.allowNoPasswordLogin = true;
-      users.users."${systemUserName}" = {
-        uid = uid;
-        isSystemUser = true;
-        isNormalUser = false;
-        group = systemGroupName;
-      };
-      users.groups."${systemGroupName}" = {
-        gid = gid;
-        members = [ "${systemUserName}" ];
+      users = users // {
+        mutableUsers = false;
+        allowNoPasswordLogin = true;
       };
       services.mastodon = {
         enable = true;
+        inherit package;
         localDomain = "${domain}";
         user = systemUserName;
         group = systemGroupName;
@@ -120,6 +119,7 @@ in {
           SMTP_TLS = "true";
           SMTP_ENABLE_STARTTLS_AUTO = "true";
           SINGLE_USER_MODE = "true";
+          RAILS_SERVE_STATIC_FILES = "true";
         };
         inherit streamingPort;
         inherit webPort;