old
1{config, ...}: {
2 services.gotosocial = {
3 enable = true;
4 settings = {
5 # Basic
6 host = "trin.one";
7 bind-address = "localhost";
8 port = 9291;
9 protocol = "https"; # Final used protocol, should be `https` even when utilizing a reverse proxy.
10 # Storage
11 db-type = "sqlite";
12 db-address = "/var/lib/gotosocial/sqlite.db";
13 storage-backend = "s3";
14 storage-s3-bucket = "trin-one";
15 storage-s3-redirect-url = "https://asset.trin.one";
16 # Instance
17 landing-page-user = "hpcesia";
18 instance-languages = ["zh-Hans" "en"];
19 instance-expose-public-timeline = true;
20 instance-inject-mastodon-version = true;
21 # SMTP
22 smtp-host = "glacier.mxrouting.net";
23 smtp-port = 587;
24 smtp-username = "no-reply@trin.one";
25 smtp-from = "no-reply@trin.one";
26 # OIDC
27 oidc-enabled = true;
28 oidc-idp-name = "Authelia";
29 oidc-issuer = "https://auth.trin.one";
30 oidc-client-id = "gts-trinnon";
31 oidc-scopes = ["openid" "email" "profile" "groups"];
32 oidc-allowed-groups = [];
33 oidc-admin-groups = ["admin"];
34 # Log
35 log-level = "info";
36 log-timestamp-format = "2006-01-02T15:04:05.000Z07:00";
37 # Metric
38 metrics-enabled = true;
39 metrics-auth-enabled = true;
40 metrics-auth-username = "trinnon-metrics";
41 };
42 environmentFile = config.sops.templates.gotosocial-env.path;
43 };
44
45 sops.templates.gotosocial-env = {
46 content = ''
47 GTS_STORAGE_S3_ENDPOINT=${config.sops.placeholder.gotosocial-s3-endpoint}
48 GTS_STORAGE_S3_ACCESS_KEY=${config.sops.placeholder.gotosocial-s3-access-key}
49 GTS_STORAGE_S3_SECRET_KEY=${config.sops.placeholder.gotosocial-s3-secret-key}
50 GTS_OIDC_CLIENT_SECRET=${config.sops.placeholder.gotosocial-oidc-secret}
51 GTS_SMTP_PASSWORD=${config.sops.placeholder.gotosocial-smtp-password}
52 GTS_METRICS_AUTH_PASSWORD=${config.sops.placeholder.gotosocial-metrics-password}
53 '';
54 owner = "root";
55 group = "gotosocial";
56 mode = "0440";
57 };
58}