nixos/akkoma: check that upload and media proxy base url is specified
new versions of akkoma require the upload base url to be specified in order for updates to work properly. this will be a breaking change in 24.05, but for now a reasonable default is set.
This commit is contained in:
parent
855667eadc
commit
d598b5d88d
@ -402,6 +402,10 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
- The `erlang_node_short_name`, `erlang_node_name`, `port` and `options` configuration parameters are gone, and have been replaced with an `environment` parameter.
|
||||
Use the appropriate [environment variables](https://hexdocs.pm/livebook/readme.html#environment-variables) inside `environment` to configure the service instead.
|
||||
|
||||
- `akkoma` now requires explicitly setting the base URL for uploaded media (`settings."Pleroma.Upload".base_url`), as well as for the media proxy if enabled (`settings."Media"`).
|
||||
This is recommended to be a separate (sub)domain to the one Akkoma is hosted at.
|
||||
See [here](https://meta.akkoma.dev/t/akkoma-stable-2024-03-securer-i-barely-know-her/681#explicit-upload-and-media-proxy-domains-5) for more details.
|
||||
|
||||
- The `crystal` package has been updated to 1.11.x, which has some breaking changes.
|
||||
Refer to crystal's changelog for more information. ([v1.10](https://github.com/crystal-lang/crystal/blob/master/CHANGELOG.md#1100-2023-10-09), [v1.11](https://github.com/crystal-lang/crystal/blob/master/CHANGELOG.md#1110-2024-01-08))
|
||||
|
||||
|
@ -764,6 +764,21 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
"Pleroma.Upload" = let
|
||||
httpConf = cfg.config.":pleroma"."Pleroma.Web.Endpoint".url;
|
||||
in {
|
||||
base_url = mkOption {
|
||||
type = types.nonEmptyStr;
|
||||
default = if lib.versionOlder config.system.stateVersion "24.05"
|
||||
then "${httpConf.scheme}://${httpConf.host}:${builtins.toString httpConf.port}/media/"
|
||||
else null;
|
||||
description = mdDoc ''
|
||||
Base path which uploads will be stored at.
|
||||
Whilst this can just be set to a subdirectory of the main domain, it is now recommended to use a different subdomain.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
":frontends" = mkOption {
|
||||
type = elixirValue;
|
||||
default = mapAttrs
|
||||
@ -781,6 +796,30 @@ in {
|
||||
[{option}`config.services.akkoma.frontends`](#opt-services.akkoma.frontends).
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
":media_proxy" = let
|
||||
httpConf = cfg.config.":pleroma"."Pleroma.Web.Endpoint".url;
|
||||
in {
|
||||
enabled = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = mdDoc ''
|
||||
Whether to enable proxying of remote media through the instance's proxy.
|
||||
'';
|
||||
};
|
||||
base_url = mkOption {
|
||||
type = types.nullOr types.nonEmptyStr;
|
||||
default = if lib.versionOlder config.system.stateVersion "24.05"
|
||||
then "${httpConf.scheme}://${httpConf.host}:${builtins.toString httpConf.port}/media/"
|
||||
else null;
|
||||
description = mdDoc ''
|
||||
Base path for the media proxy.
|
||||
Whilst this can just be set to a subdirectory of the main domain, it is now recommended to use a different subdomain.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
":web_push_encryption" = mkOption {
|
||||
@ -904,6 +943,9 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = optionals (cfg.config.":pleroma".":media_proxy".enabled && cfg.config.":pleroma".":media_proxy".base_url == null) [''
|
||||
`services.akkoma.config.":pleroma".":media_proxy".base_url` must be set when the media proxy is enabled.
|
||||
''];
|
||||
warnings = optionals (with config.security; (!sudo.enable) && (!sudo-rs.enable)) [''
|
||||
The pleroma_ctl wrapper enabled by the installWrapper option relies on
|
||||
sudo, which appears to have been disabled through security.sudo.enable.
|
||||
|
@ -36,7 +36,8 @@ let
|
||||
${pkgs.toot}/bin/toot timeline -1 | grep -F -q "hello world Jamy here"
|
||||
|
||||
# Test file upload
|
||||
${pkgs.toot}/bin/toot upload <(dd if=/dev/zero bs=1024 count=1024 status=none)
|
||||
echo "y" | ${pkgs.toot}/bin/toot upload <(dd if=/dev/zero bs=1024 count=1024 status=none) \
|
||||
| grep -F -q "https://akkoma.nixos.test:443/media"
|
||||
'';
|
||||
|
||||
checkFe = pkgs.writers.writeBashBin "checkFe" ''
|
||||
@ -90,6 +91,9 @@ in
|
||||
"Pleroma.Web.Endpoint" = {
|
||||
url.host = "akkoma.nixos.test";
|
||||
};
|
||||
"Pleroma.Upload" = {
|
||||
base_url = "https://akkoma.nixos.test:443/media/";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user