virtual/modules/websites/tools/mastodon/mastodon.nix

   1 { env, fetchedGithub, stdenv, writeText, pkgs, cacert }:
   2 let
   3   varDir = "/var/lib/mastodon_immae";
   4   socketsDir = "/run/mastodon";
   5   mastodon = stdenv.mkDerivation (fetchedGithub ./mastodon.json // rec {
   6     buildPhase = ''
   7       export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
   8       export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
   9
  10       bundle install --deployment --without development test
  11       yarn install --pure-lockfile
  12     '';
  13     installPhase = ''
  14       cp -a . $out
  15     '';
  16     propagatedBuildInputs = with pkgs; [
  17       zlib icu libchardet git bundler yarn
  18       protobuf protobufc libidn libpqxx nodejs
  19       imagemagick ffmpeg libxml2 libxslt pkgconfig
  20       autoconf bison libyaml readline ncurses libffi gdbm
  21       jemalloc which postgresql python3 cacert
  22     ];
  23   });
  24   config = writeText "mastodon_environment" ''
  25     REDIS_HOST=localhost
  26     REDIS_PORT=6379
  27     REDIS_DB=13
  28     DB_HOST=/run/postgresql
  29     DB_USER=mastodon
  30     DB_NAME=mastodon
  31     DB_PASS=${env.postgresql.password}
  32     DB_PORT=5432
  33
  34     LOCAL_DOMAIN=mastodon.immae.eu
  35     LOCAL_HTTPS=true
  36     ALTERNATE_DOMAINS=immae.eu
  37
  38     PAPERCLIP_SECRET=${env.paperclip_secret}
  39     SECRET_KEY_BASE=${env.secret_key_base}
  40     OTP_SECRET=${env.otp_secret}
  41
  42     VAPID_PRIVATE_KEY=${env.vapid.private}
  43     VAPID_PUBLIC_KEY=${env.vapid.public}
  44
  45     SMTP_SERVER=mail.immae.eu
  46     SMTP_PORT=587
  47     SMTP_FROM_ADDRESS=notifications@mastodon.immae.eu
  48     SMTP_DELIVERY_METHOD=smtp
  49     PAPERCLIP_ROOT_PATH=${varDir}
  50
  51     STREAMING_CLUSTER_NUM=1
  52
  53     # LDAP authentication (optional)
  54     LDAP_ENABLED=true
  55     LDAP_HOST=ldap.immae.eu
  56     LDAP_PORT=636
  57     LDAP_METHOD=simple_tls
  58     LDAP_BASE="dc=immae,dc=eu"
  59     LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
  60     LDAP_PASSWORD="${env.ldap.password}"
  61     LDAP_UID="uid"
  62     LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
  63     '';
  64
  65     railsRoot = stdenv.mkDerivation {
  66       name = "mastodon_immae";
  67       inherit config mastodon;
  68       builder = writeText "build_mastodon_immae" ''
  69         source $stdenv/setup
  70         set -a
  71         source $config
  72         set +a
  73         cp -a $mastodon $out
  74         cd $out
  75         chmod u+rwX . node_modules public
  76         RAILS_ENV=production bundle exec rails assets:precompile
  77         '';
  78       propagatedBuildInputs = with pkgs; [
  79         zlib icu libchardet git bundler yarn
  80         protobuf protobufc libidn libpqxx nodejs
  81         imagemagick ffmpeg libxml2 libxslt pkgconfig
  82         autoconf bison libyaml readline ncurses libffi gdbm
  83         jemalloc which postgresql python3 cacert
  84       ];
  85     };
  86 in
  87   {
  88     inherit railsRoot config varDir socketsDir;
  89     nodeSocket = "${socketsDir}/live_immae_node.sock";
  90     railsSocket = "${socketsDir}/live_immae_puma.sock";
  91   }