-
Notifications
You must be signed in to change notification settings - Fork 0
/
flake.nix
89 lines (83 loc) · 3.28 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
{
inputs.flake-utils.url = "github:numtide/flake-utils";
outputs = { self, flake-utils, nixpkgs }:
flake-utils.lib.eachDefaultSystem (system:
let pkgs = nixpkgs.legacyPackages.${system};
in {
apps.start = let
config = import ./config.nix {
types = {
mastodon = import ./nix/fedi/mastodon;
akkoma = import ./nix/fedi/akkoma;
gotosocial = import ./nix/fedi/gotosocial;
};
};
s6 = (import ./nix/s6.nix {
inherit pkgs;
services = pkgs.lib.attrsets.mapAttrs (_: v: v.service)
(import ./nix/services.nix { inherit pkgs config; });
path = "service";
});
in {
type = "app";
program = let
script = pkgs.writeShellScript "minifedi" ''
oldpath=$PATH
export PATH=${pkgs.gnugrep}/bin:${pkgs.gnused}/bin:${pkgs.coreutils}/bin
if ! [[ -e .is-minifedi ]]; then
echo "please run this from the minifedi directory"
exit 1
fi
mkdir -p data
mkdir -p cert
rm -rf data/run
mkdir data/run
mkdir -p data/logs
${if pkgs.stdenv.isLinux then
"export LOCALE_ARCHIVE=${pkgs.glibcLocales}/lib/locale/locale-archive"
else
""}
export MINIFEDI_CERT=$(pwd)/cert
export MINIFEDI_DATA=$(pwd)/data
export MINIFEDI_RUN=$(pwd)/data/run
export MINIFEDI_LOG=$(pwd)/data/logs
echo "Minifedi is starting! Once they're up, instances will be visible at:"
${pkgs.lib.strings.concatStrings (builtins.map (i: ''
echo "* https://${i.name}.lvh.me"
'') config.instances)}
echo "Instance logs are in ./data/logs."
${if config.mitmproxy then ''
echo "View requests between instances at http://localhost:8081."
'' else
""}
${if pkgs.stdenv.isLinux then ''
echo "=> You'll probably get prompted for a sudo password now. This is just so we can bind to port 80/443; we will acquire cap_net_bind_service then switch back to being $USER."
exec $(PATH=$oldpath which sudo) -E ${pkgs.libcap}/bin/capsh --keep=1 --user="$USER" --inh='cap_net_bind_service' --addamb='cap_net_bind_service' -- -c ${s6.start}
'' else ''
exec ${s6.start}
''}
'';
in "${script}";
};
apps.install-cert = {
type = "app";
program = let
script = pkgs.writeShellScript "minifedi-install-cert" ''
if ! [[ -e .is-minifedi ]]; then
echo "please run this from the minifedi directory"
exit 1
fi
mkdir -p cert
export MINIFEDI_CERT=$(pwd)/cert
CAROOT=$MINIFEDI_CERT ${pkgs.mkcert}/bin/mkcert -install
'';
in "${script}";
};
apps.mk-mastodon = {
type = "app";
program = "${
import ./nix/fedi/mastodon/mk-version { inherit pkgs; }
}/bin/mk-mastodon";
};
});
}