{ config, inputs, lib, pkgs, ... }: { sops.secrets."services/akkoma/mailerPassword" = { sopsFile = ../../../secrets/services/akkoma.yaml; }; sops.secrets."services/akkoma/deepl" = { sopsFile = ../../../secrets/services/akkoma.yaml; }; services.akkoma = { enable = true; extraPackages = with pkgs; [ exiftool ffmpeg-headless imagemagick ]; extraStatic."emoji/blobs.gg" = pkgs.akkoma-emoji.blobs_gg; extraStatic."emoji/florp" = pkgs.runCommandNoCC "florp" { src = inputs.florp-branding.packages.${config.nixpkgs.hostPlatform.system}.favicon; } '' mkdir $out cp $src $out/florp.png ''; extraStatic."static/styles.json" = pkgs.writeText "styles.json" (builtins.toJSON ( builtins.fromJSON (builtins.readFile "${pkgs.akkoma-fe-domi}/static/styles.json") // { elly-mod = "/static/themes/elly-mod.json"; } )); extraStatic."static/themes/elly-mod.json" = pkgs.writeText "elly-mod.json" (builtins.readFile ./elly-mod.json); extraStatic."static/terms-of-service.html" = pkgs.writeText "terms-of-service.html" ''

Likes are now florps. The timeline goes sideways.

''; extraStatic."images/sylvia-ritter-15012323.avif" = inputs.florp-branding.packages.${config.nixpkgs.hostPlatform.system}.wallpaper; extraStatic."favicon.png" = inputs.florp-branding.packages.${config.nixpkgs.hostPlatform.system}.favicon; frontends = { primary = { package = pkgs.akkoma-fe-domi; name = "akkoma-fe"; ref = "5f0339ce00"; }; admin = { package = pkgs.akkoma-frontends.admin-fe; name = "admin-fe"; ref = "stable"; }; }; }; services.akkoma.config = let inherit ((pkgs.formats.elixirConf { }).lib) mkRaw mkAtom mkTuple; mapAttrsToListOfTuple = attr: lib.mapAttrsToList (name: value: mkTuple [ name value ]) attr; mkMapOfPredefinedKeys = set: let string = value: "\"${(lib.escape [ "\\" "#" "\"" ]) value}\""; toElixir = value: if value == null then "nil" else if lib.isString value then string value else if builtins.isBool value then lib.boolToString value else if lib.isInt value || lib.isFloat value then toString value else abort "Not a elixir value ${value}"; entries = attrs: lib.concatStringsSep ", " (lib.mapAttrsToList (name: value: "${toElixir name}: ${toElixir value}" ) attrs); in mkRaw "%{${entries set}}"; in { ":pleroma" = { ":instance" = { name = "florp.social"; email = "contact@florp.social"; notify_email = "noreply@florp.social"; description = "Likes are now florps. The timeline goes sideways."; instance_thumbnail = "/instance/thumbnail.avif"; limit = 69420; description_limit = 69420; remote_limit = 131072; upload_limit = 160 * 1024 * 1024; avatar_upload_limit = 16 * 1024 * 1024; background_upload_limit = 32 * 1024 * 1024; banner_upload_limit = 32 * 1024 * 1024; registrations_open = true; registration_reason_length = 2048; account_approval_required = true; account_activation_required = true; federating = true; federation_incoming_replies_max_depth = 1024; federation_reachability_timeout_days = 14; allow_relay = true; max_pinned_statuses = 10; max_report_comment_size = 2048; safe_dm_mentions = true; remote_post_retention_days = 365; user_bio_length = 8192; user_name_length = 64; cleanup_attachments = true; local_bubble = [ "solitary.social" "donotsta.re" "chaos.social" "girldick.gay" ]; }; "Pleroma.Captcha".method = mkRaw "Pleroma.Captcha.Kocaptcha"; "Pleroma.Web.Endpoint".url.host = "florp.social"; "Pleroma.Web.Metadata.Providers.Theme".theme_color = "#070F1C"; "Pleroma.Emails.Mailer" = { enabled = true; adapter = mkRaw "Swoosh.Adapters.SMTP"; relay = "mail.kyouma.net"; username = "noreply@florp.social"; password._secret = config.sops.secrets."services/akkoma/mailerPassword".path; port = 465; ssl = true; auth = mkRaw ":always"; }; ":database".rum_enabled = true; ":media_proxy" = { enabled = true; base_url = "https://cache.florp.social"; proxy_opts.redirect_on_failure = true; proxy_opts.max_body_length = 64 * 1024 * 1024; }; ":media_preview_proxy" = { enabled = true; thumbnail_max_width = 1920; thumbnail_max_height = 1080; min_content_length = 128 * 1024; }; "Pleroma.Upload".base_url = "https://media.florp.social"; "Pleroma.Upload".filters = map mkRaw [ "Pleroma.Upload.Filter.Exiftool.ReadDescription" "Pleroma.Upload.Filter.Exiftool.StripMetadata" "Pleroma.Upload.Filter.Dedupe" "Pleroma.Upload.Filter.AnonymizeFilename" ]; ":mrf".policies = map mkRaw [ "Pleroma.Web.ActivityPub.MRF.SimplePolicy" "Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy" "Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy" ]; ":mrf_simple" = { reject = mapAttrsToListOfTuple { "bae.st" = "transphobia / queerphobia"; "brighteon.social" = "transphobia, pro trump"; "detroitriotcity.com" = "transphobia / queerphobia"; "freeatlantis.com" = "harassment"; "freespeechextremist.com" = "N/A"; "gab.com" = "N/A"; "gleasonator.com" = "transphobia"; "kitsunemimi.club" = "transphobia"; "kiwifarms.*" = "N/A"; "poa.st" = "queerphobia / racism / nazis"; "seal.cafe" = "transphobia"; "social.quodverum.com" = "N/A"; "spinster.xyz" = "transphobia"; "truthsocial.co.in" = "N/A"; "varishangout.net" = "transphobia"; "activitypub-troll.cf" = "N/A"; "misskey-forkbomb.cf" = "N/A"; "repl.co" = "N/A"; "rape.pet" = "CP"; "childlove.space" = "CP"; "pedo.school" = "CP"; "loli.church" = "transphobia"; "usasa.ky" = "spam"; "tickler.cc" = "spam"; "shitposter.club" = "transphobia"; }; followers_only = mapAttrsToListOfTuple { "bitcoinhackers.org" = "annoying"; }; }; ":mrf_object_age".threshold = 180 * 24 * 3600; ":frontend_configurations" = { pleroma_fe = mkMapOfPredefinedKeys { background = "/images/sylvia-ritter-15012323.avif"; nsfwCensorImage = "/static/blurhash-overlay.png"; collapseMessageWithSubject = true; streaming = true; webPushNotifications = true; useStreamingApi = true; scopeCopy = true; showFeaturesPanel = false; subjectLineBehavior = "masto"; alwaysShowSubjectInput = true; postContentType = "text/markdown"; modalOnRepeat = true; minimalScopesMode = true; redirectRootNoLogin = "/about"; translationLanguage = "en"; theme = "elly-mod"; }; }; ":restrict_unauthenticated" = { timelines = mkMapOfPredefinedKeys { local = false; federated = false; bubble = true; }; }; ":translator" = { enabled = true; module = mkRaw "Pleroma.Akkoma.Translators.DeepL"; }; ":deepl" = { tier = mkAtom ":free"; api_key._secret = config.sops.secrets."services/akkoma/deepl".path; }; }; ":web_push_encryption".":vapid_details" = { subject = "mailto:contact@florp.social"; }; ":joken".":default_signer"._secret = "/var/lib/secrets/akkoma/jwt-signer"; }; services.postgresql.enable = true; services.postgresql.extraPlugins = [ pkgs.postgresql16Packages.rum ]; services.nginx = { clientMaxBodySize = "256m"; commonHttpConfig = '' proxy_cache_path /var/cache/nginx/akkoma-media-cache levels= keys_zone=akkoma_media_cache:32m max_size=32g inactive=1y use_temp_path=off; access_log off; ''; }; kyouma.nginx.virtualHosts = let proxyCache = '' proxy_cache akkoma_media_cache; # Cache objects in slices of 1 MiB slice 1m; proxy_cache_key $host$uri$is_args$args$slice_range; proxy_set_header Range $slice_range; # Decouple proxy and upstream responses proxy_buffering on; proxy_cache_lock on; proxy_ignore_client_abort on; # Default cache times for various responses proxy_cache_valid 200 1y; proxy_cache_valid 206 301 304 1h; # Allow serving of stale items proxy_cache_use_stale error timeout invalid_header updating; ''; in { "florp.social" = { serverAliases = map (x: "${x}.florp.social") [ "a" "b" "c" ]; locations."/" = { proxyPass = "http://unix:/run/akkoma/socket"; proxyWebsockets = true; }; locations."^/media(/.*)$".return = "308 https://media.florp.social$1"; locations."^/proxy(/.*)$".return = "308 https://cache.florp.social$1"; }; "media.florp.social" = { useACMEHost = "florp.social"; locations."/" = { proxyPass = "http://unix:/run/akkoma/socket"; extraConfig = '' rewrite ^(?!/media)(.*)$ /media$1; '' + proxyCache; }; }; "cache.florp.social" = { useACMEHost = "florp.social"; locations."/" = { proxyPass = "http://unix:/run/akkoma/socket"; extraConfig = '' rewrite ^(?!/proxy)(.*)$ /proxy$1; '' + proxyCache; }; }; }; security.acme.certs."florp.social".extraDomainNames = [ "cache.florp.social" "media.florp.social" ] ++ map (x: "${x}.florp.social") [ "a" "b" "c" ]; }