diff --git a/services/social/gts.mod.nix b/services/social/gts.mod.nix new file mode 100644 index 0000000..99cb22c --- /dev/null +++ b/services/social/gts.mod.nix @@ -0,0 +1,105 @@ +{ + aspartame.modules = [ + ( + { + pkgs, + config, + ... + }: { + services.gotosocial = { + enable = true; + package = pkgs.gts; + setupPostgresqlDB = false; + environmentFile = "${config.sops.templates."gts.env.secrets.yaml".path}"; + + settings = { + # # most of these are the defaults but i'm writing them here anyways + ### General config + log-level = "info"; + log-db-queries = "false"; + log-client-ip = "true"; + log-timestamp-format = "2006-01-02T15:04:05.000Z07:00"; + application-name = "RunFromSocial"; + landing-page-user = "root"; + host = "gts.collective-conciousness.monster"; + account-domain = ""; + protocol = "https"; + bind-address = "127.0.0.1"; + port = 8080; + trusted-proxies = [ + "127.0.0.1/32" + "::1" + ]; + + ### Database config - still have to set this up. + db-type = "postgres"; + db-address = "10.24.1.9"; + db-port = "5432"; + # db-password = ""; # commented out because it is being passed through env files. # GTS_DB_PASSWORD + db-database = "gtsdb"; + db-user = "gts"; + db-tls-mode = "disable"; # will probably want to change this at some point ? + db-tls-ca-cert = ""; + db-max-open-conns-multiplier = 8; + db-postgres-connection-string = ""; + cache.memory-target = "500MiB"; + + ### Web config + # web-template-base-dir = "/var/gts/web/template/"; + # web-asset-base-dir = "/var/gts/web/assets/"; + + ### Instance config + instance-languages = [ + "en" + "fr" + "ro" + "zh" + ]; + instance-federation-mode = "allowlist"; + instance-federation-spam-filter = false; + instance-expose-peers = false; + instance-expose-suspended = false; + instance-expose-suspended-web = false; + instance-expose-public-timeline = false; + instance-deliver-to-shared-inboxes = true; + instance-inject-mastodon-version = false; + + ### Accounts config + accounts-registration-open = false; + accounts-reason-required = true; + accounts-allow-custom-css = true; + accounts-custom-css-length = 10000; + + ### Media config + media-local-max-size = "1GiB"; + media-remote-max-size = "50MiB"; + media-description-min-chars = 36; + media-description-max-chars = 16200; + media-emoji-local-max-size = "128KiB"; # may need to increase this in the future. + media-emoji-remote-max-size = "256KiB"; + media-ffmpeg-pool-size = 2; + media-remote-cache-days = 7; + media-cleanup-from = "01:00"; + media-cleanup-every = "24h"; + + ### Storage config + storage-backend = "local"; + storage-local-base-path = "/var/gts/storage"; + # ommited settings related to s3 + + ### Statuses config + statuses-max-chars = 8000; + statuses-poll-max-options = 10; + statuses-poll-option-max-chars = 100; + statuses-media-max-files = 12; + + ### Syslog config + syslog-enabled = true; + syslog-protocol = ""; + syslog-address = ""; + }; + }; + } + ) + ]; +} diff --git a/services/social/murmur.mod.nix b/services/social/murmur.mod.nix new file mode 100644 index 0000000..9cca441 --- /dev/null +++ b/services/social/murmur.mod.nix @@ -0,0 +1,28 @@ +{ + glucose.modules = [ + ( + { + pkgs, + config, + lib, + ... + }: { + services.murmur = { + enable = true; + + environmentFile = "${config.sops.templates."murmur.env.secrets.yaml".path}"; + # the environment variables are provided by, evidently, the environment file. + welcometext = "$MURMUR_WELCOME_MESSAGE"; + # registerPassword = "$MURMUR_REGISTRY_PASSWORD"; # removed as we realized we don't actually want it to be a public server. + password = "$MURMUR_LOGIN_PASSWORD"; + + port = 64738; # tcp/udp - this is the default but i'm writing it out as to not have to dig into the declaration every time i need to know which port it is. + openFirewall = false; + registerName = "Adyya's cave of hushed tones"; + registerUrl = "https://mumble.collective-conciousness.monster"; + registerHostname = "mumble.collective-conciousness.mosnter"; # i vaguely know what the difference between these two are but it is a bit strange, i guess. + }; + } + ) + ]; +}