mirror of
https://github.com/JulienMalka/snowfield.git
synced 2025-03-25 21:30:52 +01:00
41 lines
1.1 KiB
Nix
41 lines
1.1 KiB
Nix
{ config, ... }:
|
|
|
|
{
|
|
|
|
age.secrets."mastodon-env".file = ../../secrets/mastodon-env.age;
|
|
|
|
services.mastodon = {
|
|
enable = true;
|
|
localDomain = "social.luj.fr";
|
|
configureNginx = true;
|
|
extraConfig.SINGLE_USER_MODE = "true";
|
|
streamingProcesses = 10;
|
|
extraConfig = {
|
|
OIDC_ENABLED = "true";
|
|
OIDC_DISPLAY_NAME = "Luj - SSO";
|
|
OIDC_DISCOVERY = "true";
|
|
OIDC_ISSUER = "https://auth.luj.fr/oauth2/openid/mastodon";
|
|
OIDC_SCOPE = "openid,profile,email";
|
|
OIDC_UID_FIELD = "email";
|
|
OIDC_CLIENT_ID = "mastodon";
|
|
OIDC_REDIRECT_URI = "https://social.luj.fr/auth/auth/openid_connect/callback";
|
|
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED = "true";
|
|
ONE_CLICK_SSO_LOGIN = "true";
|
|
|
|
# S3
|
|
S3_ENABLED = "true";
|
|
S3_BUCKET = "mastodon";
|
|
S3_REGION = "paris";
|
|
S3_ENDPOINT = "https://s3.luj.fr";
|
|
S3_HOSTNAME = "s3.luj.fr";
|
|
S3_ALIAS_HOST = "cdn.social.luj.fr";
|
|
SMTP_SERVER = "mail.luj.fr";
|
|
SMTP_PORT = "587";
|
|
SMTP_FROM_ADDRESS = "infra@luj.fr";
|
|
SMTP_LOGIN = "luj";
|
|
};
|
|
extraEnvFiles = [ config.age.secrets."mastodon-env".path ];
|
|
|
|
};
|
|
|
|
}
|