X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Fmastodon%2Fdefault.nix;h=173a4b841b14e649dd802ad188322950e25dcb7f;hb=792ccef2c82a055a2cc4801de028312b0b1199ea;hp=97f2452579cfd44b6bf98091cf57a7c8964b1ca1;hpb=d2e703c560bc029c3d607058de2935bbf1cb0559;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/websites/tools/mastodon/default.nix b/modules/private/websites/tools/mastodon/default.nix
index 97f2452..173a4b8 100644
--- a/modules/private/websites/tools/mastodon/default.nix
+++ b/modules/private/websites/tools/mastodon/default.nix
@@ -1,7 +1,7 @@
-{ lib, pkgs, config, myconfig,  ... }:
+{ lib, pkgs, config,  ... }:
 let
-  env = myconfig.env.tools.mastodon;
-  root = "/run/current-system/webapps/tools_mastodon";
+  env = config.myEnv.tools.mastodon;
+  root = "${mcfg.workdir}/public/";
   cfg = config.myServices.websites.tools.mastodon;
   mcfg = config.services.mastodon;
 in {
@@ -10,11 +10,7 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    services.duplyBackup.profiles.mastodon = {
-      rootDir = mcfg.dataDir;
-    };
-    secrets.keys = [{
-      dest = "webapps/tools-mastodon";
+    secrets.keys."webapps/tools-mastodon" = {
       user = "mastodon";
       group = "mastodon";
       permissions = "0400";
@@ -50,19 +46,19 @@ in {
 
         # LDAP authentication (optional)
         LDAP_ENABLED=true
-        LDAP_HOST=ldap.immae.eu
+        LDAP_HOST=${env.ldap.host}
         LDAP_PORT=636
         LDAP_METHOD=simple_tls
-        LDAP_BASE="dc=immae,dc=eu"
-        LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
+        LDAP_BASE="${env.ldap.base}"
+        LDAP_BIND_DN="${env.ldap.dn}"
         LDAP_PASSWORD="${env.ldap.password}"
         LDAP_UID="uid"
-        LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
+        LDAP_SEARCH_FILTER="${env.ldap.filter}"
       '';
-    }];
+    };
     services.mastodon = {
       enable = true;
-      configFile = "/var/secrets/webapps/tools-mastodon";
+      configFile = config.secrets.fullPaths."webapps/tools-mastodon";
       socketsPrefix = "live_immae";
       dataDir = "/var/lib/mastodon_immae";
     };
@@ -83,10 +79,6 @@ in {
     services.websites.env.tools.modules = [
       "headers" "proxy" "proxy_wstunnel" "proxy_http"
     ];
-    system.extraSystemBuilderCmds = ''
-      mkdir -p $out/webapps
-      ln -s ${mcfg.workdir}/public/ $out/webapps/tools_mastodon
-      '';
     services.websites.env.tools.vhostConfs.mastodon = {
       certName    = "eldiron";
       addToCerts  = true;