-{ env, ruby_2_6, bundlerEnv, defaultGemConfig, yarn2nixPackage, fetchedGithub, stdenv, writeText, pkgs }:
+{ env, mastodon }:
let
varDir = "/var/lib/mastodon_immae";
socketsDir = "/run/mastodon";
- gems = bundlerEnv {
- name = "mastodon-env";
- ruby = ruby_2_6;
- gemset = ./gemset.nix;
- gemdir = (fetchedGithub ./mastodon.json).src;
- groups = [ "default" "production" "test" "development" ];
- gemConfig = defaultGemConfig // {
- redis-rack = attrs: {
- preBuild = ''
- sed -i 's!s\.files.*!!' redis-rack.gemspec
- '';
- };
- tzinfo = attrs: {
- preBuild = ''
- sed -i 's!s\.files.*!!' tzinfo.gemspec
- '';
- };
- cld3 = attrs: {
- buildInputs = with pkgs; [ protobuf protobufc pkgconfig ];
- };
- idn-ruby = attrs: {
- buildInputs = with pkgs; [ libidn ];
- };
- rpam2 = attrs: {
- buildInputs = with pkgs; [ pam ];
- };
- };
- };
- yarnModules = let
- info = fetchedGithub ./mastodon.json;
- packagejson = pkgs.runCommand "package.json" { buildInputs = [ pkgs.jq ]; } ''
- cat ${info.src}/package.json | jq -r '.version = "${info.version}"' > $out
- '';
- in
- yarn2nixPackage.mkYarnModules rec {
- name = "mastodon-yarn";
- pname = name;
- version = info.version;
- packageJSON = packagejson;
- yarnLock = "${info.src}/yarn.lock";
- yarnNix = ./yarn-packages.nix;
- pkgConfig = {
- uws = {
- postInstall = ''
- npx node-gyp rebuild > build_log.txt 2>&1 || true
- '';
- };
- };
- };
- mastodon = stdenv.mkDerivation (fetchedGithub ./mastodon.json // rec {
- installPhase = ''
- cp -a . $out
- cp -a ${yarnModules}/node_modules $out
- '';
- buildInputs = [ yarnModules ];
- });
- config = writeText "mastodon_environment" ''
- REDIS_HOST=${env.redis.host}
- REDIS_PORT=${env.redis.port}
- REDIS_DB=${env.redis.db}
- DB_HOST=${env.postgresql.socket}
- DB_USER=${env.postgresql.user}
- DB_NAME=${env.postgresql.database}
- DB_PASS=${env.postgresql.password}
- DB_PORT=${env.postgresql.port}
-
- LOCAL_DOMAIN=mastodon.immae.eu
- LOCAL_HTTPS=true
- ALTERNATE_DOMAINS=immae.eu
-
- PAPERCLIP_SECRET=${env.paperclip_secret}
- SECRET_KEY_BASE=${env.secret_key_base}
- OTP_SECRET=${env.otp_secret}
-
- VAPID_PRIVATE_KEY=${env.vapid.private}
- VAPID_PUBLIC_KEY=${env.vapid.public}
-
- SMTP_DELIVERY_METHOD=sendmail
- SMTP_FROM_ADDRESS=mastodon@tools.immae.eu
- SENDMAIL_LOCATION="/run/wrappers/bin/sendmail"
- PAPERCLIP_ROOT_PATH=${varDir}
-
- STREAMING_CLUSTER_NUM=1
-
- RAILS_LOG_LEVEL=warn
-
- # LDAP authentication (optional)
- LDAP_ENABLED=true
- LDAP_HOST=ldap.immae.eu
- LDAP_PORT=636
- LDAP_METHOD=simple_tls
- LDAP_BASE="dc=immae,dc=eu"
- LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
- LDAP_PASSWORD="${env.ldap.password}"
- LDAP_UID="uid"
- LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
+ keys.mastodon = {
+ dest = "webapps/tools-mastodon";
+ user = "mastodon";
+ group = "mastodon";
+ permissions = "0400";
+ text = ''
+ REDIS_HOST=${env.redis.host}
+ REDIS_PORT=${env.redis.port}
+ REDIS_DB=${env.redis.db}
+ DB_HOST=${env.postgresql.socket}
+ DB_USER=${env.postgresql.user}
+ DB_NAME=${env.postgresql.database}
+ DB_PASS=${env.postgresql.password}
+ DB_PORT=${env.postgresql.port}
+
+ LOCAL_DOMAIN=mastodon.immae.eu
+ LOCAL_HTTPS=true
+ ALTERNATE_DOMAINS=immae.eu
+
+ PAPERCLIP_SECRET=${env.paperclip_secret}
+ SECRET_KEY_BASE=${env.secret_key_base}
+ OTP_SECRET=${env.otp_secret}
+
+ VAPID_PRIVATE_KEY=${env.vapid.private}
+ VAPID_PUBLIC_KEY=${env.vapid.public}
+
+ SMTP_DELIVERY_METHOD=sendmail
+ SMTP_FROM_ADDRESS=mastodon@tools.immae.eu
+ SENDMAIL_LOCATION="/run/wrappers/bin/sendmail"
+ PAPERCLIP_ROOT_PATH=${varDir}
+
+ STREAMING_CLUSTER_NUM=1
+
+ RAILS_LOG_LEVEL=warn
+
+ # LDAP authentication (optional)
+ LDAP_ENABLED=true
+ LDAP_HOST=ldap.immae.eu
+ LDAP_PORT=636
+ LDAP_METHOD=simple_tls
+ LDAP_BASE="dc=immae,dc=eu"
+ LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
+ LDAP_PASSWORD="${env.ldap.password}"
+ LDAP_UID="uid"
+ LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
'';
+ };
- railsRoot = stdenv.mkDerivation {
- name = "mastodon_immae";
- inherit config mastodon;
- builder = writeText "build_mastodon_immae" ''
- source $stdenv/setup
- set -a
- source $config
- set +a
- cp -a $mastodon $out
- cd $out
- chmod u+rwX . public
- chmod -R u+rwX config/
- sed -i -e 's@^end$@ config.action_mailer.sendmail_settings = { location: ENV.fetch("SENDMAIL_LOCATION", "/usr/sbin/sendmail") }\nend@' config/environments/production.rb
- RAILS_ENV=production ${gems}/bin/rails assets:precompile
- rm -rf tmp/cache
- ln -sf ${varDir}/tmp/cache tmp
- '';
- buildInputs = [ gems gems.ruby pkgs.nodejs pkgs.yarn ];
- };
+ railsRoot = mastodon.override { inherit varDir; };
in
{
- inherit railsRoot config varDir socketsDir gems;
+ inherit varDir railsRoot socketsDir;
+ inherit (railsRoot.passthru) gems;
+ keys = builtins.attrValues keys;
nodeSocket = "${socketsDir}/live_immae_node.sock";
railsSocket = "${socketsDir}/live_immae_puma.sock";
}
projects / perso / Immae / Config / Nix.git / blobdiff