diff --git a/flake.lock b/flake.lock index 5d46cb0..b5e1c79 100644 --- a/flake.lock +++ b/flake.lock @@ -79,11 +79,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1669328018, - "narHash": "sha256-aJRMobnNDEXKwoSZFS4hGjGU1WDNxkQ82BVKAEohOfY=", + "lastModified": 1669573161, + "narHash": "sha256-UAOXq+LIX+goAAY2MiC0+zCxdNPaO7NAPTvCQExpIBs=", "owner": "nix-community", "repo": "home-manager", - "rev": "62cb5bcf93896e4dd6b4507dac7ba2e2e3abc9d7", + "rev": "50c9bccb6abc52811a59db620606e016fcde32bd", "type": "github" }, "original": { @@ -102,11 +102,11 @@ }, "locked": { "dir": "contrib", - "lastModified": 1669432527, - "narHash": "sha256-lfjjzg/NFFfP8cFCCKRr36EkQVlcNyMZBCNne6lY1Cs=", + "lastModified": 1669589959, + "narHash": "sha256-jkCvcuk5vqXeqcfBY3srMIEfOZ14FU3KzAsbYdWD6Ps=", "owner": "neovim", "repo": "neovim", - "rev": "84465a8c1583f444d4365b2a70e03cd38ebe7f81", + "rev": "a6f0444ab9b5d8947ff7e48718a6b3a484a096fa", "type": "github" }, "original": { @@ -125,11 +125,11 @@ ] }, "locked": { - "lastModified": 1669450483, - "narHash": "sha256-CP7I2vV8/fnpBjwDVhJluze/9mrmy87U93qAkVDOnQQ=", + "lastModified": 1669623371, + "narHash": "sha256-8+vB/pCYU7taKn7xbwDqfO0UpmeLAcDf7FVX86eVw2w=", "owner": "nix-community", "repo": "neovim-nightly-overlay", - "rev": "7904a5497404a613d2e8658067fb212ed2401fd9", + "rev": "67eb55efa528fc1a1f4a1bbf2765374c4d44bffa", "type": "github" }, "original": { @@ -145,11 +145,11 @@ ] }, "locked": { - "lastModified": 1669451122, - "narHash": "sha256-RW8DYU6nvqsawjnSwJLZZGsLn/3LaSn+G/GLd4dTZew=", + "lastModified": 1669624040, + "narHash": "sha256-E5009djShYtF8eMj1d0XCwOxKrlH9JnstLQfo5w1SAU=", "owner": "nifoc", "repo": "nix-overlay", - "rev": "bf8ce1d598334cde1a31f22b635b9b3467726596", + "rev": "c1d09357ef86cbe47bb36831df746044cd4e6d78", "type": "github" }, "original": { @@ -160,11 +160,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1669443273, - "narHash": "sha256-/Ow9P6dWfkQF/9NKD7+OnMnz5DJr2pVCAUMjU9SwFoo=", + "lastModified": 1669597967, + "narHash": "sha256-R+2NaDkXsYkOpFOhmVR8jBZ77Pq55Z6ilaqwFLLn000=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6b86759692b80e2b563e7f6c608f753de4aad3a7", + "rev": "be9e3762e719211368d186f547f847737baad720", "type": "github" }, "original": { diff --git a/home/programs/nvim/plugins.nix b/home/programs/nvim/plugins.nix index 91c80df..359a7f5 100644 --- a/home/programs/nvim/plugins.nix +++ b/home/programs/nvim/plugins.nix @@ -91,12 +91,12 @@ rec { }; leap-nvim = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "leap.nvim"; - version = "2022-11-22"; + version = "2022-11-28"; src = pkgs.fetchFromGitHub { owner = "ggandor"; repo = "leap.nvim"; - rev = "c5ddd07ff5f436cd8b655154d2a8e8d4c2f29466"; - sha256 = "1j72hsjsip1qa94zx8yx1jz62ikqa2dlqz27qv7mz6801ndh2sz0"; + rev = "f7391b5fe9771d788816383ee3c75e0be92022af"; + sha256 = "1xxlpz6y66h8xs8bfl0bq46gkhvdi275vsmrwbac1lwk76v9b8kq"; fetchSubmodules = false; }; }; @@ -112,12 +112,12 @@ rec { }; }; nvim-treesitter = pkgs.vimPlugins.nvim-treesitter.overrideAttrs (_: { - version = "2022-11-26"; + version = "2022-11-28"; src = pkgs.fetchFromGitHub { owner = "nvim-treesitter"; repo = "nvim-treesitter"; - rev = "5aacb06135a952190933f9bfff923957db8965db"; - sha256 = "1vxjpzg96n15d35lc0wvid3mwy94a48vpjn06b1n8sra384xa338"; + rev = "1821c656d8e42fd8ce6648af58e64268606e8bec"; + sha256 = "05ka90vjq18rwrxcy65q1yw5pwcs2xlzg080v7lsnm024q5f7l9n"; fetchSubmodules = false; }; }); @@ -145,12 +145,12 @@ rec { }; telescope-nvim = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "telescope.nvim"; - version = "2022-11-23"; + version = "2022-11-27"; src = pkgs.fetchFromGitHub { owner = "nvim-telescope"; repo = "telescope.nvim"; - rev = "cea9c75c19d172d2c6f089f21656019734a615cf"; - sha256 = "18ivpbfnxx5hilapcb7n1qq0a5am5sq6zixhb3slsfqqg0a2v8rn"; + rev = "4d77743a8ec4d19b3c47e0d04f3e88f1a933698e"; + sha256 = "1nifl0fkzp7z47vwfpqlp0xn4s47h1mxm2mrmvbr89jzwx7wg8ml"; fetchSubmodules = false; }; }; @@ -214,12 +214,12 @@ rec { }; nvim-lspconfig = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "nvim-lspconfig"; - version = "2022-11-26"; + version = "2022-11-28"; src = pkgs.fetchFromGitHub { owner = "neovim"; repo = "nvim-lspconfig"; - rev = "abe6c99c7489de2c317869cf5dea57a9595a0cca"; - sha256 = "18b2vi0gl48257rwdnaq2xcrhhfmpahmjzcpm3c8k7z43igf8jla"; + rev = "a2817c9d9500079a0340286a88653b41707a92eb"; + sha256 = "0y4db82ysjmff9v9x0whdkhjjdds2v9vxiwgs7fp6pzsq6am13fk"; fetchSubmodules = false; }; }; @@ -258,12 +258,12 @@ rec { }; nvim-navic = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "nvim-navic"; - version = "2022-11-18"; + version = "2022-11-27"; src = pkgs.fetchFromGitHub { owner = "SmiteshP"; repo = "nvim-navic"; - rev = "40c0ab2640a0e17c4fad7e17f260414d18852ce6"; - sha256 = "194r8p8nljvh5jb8i860qp8kr4i16s5q84nc6phqjygwacsq69s8"; + rev = "343e07de11b15f93e44ebd47eb98dce6b7da2e6b"; + sha256 = "14rdzmh8w7qvmvqdv360nba1l2phmmbxs90ifjrxicw21b48jmyi"; fetchSubmodules = false; }; }; @@ -302,34 +302,34 @@ rec { }; LuaSnip = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "LuaSnip"; - version = "2022-11-22"; + version = "2022-11-27"; src = pkgs.fetchFromGitHub { owner = "L3MON4D3"; repo = "LuaSnip"; - rev = "79f647218847b1cd204fede7dd89025e43fd00c3"; - sha256 = "1n99rq71fgasagglzq0sxlvxnprmbqi3jd47q5n59zs0h1q63hyk"; + rev = "3fa5c8d938e4ed9dcfd3e07d13b587cba4f87e7d"; + sha256 = "179wi5hab3sm1m78ari9l9yqm8yjwmbwdg13ag5xwv07wq658a6l"; fetchSubmodules = false; }; }; friendly-snippets = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "friendly-snippets"; - version = "2022-11-16"; + version = "2022-11-27"; src = pkgs.fetchFromGitHub { owner = "rafamadriz"; repo = "friendly-snippets"; - rev = "ef8caa5002e53977779ce8ab18a9c393ed624386"; - sha256 = "1kb3gh0qlbc75qkwy3ybhgsm9gcwbdba75ffhpcbifd6s6rdfj0n"; + rev = "03f91a18022964d80a3f0413ed82cf1dbeba247f"; + sha256 = "0kccng913a37k4i70d4bhr3a5jhmksq4kjglky2cqwkwz3s7bg9a"; fetchSubmodules = false; }; }; nvim-cmp = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "nvim-cmp"; - version = "2022-11-24"; + version = "2022-11-27"; src = pkgs.fetchFromGitHub { owner = "hrsh7th"; repo = "nvim-cmp"; - rev = "4c05626ccd70b1cab777c507b34f36ef27d41cbf"; - sha256 = "185mxjj3r9jhgylr3ai08i5br6xh7jifyqyxgsw9a0plq8qywcvl"; + rev = "93f385c17611039f3cc35e1399f1c0a8cf82f1fb"; + sha256 = "0c9931rb4pf9vj51gqxizvbamq9ycjzy08vq2arm1jkrrr8fkmfc"; fetchSubmodules = false; }; }; @@ -412,12 +412,12 @@ rec { }; cmp-cmdline = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "cmp-cmdline"; - version = "2022-11-13"; + version = "2022-11-27"; src = pkgs.fetchFromGitHub { owner = "hrsh7th"; repo = "cmp-cmdline"; - rev = "8bc9c4a34b223888b7ffbe45c4fe39a7bee5b74d"; - sha256 = "0rx8ncap1dfrgwkx1wsmhybr6cs1kdh0li5hssbhws2d6igij8zq"; + rev = "23c51b2a3c00f6abc4e922dbd7c3b9aca6992063"; + sha256 = "0vffivj94736njjhlazrs0jkc1nyvcdjpw64w38d1lhlyflf4cl7"; fetchSubmodules = false; }; }; @@ -445,12 +445,12 @@ rec { }; nvim-autopairs = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "nvim-autopairs"; - version = "2022-11-24"; + version = "2022-11-28"; src = pkgs.fetchFromGitHub { owner = "windwp"; repo = "nvim-autopairs"; - rev = "5d75276fce887c0cf433bb1b9867717907211063"; - sha256 = "11ivy3iaw672yfgbq92q0xd9s6qijs5rd5464fgdwimqrsac0300"; + rev = "99f696339266c22e7313d6a85a95bd538c3fc226"; + sha256 = "1pv3hfaxd7yifx0n9643wcb9skrqrkzx5x545x944y23xvwvv9di"; fetchSubmodules = false; }; }; @@ -478,12 +478,12 @@ rec { }; nvim-treesitter-textobjects = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "nvim-treesitter-textobjects"; - version = "2022-11-26"; + version = "2022-11-27"; src = pkgs.fetchFromGitHub { owner = "nvim-treesitter"; repo = "nvim-treesitter-textobjects"; - rev = "04c61332a3cb78e56f7455d17d7878b0b7e66270"; - sha256 = "0db6s53540f1z11ffnmbfqbx504qpwzsrs8xxp9b61pgy66lsf3l"; + rev = "98476e7364821989ab9b500e4d20d9ae2c5f6564"; + sha256 = "1gvksha3l3pripy7rsk1axr9n0wmzsh2xr1461vjz3314sdfikyj"; fetchSubmodules = false; }; }; @@ -577,12 +577,12 @@ rec { }; nvim-notify = pkgs.vimUtils.buildVimPluginFrom2Nix { pname = "nvim-notify"; - version = "2022-11-24"; + version = "2022-11-28"; src = pkgs.fetchFromGitHub { owner = "rcarriga"; repo = "nvim-notify"; - rev = "e7cffd0e8c3beaa0df7d06567620afa964bc2963"; - sha256 = "0j2q6wd5izv6y5cj50xildd117zx8ncd93074fp97gdyb2xmp45g"; + rev = "859056ff7aec327255578c7a98ef02d0cd829f65"; + sha256 = "01sas5rv0j6rsjml9ibi9ygzpihdn6g8vz5rpwv4grkh0n844jkh"; fetchSubmodules = false; }; }; diff --git a/secret/hosts/sail.nix b/secret/hosts/sail.nix index 657499e..6891194 100644 Binary files a/secret/hosts/sail.nix and b/secret/hosts/sail.nix differ diff --git a/system/hosts/sail.nix b/system/hosts/sail.nix index 55bc4b7..e1b92f2 100644 --- a/system/hosts/sail.nix +++ b/system/hosts/sail.nix @@ -11,8 +11,12 @@ in ../../hardware/hosts/sail.nix ../nixos/ssh.nix - (import ../nixos/synapse.nix (args // { inherit secret; })) ../nixos/git.nix + + (import ../nixos/mastodon.nix (args // { inherit secret; })) + + (import ../nixos/synapse.nix (args // { inherit secret; })) + (import ../nixos/tailscale.nix (args // { inherit secret; })) ../nixos/arion.nix diff --git a/system/nixos/mastodon.nix b/system/nixos/mastodon.nix new file mode 100644 index 0000000..60f5624 --- /dev/null +++ b/system/nixos/mastodon.nix @@ -0,0 +1,64 @@ +{ secret, ... }: + +{ + services.mastodon = { + enable = true; + + configureNginx = false; + + localDomain = "kempkens.io"; + + streamingPort = 55000; + webPort = 55001; + sidekiqPort = 55002; + enableUnixSocket = false; + + trustedProxy = "172.18.0.4"; + + vapidPublicKeyFile = "/var/lib/mastodon/secrets/vapid-public-key"; + secretKeyBaseFile = "/var/lib/mastodon/secrets/secret-key-base"; + otpSecretFile = "/var/lib/mastodon/secrets/otp-secret"; + vapidPrivateKeyFile = "/var/lib/mastodon/secrets/vapid-private-key"; + + database = { + createLocally = false; + host = "10.99.99.3"; + port = 5432; + name = "mastodon"; + inherit (secret.mastodon.database) user; + inherit (secret.mastodon.database) passwordFile; + }; + + redis = { + createLocally = false; + host = "10.99.99.3"; + port = 6379; + }; + + elasticsearch.host = null; + + smtp = { + createLocally = false; + authenticate = true; + host = "smtp.mailgun.org"; + port = 465; + fromAddress = "mastodon@mg.kempkens.io"; + inherit (secret.mastodon.smtp) user; + inherit (secret.mastodon.smtp) passwordFile; + }; + + automaticMigrations = true; + + mediaAutoRemove = { + enable = true; + startAt = "daily"; + olderThanDays = 21; + }; + + extraConfig = { + WEB_DOMAIN = "mastodon.kempkens.io"; + }; + }; + + networking.firewall.allowedTCPPorts = [ 55000 55001 55002 ]; +} diff --git a/system/nixos/synapse.nix b/system/nixos/synapse.nix index bfb2626..437952d 100644 --- a/system/nixos/synapse.nix +++ b/system/nixos/synapse.nix @@ -82,6 +82,8 @@ "2a01:4f8:c2c:989c::/64" ]; + enable_registration = false; + inherit (secret.synapse) registration_shared_secret; inherit (secret.synapse) macaroon_secret_key; inherit (secret.synapse) form_secret;