Compare commits

...

3 commits

Author SHA1 Message Date
Update Bot
78c47ff0e4
Update from update-inputs-2024-11-07-04-20 2024-11-07 04:20:15 +01:00
Update Bot
7520b4f33e
flake.lock: Update
Flake lock file updates:

• Updated input 'attic':
    'github:zhaofengli/attic/48c8b395bfbc6b76c7eae74df6c74351255a095c' (2024-10-30)
  → 'github:zhaofengli/attic/d0b66cf897e4d55f03d341562c9821dc4e566e54' (2024-11-06)
• Updated input 'disko':
    'github:nix-community/disko/380847d94ff0fedee8b50ee4baddb162c06678df' (2024-11-03)
  → 'github:nix-community/disko/856a2902156ba304efebd4c1096dbf7465569454' (2024-11-04)
• Updated input 'home-manager':
    'github:nix-community/home-manager/8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661' (2024-11-03)
  → 'github:nix-community/home-manager/2f607e07f3ac7e53541120536708e824acccfaa8' (2024-11-05)
• Updated input 'nixos-hardware':
    'github:nixos/nixos-hardware/f6e0cd5c47d150c4718199084e5764f968f1b560' (2024-11-02)
  → 'github:nixos/nixos-hardware/e1cc1f6483393634aee94514186d21a4871e78d7' (2024-11-06)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/7ffd9ae656aec493492b44d0ddfb28e79a1ea25d' (2024-11-02)
  → 'github:nixos/nixpkgs/4aa36568d413aca0ea84a1684d2d46f55dbabad7' (2024-11-05)
• Updated input 'nixvim':
    'github:nix-community/nixvim/6f210158b03b01a1fd44bf3968165e6da80635ce' (2024-11-02)
  → 'github:nix-community/nixvim/898246c943ba545a79d585093e97476ceb31f872' (2024-11-06)
• Updated input 'nixvim/git-hooks':
    'github:cachix/git-hooks.nix/af8a16fe5c264f5e9e18bcee2859b40a656876cf' (2024-10-30)
  → 'github:cachix/git-hooks.nix/d70155fdc00df4628446352fc58adc640cd705c2' (2024-11-05)
• Updated input 'nixvim/nix-darwin':
    'github:lnl7/nix-darwin/683d0c4cd1102dcccfa3f835565378c7f3cbe05e' (2024-11-01)
  → 'github:lnl7/nix-darwin/0e3f3f017c14467085f15d42343a3aaaacd89bcb' (2024-11-05)
• Updated input 'nixvim/nuschtosSearch':
    'github:NuschtOS/search/9e22bd742480916ff5d0ab20ca2522eaa3fa061e' (2024-11-02)
  → 'github:NuschtOS/search/aa5214c81b904a19f7a54f7a8f288f7902586eee' (2024-11-04)
• Updated input 'nixvim/nuschtosSearch/ixx':
    'github:NuschtOS/ixx/65c207c92befec93e22086da9456d3906a4e999c' (2024-10-21)
  → 'github:NuschtOS/ixx/9fd01aad037f345350eab2cd45e1946cc66da4eb' (2024-10-26)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/e9b5eef9b51cdf966c76143e13a9476725b2f760' (2024-11-03)
  → 'github:Mic92/sops-nix/c5ae1e214ff935f2d3593187a131becb289ea639' (2024-11-06)
• Updated input 'stylix':
    'github:danth/stylix/04afcfc0684d9bbb24bb1dc77afda7c1843ec93b' (2024-10-26)
  → 'github:danth/stylix/762c07ee10b381bc8e085be5b6c2ec43139f13b0' (2024-11-06)
2024-11-07 04:20:13 +01:00
539100f057
florp.social: add dedicated host 2024-11-06 20:32:33 +01:00
4 changed files with 141 additions and 97 deletions

View file

@ -5,30 +5,17 @@
sops.secrets."services/akkoma/deepl" = {
sopsFile = ../../../secrets/services/akkoma.yaml;
};
services.akkoma = {
enable = true;
extraPackages = with pkgs; [ exiftool ffmpeg-headless imagemagick ];
extraStatic."emoji/blobs.gg" = pkgs.akkoma-emoji.blobs_gg;
extraStatic."static/styles.json" = pkgs.writeText "styles.json" (builtins.toJSON {
pleroma-dark = "/static/themes/pleroma-dark.json";
pleroma-light = "/static/themes/pleroma-light.json";
pleroma-amoled = [ "Pleroma Dark AMOLED" "#000000" "#111111" "#b0b0b1" "#d8a070" "#aa0000" "#0fa00f" "#0095ff" "#d59500"];
classic-dark = [ "Classic Dark" "#161c20" "#282e32" "#b9b9b9" "#baaa9c" "#d31014" "#0fa00f" "#0095ff" "#ffa500" ];
bird = [ "Bird" "#f8fafd" "#e6ecf0" "#14171a" "#0084b8" "#e0245e" "#17bf63" "#1b95e0" "#fab81e"];
ir-black = [ "Ir Black" "#000000" "#242422" "#b5b3aa" "#ff6c60" "#FF6C60" "#A8FF60" "#96CBFE" "#FFFFB6" ];
monokai = [ "Monokai" "#272822" "#383830" "#f8f8f2" "#f92672" "#F92672" "#a6e22e" "#66d9ef" "#f4bf75" ];
redmond-xx = "/static/themes/redmond-xx.json";
redmond-xx-se = "/static/themes/redmond-xx-se.json";
redmond-xxi = "/static/themes/redmond-xxi.json";
breezy-dark = "/static/themes/breezy-dark.json";
breezy-light = "/static/themes/breezy-light.json";
paper = "/static/themes/paper.json";
thekanata = "/static/themes/thekanata.json";
ihatebeingalive = "/static/themes/ihatebeingalive.json";
extraStatic."static/styles.json" = pkgs.writeText "styles.json" (builtins.toJSON (
builtins.fromJSON (builtins.readFile "${pkgs.akkoma-fe-domi}/static/styles.json") // {
elly-mod = "/static/themes/elly-mod.json";
});
}
));
extraStatic."static/themes/elly-mod.json" = pkgs.writeText "elly-mod.json" (builtins.readFile ./elly-mod.json);
@ -54,8 +41,25 @@
};
};
services.akkoma.config = let
inherit ((pkgs.formats.elixirConf { }).lib) mkRaw mkAtom mkMap mkTuple;
inherit ((pkgs.formats.elixirConf { }).lib) mkRaw mkAtom mkTuple;
mapAttrsToListOfTuple = attr: lib.mapAttrsToList (name: value: mkTuple [ name value ]) attr;
mkMapOfPredefinedKeys = set: let
string = value: "\"${(lib.escape [ "\\" "#" "\"" ]) value}\"";
toElixir = value:
if value == null then "nil" else
if lib.isString value then string value else
if builtins.isBool value then lib.boolToString value else
if lib.isInt value || lib.isFloat value then toString value else
abort "Not a elixir value ${value}";
entries = attrs: lib.concatStringsSep ", " (lib.mapAttrsToList (name: value:
"${toElixir name}: ${toElixir value}"
) attrs);
in mkRaw "%{${entries set}}";
in {
":pleroma" = {
":instance" = {
@ -75,14 +79,16 @@
registration_reason_length = 2048;
account_approval_required = true;
account_activation_required = true;
federation = false;
federating = false;
federation_incoming_replies_max_depth = 1024;
federation_reachability_timeout_days = 14;
allow_relay = true;
max_pinned_statuses = 10;
max_report_comment_size = 2048;
safe_dm_mentions = true;
remote_post_retention_days = 365;
user_bio_length = 8192;
user_name_length = 64;
max_account_fields = 8;
cleanup_attachments = true;
local_bubble = [
"solitary.social"
@ -95,6 +101,8 @@
"Pleroma.Web.Endpoint".url.host = "florp.social";
"Pleroma.Web.Metadata.Providers.Theme".theme_color = "#070F1C";
"Pleroma.Emails.Mailer" = {
enabled = true;
adapter = mkRaw "Swoosh.Adapters.SMTP";
@ -134,27 +142,36 @@
":mrf".policies = map mkRaw [
"Pleroma.Web.ActivityPub.MRF.SimplePolicy"
"Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy"
"Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy"
];
":mrf_simple" = {
reject = mapAttrsToListOfTuple {
"bae.st" = "harassment";
"brighteon.social" = "incompatible";
"detroitriotcity.com" = "incompatible";
"freeatlantis.com" = "incompatible";
"freespeechextremist.com" = "incompatible";
"gab.com" = "incompatible";
"gleasonator.com" = "incompatible";
"kitsunemimi.club" = "incompatible";
"poa.st" = "incompatible";
"seal.cafe" = "harassment";
"social.quodverum.com" = "incompatible";
"spinster.xyz" = "incompatible";
"truthsocial.co.in" = "incompatible";
"varishangout.net" = "incompatible";
"activitypub-troll.cf" = "security";
"misskey-forkbomb.cf" = "security";
"repl.co" = "security";
"bae.st" = "transphobia / queerphobia";
"brighteon.social" = "transphobia, pro trump";
"detroitriotcity.com" = "transphobia / queerphobia";
"freeatlantis.com" = "harassment";
"freespeechextremist.com" = "N/A";
"gab.com" = "N/A";
"gleasonator.com" = "transphobia";
"kitsunemimi.club" = "transphobia";
"kiwifarms.*" = "N/A";
"poa.st" = "queerphobia / racism / nazis";
"seal.cafe" = "transphobia";
"social.quodverum.com" = "N/A";
"spinster.xyz" = "transphobia";
"truthsocial.co.in" = "N/A";
"varishangout.net" = "transphobia";
"activitypub-troll.cf" = "N/A";
"misskey-forkbomb.cf" = "N/A";
"repl.co" = "N/A";
"rape.pet" = "CP";
"childlove.space" = "CP";
"pedo.school" = "CP";
"loli.church" = "transphobia";
"usasa.ky" = "spam";
"tickler.cc" = "spam";
"shitposter.club" = "transphobia";
};
followers_only = mapAttrsToListOfTuple {
@ -165,7 +182,7 @@
":mrf_object_age".threshold = 180 * 24 * 3600;
":frontend_configurations" = {
pleroma_fe = mkMap {
pleroma_fe = mkMapOfPredefinedKeys {
background = "/images/sylvia-ritter-15012323.avif";
collapseMessageWithSubject = true;
streaming = true;
@ -185,9 +202,10 @@
};
":restrict_unauthenticated" = {
timelines = mkMap {
timelines = mkMapOfPredefinedKeys {
local = false;
federated = true;
federated = false;
bubble = true;
};
};
@ -222,30 +240,8 @@
access_log off;
'';
};
kyouma.nginx.virtualHosts = {
"florp.social" = {
locations."/" = {
proxyPass = "http://unix:/run/akkoma/socket";
proxyWebsockets = true;
};
locations."^/media(/.*)$".return = "308 https://media.florp.social$1";
locations."^/proxy(/.*)$".return = "308 https://cache.florp.social$1";
};
"media.florp.social" = {
useACMEHost = "florp.social";
locations."/" = {
proxyPass = "http://unix:/run/akkoma/socket";
extraConfig = "rewrite ^(?!/media)(.*)$ /media$1;";
};
};
"cache.florp.social" = {
useACMEHost = "florp.social";
locations."/" = {
proxyPass = "http://unix:/run/akkoma/socket";
extraConfig = ''
rewrite ^(?!/proxy)(.*)$ /proxy$1;
kyouma.nginx.virtualHosts = let
proxyCache = ''
proxy_cache akkoma_media_cache;
# Cache objects in slices of 1 MiB
@ -265,8 +261,39 @@
# Allow serving of stale items
proxy_cache_use_stale error timeout invalid_header updating;
'';
in {
"florp.social" = {
serverAliases = map (x: "${x}.florp.social") [ "a" "b" "c" ];
locations."/" = {
proxyPass = "http://unix:/run/akkoma/socket";
proxyWebsockets = true;
};
locations."^/media(/.*)$".return = "308 https://media.florp.social$1";
locations."^/proxy(/.*)$".return = "308 https://cache.florp.social$1";
};
"media.florp.social" = {
useACMEHost = "florp.social";
locations."/" = {
proxyPass = "http://unix:/run/akkoma/socket";
extraConfig = ''
rewrite ^(?!/media)(.*)$ /media$1;
'' + proxyCache;
};
};
"cache.florp.social" = {
useACMEHost = "florp.social";
locations."/" = {
proxyPass = "http://unix:/run/akkoma/socket";
extraConfig = ''
rewrite ^(?!/proxy)(.*)$ /proxy$1;
'' + proxyCache;
};
};
};
security.acme.certs."florp.social".extraDomainNames = [ "cache.florp.social" "media.florp.social" ];
security.acme.certs."florp.social".extraDomainNames = [
"cache.florp.social"
"media.florp.social"
] ++ map (x: "${x}.florp.social") [ "a" "b" "c" ];
}

View file

@ -12,11 +12,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1730257295,
"narHash": "sha256-OQl+aAsKiyygvpzck1u0sZf/R4T9zM903CgNDFmmzA8=",
"lastModified": 1730906442,
"narHash": "sha256-tBuyb8jWBSHHgcIrOfiyQJZGY1IviMzH2V74t7gWfgI=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "48c8b395bfbc6b76c7eae74df6c74351255a095c",
"rev": "d0b66cf897e4d55f03d341562c9821dc4e566e54",
"type": "github"
},
"original": {
@ -483,11 +483,11 @@
]
},
"locked": {
"lastModified": 1730302582,
"narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=",
"lastModified": 1730814269,
"narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf",
"rev": "d70155fdc00df4628446352fc58adc640cd705c2",
"type": "github"
},
"original": {
@ -593,16 +593,16 @@
]
},
"locked": {
"lastModified": 1729544999,
"narHash": "sha256-YcyJLvTmN6uLEBGCvYoMLwsinblXMkoYkNLEO4WnKus=",
"lastModified": 1729958008,
"narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "65c207c92befec93e22086da9456d3906a4e999c",
"rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.0.5",
"ref": "v0.0.6",
"repo": "ixx",
"type": "github"
}
@ -693,11 +693,11 @@
]
},
"locked": {
"lastModified": 1730600078,
"narHash": "sha256-BoyFmE59HDF3uybBySsWVoyjNuHvz3Wv8row/mSb958=",
"lastModified": 1730779758,
"narHash": "sha256-5WI9AnsBwhLzVRnQm3Qn9oAbROnuLDQTpaXeyZCK8qw=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4652874d014b82cb746173ffc64f6a70044daa7e",
"rev": "0e3f3f017c14467085f15d42343a3aaaacd89bcb",
"type": "github"
},
"original": {
@ -795,11 +795,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1730828750,
"narHash": "sha256-XrnZLkLiBYNlwV5gus/8DT7nncF1TS5la6Be7rdVOpI=",
"lastModified": 1730919458,
"narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "2e78b1af8025108ecd6edaa3ab09695b8a4d3d55",
"rev": "e1cc1f6483393634aee94514186d21a4871e78d7",
"type": "github"
},
"original": {
@ -957,11 +957,11 @@
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1730792264,
"narHash": "sha256-Ue3iywjyaNOxXgw7esVSBX3bZzM2bSPubZamYsBKIG8=",
"lastModified": 1730877618,
"narHash": "sha256-HQTKujMb6SwnOqtWA+A7lR4MOCBZUW4vtrkK1E/QweU=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "3d24cb72618738130e6af9c644c81fe42aa34ebc",
"rev": "898246c943ba545a79d585093e97476ceb31f872",
"type": "github"
},
"original": {
@ -980,11 +980,11 @@
]
},
"locked": {
"lastModified": 1730515563,
"narHash": "sha256-8lklUZRV7nwkPLF3roxzi4C2oyLydDXyAzAnDvjkOms=",
"lastModified": 1730760712,
"narHash": "sha256-F4H98tjNgySlSLItuOqHYo9LF85rFoS/Vr0uOrq7BM4=",
"owner": "NuschtOS",
"repo": "search",
"rev": "9e22bd742480916ff5d0ab20ca2522eaa3fa061e",
"rev": "aa5214c81b904a19f7a54f7a8f288f7902586eee",
"type": "github"
},
"original": {
@ -1038,11 +1038,11 @@
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1730746162,
"narHash": "sha256-ZGmI+3AbT8NkDdBQujF+HIxZ+sWXuyT6X8B49etWY2g=",
"lastModified": 1730883027,
"narHash": "sha256-pvXMOJIqRW0trsW+FzRMl6d5PbsM4rWfD5lcKCOrrwI=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "59d6988329626132eaf107761643f55eb979eef1",
"rev": "c5ae1e214ff935f2d3593187a131becb289ea639",
"type": "github"
},
"original": {
@ -1072,11 +1072,11 @@
"tinted-tmux": "tinted-tmux"
},
"locked": {
"lastModified": 1729963473,
"narHash": "sha256-uGjTjvvlGQfQ0yypVP+at0NizI2nrb6kz4wGAqzRGbY=",
"lastModified": 1730924223,
"narHash": "sha256-tGvmW0qih+dCAH9L4BEMYMiHcBoJVZtESbC9WH0EEuw=",
"owner": "danth",
"repo": "stylix",
"rev": "04afcfc0684d9bbb24bb1dc77afda7c1843ec93b",
"rev": "762c07ee10b381bc8e085be5b6c2ec43139f13b0",
"type": "github"
},
"original": {

View file

@ -23,6 +23,11 @@ in {
# Build scripts assume to be used within a Git repository checkout
substituteInPlace src/modules/instance.js \
--replace-fail "widenTimeline: true" 'widenTimeline: "50%"'
substituteInPlace src/i18n/en.json \
--replace-fail "meow" "florp" \
--replace-fail "Meow" "Florp"
sed -E -i '/^let commitHash =/,/;$/clet commitHash = "${builtins.substring 0 7 src.rev}";' \
build/webpack.prod.conf.js
'';

View file

@ -6,6 +6,7 @@ BRANCH="update-inputs-$(date +%Y-%m-%d-%H-%M)"
HYDRA_URL="https://hydra.kyouma.net"
JOBSET_URL="${HYDRA_URL}/jobset/nixfiles/update-inputs"
ROOT="$(mktemp -d)"
START_TIME="$(date +%s)"
gitin () {
git -C "${ROOT}/nixfiles" "$@"
@ -21,20 +22,31 @@ merge_theirs () {
}
test_build () {
local last_error
local build_jobs
build_jobs="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" | jq -r ".builds | .[]")"
for build in ${build_jobs}; do
local build_status
while true; do
local build_finished
build_finished="$(curl --fail -s -L -H "Accept: application/json" "${HYDRA_URL}/build/${build}" | jq -r ".finished")"
[[ ${build_finished} == 1 ]] && break
sleep 5
done
build_status="$(curl --fail -s -L -H "Accept: application/json" "${HYDRA_URL}/build/${build}" | jq -r ".buildstatus")"
[[ $build_status != 0 ]] && echo "Build ${build} failed" && exit 1
[[ $build_status != 0 ]] &&
echo "Build ${build} failed" &&
exit 1
echo "Build ${build} was successful"
done
last_error="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}" | jq -r ".errortime")"
[[ $last_error -gt $START_TIME ]] &&
echo "Evaluation error encountered at $(date +%Y-%m-%d-%H:%M:%S --date="${last_error}")" &&
exit 1
}
wait_for_hydra () {
@ -42,9 +54,9 @@ wait_for_hydra () {
local hydra_rev
local counter
counter=0
git_rev="$(git -C "${ROOT}/nixfiles" rev-parse update-inputs)"
git_rev="$(git -C "${1}/nixfiles" rev-parse update-inputs)"
while true; do
hydra_rev="$(curl -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" | jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")"
hydra_rev="$(curl -s -L -H "Accept: application/json" "${2}/latest-eval" | jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")"
if [[ "${git_rev}" == "${hydra_rev}" ]]; then
echo "Hydra got new commit"
break
@ -87,7 +99,7 @@ gitin push origin update-inputs
echo "Waiting for hydra to get new commit"
export -f wait_for_hydra
timeout 4h bash -c wait_for_hydra
timeout 4h bash -c "wait_for_hydra ${ROOT} ${JOBSET_URL}"
echo "Testing if all build jobs completed successfully"
test_build