X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Fmastodon%2Fdefault.nix;h=6e34280f30f6086951347ce6d5933db4b5abdc03;hb=a95ab089420d6edf24f22500dabf7876d329dc91;hp=f1a207feb97554d305ca2d8e7fc2871705a3955d;hpb=01f21083a897b86bf148f1d2bb9c8edca4d3786a;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/nixops/modules/websites/tools/mastodon/default.nix b/nixops/modules/websites/tools/mastodon/default.nix
index f1a207f..6e34280 100644
--- a/nixops/modules/websites/tools/mastodon/default.nix
+++ b/nixops/modules/websites/tools/mastodon/default.nix
@@ -5,6 +5,7 @@ let
     env = myconfig.env.tools.mastodon;
   };
 
+  root = "/run/current-system/webapps/tools_mastodon";
   cfg = config.services.myWebsites.tools.mastodon;
 in {
   options.services.myWebsites.tools.mastodon = {
@@ -12,8 +13,8 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    ids.uids.mastodon = 399;
-    ids.gids.mastodon = 399;
+    ids.uids.mastodon = myconfig.env.tools.mastodon.user.uid;
+    ids.gids.mastodon = myconfig.env.tools.mastodon.user.gid;
 
     users.users.mastodon = {
       name = "mastodon";
@@ -135,14 +136,17 @@ in {
     };
 
     services.myWebsites.tools.modules = [
-      "headers" "proxy" "proxy_wstunnel" "proxy_http" "proxy_balancer"
-      "lbmethod_byrequests" "lbmethod_bytraffic" "lbmethod_bybusyness" "lbmethod_heartbeat"
+      "headers" "proxy" "proxy_wstunnel" "proxy_http"
     ];
     security.acme.certs."eldiron".extraDomains."mastodon.immae.eu" = null;
+    system.extraSystemBuilderCmds = ''
+      mkdir -p $out/webapps
+      ln -s ${mastodon.railsRoot}/public/ $out/webapps/tools_mastodon
+      '';
     services.myWebsites.tools.vhostConfs.mastodon = {
       certName    = "eldiron";
       hosts       = ["mastodon.immae.eu" ];
-      root        = "${mastodon.railsRoot}/public/";
+      root        = root;
       extraConfig = [ ''
         Header always set Referrer-Policy "strict-origin-when-cross-origin"
         Header always set Strict-Transport-Security "max-age=31536000"
@@ -167,23 +171,10 @@ in {
         ProxyPassMatch ^(/.*\.(png|ico|gif)$) !
         ProxyPassMatch ^/(assets|avatars|emoji|headers|packs|sounds|system|.well-known/acme-challenge) !
 
-        ProxyPassMatch /api/v1/streaming/(.+)$ balancer://node_servers_http/api/v1/streaming/$1
-        ProxyPass /api/v1/streaming/ balancer://node_servers/
-        ProxyPassReverse /api/v1/streaming/ balancer://node_servers/
-        ProxyPass / balancer://puma_servers/
-        ProxyPassReverse / balancer://puma_servers/
-
-        <Proxy balancer://puma_servers>
-            BalancerMember unix://${mastodon.railsSocket}|http://
-        </Proxy>
-
-        <Proxy balancer://node_servers>
-            BalancerMember unix://${mastodon.nodeSocket}|ws://localhost
-        </Proxy>
-
-        <Proxy balancer://node_servers_http>
-            BalancerMember unix://${mastodon.nodeSocket}|http://localhost
-        </Proxy>
+        RewriteRule ^/api/v1/streaming/(.+)$ unix://${mastodon.nodeSocket}|http://mastodon.immae.eu/api/v1/streaming/$1 [P,NE,QSA,L]
+        RewriteRule ^/api/v1/streaming/$ unix://${mastodon.nodeSocket}|ws://mastodon.immae.eu/ [P,NE,QSA,L]
+        ProxyPass / unix://${mastodon.railsSocket}|http://mastodon.immae.eu/
+        ProxyPassReverse / unix://${mastodon.railsSocket}|http://mastodon.immae.eu/
 
         Alias /system ${mastodon.varDir}
 
@@ -192,7 +183,7 @@ in {
           Options -MultiViews
         </Directory>
 
-        <Directory ${mastodon.railsRoot}/public/>
+        <Directory ${root}>
           Require all granted
           Options -MultiViews +FollowSymlinks
         </Directory>