X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Fmastodon%2Fdefault.nix;h=87e8d726aa90ebd8ab7d4ff408c73376b05c4945;hb=4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0;hp=d742a33a38a4a29c3dbd9db0292d3f7a163dc002;hpb=4288c2f2431fb782b0d512b1b3749187f2374b6a;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/websites/tools/mastodon/default.nix b/modules/private/websites/tools/mastodon/default.nix
index d742a33..87e8d72 100644
--- a/modules/private/websites/tools/mastodon/default.nix
+++ b/modules/private/websites/tools/mastodon/default.nix
@@ -1,6 +1,6 @@
-{ lib, pkgs, config, myconfig,  ... }:
+{ lib, pkgs, config,  ... }:
 let
-  env = myconfig.env.tools.mastodon;
+  env = config.myEnv.tools.mastodon;
   root = "/run/current-system/webapps/tools_mastodon";
   cfg = config.myServices.websites.tools.mastodon;
   mcfg = config.services.mastodon;
@@ -10,8 +10,10 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    secrets.keys = [{
-      dest = "webapps/tools-mastodon";
+    services.duplyBackup.profiles.mastodon = {
+      rootDir = mcfg.dataDir;
+    };
+    secrets.keys."webapps/tools-mastodon" = {
       user = "mastodon";
       group = "mastodon";
       permissions = "0400";
@@ -47,31 +49,44 @@ in {
 
         # LDAP authentication (optional)
         LDAP_ENABLED=true
-        LDAP_HOST=ldap.immae.eu
+        LDAP_HOST=${env.ldap.host}
         LDAP_PORT=636
         LDAP_METHOD=simple_tls
-        LDAP_BASE="dc=immae,dc=eu"
-        LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
+        LDAP_BASE="${env.ldap.base}"
+        LDAP_BIND_DN="${env.ldap.dn}"
         LDAP_PASSWORD="${env.ldap.password}"
         LDAP_UID="uid"
-        LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
+        LDAP_SEARCH_FILTER="${env.ldap.filter}"
       '';
-    }];
+    };
     services.mastodon = {
       enable = true;
-      configFile = "/var/secrets/webapps/tools-mastodon";
+      configFile = config.secrets.fullPaths."webapps/tools-mastodon";
       socketsPrefix = "live_immae";
       dataDir = "/var/lib/mastodon_immae";
     };
+    services.filesWatcher.mastodon-streaming = {
+      restart = true;
+      paths = [ mcfg.configFile ];
+    };
+    services.filesWatcher.mastodon-web = {
+      restart = true;
+      paths = [ mcfg.configFile ];
+    };
+    services.filesWatcher.mastodon-sidekiq = {
+      restart = true;
+      paths = [ mcfg.configFile ];
+    };
+
 
-    services.websites.tools.modules = [
+    services.websites.env.tools.modules = [
       "headers" "proxy" "proxy_wstunnel" "proxy_http"
     ];
     system.extraSystemBuilderCmds = ''
       mkdir -p $out/webapps
       ln -s ${mcfg.workdir}/public/ $out/webapps/tools_mastodon
       '';
-    services.websites.tools.vhostConfs.mastodon = {
+    services.websites.env.tools.vhostConfs.mastodon = {
       certName    = "eldiron";
       addToCerts  = true;
       hosts       = ["mastodon.immae.eu" ];