fix(perf): deploy personal page using s3

At the end of the day, we are not going to self-host it

machines/biblios/garage.nix

@@ -53,7 +53,7 @@ in
   services.nginx.virtualHosts."cdn.luj.fr" = {
     enableACME = true;
     forceSSL = true;
-    serverAliases = [ "cdn.social.luj.fr" ];
+    serverAliases = [ "luj.fr" ];
     locations."/".extraConfig = ''
       proxy_pass http://127.0.0.1:3902;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -61,10 +61,10 @@ in
     '';
   };
 
-  machine.meta.zones."luj.fr".subdomains."social".subdomains."cdn".A = [
+  machine.meta.zones."luj.fr".A = [
     config.machine.meta.ips.public.ipv4
   ];
-  machine.meta.zones."luj.fr".subdomains."social".subdomains."cdn".AAAA = [
+  machine.meta.zones."luj.fr".AAAA = [
     config.machine.meta.ips.public.ipv6
   ];
 

machines/gustave/default.nix

@@ -11,12 +11,12 @@
     ./home-julien.nix
     ./nsd.nix
     ./borg.nix
-    ./pages.nix
+    # Performance is not as good as we expected, wait for pages v3
+    #    ./pages.nix
     ./readeck.nix
     ./plausible.nix
     ./nextcloud.nix
     ./glance.nix
-    ./mastodon.nix
   ];
 
   machine.meta = {
@@ -26,6 +26,7 @@
     profiles = with profiles; [
       vm-simple-network
       server
+      behind-sniproxy
     ];
     ips = {
       public.ipv4 = "82.67.34.230";

machines/gustave/mastodon.nix

@@ -1,41 +0,0 @@
-{ config, ... }:
-
-{
-
-  age.secrets."mastodon-env".file = ../../secrets/mastodon-env.age;
-
-  services.mastodon = {
-    enable = true;
-    localDomain = "social.luj.fr";
-    configureNginx = true;
-    extraConfig.SINGLE_USER_MODE = "true";
-    streamingProcesses = 10;
-    extraConfig = {
-      OIDC_ENABLED = "true";
-      OIDC_DISPLAY_NAME = "Luj - SSO";
-      OIDC_DISCOVERY = "true";
-      OIDC_ISSUER = "https://auth.luj.fr/oauth2/openid/mastodon";
-      OIDC_SCOPE = "openid,profile,email";
-      OIDC_UID_FIELD = "email";
-      OIDC_CLIENT_ID = "mastodon";
-      OIDC_REDIRECT_URI = "https://social.luj.fr/auth/auth/openid_connect/callback";
-      OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED = "true";
-      ONE_CLICK_SSO_LOGIN = "true";
-
-      # S3
-      S3_ENABLED = "true";
-      S3_BUCKET = "mastodon";
-      S3_REGION = "paris";
-      S3_ENDPOINT = "https://s3.luj.fr";
-      S3_HOSTNAME = "s3.luj.fr";
-      S3_ALIAS_HOST = "cdn.social.luj.fr";
-      SMTP_SERVER = "mail.luj.fr";
-      SMTP_PORT = "587";
-      SMTP_FROM_ADDRESS = "infra@luj.fr";
-      SMTP_LOGIN = "luj";
-    };
-    extraEnvFiles = [ config.age.secrets."mastodon-env".path ];
-
-  };
-
-}

machines/gustave/nsd.nix

@@ -101,8 +101,6 @@ lib.mkMerge [
     networking.firewall.allowedUDPPorts = [ 53 ];
     networking.firewall.allowedTCPPorts = [ 53 ];
 
-    machine.meta.zones."luj.fr".A = [ config.machine.meta.ips.public.ipv4 ];
-    machine.meta.zones."luj.fr".AAAA = [ config.machine.meta.ips.public.ipv6 ];
     machine.meta.zones."luj.fr".TXT = [ "homepage.luj.luj-static.page" ];
 
     machine.meta.monitors = {

machines/tower/forgejo-runner.nix

@@ -20,6 +20,7 @@
           bash
           coreutils
           curl
+          awscli2
         ];
       };
     };