]> git.immae.eu Git - perso/Immae/Config/Nix.git/blob - virtual/modules/websites/tools/mastodon/mastodon.nix
projects / perso / Immae / Config / Nix.git / blob
? search:


e6b396bbf927f3b6a738343998f4af5c14c8c31d
[perso/Immae/Config/Nix.git] / virtual / modules / websites / tools / mastodon / mastodon.nix
1 { env, ruby_2_5, bundlerEnv, defaultGemConfig, fetchedGithub, stdenv, writeText, pkgs }:
2 let
3 varDir = "/var/lib/mastodon_immae";
4 socketsDir = "/run/mastodon";
5 gems = bundlerEnv {
6 name = "mastodon-env";
7 ruby = ruby_2_5;
8 gemset = ./gemset.nix;
9 gemdir = (fetchedGithub ./mastodon.json).src;
10 groups = [ "default" "production" "test" "development" ];
11 gemConfig = defaultGemConfig // {
12 cld3 = attrs: {
13 buildInputs = with pkgs; [ protobuf protobufc pkgconfig ];
14 };
15 idn-ruby = attrs: {
16 buildInputs = with pkgs; [ libidn ];
17 };
18 rpam2 = attrs: {
19 buildInputs = with pkgs; [ pam ];
20 };
21 };
22 };
23 yarnModules = let
24 info = fetchedGithub ./mastodon.json;
25 in
26 pkgs.yarn2nix.mkYarnModules {
27 name = "mastodon-yarn-modules";
28 packageJSON = "${info.src}/package.json";
29 yarnLock = "${info.src}/yarn.lock";
30 yarnNix = ./yarn-packages.nix;
31 pkgConfig = {
32 uws = {
33 postInstall = ''
34 node-gyp rebuild > build_log.txt 2>&1 || true
35 '';
36 buildInputs = with pkgs; [ nodePackages.node-gyp ];
37 };
38 node-zopfli = {
39 postInstall = ''
40 node-pre-gyp install --fallback-to-build
41 '';
42 buildInputs = with pkgs; [ nodePackages.node-pre-gyp ];
43 };
44 node-sass = {
45 buildInputs = with pkgs; [ binutils libsass python ];
46 postInstall = let
47 nodeHeaders = pkgs.fetchurl {
48 url = "https://nodejs.org/download/release/v${pkgs.nodejs.version}/node-v${pkgs.nodejs.version}-headers.tar.gz";
49 sha256 = "12zzsf8my43b8qnlacp871ih5vqafl2vlpqp51xp6h3gckn2frwy";
50 };
51 in
52 ''
53 export AR=${pkgs.binutils.bintools}/bin/ar
54 node scripts/build.js --tarball=${nodeHeaders}
55 '';
56 };
57 };
58 };
59 mastodon = stdenv.mkDerivation (fetchedGithub ./mastodon.json // rec {
60 installPhase = ''
61 cp -a . $out
62 cp -a ${yarnModules}/node_modules $out
63 '';
64 buildInputs = [ yarnModules gems ];
65 });
66 config = writeText "mastodon_environment" ''
67 REDIS_HOST=${env.redis.host}
68 REDIS_PORT=${env.redis.port}
69 REDIS_DB=${env.redis.db}
70 DB_HOST=/run/postgresql
71 DB_USER=mastodon
72 DB_NAME=mastodon
73 DB_PASS=${env.postgresql.password}
74 DB_PORT=5432
75
76 LOCAL_DOMAIN=mastodon.immae.eu
77 LOCAL_HTTPS=true
78 ALTERNATE_DOMAINS=immae.eu
79
80 PAPERCLIP_SECRET=${env.paperclip_secret}
81 SECRET_KEY_BASE=${env.secret_key_base}
82 OTP_SECRET=${env.otp_secret}
83
84 VAPID_PRIVATE_KEY=${env.vapid.private}
85 VAPID_PUBLIC_KEY=${env.vapid.public}
86
87 SMTP_SERVER=mail.immae.eu
88 SMTP_PORT=587
89 SMTP_FROM_ADDRESS=notifications@mastodon.immae.eu
90 SMTP_DELIVERY_METHOD=smtp
91 PAPERCLIP_ROOT_PATH=${varDir}
92
93 STREAMING_CLUSTER_NUM=1
94
95 # LDAP authentication (optional)
96 LDAP_ENABLED=true
97 LDAP_HOST=ldap.immae.eu
98 LDAP_PORT=636
99 LDAP_METHOD=simple_tls
100 LDAP_BASE="dc=immae,dc=eu"
101 LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
102 LDAP_PASSWORD="${env.ldap.password}"
103 LDAP_UID="uid"
104 LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
105 '';
106
107 railsRoot = stdenv.mkDerivation {
108 name = "mastodon_immae";
109 inherit config mastodon;
110 builder = writeText "build_mastodon_immae" ''
111 source $stdenv/setup
112 set -a
113 source $config
114 set +a
115 cp -a $mastodon $out
116 cd $out
117 chmod u+rwX . public
118 RAILS_ENV=production ${gems}/bin/rails assets:precompile
119 rm -rf tmp/cache
120 ln -sf ../../../../../../../${varDir}/tmp/cache tmp
121 '';
122 buildInputs = [ gems gems.ruby pkgs.nodejs pkgs.yarn ];
123 };
124 in
125 {
126 inherit railsRoot config varDir socketsDir gems;
127 nodeSocket = "${socketsDir}/live_immae_node.sock";
128 railsSocket = "${socketsDir}/live_immae_puma.sock";
129 }
My infrastructure configuration