Compare commits
3 commits
8b2e1d7bdc
...
78c47ff0e4
Author | SHA1 | Date | |
---|---|---|---|
|
78c47ff0e4 | ||
|
7520b4f33e | ||
539100f057 |
4 changed files with 141 additions and 97 deletions
|
@ -5,30 +5,17 @@
|
|||
sops.secrets."services/akkoma/deepl" = {
|
||||
sopsFile = ../../../secrets/services/akkoma.yaml;
|
||||
};
|
||||
|
||||
services.akkoma = {
|
||||
enable = true;
|
||||
extraPackages = with pkgs; [ exiftool ffmpeg-headless imagemagick ];
|
||||
extraStatic."emoji/blobs.gg" = pkgs.akkoma-emoji.blobs_gg;
|
||||
|
||||
extraStatic."static/styles.json" = pkgs.writeText "styles.json" (builtins.toJSON {
|
||||
pleroma-dark = "/static/themes/pleroma-dark.json";
|
||||
pleroma-light = "/static/themes/pleroma-light.json";
|
||||
pleroma-amoled = [ "Pleroma Dark AMOLED" "#000000" "#111111" "#b0b0b1" "#d8a070" "#aa0000" "#0fa00f" "#0095ff" "#d59500"];
|
||||
classic-dark = [ "Classic Dark" "#161c20" "#282e32" "#b9b9b9" "#baaa9c" "#d31014" "#0fa00f" "#0095ff" "#ffa500" ];
|
||||
bird = [ "Bird" "#f8fafd" "#e6ecf0" "#14171a" "#0084b8" "#e0245e" "#17bf63" "#1b95e0" "#fab81e"];
|
||||
ir-black = [ "Ir Black" "#000000" "#242422" "#b5b3aa" "#ff6c60" "#FF6C60" "#A8FF60" "#96CBFE" "#FFFFB6" ];
|
||||
monokai = [ "Monokai" "#272822" "#383830" "#f8f8f2" "#f92672" "#F92672" "#a6e22e" "#66d9ef" "#f4bf75" ];
|
||||
|
||||
redmond-xx = "/static/themes/redmond-xx.json";
|
||||
redmond-xx-se = "/static/themes/redmond-xx-se.json";
|
||||
redmond-xxi = "/static/themes/redmond-xxi.json";
|
||||
breezy-dark = "/static/themes/breezy-dark.json";
|
||||
breezy-light = "/static/themes/breezy-light.json";
|
||||
paper = "/static/themes/paper.json";
|
||||
thekanata = "/static/themes/thekanata.json";
|
||||
ihatebeingalive = "/static/themes/ihatebeingalive.json";
|
||||
extraStatic."static/styles.json" = pkgs.writeText "styles.json" (builtins.toJSON (
|
||||
builtins.fromJSON (builtins.readFile "${pkgs.akkoma-fe-domi}/static/styles.json") // {
|
||||
elly-mod = "/static/themes/elly-mod.json";
|
||||
});
|
||||
}
|
||||
));
|
||||
|
||||
extraStatic."static/themes/elly-mod.json" = pkgs.writeText "elly-mod.json" (builtins.readFile ./elly-mod.json);
|
||||
|
||||
|
@ -54,8 +41,25 @@
|
|||
};
|
||||
};
|
||||
services.akkoma.config = let
|
||||
inherit ((pkgs.formats.elixirConf { }).lib) mkRaw mkAtom mkMap mkTuple;
|
||||
inherit ((pkgs.formats.elixirConf { }).lib) mkRaw mkAtom mkTuple;
|
||||
|
||||
mapAttrsToListOfTuple = attr: lib.mapAttrsToList (name: value: mkTuple [ name value ]) attr;
|
||||
|
||||
mkMapOfPredefinedKeys = set: let
|
||||
string = value: "\"${(lib.escape [ "\\" "#" "\"" ]) value}\"";
|
||||
|
||||
toElixir = value:
|
||||
if value == null then "nil" else
|
||||
if lib.isString value then string value else
|
||||
if builtins.isBool value then lib.boolToString value else
|
||||
if lib.isInt value || lib.isFloat value then toString value else
|
||||
abort "Not a elixir value ${value}";
|
||||
|
||||
entries = attrs: lib.concatStringsSep ", " (lib.mapAttrsToList (name: value:
|
||||
"${toElixir name}: ${toElixir value}"
|
||||
) attrs);
|
||||
in mkRaw "%{${entries set}}";
|
||||
|
||||
in {
|
||||
":pleroma" = {
|
||||
":instance" = {
|
||||
|
@ -75,14 +79,16 @@
|
|||
registration_reason_length = 2048;
|
||||
account_approval_required = true;
|
||||
account_activation_required = true;
|
||||
federation = false;
|
||||
federating = false;
|
||||
federation_incoming_replies_max_depth = 1024;
|
||||
federation_reachability_timeout_days = 14;
|
||||
allow_relay = true;
|
||||
max_pinned_statuses = 10;
|
||||
max_report_comment_size = 2048;
|
||||
safe_dm_mentions = true;
|
||||
remote_post_retention_days = 365;
|
||||
user_bio_length = 8192;
|
||||
user_name_length = 64;
|
||||
max_account_fields = 8;
|
||||
cleanup_attachments = true;
|
||||
local_bubble = [
|
||||
"solitary.social"
|
||||
|
@ -95,6 +101,8 @@
|
|||
|
||||
"Pleroma.Web.Endpoint".url.host = "florp.social";
|
||||
|
||||
"Pleroma.Web.Metadata.Providers.Theme".theme_color = "#070F1C";
|
||||
|
||||
"Pleroma.Emails.Mailer" = {
|
||||
enabled = true;
|
||||
adapter = mkRaw "Swoosh.Adapters.SMTP";
|
||||
|
@ -134,27 +142,36 @@
|
|||
":mrf".policies = map mkRaw [
|
||||
"Pleroma.Web.ActivityPub.MRF.SimplePolicy"
|
||||
"Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy"
|
||||
"Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy"
|
||||
];
|
||||
|
||||
":mrf_simple" = {
|
||||
reject = mapAttrsToListOfTuple {
|
||||
"bae.st" = "harassment";
|
||||
"brighteon.social" = "incompatible";
|
||||
"detroitriotcity.com" = "incompatible";
|
||||
"freeatlantis.com" = "incompatible";
|
||||
"freespeechextremist.com" = "incompatible";
|
||||
"gab.com" = "incompatible";
|
||||
"gleasonator.com" = "incompatible";
|
||||
"kitsunemimi.club" = "incompatible";
|
||||
"poa.st" = "incompatible";
|
||||
"seal.cafe" = "harassment";
|
||||
"social.quodverum.com" = "incompatible";
|
||||
"spinster.xyz" = "incompatible";
|
||||
"truthsocial.co.in" = "incompatible";
|
||||
"varishangout.net" = "incompatible";
|
||||
"activitypub-troll.cf" = "security";
|
||||
"misskey-forkbomb.cf" = "security";
|
||||
"repl.co" = "security";
|
||||
"bae.st" = "transphobia / queerphobia";
|
||||
"brighteon.social" = "transphobia, pro trump";
|
||||
"detroitriotcity.com" = "transphobia / queerphobia";
|
||||
"freeatlantis.com" = "harassment";
|
||||
"freespeechextremist.com" = "N/A";
|
||||
"gab.com" = "N/A";
|
||||
"gleasonator.com" = "transphobia";
|
||||
"kitsunemimi.club" = "transphobia";
|
||||
"kiwifarms.*" = "N/A";
|
||||
"poa.st" = "queerphobia / racism / nazis";
|
||||
"seal.cafe" = "transphobia";
|
||||
"social.quodverum.com" = "N/A";
|
||||
"spinster.xyz" = "transphobia";
|
||||
"truthsocial.co.in" = "N/A";
|
||||
"varishangout.net" = "transphobia";
|
||||
"activitypub-troll.cf" = "N/A";
|
||||
"misskey-forkbomb.cf" = "N/A";
|
||||
"repl.co" = "N/A";
|
||||
"rape.pet" = "CP";
|
||||
"childlove.space" = "CP";
|
||||
"pedo.school" = "CP";
|
||||
"loli.church" = "transphobia";
|
||||
"usasa.ky" = "spam";
|
||||
"tickler.cc" = "spam";
|
||||
"shitposter.club" = "transphobia";
|
||||
};
|
||||
|
||||
followers_only = mapAttrsToListOfTuple {
|
||||
|
@ -165,7 +182,7 @@
|
|||
":mrf_object_age".threshold = 180 * 24 * 3600;
|
||||
|
||||
":frontend_configurations" = {
|
||||
pleroma_fe = mkMap {
|
||||
pleroma_fe = mkMapOfPredefinedKeys {
|
||||
background = "/images/sylvia-ritter-15012323.avif";
|
||||
collapseMessageWithSubject = true;
|
||||
streaming = true;
|
||||
|
@ -185,9 +202,10 @@
|
|||
};
|
||||
|
||||
":restrict_unauthenticated" = {
|
||||
timelines = mkMap {
|
||||
timelines = mkMapOfPredefinedKeys {
|
||||
local = false;
|
||||
federated = true;
|
||||
federated = false;
|
||||
bubble = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -222,30 +240,8 @@
|
|||
access_log off;
|
||||
'';
|
||||
};
|
||||
kyouma.nginx.virtualHosts = {
|
||||
"florp.social" = {
|
||||
locations."/" = {
|
||||
proxyPass = "http://unix:/run/akkoma/socket";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
locations."^/media(/.*)$".return = "308 https://media.florp.social$1";
|
||||
locations."^/proxy(/.*)$".return = "308 https://cache.florp.social$1";
|
||||
};
|
||||
|
||||
"media.florp.social" = {
|
||||
useACMEHost = "florp.social";
|
||||
locations."/" = {
|
||||
proxyPass = "http://unix:/run/akkoma/socket";
|
||||
extraConfig = "rewrite ^(?!/media)(.*)$ /media$1;";
|
||||
};
|
||||
};
|
||||
|
||||
"cache.florp.social" = {
|
||||
useACMEHost = "florp.social";
|
||||
locations."/" = {
|
||||
proxyPass = "http://unix:/run/akkoma/socket";
|
||||
extraConfig = ''
|
||||
rewrite ^(?!/proxy)(.*)$ /proxy$1;
|
||||
kyouma.nginx.virtualHosts = let
|
||||
proxyCache = ''
|
||||
proxy_cache akkoma_media_cache;
|
||||
|
||||
# Cache objects in slices of 1 MiB
|
||||
|
@ -265,8 +261,39 @@
|
|||
# Allow serving of stale items
|
||||
proxy_cache_use_stale error timeout invalid_header updating;
|
||||
'';
|
||||
in {
|
||||
"florp.social" = {
|
||||
serverAliases = map (x: "${x}.florp.social") [ "a" "b" "c" ];
|
||||
locations."/" = {
|
||||
proxyPass = "http://unix:/run/akkoma/socket";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
locations."^/media(/.*)$".return = "308 https://media.florp.social$1";
|
||||
locations."^/proxy(/.*)$".return = "308 https://cache.florp.social$1";
|
||||
};
|
||||
|
||||
"media.florp.social" = {
|
||||
useACMEHost = "florp.social";
|
||||
locations."/" = {
|
||||
proxyPass = "http://unix:/run/akkoma/socket";
|
||||
extraConfig = ''
|
||||
rewrite ^(?!/media)(.*)$ /media$1;
|
||||
'' + proxyCache;
|
||||
};
|
||||
};
|
||||
|
||||
"cache.florp.social" = {
|
||||
useACMEHost = "florp.social";
|
||||
locations."/" = {
|
||||
proxyPass = "http://unix:/run/akkoma/socket";
|
||||
extraConfig = ''
|
||||
rewrite ^(?!/proxy)(.*)$ /proxy$1;
|
||||
'' + proxyCache;
|
||||
};
|
||||
};
|
||||
};
|
||||
security.acme.certs."florp.social".extraDomainNames = [ "cache.florp.social" "media.florp.social" ];
|
||||
security.acme.certs."florp.social".extraDomainNames = [
|
||||
"cache.florp.social"
|
||||
"media.florp.social"
|
||||
] ++ map (x: "${x}.florp.social") [ "a" "b" "c" ];
|
||||
}
|
||||
|
|
56
flake.lock
56
flake.lock
|
@ -12,11 +12,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1730257295,
|
||||
"narHash": "sha256-OQl+aAsKiyygvpzck1u0sZf/R4T9zM903CgNDFmmzA8=",
|
||||
"lastModified": 1730906442,
|
||||
"narHash": "sha256-tBuyb8jWBSHHgcIrOfiyQJZGY1IviMzH2V74t7gWfgI=",
|
||||
"owner": "zhaofengli",
|
||||
"repo": "attic",
|
||||
"rev": "48c8b395bfbc6b76c7eae74df6c74351255a095c",
|
||||
"rev": "d0b66cf897e4d55f03d341562c9821dc4e566e54",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -483,11 +483,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1730302582,
|
||||
"narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=",
|
||||
"lastModified": 1730814269,
|
||||
"narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=",
|
||||
"owner": "cachix",
|
||||
"repo": "git-hooks.nix",
|
||||
"rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf",
|
||||
"rev": "d70155fdc00df4628446352fc58adc640cd705c2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -593,16 +593,16 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729544999,
|
||||
"narHash": "sha256-YcyJLvTmN6uLEBGCvYoMLwsinblXMkoYkNLEO4WnKus=",
|
||||
"lastModified": 1729958008,
|
||||
"narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
|
||||
"owner": "NuschtOS",
|
||||
"repo": "ixx",
|
||||
"rev": "65c207c92befec93e22086da9456d3906a4e999c",
|
||||
"rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NuschtOS",
|
||||
"ref": "v0.0.5",
|
||||
"ref": "v0.0.6",
|
||||
"repo": "ixx",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -693,11 +693,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1730600078,
|
||||
"narHash": "sha256-BoyFmE59HDF3uybBySsWVoyjNuHvz3Wv8row/mSb958=",
|
||||
"lastModified": 1730779758,
|
||||
"narHash": "sha256-5WI9AnsBwhLzVRnQm3Qn9oAbROnuLDQTpaXeyZCK8qw=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "4652874d014b82cb746173ffc64f6a70044daa7e",
|
||||
"rev": "0e3f3f017c14467085f15d42343a3aaaacd89bcb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -795,11 +795,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1730828750,
|
||||
"narHash": "sha256-XrnZLkLiBYNlwV5gus/8DT7nncF1TS5la6Be7rdVOpI=",
|
||||
"lastModified": 1730919458,
|
||||
"narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "2e78b1af8025108ecd6edaa3ab09695b8a4d3d55",
|
||||
"rev": "e1cc1f6483393634aee94514186d21a4871e78d7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -957,11 +957,11 @@
|
|||
"treefmt-nix": "treefmt-nix_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1730792264,
|
||||
"narHash": "sha256-Ue3iywjyaNOxXgw7esVSBX3bZzM2bSPubZamYsBKIG8=",
|
||||
"lastModified": 1730877618,
|
||||
"narHash": "sha256-HQTKujMb6SwnOqtWA+A7lR4MOCBZUW4vtrkK1E/QweU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixvim",
|
||||
"rev": "3d24cb72618738130e6af9c644c81fe42aa34ebc",
|
||||
"rev": "898246c943ba545a79d585093e97476ceb31f872",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -980,11 +980,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1730515563,
|
||||
"narHash": "sha256-8lklUZRV7nwkPLF3roxzi4C2oyLydDXyAzAnDvjkOms=",
|
||||
"lastModified": 1730760712,
|
||||
"narHash": "sha256-F4H98tjNgySlSLItuOqHYo9LF85rFoS/Vr0uOrq7BM4=",
|
||||
"owner": "NuschtOS",
|
||||
"repo": "search",
|
||||
"rev": "9e22bd742480916ff5d0ab20ca2522eaa3fa061e",
|
||||
"rev": "aa5214c81b904a19f7a54f7a8f288f7902586eee",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -1038,11 +1038,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1730746162,
|
||||
"narHash": "sha256-ZGmI+3AbT8NkDdBQujF+HIxZ+sWXuyT6X8B49etWY2g=",
|
||||
"lastModified": 1730883027,
|
||||
"narHash": "sha256-pvXMOJIqRW0trsW+FzRMl6d5PbsM4rWfD5lcKCOrrwI=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "59d6988329626132eaf107761643f55eb979eef1",
|
||||
"rev": "c5ae1e214ff935f2d3593187a131becb289ea639",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -1072,11 +1072,11 @@
|
|||
"tinted-tmux": "tinted-tmux"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729963473,
|
||||
"narHash": "sha256-uGjTjvvlGQfQ0yypVP+at0NizI2nrb6kz4wGAqzRGbY=",
|
||||
"lastModified": 1730924223,
|
||||
"narHash": "sha256-tGvmW0qih+dCAH9L4BEMYMiHcBoJVZtESbC9WH0EEuw=",
|
||||
"owner": "danth",
|
||||
"repo": "stylix",
|
||||
"rev": "04afcfc0684d9bbb24bb1dc77afda7c1843ec93b",
|
||||
"rev": "762c07ee10b381bc8e085be5b6c2ec43139f13b0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -23,6 +23,11 @@ in {
|
|||
# Build scripts assume to be used within a Git repository checkout
|
||||
substituteInPlace src/modules/instance.js \
|
||||
--replace-fail "widenTimeline: true" 'widenTimeline: "50%"'
|
||||
|
||||
substituteInPlace src/i18n/en.json \
|
||||
--replace-fail "meow" "florp" \
|
||||
--replace-fail "Meow" "Florp"
|
||||
|
||||
sed -E -i '/^let commitHash =/,/;$/clet commitHash = "${builtins.substring 0 7 src.rev}";' \
|
||||
build/webpack.prod.conf.js
|
||||
'';
|
||||
|
|
|
@ -6,6 +6,7 @@ BRANCH="update-inputs-$(date +%Y-%m-%d-%H-%M)"
|
|||
HYDRA_URL="https://hydra.kyouma.net"
|
||||
JOBSET_URL="${HYDRA_URL}/jobset/nixfiles/update-inputs"
|
||||
ROOT="$(mktemp -d)"
|
||||
START_TIME="$(date +%s)"
|
||||
|
||||
gitin () {
|
||||
git -C "${ROOT}/nixfiles" "$@"
|
||||
|
@ -21,20 +22,31 @@ merge_theirs () {
|
|||
}
|
||||
|
||||
test_build () {
|
||||
local last_error
|
||||
local build_jobs
|
||||
|
||||
build_jobs="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" | jq -r ".builds | .[]")"
|
||||
for build in ${build_jobs}; do
|
||||
local build_status
|
||||
|
||||
while true; do
|
||||
local build_finished
|
||||
build_finished="$(curl --fail -s -L -H "Accept: application/json" "${HYDRA_URL}/build/${build}" | jq -r ".finished")"
|
||||
[[ ${build_finished} == 1 ]] && break
|
||||
sleep 5
|
||||
done
|
||||
|
||||
build_status="$(curl --fail -s -L -H "Accept: application/json" "${HYDRA_URL}/build/${build}" | jq -r ".buildstatus")"
|
||||
[[ $build_status != 0 ]] && echo "Build ${build} failed" && exit 1
|
||||
[[ $build_status != 0 ]] &&
|
||||
echo "Build ${build} failed" &&
|
||||
exit 1
|
||||
echo "Build ${build} was successful"
|
||||
done
|
||||
|
||||
last_error="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}" | jq -r ".errortime")"
|
||||
[[ $last_error -gt $START_TIME ]] &&
|
||||
echo "Evaluation error encountered at $(date +%Y-%m-%d-%H:%M:%S --date="${last_error}")" &&
|
||||
exit 1
|
||||
}
|
||||
|
||||
wait_for_hydra () {
|
||||
|
@ -42,9 +54,9 @@ wait_for_hydra () {
|
|||
local hydra_rev
|
||||
local counter
|
||||
counter=0
|
||||
git_rev="$(git -C "${ROOT}/nixfiles" rev-parse update-inputs)"
|
||||
git_rev="$(git -C "${1}/nixfiles" rev-parse update-inputs)"
|
||||
while true; do
|
||||
hydra_rev="$(curl -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" | jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")"
|
||||
hydra_rev="$(curl -s -L -H "Accept: application/json" "${2}/latest-eval" | jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")"
|
||||
if [[ "${git_rev}" == "${hydra_rev}" ]]; then
|
||||
echo "Hydra got new commit"
|
||||
break
|
||||
|
@ -87,7 +99,7 @@ gitin push origin update-inputs
|
|||
|
||||
echo "Waiting for hydra to get new commit"
|
||||
export -f wait_for_hydra
|
||||
timeout 4h bash -c wait_for_hydra
|
||||
timeout 4h bash -c "wait_for_hydra ${ROOT} ${JOBSET_URL}"
|
||||
|
||||
echo "Testing if all build jobs completed successfully"
|
||||
test_build
|
||||
|
|
Loading…
Reference in a new issue