diff --git a/config/hosts/wind/configuration.nix b/config/hosts/wind/configuration.nix index d375d2a..bf8aeb0 100644 --- a/config/hosts/wind/configuration.nix +++ b/config/hosts/wind/configuration.nix @@ -19,6 +19,7 @@ ./services/restic.nix ./services/vaultwarden.nix ./services/wireguard.nix + ./services/akkoma.nix ./data/secrets/secrets.nix ]; diff --git a/config/hosts/wind/services/akkoma.nix b/config/hosts/wind/services/akkoma.nix new file mode 100644 index 0000000..8e29bb2 --- /dev/null +++ b/config/hosts/wind/services/akkoma.nix @@ -0,0 +1,36 @@ +{ config, ... }: +{ + + services.akkoma = { + enable = true; + config = { + ":pleroma" = { + ":instance" = { + name = "graven.se"; + description = "Graven Fedi"; + email = "charlie@graven.se"; + registration_open = false; + }; + + "Pleroma.Web.Endpoint" = { + url.host = "fedi.graven.se"; + }; + "Pleroma.Web.Webfinger" = { + domain = "graven.se"; + }; + "Pleroma.Upload".filters = + map (pkgs.formats.elixirConf { }).lib.mkRaw + [ + "Pleroma.Upload.Filter.Exiftool" + "Pleroma.Upload.Filter.Dedupe" + "Pleroma.Upload.Filter.AnonymizeFilename" + ]; + }; + }; + nginx = { + enableACME = true; + forceSSL = true; + serverName = "fedi.graven.se" + } + }; +} diff --git a/config/hosts/wind/services/nginx.nix b/config/hosts/wind/services/nginx.nix index 81b3086..b7b7b77 100644 --- a/config/hosts/wind/services/nginx.nix +++ b/config/hosts/wind/services/nginx.nix @@ -21,6 +21,12 @@ ''; }; }; + # Fedi webfinger + "graven.se" = { + enableACME = true; + forceSSL = true; + locations."/.well-known/host-meta".return = "301 https://fedi.graven.se$request_uri"; + }; "amanda.graven.dev" = { enableACME = true; forceSSL = true; diff --git a/config/sources/nix/sources.json b/config/sources/nix/sources.json index 1aad222..5347bd3 100644 --- a/config/sources/nix/sources.json +++ b/config/sources/nix/sources.json @@ -17,10 +17,10 @@ "homepage": "", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "40b1a28dce561bea34858287fbb23052c3ee63fe", - "sha256": "197v6xxdq5j4w8kil6q21ij9x6ng8z6j72brkwwjim23798c2c4n", + "rev": "a351494b0e35fd7c0b7a1aae82f0afddf4907aa8", + "sha256": "1nyr1jrdy2bcm69s4zv2ifpsshrwma68fibrybqwcfi4s5rfsh20", "type": "tarball", - "url": "https://github.com/NixOS/nixos-hardware/archive/40b1a28dce561bea34858287fbb23052c3ee63fe.tar.gz", + "url": "https://github.com/NixOS/nixos-hardware/archive/a351494b0e35fd7c0b7a1aae82f0afddf4907aa8.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nixpkgs": { @@ -29,10 +29,10 @@ "homepage": "", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d03088749a110d52a4739348f39a63f84bb0be14", - "sha256": "0fn62pxa160krchzxj0pfzy79bin984cslvz5c5znbhyxwmq6ip7", + "rev": "fa83fd837f3098e3e678e6cf017b2b36102c7211", + "sha256": "1jig9kwjd52brwfm6n4pipqn1qfjlpasjhfsb8di70cb87z4xdbv", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/d03088749a110d52a4739348f39a63f84bb0be14.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/fa83fd837f3098e3e678e6cf017b2b36102c7211.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nixus": {