diff --git a/README.md b/README.md index 60a3aeb..7bda54c 100644 --- a/README.md +++ b/README.md @@ -31,28 +31,14 @@ module has options, they can be found in the `options.nix` file inside the module directory. More general options used by multiple modules are documented in `modules/options.nix`. -### Modules - -Modules listed here may be unimplemented or unfinished. - -#### Basic +### Module Checklist - [x] `basic` - Basic Internet support - [x] `ssh` - SSH support -- [x] `fail2ban` - IP moderation - -#### Public Sites - - [ ] `site` - Static site hosting +- [x] `fail2ban` - IP moderation - [x] `forgejo` - Code forge - -#### Social - -- [x] `mastodon` - Mastodon server instance - [ ] `mail` - Mail server - -#### Storage - - [ ] `cachix` - Nix build caching - [ ] `backup` - Automated backup system diff --git a/aether/config.nix b/aether/config.nix index df8203a..bc9b490 100644 --- a/aether/config.nix +++ b/aether/config.nix @@ -1,4 +1,4 @@ -{ pkgs, aether, forgejo-tokyo-night, ... }: +{ config, lib, pkgs, aether, forgejo-tokyo-night, ... }: { networking.hostName = "toki-aether"; time.timeZone = "America/New_York"; @@ -65,14 +65,5 @@ federation.ENABLED = true; }; - aether.mastodon.subdomain = "social"; - services.mastodon = { - package = pkgs.mastodon.override { - patches = [ ./mastodon/increase_limits.patch ]; - }; - extraConfig.SINGLE_USER_MODE = "true"; - streamingProcesses = 3; - }; - system.stateVersion = "24.05"; } diff --git a/aether/mastodon/increase_limits.patch b/aether/mastodon/increase_limits.patch deleted file mode 100644 index 33178e4..0000000 --- a/aether/mastodon/increase_limits.patch +++ /dev/null @@ -1,41 +0,0 @@ -diff --git a/app/javascript/mastodon/features/compose/containers/compose_form_container.js b/app/javascript/mastodon/features/compose/containers/compose_form_container.js -index bda2edb..1be1ce2 100644 ---- a/app/javascript/mastodon/features/compose/containers/compose_form_container.js -+++ b/app/javascript/mastodon/features/compose/containers/compose_form_container.js -@@ -28,7 +28,7 @@ const mapStateToProps = state => ({ - anyMedia: state.getIn(['compose', 'media_attachments']).size > 0, - isInReply: state.getIn(['compose', 'in_reply_to']) !== null, - lang: state.getIn(['compose', 'language']), -- maxChars: state.getIn(['server', 'server', 'configuration', 'statuses', 'max_characters'], 500), -+ maxChars: state.getIn(['server', 'server', 'configuration', 'statuses', 'max_characters'], 1000000), - }); - - const mapDispatchToProps = (dispatch) => ({ -diff --git a/app/validators/poll_validator.rb b/app/validators/poll_validator.rb -index a327277..5d3134d 100644 ---- a/app/validators/poll_validator.rb -+++ b/app/validators/poll_validator.rb -@@ -1,8 +1,8 @@ - # frozen_string_literal: true - - class PollValidator < ActiveModel::Validator -- MAX_OPTIONS = 4 -- MAX_OPTION_CHARS = 50 -+ MAX_OPTIONS = 100 -+ MAX_OPTION_CHARS = 1000 - MAX_EXPIRATION = 1.month.freeze - MIN_EXPIRATION = 5.minutes.freeze - -diff --git a/app/validators/status_length_validator.rb b/app/validators/status_length_validator.rb -index dc841de..f0f1b25 100644 ---- a/app/validators/status_length_validator.rb -+++ b/app/validators/status_length_validator.rb -@@ -1,7 +1,7 @@ - # frozen_string_literal: true - - class StatusLengthValidator < ActiveModel::Validator -- MAX_CHARS = 500 -+ MAX_CHARS = 1000000 - URL_PLACEHOLDER_CHARS = 23 - URL_PLACEHOLDER = 'x' * 23 - diff --git a/flake.lock b/flake.lock index c563597..0e34e11 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1736955230, - "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "lastModified": 1723293904, + "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", "owner": "ryantm", "repo": "agenix", - "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", "type": "github" }, "original": { @@ -74,11 +74,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743448293, - "narHash": "sha256-bmEPmSjJakAp/JojZRrUvNcDX2R5/nuX6bm+seVaGhs=", + "lastModified": 1736344531, + "narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "77b584d61ff80b4cef9245829a6f1dfad5afdfa3", + "rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912", "type": "github" }, "original": { diff --git a/modules/forgejo/options.nix b/modules/forgejo/options.nix index 6a4d101..102255d 100644 --- a/modules/forgejo/options.nix +++ b/modules/forgejo/options.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +args@{ config, lib, ... }: { imports = [ ../options.nix ]; @@ -49,4 +49,11 @@ }; }; }; + + config.assertions = lib.mkIf config.aether.https [ + { + assertion = !(builtins.isNull config.aether.acmeEmail); + message = "HTTPS support requires providing a contact email"; + } + ]; } diff --git a/modules/mastodon/default.nix b/modules/mastodon/default.nix deleted file mode 100644 index 5b4495f..0000000 --- a/modules/mastodon/default.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, lib, ... }: -let - cfg = config.aether.mastodon; - mastodon = config.services.mastodon; - - useSubdomain = !(builtins.isNull cfg.subdomain); - domain = lib.optionalString useSubdomain "${cfg.subdomain}." - + config.aether.domain; -in { - imports = [ ./options.nix ]; - - services.mastodon = { - enable = true; - user = cfg.user; - group = mastodon.user; - localDomain = domain; - configureNginx = true; - smtp.fromAddress = cfg.email; - }; - - security.acme.acceptTerms = true; - security.acme.defaults.email = config.aether.acmeEmail; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - users.users = lib.mkIf (cfg.createUser && mastodon.user != "mastodon") { - ${mastodon.user} = { - home = mastodon.package; - useDefaultShell = true; - group = mastodon.group; - isSystemUser = true; - }; - }; - users.groups = lib.mkIf (cfg.createUser && mastodon.group != "mastodon") { - ${mastodon.group} = {}; - }; -} diff --git a/modules/mastodon/options.nix b/modules/mastodon/options.nix deleted file mode 100644 index 259df26..0000000 --- a/modules/mastodon/options.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, lib, ... }: -{ - imports = [ ../options.nix ]; - - options.aether = { - mastodon = { - subdomain = lib.mkOption { - type = lib.types.nullOr lib.types.str; - default = "mastodon"; - description = '' - The subdomain to host Mastodon under. - - If null, then Mastodon is hosted at the domain itself. - ''; - }; - - user = lib.mkOption { - type = lib.types.str; - default = "mastodon"; - description = '' - The user to run Mastodon with. - ''; - }; - - createUser = lib.mkOption { - type = lib.types.bool; - default = true; - description = '' - Whether to create the Mastodon user automatically. - ''; - }; - - email = lib.mkOption { - type = lib.types.str; - default = config.aether.acmeEmail; - description = '' - The email address used by Mastodon to send emails from. - ''; - }; - }; - }; -} diff --git a/modules/options.nix b/modules/options.nix index 09ca8bd..a482a52 100644 --- a/modules/options.nix +++ b/modules/options.nix @@ -9,17 +9,13 @@ https = lib.mkOption { type = lib.types.boolByOr; default = true; - description = '' - Whether to force HTTPS connections for websites. - - This option is ignored if the service strictly requires HTTPS. - ''; + description = "Whether to force HTTPS connections for websites."; }; acmeEmail = lib.mkOption { - type = lib.types.str; + type = lib.types.nullOr lib.types.str; default = null; - description = "Email address to provide to the ACME service."; + description = "Email address for ACME."; }; }; }