From 4ef04e31a802392b5a26714f8188aba2776f9d13 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 09:01:07 -0500 Subject: [PATCH 01/56] try to fix podman mastodon net script --- modules/nixos/mastodon/default.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 685dbf6..b5adbd7 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -108,6 +108,8 @@ in { serviceConfig = { Group = "podman"; Type = "oneshot"; + Restart = "on-failure"; + StartLimitInterval = 5; ProtectSystem = "strict"; ProtectHostname = true; ProtectClock = true; @@ -125,14 +127,14 @@ in { }; wantedBy = [ # "multi-user.target" - "podman-mastodon-web.service" + # "podman-mastodon-web.service" "podman-mastodon-db.service" "podman-mastodon-redis.service" - # "podman-mastodon-es.service" - "podman-mastodon-streaming.service" - "podman-mastodon-sidekiq.service" + # "podman-mastodon-streaming.service" + # "podman-mastodon-sidekiq.service" ]; path = [pkgs.podman]; + preStart = "/usr/bin/env sleep 2"; script = '' podman network exists mastodon || podman network create mastodon ''; From 97198d9f9ebf06da5f2ea71727552a9a5321ae6e Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 09:04:10 -0500 Subject: [PATCH 02/56] remove containers for now --- modules/nixos/mastodon/default.nix | 59 +++++++++++++++--------------- 1 file changed, 30 insertions(+), 29 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index b5adbd7..6610efa 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -109,7 +109,7 @@ in { Group = "podman"; Type = "oneshot"; Restart = "on-failure"; - StartLimitInterval = 5; + ProtectSystem = "strict"; ProtectHostname = true; ProtectClock = true; @@ -125,6 +125,7 @@ in { ExecPaths = ["/nix/store"]; NoExecPaths = ["/"]; }; + unitConfig = {StartLimitInterval = 5;}; wantedBy = [ # "multi-user.target" # "podman-mastodon-web.service" @@ -134,46 +135,46 @@ in { # "podman-mastodon-sidekiq.service" ]; path = [pkgs.podman]; - preStart = "/usr/bin/env sleep 2"; + preStart = "/usr/bin/env sleep 4"; script = '' podman network exists mastodon || podman network create mastodon ''; }; virtualisation.oci-containers.containers = { - mastodon-db = { - image = "postgres:14-alpine"; - user = "mastodon"; - - autoStart = true; - extraOptions = [ - "--network=mastodon" - "--shm-size=268435456" - ]; + # mastodon-db = { + # image = "postgres:14-alpine"; + # user = "mastodon"; - environment = { - POSTGRES_HOST_AUTH_METHOD = "trust"; - }; + # autoStart = true; + # extraOptions = [ + # "--network=mastodon" + # "--shm-size=268435456" + # ]; - volumes = [ - "mastodon_postgresql-data:/var/lib/postgresql/data" - ]; - }; + # environment = { + # POSTGRES_HOST_AUTH_METHOD = "trust"; + # }; - mastodon-redis = { - image = "redis:7-alpine"; + # volumes = [ + # "mastodon_postgresql-data:/var/lib/postgresql/data" + # ]; + # }; - user = "mastodon"; + # mastodon-redis = { + # image = "redis:7-alpine"; - autoStart = true; - extraOptions = [ - "--network=mastodon" - ]; + # user = "mastodon"; - volumes = [ - "mastodon_redis-data:/data" - ]; - }; + # autoStart = true; + # extraOptions = [ + # "--network=mastodon" + # ]; + + # volumes = [ + # "mastodon_redis-data:/data" + # ]; + # }; # mastodon-web = { # image = "ghcr.io/mastodon/mastodon:v${version}"; From 04839027a0f3b6e8cc93ba24f1bd39c2912a4b96 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 09:06:37 -0500 Subject: [PATCH 03/56] re-enable postgres and redis db's --- modules/nixos/mastodon/default.nix | 54 +++++++++++++++--------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 6610efa..2f70156 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -142,39 +142,39 @@ in { }; virtualisation.oci-containers.containers = { - # mastodon-db = { - # image = "postgres:14-alpine"; - # user = "mastodon"; - - # autoStart = true; - # extraOptions = [ - # "--network=mastodon" - # "--shm-size=268435456" - # ]; + mastodon-db = { + image = "postgres:14-alpine"; + user = "mastodon"; + + autoStart = true; + extraOptions = [ + "--network=mastodon" + "--shm-size=268435456" + ]; - # environment = { - # POSTGRES_HOST_AUTH_METHOD = "trust"; - # }; + environment = { + POSTGRES_HOST_AUTH_METHOD = "trust"; + }; - # volumes = [ - # "mastodon_postgresql-data:/var/lib/postgresql/data" - # ]; - # }; + volumes = [ + "mastodon_postgresql-data:/var/lib/postgresql/data" + ]; + }; - # mastodon-redis = { - # image = "redis:7-alpine"; + mastodon-redis = { + image = "redis:7-alpine"; - # user = "mastodon"; + user = "mastodon"; - # autoStart = true; - # extraOptions = [ - # "--network=mastodon" - # ]; + autoStart = true; + extraOptions = [ + "--network=mastodon" + ]; - # volumes = [ - # "mastodon_redis-data:/data" - # ]; - # }; + volumes = [ + "mastodon_redis-data:/data" + ]; + }; # mastodon-web = { # image = "ghcr.io/mastodon/mastodon:v${version}"; From 94e9c6c45a7e363157e4e4e6d1d1bcafc41705db Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 09:09:37 -0500 Subject: [PATCH 04/56] remove container user thing to test --- modules/nixos/mastodon/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 2f70156..84cd9d2 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -144,7 +144,7 @@ in { virtualisation.oci-containers.containers = { mastodon-db = { image = "postgres:14-alpine"; - user = "mastodon"; + # user = "mastodon"; autoStart = true; extraOptions = [ @@ -164,7 +164,7 @@ in { mastodon-redis = { image = "redis:7-alpine"; - user = "mastodon"; + # user = "mastodon"; autoStart = true; extraOptions = [ From a3c3fade4156626ee77a60fdddd836e5262bef2a Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 09:11:58 -0500 Subject: [PATCH 05/56] reactivate all containers; remove "mastodon" system user --- machines/nixos/ashokan/default.nix | 1 - modules/nixos/mastodon/default.nix | 163 ++++++++++++++--------------- 2 files changed, 77 insertions(+), 87 deletions(-) diff --git a/machines/nixos/ashokan/default.nix b/machines/nixos/ashokan/default.nix index f48f8d0..3e16beb 100644 --- a/machines/nixos/ashokan/default.nix +++ b/machines/nixos/ashokan/default.nix @@ -54,7 +54,6 @@ secretsDir = ../../../secrets; chownPodman = file: { inherit file; - owner = "mastodon"; group = "podman"; mode = "0400"; }; diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 84cd9d2..b9a0d60 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -99,10 +99,10 @@ in { config = with lib; mkIf cfg.enable { - users.users.mastodon = { - isSystemUser = true; - group = "podman"; - }; + # users.users.mastodon = { + # isSystemUser = true; + # group = "podman"; + # }; systemd.services.podman-create-mastodon-net = { serviceConfig = { @@ -144,7 +144,6 @@ in { virtualisation.oci-containers.containers = { mastodon-db = { image = "postgres:14-alpine"; - # user = "mastodon"; autoStart = true; extraOptions = [ @@ -164,8 +163,6 @@ in { mastodon-redis = { image = "redis:7-alpine"; - # user = "mastodon"; - autoStart = true; extraOptions = [ "--network=mastodon" @@ -176,85 +173,79 @@ in { ]; }; - # mastodon-web = { - # image = "ghcr.io/mastodon/mastodon:v${version}"; - # cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; - - # user = "mastodon"; - - # autoStart = true; - # extraOptions = [ - # "--runtime=${pkgs.gvisor}/bin/runsc" - # "--network=mastodon" - # ]; - - # environment = env; - # environmentFiles = secretEnvFiles; - - # volumes = [ - # "mastodon_system-data:/opt/mastodon/public/system" - # ]; - - # dependsOn = [ - # "mastodon-db" - # "mastodon-redis" - # # "mastodon-es" - # ]; - - # ports = [ - # "${toString cfg.mastodonWebPort}:3000" - # ]; - # }; - - # mastodon-streaming = { - # image = "ghcr.io/mastodon/mastodon-streaming:v${version}"; - # cmd = ["node" "./streaming/index.js"]; - - # user = "mastodon"; - - # autoStart = true; - # extraOptions = [ - # "--runtime=${pkgs.gvisor}/bin/runsc" - # "--network=mastodon" - # ]; - - # environment = env; - # environmentFiles = secretEnvFiles; - - # ports = [ - # "${builtins.toString cfg.mastodonStreamPort}:4000" - # ]; - - # dependsOn = [ - # "mastodon-db" - # "mastodon-redis" - # ]; - # }; - - # mastodon-sidekiq = { - # image = "ghcr.io/mastodon/mastodon:v${version}"; - # cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_CONCURRENCY}"]; - - # user = "mastodon"; - - # autoStart = true; - # extraOptions = [ - # "--network=mastodon" - # "--cap-add=NET_BIND_SERVICE" - # ]; - - # environment = env; - # environmentFiles = secretEnvFiles; - - # volumes = [ - # "mastodon_system-data:/opt/mastodon/public/system" - # ]; - - # dependsOn = [ - # "mastodon-db" - # "mastodon-redis" - # ]; - # }; + mastodon-web = { + image = "ghcr.io/mastodon/mastodon:v${version}"; + cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; + + autoStart = true; + extraOptions = [ + "--runtime=${pkgs.gvisor}/bin/runsc" + "--network=mastodon" + ]; + + environment = env; + environmentFiles = secretEnvFiles; + + volumes = [ + "mastodon_system-data:/opt/mastodon/public/system" + ]; + + dependsOn = [ + "mastodon-db" + "mastodon-redis" + # "mastodon-es" + ]; + + ports = [ + "${toString cfg.mastodonWebPort}:3000" + ]; + }; + + mastodon-streaming = { + image = "ghcr.io/mastodon/mastodon-streaming:v${version}"; + cmd = ["node" "./streaming/index.js"]; + + autoStart = true; + extraOptions = [ + "--runtime=${pkgs.gvisor}/bin/runsc" + "--network=mastodon" + ]; + + environment = env; + environmentFiles = secretEnvFiles; + + ports = [ + "${builtins.toString cfg.mastodonStreamPort}:4000" + ]; + + dependsOn = [ + "mastodon-db" + "mastodon-redis" + ]; + }; + + mastodon-sidekiq = { + image = "ghcr.io/mastodon/mastodon:v${version}"; + cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_CONCURRENCY}"]; + + autoStart = true; + extraOptions = [ + "--network=mastodon" + "--cap-add=NET_BIND_SERVICE" + ]; + + environment = env; + environmentFiles = secretEnvFiles; + + volumes = [ + "mastodon_system-data:/opt/mastodon/public/system" + ]; + + dependsOn = [ + "mastodon-db" + "mastodon-redis" + ]; + }; }; services.traefik.dynamicConfigOptions = lib.mkIf cfg.configureTraefik { From 07421c163e3ce170322a1d1707c378d1fba387a4 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 09:16:09 -0500 Subject: [PATCH 06/56] forgot to include activerecord encryption vars --- modules/nixos/mastodon/default.nix | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index b9a0d60..4d60980 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -54,6 +54,7 @@ cfg.otpSecretEnvFile cfg.vapidKeysEnvFile cfg.smtpPasswordEnvFile + cfg.activeRecordEncryptionEnvFile ]; in { options.svcs.mastodon = with lib; { @@ -99,11 +100,6 @@ in { config = with lib; mkIf cfg.enable { - # users.users.mastodon = { - # isSystemUser = true; - # group = "podman"; - # }; - systemd.services.podman-create-mastodon-net = { serviceConfig = { Group = "podman"; @@ -193,7 +189,6 @@ in { dependsOn = [ "mastodon-db" "mastodon-redis" - # "mastodon-es" ]; ports = [ From e0a74411c0a17f9d0e747ce5f11c917efffc829d Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 09:19:07 -0500 Subject: [PATCH 07/56] ensure migrations are enabled --- modules/nixos/mastodon/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 4d60980..17800c2 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -17,7 +17,7 @@ RAILS_SERVE_STATIC_FILES = "true"; SINGLE_USER_MODE = "true"; DEFAULT_LOCALE = "en"; - SKIP_POST_DEPLOYMENT_MIGRATIONS = "true"; + SKIP_POST_DEPLOYMENT_MIGRATIONS = "false"; # Serve ui on mstdn.${domain}, but use ${domain} for my handle WEB_DOMAIN = interfaceDomain; LOCAL_DOMAIN = cfg.rootDomain; From dbf7def79226dc6786860ef481e6848ec9b6b36f Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 12:31:12 -0500 Subject: [PATCH 08/56] demo values --- modules/nixos/mastodon/.env.production | 64 +++++++++++++++++++++ modules/nixos/mastodon/mastodon-compose.yml | 3 + 2 files changed, 67 insertions(+) diff --git a/modules/nixos/mastodon/.env.production b/modules/nixos/mastodon/.env.production index 0a6c7f0..3171d21 100644 --- a/modules/nixos/mastodon/.env.production +++ b/modules/nixos/mastodon/.env.production @@ -1 +1,65 @@ RAILS_ENV=production +# ALL VALUES IN THIS FILE ARE FOR TESTING ONLY. THEY ARE NOT USED FOR PRODUCTION DEPLOYMENTS. + +# Note that this file accepts slightly different syntax depending on whether +# you are using `docker-compose` or not. In particular, if you use +# `docker-compose`, the value of each declared variable will be taken verbatim, +# including surrounding quotes. +# See: https://github.com/mastodon/mastodon/issues/16895 + +# Federation +# ---------- +# This identifies your server and cannot be changed safely later +# ---------- +LOCAL_DOMAIN=localhost + +# Redis +# ----- +REDIS_HOST=redis +REDIS_PORT=6379 + +# PostgreSQL +# ---------- +DB_HOST=db +DB_USER=mastodon +DB_NAME=mastodon_production +DB_PASS=mastodon +DB_PORT=5432 + +# Elasticsearch (optional) +# ------------------------ +ES_ENABLED=false + + +# Secrets +# ------- +# Make sure to use `bundle exec rails secret` to generate secrets +# ------- +SECRET_KEY_BASE=4b59073f0e859c29bdeff9f96081092418866abceaaab0a868abe13ee76fe5b7bfccf435c6bc8dcdb9f69c7cfacba3e7a032aec4dc329685891bb0545fc8b8b6 +OTP_SECRET=34e086640459825c6360d19c411c8737eeb576520a7e151ece45c4455fff3c2820d84186448ff810f107a78a67b30e8a12eec99d33c5a68a3641c895796ebc8e + +# Encryption secrets +# ------------------ +# Must be available (and set to same values) for all server processes +# These are private/secret values, do not share outside hosting environment +# Use `bin/rails db:encryption:init` to generate fresh secrets +# Do NOT change these secrets once in use, as this would cause data loss and other issues +# ------------------ +ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=fbrPbvPjnpOi3vcomxBhA4fyzqIckjoK +ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=t6Mgfbs6B7fWsRdSuWAGh7daa1w0D4HJ +ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=81GeIp2jbI3Vp7fOZhboKNZBOEAQ9qzz + +# Web Push +# -------- +# Generate with `bundle exec rails mastodon:webpush:generate_vapid_key` +# -------- +VAPID_PRIVATE_KEY=wVOqrETJzLEyHzUwja23W2HNhaKKFcd2aCBd184QotM= +VAPID_PUBLIC_KEY=BC0z2EoX1XXL2A8MmXeplKHj1hAisYqLO_wENRnMoUw5jsu4bQN3pZ0uYYjGvcdxnjypUN-k5KtNVQS3I9sDhmM= + +# IP and session retention +# ----------------------- +# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml +# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800). +# ----------------------- +IP_RETENTION_PERIOD=31556952 +SESSION_RETENTION_PERIOD=31556952 \ No newline at end of file diff --git a/modules/nixos/mastodon/mastodon-compose.yml b/modules/nixos/mastodon/mastodon-compose.yml index 3c53d4c..f331ba6 100644 --- a/modules/nixos/mastodon/mastodon-compose.yml +++ b/modules/nixos/mastodon/mastodon-compose.yml @@ -14,6 +14,9 @@ services: - ./postgres14:/var/lib/postgresql/data environment: - "POSTGRES_HOST_AUTH_METHOD=trust" + - "POSTGRES_DB=mastodon_production" + - "POSTGRES_USER=mastodon" + - "POSTGRES_PASSWORD=mastodon" redis: restart: always From 6e1a462a5ef9df101ecae3b96a18f0c4ea0bb32e Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 12:32:43 -0500 Subject: [PATCH 09/56] add migrate container container that runs migrations before mastodon web, sidekiq, and streaming start up --- modules/nixos/mastodon/default.nix | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 17800c2..0392564 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -169,6 +169,32 @@ in { ]; }; + mastodon-migrate = { + image = "ghcr.io/mastodon/mastodon:v${version}"; + cmd = ["bundle" "exec" "rails" "db:migrate"]; + + autoStart = true; + extraOptions = [ + "--runtime=${pkgs.gvisor}/bin/runsc" + "--network=mastodon" + ]; + + environment = env; + environmentFiles = secretEnvFiles; + + volumes = [ + "mastodon_system-data:/opt/mastodon/public/system" + ]; + + dependsOn = [ + "mastodon-db" + ]; + + ports = [ + "${toString cfg.mastodonWebPort}:3000" + ]; + }; + mastodon-web = { image = "ghcr.io/mastodon/mastodon:v${version}"; cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; @@ -189,6 +215,7 @@ in { dependsOn = [ "mastodon-db" "mastodon-redis" + "mastodon-migrate" ]; ports = [ @@ -216,6 +243,7 @@ in { dependsOn = [ "mastodon-db" "mastodon-redis" + "mastodon-migrate" ]; }; @@ -239,6 +267,7 @@ in { dependsOn = [ "mastodon-db" "mastodon-redis" + "mastodon-migrate" ]; }; }; From 0c99bb896d43cf463d64940c1a12a7074383078c Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 12:38:19 -0500 Subject: [PATCH 10/56] ensure proper restart policy for migrate container --- modules/nixos/mastodon/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 0392564..60d73e2 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -177,6 +177,7 @@ in { extraOptions = [ "--runtime=${pkgs.gvisor}/bin/runsc" "--network=mastodon" + "--restart=on-failure" ]; environment = env; From 08fb941c65816d5bba53f9edfcced0a9565c1fe1 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 12:45:15 -0500 Subject: [PATCH 11/56] remove web, streaming, and sidekiq containers for now --- modules/nixos/mastodon/default.nix | 150 ++++++++++++++--------------- 1 file changed, 75 insertions(+), 75 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 60d73e2..74522f9 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -196,81 +196,81 @@ in { ]; }; - mastodon-web = { - image = "ghcr.io/mastodon/mastodon:v${version}"; - cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; - - autoStart = true; - extraOptions = [ - "--runtime=${pkgs.gvisor}/bin/runsc" - "--network=mastodon" - ]; - - environment = env; - environmentFiles = secretEnvFiles; - - volumes = [ - "mastodon_system-data:/opt/mastodon/public/system" - ]; - - dependsOn = [ - "mastodon-db" - "mastodon-redis" - "mastodon-migrate" - ]; - - ports = [ - "${toString cfg.mastodonWebPort}:3000" - ]; - }; - - mastodon-streaming = { - image = "ghcr.io/mastodon/mastodon-streaming:v${version}"; - cmd = ["node" "./streaming/index.js"]; - - autoStart = true; - extraOptions = [ - "--runtime=${pkgs.gvisor}/bin/runsc" - "--network=mastodon" - ]; - - environment = env; - environmentFiles = secretEnvFiles; - - ports = [ - "${builtins.toString cfg.mastodonStreamPort}:4000" - ]; - - dependsOn = [ - "mastodon-db" - "mastodon-redis" - "mastodon-migrate" - ]; - }; - - mastodon-sidekiq = { - image = "ghcr.io/mastodon/mastodon:v${version}"; - cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_CONCURRENCY}"]; - - autoStart = true; - extraOptions = [ - "--network=mastodon" - "--cap-add=NET_BIND_SERVICE" - ]; - - environment = env; - environmentFiles = secretEnvFiles; - - volumes = [ - "mastodon_system-data:/opt/mastodon/public/system" - ]; - - dependsOn = [ - "mastodon-db" - "mastodon-redis" - "mastodon-migrate" - ]; - }; + # mastodon-web = { + # image = "ghcr.io/mastodon/mastodon:v${version}"; + # cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; + + # autoStart = true; + # extraOptions = [ + # "--runtime=${pkgs.gvisor}/bin/runsc" + # "--network=mastodon" + # ]; + + # environment = env; + # environmentFiles = secretEnvFiles; + + # volumes = [ + # "mastodon_system-data:/opt/mastodon/public/system" + # ]; + + # dependsOn = [ + # "mastodon-db" + # "mastodon-redis" + # "mastodon-migrate" + # ]; + + # ports = [ + # "${toString cfg.mastodonWebPort}:3000" + # ]; + # }; + + # mastodon-streaming = { + # image = "ghcr.io/mastodon/mastodon-streaming:v${version}"; + # cmd = ["node" "./streaming/index.js"]; + + # autoStart = true; + # extraOptions = [ + # "--runtime=${pkgs.gvisor}/bin/runsc" + # "--network=mastodon" + # ]; + + # environment = env; + # environmentFiles = secretEnvFiles; + + # ports = [ + # "${builtins.toString cfg.mastodonStreamPort}:4000" + # ]; + + # dependsOn = [ + # "mastodon-db" + # "mastodon-redis" + # "mastodon-migrate" + # ]; + # }; + + # mastodon-sidekiq = { + # image = "ghcr.io/mastodon/mastodon:v${version}"; + # cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_CONCURRENCY}"]; + + # autoStart = true; + # extraOptions = [ + # "--network=mastodon" + # "--cap-add=NET_BIND_SERVICE" + # ]; + + # environment = env; + # environmentFiles = secretEnvFiles; + + # volumes = [ + # "mastodon_system-data:/opt/mastodon/public/system" + # ]; + + # dependsOn = [ + # "mastodon-db" + # "mastodon-redis" + # "mastodon-migrate" + # ]; + # }; }; services.traefik.dynamicConfigOptions = lib.mkIf cfg.configureTraefik { From 12e86fbf0c28dba778a8d2ee775352aa6a58abdd Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 13:00:14 -0500 Subject: [PATCH 12/56] rename volumes & ensure they are created --- modules/nixos/mastodon/default.nix | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 74522f9..62309d5 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -100,7 +100,7 @@ in { config = with lib; mkIf cfg.enable { - systemd.services.podman-create-mastodon-net = { + systemd.services.podman-create-mastodon-stuff = { serviceConfig = { Group = "podman"; Type = "oneshot"; @@ -133,7 +133,15 @@ in { path = [pkgs.podman]; preStart = "/usr/bin/env sleep 4"; script = '' + echo "Creating Mastodon network" podman network exists mastodon || podman network create mastodon + + echo "Creating Mastodon volumes" + podman volume exists mastodon_pgdata || podman volume create mastodon_pgdata + podman volume exists mastodon_redisdata || podman volume create mastodon_redisdata + podman volume exists mastodon_sysdata || podman volume create mastodon_sysdata + + echo "Init complete" ''; }; @@ -152,7 +160,7 @@ in { }; volumes = [ - "mastodon_postgresql-data:/var/lib/postgresql/data" + "mastodon_pgdata:/var/lib/postgresql/data" ]; }; @@ -165,7 +173,7 @@ in { ]; volumes = [ - "mastodon_redis-data:/data" + "mastodon_redisdata:/data" ]; }; @@ -184,7 +192,7 @@ in { environmentFiles = secretEnvFiles; volumes = [ - "mastodon_system-data:/opt/mastodon/public/system" + "mastodon_sysdata:/opt/mastodon/public/system" ]; dependsOn = [ @@ -210,7 +218,7 @@ in { # environmentFiles = secretEnvFiles; # volumes = [ - # "mastodon_system-data:/opt/mastodon/public/system" + # "mastodon_sysdata:/opt/mastodon/public/system" # ]; # dependsOn = [ @@ -262,7 +270,7 @@ in { # environmentFiles = secretEnvFiles; # volumes = [ - # "mastodon_system-data:/opt/mastodon/public/system" + # "mastodon_sysdata:/opt/mastodon/public/system" # ]; # dependsOn = [ From be1badcd528e055ab1565ea7188e6082a04f89a9 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 13:10:43 -0500 Subject: [PATCH 13/56] add podman group to user henrikvt --- users/henrikvt/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/users/henrikvt/default.nix b/users/henrikvt/default.nix index a9033d1..082a0b5 100644 --- a/users/henrikvt/default.nix +++ b/users/henrikvt/default.nix @@ -17,6 +17,7 @@ extraGroups = [ "wheel" "networkmanager" + "podman" ]; shell = pkgs.zsh; From 51fde6f8a757dd8acb198bd589357e27869280b9 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 13:24:54 -0500 Subject: [PATCH 14/56] we out here --- modules/nixos/mastodon/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 62309d5..1c647a1 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -186,6 +186,7 @@ in { "--runtime=${pkgs.gvisor}/bin/runsc" "--network=mastodon" "--restart=on-failure" + "--detach=false" ]; environment = env; @@ -281,6 +282,12 @@ in { # }; }; + systemd.services.podman-mastodon-migrate = { + serviceConfig = { + Restart = "on-failure"; + }; + }; + services.traefik.dynamicConfigOptions = lib.mkIf cfg.configureTraefik { http = { routers = { From a291b989702e8da81a2298b1764be26d8367517b Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 23 Jan 2025 13:31:54 -0500 Subject: [PATCH 15/56] try enabling all mastodon services again --- modules/nixos/mastodon/default.nix | 152 ++++++++++++++--------------- 1 file changed, 76 insertions(+), 76 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 1c647a1..3894a99 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -205,86 +205,86 @@ in { ]; }; - # mastodon-web = { - # image = "ghcr.io/mastodon/mastodon:v${version}"; - # cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; - - # autoStart = true; - # extraOptions = [ - # "--runtime=${pkgs.gvisor}/bin/runsc" - # "--network=mastodon" - # ]; - - # environment = env; - # environmentFiles = secretEnvFiles; - - # volumes = [ - # "mastodon_sysdata:/opt/mastodon/public/system" - # ]; - - # dependsOn = [ - # "mastodon-db" - # "mastodon-redis" - # "mastodon-migrate" - # ]; - - # ports = [ - # "${toString cfg.mastodonWebPort}:3000" - # ]; - # }; - - # mastodon-streaming = { - # image = "ghcr.io/mastodon/mastodon-streaming:v${version}"; - # cmd = ["node" "./streaming/index.js"]; - - # autoStart = true; - # extraOptions = [ - # "--runtime=${pkgs.gvisor}/bin/runsc" - # "--network=mastodon" - # ]; - - # environment = env; - # environmentFiles = secretEnvFiles; - - # ports = [ - # "${builtins.toString cfg.mastodonStreamPort}:4000" - # ]; - - # dependsOn = [ - # "mastodon-db" - # "mastodon-redis" - # "mastodon-migrate" - # ]; - # }; - - # mastodon-sidekiq = { - # image = "ghcr.io/mastodon/mastodon:v${version}"; - # cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_CONCURRENCY}"]; - - # autoStart = true; - # extraOptions = [ - # "--network=mastodon" - # "--cap-add=NET_BIND_SERVICE" - # ]; - - # environment = env; - # environmentFiles = secretEnvFiles; - - # volumes = [ - # "mastodon_sysdata:/opt/mastodon/public/system" - # ]; - - # dependsOn = [ - # "mastodon-db" - # "mastodon-redis" - # "mastodon-migrate" - # ]; - # }; + mastodon-web = { + image = "ghcr.io/mastodon/mastodon:v${version}"; + cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; + + autoStart = true; + extraOptions = [ + "--runtime=${pkgs.gvisor}/bin/runsc" + "--network=mastodon" + ]; + + environment = env; + environmentFiles = secretEnvFiles; + + volumes = [ + "mastodon_sysdata:/opt/mastodon/public/system" + ]; + + dependsOn = [ + "mastodon-db" + "mastodon-redis" + "mastodon-migrate" + ]; + + ports = [ + "${toString cfg.mastodonWebPort}:3000" + ]; + }; + + mastodon-streaming = { + image = "ghcr.io/mastodon/mastodon-streaming:v${version}"; + cmd = ["node" "./streaming/index.js"]; + + autoStart = true; + extraOptions = [ + "--runtime=${pkgs.gvisor}/bin/runsc" + "--network=mastodon" + ]; + + environment = env; + environmentFiles = secretEnvFiles; + + ports = [ + "${builtins.toString cfg.mastodonStreamPort}:4000" + ]; + + dependsOn = [ + "mastodon-db" + "mastodon-redis" + "mastodon-migrate" + ]; + }; + + mastodon-sidekiq = { + image = "ghcr.io/mastodon/mastodon:v${version}"; + cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_CONCURRENCY}"]; + + autoStart = true; + extraOptions = [ + "--network=mastodon" + "--cap-add=NET_BIND_SERVICE" + ]; + + environment = env; + environmentFiles = secretEnvFiles; + + volumes = [ + "mastodon_sysdata:/opt/mastodon/public/system" + ]; + + dependsOn = [ + "mastodon-db" + "mastodon-redis" + "mastodon-migrate" + ]; + }; }; systemd.services.podman-mastodon-migrate = { serviceConfig = { - Restart = "on-failure"; + Restart = mkForce "on-failure"; }; }; From 4b03e206e58b3ab05836f7b379512786a8894e62 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 19:52:07 -0500 Subject: [PATCH 16/56] fun packages --- home/henrikvt/home.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/henrikvt/home.nix b/home/henrikvt/home.nix index a2d12b8..64783c0 100644 --- a/home/henrikvt/home.nix +++ b/home/henrikvt/home.nix @@ -32,6 +32,10 @@ magic-wormhole glab python3 + nyancat + moon-buggy + sl + cowsay ]; shellAliases = { From 825475c5f61b7fd78e01c9cff8631a6b20ad285d Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 19:52:29 -0500 Subject: [PATCH 17/56] please please please - dooont prove me (idk how the rest goes) --- machines/darwin/pepacton/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index b027a33..23ee4e2 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -23,13 +23,13 @@ rebuild = "darwin-rebuild switch --flake /Users/henrikvt/Desktop/Code/projects/nixmachines#pepacton && omz reload"; # ghostty = "$GHOSTTY_BIN_DIR/ghostty"; tailscale = "/Applications/Tailscale.app/Contents/MacOS/Tailscale"; - ytdl = "ytdlp"; + ytdl = "yt-dlp"; home = "cd ~"; nvm = "fnm"; }; environment = { - systemPath = ["\"/Users/henrikvt/Library/Application Support/JetBrains/Toolbox/scripts\"" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; + systemPath = ["$JETBRAINS_BIN_DIR" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; variables = { EDITOR = "nvim"; _ZO_DATA_DIR = "/Users/henrikvt/.zoxide"; From 2173883a9870fa47e693fdad933da3b7ad415114 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 19:54:21 -0500 Subject: [PATCH 18/56] i should've looked at the nix store file sooner --- machines/darwin/pepacton/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 23ee4e2..94b0b85 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -34,7 +34,7 @@ EDITOR = "nvim"; _ZO_DATA_DIR = "/Users/henrikvt/.zoxide"; _ZO_EXCLUDE_DIRS = "$HOME:$HOME/wpilib/**/*"; - JETBRAINS_BIN_DIR = "\"/Users/henrikvt/Library/Application Support/JetBrains/Toolbox/scripts\""; + JETBRAINS_BIN_DIR = "/Users/henrikvt/Library/Application Support/JetBrains/Toolbox/scripts"; }; }; From c136b572b5534c6c06029f80ed12db1034a3ca05 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 20:07:02 -0500 Subject: [PATCH 19/56] remove alias for `less` --- home/henrikvt/home.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/henrikvt/home.nix b/home/henrikvt/home.nix index 64783c0..f1e7a02 100644 --- a/home/henrikvt/home.nix +++ b/home/henrikvt/home.nix @@ -40,7 +40,7 @@ shellAliases = { cat = "${pkgs.bat}/bin/bat -p"; - less = "${pkgs.bat}/bin/bat --style plain"; + # less = "${pkgs.bat}/bin/bat --style plain"; lzg = "${pkgs.lazygit}/bin/lazygit"; }; From 7c1e8fb2956452825d33086edee8508bafddbadc Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 20:07:40 -0500 Subject: [PATCH 20/56] please work --- machines/darwin/pepacton/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 94b0b85..e7caa00 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -29,12 +29,12 @@ }; environment = { - systemPath = ["$JETBRAINS_BIN_DIR" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; + systemPath = [ "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin" "$JETBRAINS_BIN_DIR"]; variables = { EDITOR = "nvim"; _ZO_DATA_DIR = "/Users/henrikvt/.zoxide"; _ZO_EXCLUDE_DIRS = "$HOME:$HOME/wpilib/**/*"; - JETBRAINS_BIN_DIR = "/Users/henrikvt/Library/Application Support/JetBrains/Toolbox/scripts"; + JETBRAINS_BIN_DIR = "/Users/henrikvt/Library/Application\\ Support/JetBrains/Toolbox/scripts"; }; }; From 3fe8d5579e5b2ca04b3bc8e78bc354871490f496 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 20:13:39 -0500 Subject: [PATCH 21/56] ghostty keybinds --- home/henrikvt/ghostty.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/home/henrikvt/ghostty.txt b/home/henrikvt/ghostty.txt index f6dc250..89b6c0a 100644 --- a/home/henrikvt/ghostty.txt +++ b/home/henrikvt/ghostty.txt @@ -7,5 +7,7 @@ shell-integration = zsh theme = catppuccin-mocha window-inherit-working-directory = true working-directory = home +term = xterm-256color keybind = cmd+r=reload_config -term = xterm-256color \ No newline at end of file +keybind = cmd+q=quit +keybind = cmd+w=close_surface \ No newline at end of file From c619f16037224d25c07541550e11ab3f0a40b424 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 20:29:21 -0500 Subject: [PATCH 22/56] enable ghostty config file on mac --- machines/darwin/pepacton/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index e7caa00..1052ac8 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -64,7 +64,9 @@ networking.hostName = "pepacton"; # Enable GitHub TUI Dashboard (doesn't work on some systems) - home.henrikvt.ghDash = true; + home.henrikvt={ + ghDash = true; + ghostty = true;}; nixpkgs.hostPlatform = "aarch64-darwin"; # ======================== DO NOT CHANGE THIS ======================== From 90afe723088986ed4bfff81990b5eea66b1e4298 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 20:37:18 -0500 Subject: [PATCH 23/56] try some more path stuff --- machines/darwin/pepacton/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 1052ac8..c443ccf 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -21,7 +21,6 @@ environment.shellAliases = { rebuild = "darwin-rebuild switch --flake /Users/henrikvt/Desktop/Code/projects/nixmachines#pepacton && omz reload"; - # ghostty = "$GHOSTTY_BIN_DIR/ghostty"; tailscale = "/Applications/Tailscale.app/Contents/MacOS/Tailscale"; ytdl = "yt-dlp"; home = "cd ~"; @@ -29,16 +28,17 @@ }; environment = { - systemPath = [ "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin" "$JETBRAINS_BIN_DIR"]; + # systemPath = ["$JETBRAINS_BIN_DIR" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; variables = { EDITOR = "nvim"; _ZO_DATA_DIR = "/Users/henrikvt/.zoxide"; _ZO_EXCLUDE_DIRS = "$HOME:$HOME/wpilib/**/*"; - JETBRAINS_BIN_DIR = "/Users/henrikvt/Library/Application\\ Support/JetBrains/Toolbox/scripts"; + JETBRAINS_BIN_DIR = "$HOME/Library/Application\\ Support/JetBrains/Toolbox/scripts"; }; }; home-manager.users.henrikvt = { + home.sessionPath = ["$JETBRAINS_BIN_DIR" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; programs.git.extraConfig = { user.signingkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICM+1ip8IBO+sK8J7cOwEtA/ba+tTtPHUGYC/KW6mppU"; gpg.format = "ssh"; From 3b6714ad61b4fe60e2c06a0b3e3294403fcd88dc Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 20:37:27 -0500 Subject: [PATCH 24/56] format --- machines/darwin/pepacton/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index c443ccf..26b3529 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -64,9 +64,10 @@ networking.hostName = "pepacton"; # Enable GitHub TUI Dashboard (doesn't work on some systems) - home.henrikvt={ + home.henrikvt = { ghDash = true; - ghostty = true;}; + ghostty = true; + }; nixpkgs.hostPlatform = "aarch64-darwin"; # ======================== DO NOT CHANGE THIS ======================== From c7fe468896cace1c55860cfc1462cea769d35a11 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 27 Jan 2025 20:45:19 -0500 Subject: [PATCH 25/56] test this??? --- machines/darwin/pepacton/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 26b3529..cb83ee7 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -38,7 +38,7 @@ }; home-manager.users.henrikvt = { - home.sessionPath = ["$JETBRAINS_BIN_DIR" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; + home.sessionPath = ["$HOME/Library/Application\\ Support/JetBrains/Toolbox/scripts" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; programs.git.extraConfig = { user.signingkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICM+1ip8IBO+sK8J7cOwEtA/ba+tTtPHUGYC/KW6mppU"; gpg.format = "ssh"; From be8a32b82caf010d6aebd914817216d0a104ce71 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 28 Jan 2025 17:33:01 -0500 Subject: [PATCH 26/56] add extra shell init for fnm --- home/henrikvt/.zshrc.zsh | 4 ++++ home/henrikvt/home.nix | 1 + 2 files changed, 5 insertions(+) create mode 100644 home/henrikvt/.zshrc.zsh diff --git a/home/henrikvt/.zshrc.zsh b/home/henrikvt/.zshrc.zsh new file mode 100644 index 0000000..fdaa2e2 --- /dev/null +++ b/home/henrikvt/.zshrc.zsh @@ -0,0 +1,4 @@ +# If fnm is present (ie running `fnm` returns 0), eval it +if command -v "fnm --version" &> /dev/null; then + eval "$(fnm env)" +fi \ No newline at end of file diff --git a/home/henrikvt/home.nix b/home/henrikvt/home.nix index f1e7a02..3442f9e 100644 --- a/home/henrikvt/home.nix +++ b/home/henrikvt/home.nix @@ -99,6 +99,7 @@ }; profileExtra = builtins.readFile ./.zprofile.zsh; + initExtra = builtins.readFile ./.zshrc.zsh; }; # Prompt From 96f90ab1c9591958b5487c73c1b14a7d6df1bc11 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 28 Jan 2025 17:38:16 -0500 Subject: [PATCH 27/56] fundamental misunderstanding --- home/henrikvt/.zshrc.zsh | 2 +- machines/darwin/pepacton/default.nix | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/home/henrikvt/.zshrc.zsh b/home/henrikvt/.zshrc.zsh index fdaa2e2..86029e2 100644 --- a/home/henrikvt/.zshrc.zsh +++ b/home/henrikvt/.zshrc.zsh @@ -1,4 +1,4 @@ # If fnm is present (ie running `fnm` returns 0), eval it -if command -v "fnm --version" &> /dev/null; then +if command -v "fnm" &> /dev/null; then eval "$(fnm env)" fi \ No newline at end of file diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index cb83ee7..74e4603 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -34,6 +34,8 @@ _ZO_DATA_DIR = "/Users/henrikvt/.zoxide"; _ZO_EXCLUDE_DIRS = "$HOME:$HOME/wpilib/**/*"; JETBRAINS_BIN_DIR = "$HOME/Library/Application\\ Support/JetBrains/Toolbox/scripts"; + FNM_COREPACK_ENABLED = "true"; + FNM_RESOLVE_ENGINES = "true"; }; }; From 59a7f271474f5c89650cbe0369501815652577af Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 28 Jan 2025 18:21:40 -0500 Subject: [PATCH 28/56] install yt-dlp via nix-darwin --- machines/darwin/pepacton/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 74e4603..387f0d6 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -16,6 +16,7 @@ qrcp ninvaders statix + yt-dlp ]; }; From a4cfe2f58ad90272f1c88b9902caa94ccc4bbcc9 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 28 Jan 2025 19:59:11 -0500 Subject: [PATCH 29/56] add utility alias for getting github repo ssh url --- home/henrikvt/.zprofile.zsh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/henrikvt/.zprofile.zsh b/home/henrikvt/.zprofile.zsh index 220e858..bba96fa 100644 --- a/home/henrikvt/.zprofile.zsh +++ b/home/henrikvt/.zprofile.zsh @@ -20,3 +20,9 @@ alias ptop='ceiling_divide $LINES 4; clear_rows $ceiling_result' alias pmid='ceiling_divide $LINES 2; clear_rows $ceiling_result' # Clear 3/4th alias pdown='ceiling_divide $((3*LINES)) 4; clear_rows $ceiling_result' + +alias ghurl='gh repo view --json sshUrl --jq .sshUrl $1 | cat' + +if command -v "gh" &> /dev/null; then + alias ghurl='gh repo view --json sshUrl --jq .sshUrl $1 | cat' +fi From 13a6e7e8e0c6028b6655a855b60c1d2f94757030 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 28 Jan 2025 22:43:32 -0500 Subject: [PATCH 30/56] another idea --- home/henrikvt/.zprofile.zsh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/home/henrikvt/.zprofile.zsh b/home/henrikvt/.zprofile.zsh index bba96fa..949c885 100644 --- a/home/henrikvt/.zprofile.zsh +++ b/home/henrikvt/.zprofile.zsh @@ -21,8 +21,9 @@ alias pmid='ceiling_divide $LINES 2; clear_rows $ceiling_result' # Clear 3/4th alias pdown='ceiling_divide $((3*LINES)) 4; clear_rows $ceiling_result' -alias ghurl='gh repo view --json sshUrl --jq .sshUrl $1 | cat' - if command -v "gh" &> /dev/null; then - alias ghurl='gh repo view --json sshUrl --jq .sshUrl $1 | cat' + # alias ghurl='gh repo view --json sshUrl --jq .sshUrl $1 | cat' + function ghurl() { + gh repo view --json sshUrl --jq .sshUrl $1 | cat + } fi From 1827821aeda677d21ab9dcf27d82bf304fc22547 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 28 Jan 2025 22:56:29 -0500 Subject: [PATCH 31/56] add pnpm alias --- machines/darwin/pepacton/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 387f0d6..7b5c080 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -26,6 +26,7 @@ ytdl = "yt-dlp"; home = "cd ~"; nvm = "fnm"; + pn = "pnpm"; }; environment = { From c050bdff1794f87ad9f092046fd3f6b86c50f529 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 28 Jan 2025 23:00:53 -0500 Subject: [PATCH 32/56] stuff --- home/henrikvt/home.nix | 6 ++---- home/henrikvt/{.zprofile.zsh => zprofile.zsh} | 0 home/henrikvt/{.zshrc.zsh => zshrc.zsh} | 0 machines/darwin/pepacton/default.nix | 1 + 4 files changed, 3 insertions(+), 4 deletions(-) rename home/henrikvt/{.zprofile.zsh => zprofile.zsh} (100%) rename home/henrikvt/{.zshrc.zsh => zshrc.zsh} (100%) diff --git a/home/henrikvt/home.nix b/home/henrikvt/home.nix index 3442f9e..e7028af 100644 --- a/home/henrikvt/home.nix +++ b/home/henrikvt/home.nix @@ -40,13 +40,11 @@ shellAliases = { cat = "${pkgs.bat}/bin/bat -p"; - # less = "${pkgs.bat}/bin/bat --style plain"; lzg = "${pkgs.lazygit}/bin/lazygit"; }; sessionVariables = { EDITOR = "nvim"; - # VISUAL = "nvim"; }; }; @@ -98,8 +96,8 @@ ]; }; - profileExtra = builtins.readFile ./.zprofile.zsh; - initExtra = builtins.readFile ./.zshrc.zsh; + profileExtra = builtins.readFile ./zprofile.zsh; + initExtra = builtins.readFile ./zshrc.zsh; }; # Prompt diff --git a/home/henrikvt/.zprofile.zsh b/home/henrikvt/zprofile.zsh similarity index 100% rename from home/henrikvt/.zprofile.zsh rename to home/henrikvt/zprofile.zsh diff --git a/home/henrikvt/.zshrc.zsh b/home/henrikvt/zshrc.zsh similarity index 100% rename from home/henrikvt/.zshrc.zsh rename to home/henrikvt/zshrc.zsh diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 7b5c080..504db56 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -22,6 +22,7 @@ environment.shellAliases = { rebuild = "darwin-rebuild switch --flake /Users/henrikvt/Desktop/Code/projects/nixmachines#pepacton && omz reload"; + reload = "omz reload"; tailscale = "/Applications/Tailscale.app/Contents/MacOS/Tailscale"; ytdl = "yt-dlp"; home = "cd ~"; From fbbf4d92c4012d6d5171425d6f5e5b817d2d083a Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 28 Jan 2025 23:05:01 -0500 Subject: [PATCH 33/56] more attempts at the jetbrains cli thing --- home/henrikvt/zprofile.zsh | 2 +- machines/darwin/pepacton/default.nix | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/home/henrikvt/zprofile.zsh b/home/henrikvt/zprofile.zsh index 949c885..d69134c 100644 --- a/home/henrikvt/zprofile.zsh +++ b/home/henrikvt/zprofile.zsh @@ -21,8 +21,8 @@ alias pmid='ceiling_divide $LINES 2; clear_rows $ceiling_result' # Clear 3/4th alias pdown='ceiling_divide $((3*LINES)) 4; clear_rows $ceiling_result' +# Get the git ssh url of a github repo using gh cli if command -v "gh" &> /dev/null; then - # alias ghurl='gh repo view --json sshUrl --jq .sshUrl $1 | cat' function ghurl() { gh repo view --json sshUrl --jq .sshUrl $1 | cat } diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 504db56..bf3f76d 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -36,14 +36,14 @@ EDITOR = "nvim"; _ZO_DATA_DIR = "/Users/henrikvt/.zoxide"; _ZO_EXCLUDE_DIRS = "$HOME:$HOME/wpilib/**/*"; - JETBRAINS_BIN_DIR = "$HOME/Library/Application\\ Support/JetBrains/Toolbox/scripts"; + JETBRAINS_BIN_DIR = "$HOME/Library/Application\ Support/JetBrains/Toolbox/scripts"; FNM_COREPACK_ENABLED = "true"; FNM_RESOLVE_ENGINES = "true"; }; }; home-manager.users.henrikvt = { - home.sessionPath = ["$HOME/Library/Application\\ Support/JetBrains/Toolbox/scripts" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; + home.sessionPath = ["$GHOSTTY_BIN_DIR" "$HOME/.bun/bin" "$JETBRAINS_BIN_DIR"]; programs.git.extraConfig = { user.signingkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICM+1ip8IBO+sK8J7cOwEtA/ba+tTtPHUGYC/KW6mppU"; gpg.format = "ssh"; From c7ff750adc7dcc37f9fbb18a208170d06fb7d4de Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Wed, 29 Jan 2025 15:54:30 -0500 Subject: [PATCH 34/56] add rbenv to mac config --- machines/darwin/pepacton/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index bf3f76d..c6a4a68 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -17,6 +17,7 @@ ninvaders statix yt-dlp + rbenv ]; }; From 107b65cd611f82f67fe8badf06ebaae5d0900bca Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Wed, 29 Jan 2025 16:08:31 -0500 Subject: [PATCH 35/56] do rbenv via brew instead, set up shell stuff --- home/henrikvt/zprofile.zsh | 4 ++++ machines/darwin/pepacton/default.nix | 1 - 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/home/henrikvt/zprofile.zsh b/home/henrikvt/zprofile.zsh index d69134c..2145d78 100644 --- a/home/henrikvt/zprofile.zsh +++ b/home/henrikvt/zprofile.zsh @@ -27,3 +27,7 @@ if command -v "gh" &> /dev/null; then gh repo view --json sshUrl --jq .sshUrl $1 | cat } fi + +if command -v "rbenv" &> /dev/null; then + eval "$(rbenv init -)" +fi diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index c6a4a68..bf3f76d 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -17,7 +17,6 @@ ninvaders statix yt-dlp - rbenv ]; }; From d44ba54b1350a64871706d6ccbcd6eb0f3c532e5 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Wed, 29 Jan 2025 18:49:44 -0500 Subject: [PATCH 36/56] add cloudflare wrangler cli --- machines/darwin/pepacton/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index bf3f76d..594fb0b 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -17,6 +17,7 @@ ninvaders statix yt-dlp + wrangler ]; }; From 0eec7a2760ecc6877c051da88928f609c9a33b48 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Thu, 30 Jan 2025 21:59:13 -0500 Subject: [PATCH 37/56] add pipes screensaver --- machines/darwin/pepacton/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index 594fb0b..f3b9ae7 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -18,6 +18,8 @@ statix yt-dlp wrangler + pipes + ]; }; From 81af79c2192b086d3e56aba2c8001e133ac9bac7 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Sat, 1 Feb 2025 10:59:37 -0500 Subject: [PATCH 38/56] add search domains to macos --- machines/darwin/pepacton/default.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index f3b9ae7..e598f07 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -19,7 +19,6 @@ yt-dlp wrangler pipes - ]; }; @@ -69,7 +68,13 @@ autoMigrate = true; }; - networking.hostName = "pepacton"; + networking = { + hostName = "pepacton"; + search = [ + "reindeer-porgy.ts.net" + "unicycl.ing" + ]; + }; # Enable GitHub TUI Dashboard (doesn't work on some systems) home.henrikvt = { From 88a4eab5019f551f765b33cc32e4e0b3cf7ee14a Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Sat, 1 Feb 2025 11:02:25 -0500 Subject: [PATCH 39/56] knownNetworkServices config --- machines/darwin/pepacton/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index e598f07..a30d2d8 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -74,6 +74,16 @@ "reindeer-porgy.ts.net" "unicycl.ing" ]; + knownNetworkServices = [ + "USB 10/100/1G/2.5G LAN" + "USB 10/100/1000 LAN" + "Thunderbolt Bridge" + "Wi-Fi" + "iPhone USB" + "Tailscale" + "UniFi Teleport" + "Mullvad" + ]; }; # Enable GitHub TUI Dashboard (doesn't work on some systems) From aa6a98e1556dd4eec5b18b595801d5eed5315c7b Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Sat, 1 Feb 2025 14:05:15 -0500 Subject: [PATCH 40/56] Squash merge main into mastodon --- flake.lock | 52 +++++++++++++++++++++--------------------- home/henrikvt/home.nix | 5 ++++ 2 files changed, 31 insertions(+), 26 deletions(-) diff --git a/flake.lock b/flake.lock index 9270fcc..6934f03 100644 --- a/flake.lock +++ b/flake.lock @@ -190,11 +190,11 @@ ] }, "locked": { - "lastModified": 1737038063, - "narHash": "sha256-rMEuiK69MDhjz1JgbaeQ9mBDXMJ2/P8vmOYRbFndXsk=", + "lastModified": 1738148035, + "narHash": "sha256-KYOATYEwaKysL3HdHdS5kbQMXvzS4iPJzJrML+3TKAo=", "owner": "nix-community", "repo": "disko", - "rev": "bf0abfde48f469c256f2b0f481c6281ff04a5db2", + "rev": "18d0a984cc2bc82cf61df19523a34ad463aa7f54", "type": "github" }, "original": { @@ -221,12 +221,12 @@ }, "flake-compat_2": { "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "revCount": 57, + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "revCount": 69, "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz" }, "original": { "type": "tarball", @@ -321,11 +321,11 @@ ] }, "locked": { - "lastModified": 1737043064, - "narHash": "sha256-I/OuxGwXwRi5gnFPsyCvVR+IfFstA+QXEpHu1hvsgD8=", + "lastModified": 1737465171, + "narHash": "sha256-R10v2hoJRLq8jcL4syVFag7nIGE7m13qO48wRIukWNg=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "94ee657f6032d913fe0ef49adaa743804635b0bb", + "rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17", "type": "github" }, "original": { @@ -496,11 +496,11 @@ ] }, "locked": { - "lastModified": 1736820923, - "narHash": "sha256-SDuKLOWAh8VJRXlNWQn9QE99bjeEUAAbYXqrKGbsiyk=", + "lastModified": 1737421067, + "narHash": "sha256-/hgw8fDKDpko0XqOw1e9tX8lS2Hqecg7W/JsONun6Qc=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "944c2b181792ae7ae6b20c0df3f44879c11706c9", + "rev": "cae8d1c4a3bd37be5887203fe3b0c3a860c53a07", "type": "github" }, "original": { @@ -577,11 +577,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1737299813, - "narHash": "sha256-Qw2PwmkXDK8sPQ5YQ/y/icbQ+TYgbxfjhgnkNJyT1X8=", + "lastModified": 1738163270, + "narHash": "sha256-B/7Y1v4y+msFFBW1JAdFjNvVthvNdJKiN6EGRPnqfno=", "owner": "nixos", "repo": "nixpkgs", - "rev": "107d5ef05c0b1119749e381451389eded30fb0d5", + "rev": "59e618d90c065f55ae48446f307e8c09565d5ab0", "type": "github" }, "original": { @@ -606,11 +606,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1737283156, - "narHash": "sha256-FyHmM6vvz+UxCrPZo/poIaZBZejLHVKkAH4cjtUxZDA=", + "lastModified": 1737731711, + "narHash": "sha256-6ubhKkCkBMuqFMjzeg+/2L5dNipKKf1KE9i8r8inyEg=", "owner": "nix-community", "repo": "nixvim", - "rev": "abcbd250b8a2c7aab1f4b2b9e01598ee24b42337", + "rev": "841155edf9c4578f2f9a7bd6993e1da2ce73b35c", "type": "github" }, "original": { @@ -630,11 +630,11 @@ ] }, "locked": { - "lastModified": 1735854821, - "narHash": "sha256-Iv59gMDZajNfezTO0Fw6LHE7uKAShxbvMidmZREit7c=", + "lastModified": 1737372689, + "narHash": "sha256-nH3zK2ki0fd5o5qvbGHxukE4qnOLJa1uCzoDObG5vrE=", "owner": "NuschtOS", "repo": "search", - "rev": "836908e3bddd837ae0f13e215dd48767aee355f0", + "rev": "570cc17bbc25650eb7d69e4fcda8cfd2f1656922", "type": "github" }, "original": { @@ -782,11 +782,11 @@ ] }, "locked": { - "lastModified": 1737103437, - "narHash": "sha256-uPNWcYbhY2fjY3HOfRCR5jsfzdzemhfxLSxwjXYXqNc=", + "lastModified": 1737483750, + "narHash": "sha256-5An1wq5U8sNycOBBg3nsDDgpwBmR9liOpDGlhliA6Xo=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "d1ed3b385f8130e392870cfb1dbfaff8a63a1899", + "rev": "f2cc121df15418d028a59c9737d38e3a90fbaf8f", "type": "github" }, "original": { diff --git a/home/henrikvt/home.nix b/home/henrikvt/home.nix index e7028af..7c1255d 100644 --- a/home/henrikvt/home.nix +++ b/home/henrikvt/home.nix @@ -154,6 +154,7 @@ old = "red bold"; new = "green bold"; }; + core = { editor = "vim"; excludesfile = "~/.gitignore"; @@ -161,6 +162,10 @@ ignorecase = false; compression = 0; }; + push = { + autoSetupRemote = true; + default = "current"; + }; pull.rebase = false; protocol.file.allow = "always"; }; From 36e6e4f4ff3b0086ab22f2e9f86ca76945ea56f0 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Sun, 2 Feb 2025 13:09:10 -0500 Subject: [PATCH 41/56] i want ncurses hehehehehe --- machines/darwin/default.nix | 3 +++ machines/darwin/pepacton/default.nix | 20 ++++++++++---------- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/machines/darwin/default.nix b/machines/darwin/default.nix index f8e9c68..b6fabcc 100644 --- a/machines/darwin/default.nix +++ b/machines/darwin/default.nix @@ -41,6 +41,9 @@ in { home.henrikvt.enable = true; + # Show hidden files in Finder always + system.defaults.finder.AppleShowAllFiles = true; + # Force the nix daemon to run services.nix-daemon.enable = lib.mkForce true; } diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index a30d2d8..b5160b1 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -22,17 +22,17 @@ ]; }; - environment.shellAliases = { - rebuild = "darwin-rebuild switch --flake /Users/henrikvt/Desktop/Code/projects/nixmachines#pepacton && omz reload"; - reload = "omz reload"; - tailscale = "/Applications/Tailscale.app/Contents/MacOS/Tailscale"; - ytdl = "yt-dlp"; - home = "cd ~"; - nvm = "fnm"; - pn = "pnpm"; - }; - environment = { + shellAliases = { + rebuild = "darwin-rebuild switch --flake /Users/henrikvt/Desktop/Code/projects/nixmachines#pepacton && omz reload"; + reload = "omz reload"; + tailscale = "/Applications/Tailscale.app/Contents/MacOS/Tailscale"; + ytdl = "yt-dlp"; + home = "cd ~"; + nvm = "fnm"; + pn = "pnpm"; + }; + systemPackages = with pkgs; [ncurses]; # systemPath = ["$JETBRAINS_BIN_DIR" "$GHOSTTY_BIN_DIR" "$HOME/.bun/bin"]; variables = { EDITOR = "nvim"; From 33367a2cd716e3f5e3a5e1e630167eec5897df22 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Sun, 2 Feb 2025 13:14:11 -0500 Subject: [PATCH 42/56] remove knownNetworkService --- machines/darwin/pepacton/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/machines/darwin/pepacton/default.nix b/machines/darwin/pepacton/default.nix index b5160b1..8533c75 100644 --- a/machines/darwin/pepacton/default.nix +++ b/machines/darwin/pepacton/default.nix @@ -76,7 +76,6 @@ ]; knownNetworkServices = [ "USB 10/100/1G/2.5G LAN" - "USB 10/100/1000 LAN" "Thunderbolt Bridge" "Wi-Fi" "iPhone USB" From debacdec557f0597a584543eeb2b0a131ffdf613 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 3 Feb 2025 11:13:38 -0500 Subject: [PATCH 43/56] add unstable nixpkgs and update woodpecker on barnegat --- flake.lock | 17 +++++++++++++++++ flake.nix | 19 ++++++++++++++----- machines/nixos/barnegat/services/default.nix | 8 +++++++- 3 files changed, 38 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 6934f03..1b300d3 100644 --- a/flake.lock +++ b/flake.lock @@ -546,6 +546,22 @@ "type": "github" } }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1738410390, + "narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "3a228057f5b619feb3186e986dbe76278d707b6e", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1687274257, @@ -654,6 +670,7 @@ "nil-lsp": "nil-lsp", "nix-homebrew": "nix-homebrew", "nixpkgs": "nixpkgs_4", + "nixpkgs-unstable": "nixpkgs-unstable", "nixvim": "nixvim" } }, diff --git a/flake.nix b/flake.nix index c955774..d753881 100644 --- a/flake.nix +++ b/flake.nix @@ -2,9 +2,9 @@ description = "nix configuration for my servers + other stuff"; inputs = { - nixpkgs = { - url = "github:nixos/nixpkgs/nixos-24.11"; - }; + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; darwin = { url = "github:LnL7/nix-darwin/nix-darwin-24.11"; @@ -56,6 +56,7 @@ nil-lsp, home-manager, nix-homebrew, + nixpkgs-unstable, ... } @ inputs: let lib = nixpkgs.lib // home-manager.lib; @@ -74,6 +75,12 @@ inherit system; }); + importUnstable = system: + import nixpkgs-unstable { + inherit system; + config.allowUnfree = true; + }; + deployPkgs = forEachSupportedSystem ( { pkgs, @@ -137,11 +144,12 @@ # Config for my servers nixosConfigurations = { - ashokan = lib.nixosSystem { + ashokan = lib.nixosSystem rec { system = "aarch64-linux"; specialArgs = { inherit inputs; + unstable = importUnstable system; }; modules = [ @@ -160,11 +168,12 @@ ./home/henrikvt ]; }; - barnegat = lib.nixosSystem { + barnegat = lib.nixosSystem rec { system = "x86_64-linux"; specialArgs = { inherit inputs; + pkgs-unstable = importUnstable system; }; modules = [ diff --git a/machines/nixos/barnegat/services/default.nix b/machines/nixos/barnegat/services/default.nix index 3ff7126..953e7cf 100644 --- a/machines/nixos/barnegat/services/default.nix +++ b/machines/nixos/barnegat/services/default.nix @@ -1,4 +1,8 @@ -{config, ...}: { +{ + config, + pkgs-unstable, + ... +}: { imports = [ ./metrics.nix ./proxy.nix @@ -22,4 +26,6 @@ enableTraefik = true; allowSignup = true; }; + + services.woodpecker-server.package = pkgs-unstable.woodpecker-server; } From 7f3ad15ee09bd5efbe40f16c8c6cc645a6e57d6a Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 3 Feb 2025 11:14:05 -0500 Subject: [PATCH 44/56] remove port binding on mastodon-migrate container this is probably what's going to fix the deploy issue --- modules/nixos/mastodon/default.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 3894a99..4936f35 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -227,10 +227,6 @@ in { "mastodon-redis" "mastodon-migrate" ]; - - ports = [ - "${toString cfg.mastodonWebPort}:3000" - ]; }; mastodon-streaming = { From 5f3c9d069436f3b490561101cb7fdfc3d4bac159 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 3 Feb 2025 11:25:41 -0500 Subject: [PATCH 45/56] mastodon deploy works! no working interface yet --- machines/nixos/ashokan/default.nix | 15 -- machines/nixos/ashokan/services/default.nix | 11 ++ machines/nixos/ashokan/services/mastodon.nix | 137 ------------------- 3 files changed, 11 insertions(+), 152 deletions(-) delete mode 100644 machines/nixos/ashokan/services/mastodon.nix diff --git a/machines/nixos/ashokan/default.nix b/machines/nixos/ashokan/default.nix index 3e16beb..c8b1d2c 100644 --- a/machines/nixos/ashokan/default.nix +++ b/machines/nixos/ashokan/default.nix @@ -66,21 +66,6 @@ mastodonAREncryptionEnvVars = chownPodman "${secretsDir}/mastodonAREncryptionEnvVars.age"; }; - svcs.traefik = { - enable = true; - environmentFiles = [config.age.secrets.cfDnsApiToken.path]; - }; - - svcs.mastodon = { - enable = true; - configureTraefik = true; - secretKeyBaseEnvFile = config.age.secrets.mastodonSecretKeyBase.path; - otpSecretEnvFile = config.age.secrets.mastodonOtpSecret.path; - vapidKeysEnvFile = config.age.secrets.mastodonVapidKeys.path; - smtpPasswordEnvFile = config.age.secrets.mastodonSmtpPassword.path; - activeRecordEncryptionEnvFile = config.age.secrets.mastodonAREncryptionEnvVars.path; - }; - # ======================== DO NOT CHANGE THIS ======================== system.stateVersion = "23.11"; # ======================== DO NOT CHANGE THIS ======================== diff --git a/machines/nixos/ashokan/services/default.nix b/machines/nixos/ashokan/services/default.nix index d04b964..568b4ff 100644 --- a/machines/nixos/ashokan/services/default.nix +++ b/machines/nixos/ashokan/services/default.nix @@ -3,6 +3,17 @@ svcs.traefik = { enable = true; + logLevel = "DEBUG"; environmentFiles = [config.age.secrets.cfDnsApiToken.path]; }; + + svcs.mastodon = { + enable = true; + configureTraefik = true; + secretKeyBaseEnvFile = config.age.secrets.mastodonSecretKeyBase.path; + otpSecretEnvFile = config.age.secrets.mastodonOtpSecret.path; + vapidKeysEnvFile = config.age.secrets.mastodonVapidKeys.path; + smtpPasswordEnvFile = config.age.secrets.mastodonSmtpPassword.path; + activeRecordEncryptionEnvFile = config.age.secrets.mastodonAREncryptionEnvVars.path; + }; } diff --git a/machines/nixos/ashokan/services/mastodon.nix b/machines/nixos/ashokan/services/mastodon.nix deleted file mode 100644 index f46d977..0000000 --- a/machines/nixos/ashokan/services/mastodon.nix +++ /dev/null @@ -1,137 +0,0 @@ -{ - config, - lib, - ... -}: let - mastoProxyPort = 55080; - mastoHttpPort = 55443; - # mastoInternalDomain = "mastodon.localhost"; - # mastoStreamPort = 55444; - domain = "unicycl.ing"; - interfaceDomain = "mstdn.${domain}"; -in { - services.mastodon = { - enable = true; - # enableUnixSocket = false; - webPort = mastoHttpPort; - localDomain = domain; - extraConfig = { - WEB_DOMAIN = interfaceDomain; - - RAILS_LOG_LEVEL = "debug"; - # RAILS_SERVE_STATIC_FILES = "true"; - }; - configureNginx = false; - streamingProcesses = 1; - # streamingPort = mastoStreamPort; - - # Connect to Postgres DB via Unix Sockets using Peer Authentication, all settings are default - database = { - # host = "localhost"; - # port = 5432; - createLocally = true; - }; - - smtp = { - host = "smtp.improvmx.com"; - port = 587; - user = "mastodon@${domain}"; - passwordFile = config.age.secrets.mastodonSmtpPassword; - createLocally = false; - fromAddress = "mastodon@${domain}"; - }; - }; - - # External Reverse Proxy - services.traefik.dynamicConfigOptions = { - http = { - routers = { - mastodon = { - rule = "Host(`${interfaceDomain}`)"; - service = "mastodon"; - entryPoints = [ - "https" - "http" - ]; - tls.certResolver = "lecf"; - }; - }; - services = { - mastodon = { - loadBalancer = { - # servers = [{url = "http://unix:/run/mastodon-web/web.socket";}]; - servers = [{url = "http://localhost:${toString mastoProxyPort}";}]; - }; - }; - }; - }; - }; - - # Internal Proxy - services.caddy = { - enable = true; - extraConfig = '' - :${toString mastoProxyPort} { - handle_path /system/* { - file_server * { - root /var/lib/mastodon/public-system - } - } - - handle /api/v1/streaming/* { - reverse_proxy unix//run/mastodon-streaming/streaming-1.socket - } - - route * { - file_server * { - root ${config.services.mastodon.package}/public - pass_thru - } - reverse_proxy * unix//run/mastodon-web/web.socket - } - - handle_errors { - root * ${config.services.mastodon.package}/public - rewrite 500.html - file_server - } - - encode gzip - - header /* { - Strict-Transport-Security "max-age=31536000;" - } - - header /emoji/* Cache-Control "public, max-age=31536000, immutable" - header /packs/* Cache-Control "public, max-age=31536000, immutable" - header /system/accounts/avatars/* Cache-Control "public, max-age=31536000, immutable" - header /system/media_attachments/files/* Cache-Control "public, max-age=31536000, immutable" - } - ''; - }; - - users.users.mastodon.extraGroups = ["nginx"]; - users.users.caddy.extraGroups = ["mastodon"]; - systemd.services.caddy = { - wants = ["mastodon.target"]; - serviceConfig.ReadWriteDirectories = lib.mkForce ["/var/lib/caddy" "/run/mastodon-web"]; - }; - # systemd.tmpfiles.rules = [ - # "d! /run/mastodon-web 0755 - nginx -" - # "z /run/mastodon-web - - nginx -" - # ]; - - # Postgres - services.postgresql = { - enable = true; - # enableTCPIP = true; - enableJIT = true; - ensureDatabases = ["mastodon"]; - ensureUsers = [ - { - name = "mastodon"; - ensureDBOwnership = true; - } - ]; - }; -} From 08393ec472fc8c970ad6f1ec5200ef45f2c789c3 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 3 Feb 2025 12:05:45 -0500 Subject: [PATCH 46/56] fix port binding in mastodon containers lol --- modules/nixos/mastodon/default.nix | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 4936f35..47b1f96 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -13,6 +13,7 @@ env = { # General Config RAILS_ENV = "production"; + RAILS_LOG_LEVEL = "debug"; NODE_ENV = "production"; RAILS_SERVE_STATIC_FILES = "true"; SINGLE_USER_MODE = "true"; @@ -199,10 +200,6 @@ in { dependsOn = [ "mastodon-db" ]; - - ports = [ - "${toString cfg.mastodonWebPort}:3000" - ]; }; mastodon-web = { @@ -227,6 +224,10 @@ in { "mastodon-redis" "mastodon-migrate" ]; + + ports = [ + "127.0.0.1:${toString cfg.mastodonWebPort}:3000" + ]; }; mastodon-streaming = { @@ -243,7 +244,7 @@ in { environmentFiles = secretEnvFiles; ports = [ - "${builtins.toString cfg.mastodonStreamPort}:4000" + "127.0.0.1:${toString cfg.mastodonStreamPort}:4000" ]; dependsOn = [ @@ -299,7 +300,7 @@ in { services = { mastodon = { loadBalancer = { - servers = [{url = "http://localhost:${toString cfg.mastodonWebPort}";}]; + servers = [{url = "http://127.0.0.1:${toString cfg.mastodonWebPort}";}]; }; }; }; From 4c263e6e2db49fec6526627b290dfbd7a3095aa2 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 3 Feb 2025 12:13:03 -0500 Subject: [PATCH 47/56] it works!!! (reduce logging and add shell alias for mastodon container) --- machines/nixos/ashokan/services/default.nix | 1 - modules/nixos/mastodon/default.nix | 4 +++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/machines/nixos/ashokan/services/default.nix b/machines/nixos/ashokan/services/default.nix index 568b4ff..bb03245 100644 --- a/machines/nixos/ashokan/services/default.nix +++ b/machines/nixos/ashokan/services/default.nix @@ -3,7 +3,6 @@ svcs.traefik = { enable = true; - logLevel = "DEBUG"; environmentFiles = [config.age.secrets.cfDnsApiToken.path]; }; diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 47b1f96..a6d5366 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -13,7 +13,7 @@ env = { # General Config RAILS_ENV = "production"; - RAILS_LOG_LEVEL = "debug"; + RAILS_LOG_LEVEL = "warn"; NODE_ENV = "production"; RAILS_SERVE_STATIC_FILES = "true"; SINGLE_USER_MODE = "true"; @@ -285,6 +285,8 @@ in { }; }; + environment.shellAliases = {mastodon = "podman exec mastodon-web";}; + services.traefik.dynamicConfigOptions = lib.mkIf cfg.configureTraefik { http = { routers = { From a7116d5ac30b9b5103023d6436c79dd5c2262f93 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Mon, 3 Feb 2025 12:43:10 -0500 Subject: [PATCH 48/56] try out the glitch fork --- modules/nixos/mastodon/default.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index a6d5366..b38f891 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -178,9 +178,9 @@ in { ]; }; - mastodon-migrate = { - image = "ghcr.io/mastodon/mastodon:v${version}"; - cmd = ["bundle" "exec" "rails" "db:migrate"]; + mastodon-prepare = { + image = "ghcr.io/glitch-soc/mastodon:v${version}"; + cmd = ["bundle" "exec" "rails" "db:migrate" "&&" "bundle" "exec" "rails" "assets:precompile"]; autoStart = true; extraOptions = [ @@ -203,7 +203,7 @@ in { }; mastodon-web = { - image = "ghcr.io/mastodon/mastodon:v${version}"; + image = "ghcr.io/glitch-soc/mastodon:v${version}"; cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; autoStart = true; @@ -231,7 +231,7 @@ in { }; mastodon-streaming = { - image = "ghcr.io/mastodon/mastodon-streaming:v${version}"; + image = "ghcr.io/glitch-soc/mastodon-streaming:v${version}"; cmd = ["node" "./streaming/index.js"]; autoStart = true; @@ -255,7 +255,7 @@ in { }; mastodon-sidekiq = { - image = "ghcr.io/mastodon/mastodon:v${version}"; + image = "ghcr.io/glitch-soc/mastodon:v${version}"; cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_CONCURRENCY}"]; autoStart = true; From 863ffcef1fbff2ebb31e2b569ea703244b06d72d Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 4 Feb 2025 12:18:49 -0500 Subject: [PATCH 49/56] attempt to fix some mastodon performance things --- modules/nixos/mastodon/default.nix | 52 ++++++++++++++++++++++++------ 1 file changed, 43 insertions(+), 9 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index b38f891..3a2a601 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -13,7 +13,7 @@ env = { # General Config RAILS_ENV = "production"; - RAILS_LOG_LEVEL = "warn"; + RAILS_LOG_LEVEL = "debug"; NODE_ENV = "production"; RAILS_SERVE_STATIC_FILES = "true"; SINGLE_USER_MODE = "true"; @@ -24,8 +24,10 @@ LOCAL_DOMAIN = cfg.rootDomain; # Performance/Scaling - MAX_THREADS = "2"; - SIDEKIQ_CONCURRENCY = "2"; + MAX_THREADS = "5"; # Read: Puma Threads + WEB_CONCURRENCY = "1"; # Read: Puma Processes + SIDEKIQ_CONCURRENCY = "1"; # Read: Sidekiq Processes + SIDEKIQ_THREADS = "15"; # This gets passed as a cli arg, but is here for consistency # Mail SMTP_SERVER = "smtp.improvmx.com"; @@ -46,8 +48,10 @@ REDIS_PORT = "6379"; REDIS_PASSWORD = ""; - # Disable ElasticSearch - ES_ENABLED = "false"; + # ElasticSearch + ES_ENABLED = "true"; + ES_HOST = "mastodon-es"; + ES_PORT = "9200"; }; secretEnvFiles = [ @@ -141,6 +145,7 @@ in { podman volume exists mastodon_pgdata || podman volume create mastodon_pgdata podman volume exists mastodon_redisdata || podman volume create mastodon_redisdata podman volume exists mastodon_sysdata || podman volume create mastodon_sysdata + podman volume exists mastodon_searchdata || podman volume create mastodon_searchdata echo "Init complete" ''; @@ -178,9 +183,38 @@ in { ]; }; + mastodon-es = { + image = "docker.elastic.co/elasticsearch/elasticsearch:8.16.1"; + + autoStart = true; + extraOptions = [ + "--network=mastodon" + "--ulimit=memlock=-1:-1" + "--ulimit=nofile=65536:65536" + ]; + + environment = { + ES_JAVA_OPTS = "-Xms512m -Xmx512m -Des.enforce.bootstrap.checks=true"; + "xpack.license.self_generated.type" = "basic"; + "xpack.security.enabled" = "false"; + "xpack.watcher.enabled" = "false"; + "xpack.graph.enabled" = "false"; + "xpack.ml.enabled" = "false"; + "bootstrap.memory_lock" = "true"; + "cluster.name" = "es-mastodon"; + "discovery.type" = "single-node"; + "thread_pool.write.queue_size" = "1000"; + }; + + volumes = [ + "mastodon_searchdata:/usr/share/elasticsearch/data" + ]; + }; + mastodon-prepare = { image = "ghcr.io/glitch-soc/mastodon:v${version}"; cmd = ["bundle" "exec" "rails" "db:migrate" "&&" "bundle" "exec" "rails" "assets:precompile"]; + # cmd = ["bundle" "exec" "rails" "db:migrate"]; autoStart = true; extraOptions = [ @@ -222,7 +256,7 @@ in { dependsOn = [ "mastodon-db" "mastodon-redis" - "mastodon-migrate" + "mastodon-prepare" ]; ports = [ @@ -250,7 +284,7 @@ in { dependsOn = [ "mastodon-db" "mastodon-redis" - "mastodon-migrate" + "mastodon-prepare" ]; }; @@ -274,12 +308,12 @@ in { dependsOn = [ "mastodon-db" "mastodon-redis" - "mastodon-migrate" + "mastodon-prepare" ]; }; }; - systemd.services.podman-mastodon-migrate = { + systemd.services.podman-mastodon-prepare = { serviceConfig = { Restart = mkForce "on-failure"; }; From 5dacfb90ee86242b741b4048f2411cbaac9ac4ad Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 4 Feb 2025 12:18:57 -0500 Subject: [PATCH 50/56] disable traefik debug logging --- machines/nixos/ashokan/services/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/nixos/ashokan/services/default.nix b/machines/nixos/ashokan/services/default.nix index bb03245..25d8be5 100644 --- a/machines/nixos/ashokan/services/default.nix +++ b/machines/nixos/ashokan/services/default.nix @@ -9,6 +9,7 @@ svcs.mastodon = { enable = true; configureTraefik = true; + secretKeyBaseEnvFile = config.age.secrets.mastodonSecretKeyBase.path; otpSecretEnvFile = config.age.secrets.mastodonOtpSecret.path; vapidKeysEnvFile = config.age.secrets.mastodonVapidKeys.path; From 06af8ce9e112a0f391258a72c1fafb6eaacf75ed Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 4 Feb 2025 12:23:39 -0500 Subject: [PATCH 51/56] fix service dependencies --- modules/nixos/mastodon/default.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 3a2a601..1c93948 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -129,11 +129,13 @@ in { unitConfig = {StartLimitInterval = 5;}; wantedBy = [ # "multi-user.target" - # "podman-mastodon-web.service" + "podman-mastodon-web.service" "podman-mastodon-db.service" "podman-mastodon-redis.service" - # "podman-mastodon-streaming.service" - # "podman-mastodon-sidekiq.service" + "podman-mastodon-streaming.service" + "podman-mastodon-sidekiq.service" + "podman-mastodon-prepare.service" + "podman-mastodon-es.service" ]; path = [pkgs.podman]; preStart = "/usr/bin/env sleep 4"; @@ -213,7 +215,7 @@ in { mastodon-prepare = { image = "ghcr.io/glitch-soc/mastodon:v${version}"; - cmd = ["bundle" "exec" "rails" "db:migrate" "&&" "bundle" "exec" "rails" "assets:precompile"]; + cmd = ["bundle" "exec" "rails" "db:migrate"]; # cmd = ["bundle" "exec" "rails" "db:migrate"]; autoStart = true; @@ -238,7 +240,7 @@ in { mastodon-web = { image = "ghcr.io/glitch-soc/mastodon:v${version}"; - cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; + cmd = ["bundle" "exec" "rails" "assets:precompile" "&&" "bundle" "exec" "puma" "-C" "config/puma.rb"]; autoStart = true; extraOptions = [ @@ -257,6 +259,7 @@ in { "mastodon-db" "mastodon-redis" "mastodon-prepare" + "mastodon-es" ]; ports = [ From ea5c4815d84216868cda77323ada874856433f8e Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 4 Feb 2025 13:20:57 -0500 Subject: [PATCH 52/56] make the mastodon-prepare container a oneshot service that does not start on boot --- modules/nixos/mastodon/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 1c93948..9f6c382 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -218,7 +218,7 @@ in { cmd = ["bundle" "exec" "rails" "db:migrate"]; # cmd = ["bundle" "exec" "rails" "db:migrate"]; - autoStart = true; + autoStart = false; extraOptions = [ "--runtime=${pkgs.gvisor}/bin/runsc" "--network=mastodon" @@ -318,12 +318,11 @@ in { systemd.services.podman-mastodon-prepare = { serviceConfig = { + Type = mkForce "oneshot"; Restart = mkForce "on-failure"; }; }; - environment.shellAliases = {mastodon = "podman exec mastodon-web";}; - services.traefik.dynamicConfigOptions = lib.mkIf cfg.configureTraefik { http = { routers = { From f8754cdaa4d88e6b90bcff3aa9e9950903c79d21 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 4 Feb 2025 13:21:28 -0500 Subject: [PATCH 53/56] better performance tuning opts --- modules/nixos/mastodon/default.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 9f6c382..ffea048 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -24,8 +24,9 @@ LOCAL_DOMAIN = cfg.rootDomain; # Performance/Scaling - MAX_THREADS = "5"; # Read: Puma Threads - WEB_CONCURRENCY = "1"; # Read: Puma Processes + MAX_THREADS = "5"; # Read: Puma/Web Threads + # Run Puma in single-mode (as this is a single user instance) + WEB_CONCURRENCY = "0"; # Read: Puma Processes SIDEKIQ_CONCURRENCY = "1"; # Read: Sidekiq Processes SIDEKIQ_THREADS = "15"; # This gets passed as a cli arg, but is here for consistency @@ -240,7 +241,8 @@ in { mastodon-web = { image = "ghcr.io/glitch-soc/mastodon:v${version}"; - cmd = ["bundle" "exec" "rails" "assets:precompile" "&&" "bundle" "exec" "puma" "-C" "config/puma.rb"]; + # cmd = ["bundle" "exec" "rails" "assets:precompile" "&&" "bundle" "exec" "puma" "-C" "config/puma.rb"]; + cmd = ["bundle" "exec" "puma" "-C" "config/puma.rb"]; autoStart = true; extraOptions = [ @@ -293,7 +295,7 @@ in { mastodon-sidekiq = { image = "ghcr.io/glitch-soc/mastodon:v${version}"; - cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_CONCURRENCY}"]; + cmd = ["bundle" "exec" "sidekiq" "-c" "${env.SIDEKIQ_THREADS}"]; autoStart = true; extraOptions = [ From bba6c4c58ddbd716bd57cd4215aa3871b166d058 Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 4 Feb 2025 13:36:00 -0500 Subject: [PATCH 54/56] options for selectively enabling elasticsearch --- modules/nixos/mastodon/default.nix | 46 ++++++++++++++++++------------ 1 file changed, 27 insertions(+), 19 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index ffea048..6717745 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -50,7 +50,7 @@ REDIS_PASSWORD = ""; # ElasticSearch - ES_ENABLED = "true"; + ES_ENABLED = toString cfg.enableElasticSearch; ES_HOST = "mastodon-es"; ES_PORT = "9200"; }; @@ -71,6 +71,7 @@ in { default = "unicycl.ing"; description = "Root domain for Mastodon"; }; + enableElasticSearch = mkEnableOption "Enable ElasticSearch"; mastodonWebPort = mkOption { type = types.int; default = 55010; @@ -128,16 +129,18 @@ in { NoExecPaths = ["/"]; }; unitConfig = {StartLimitInterval = 5;}; - wantedBy = [ - # "multi-user.target" - "podman-mastodon-web.service" - "podman-mastodon-db.service" - "podman-mastodon-redis.service" - "podman-mastodon-streaming.service" - "podman-mastodon-sidekiq.service" - "podman-mastodon-prepare.service" - "podman-mastodon-es.service" - ]; + wantedBy = + [ + # "multi-user.target" + "podman-mastodon-web.service" + "podman-mastodon-db.service" + "podman-mastodon-redis.service" + "podman-mastodon-streaming.service" + "podman-mastodon-sidekiq.service" + "podman-mastodon-prepare.service" + ] + ++ optional cfg.enableElasticSearch "podman-mastodon-es.service"; + path = [pkgs.podman]; preStart = "/usr/bin/env sleep 4"; script = '' @@ -148,7 +151,11 @@ in { podman volume exists mastodon_pgdata || podman volume create mastodon_pgdata podman volume exists mastodon_redisdata || podman volume create mastodon_redisdata podman volume exists mastodon_sysdata || podman volume create mastodon_sysdata - podman volume exists mastodon_searchdata || podman volume create mastodon_searchdata + ${ + if cfg.enableElasticSearch + then "podman volume exists mastodon_searchdata || podman volume create mastodon_searchdata" + else "" + } echo "Init complete" ''; @@ -186,7 +193,7 @@ in { ]; }; - mastodon-es = { + mastodon-es = mkIf cfg.enableElasticSearch { image = "docker.elastic.co/elasticsearch/elasticsearch:8.16.1"; autoStart = true; @@ -257,12 +264,13 @@ in { "mastodon_sysdata:/opt/mastodon/public/system" ]; - dependsOn = [ - "mastodon-db" - "mastodon-redis" - "mastodon-prepare" - "mastodon-es" - ]; + dependsOn = + [ + "mastodon-db" + "mastodon-redis" + "mastodon-prepare" + ] + ++ (optional cfg.enableElasticSearch "mastodon-es"); ports = [ "127.0.0.1:${toString cfg.mastodonWebPort}:3000" From 30175fc1729b3e74972c111a0e7046185780472f Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 4 Feb 2025 13:49:57 -0500 Subject: [PATCH 55/56] optimal performance stuff --- modules/nixos/mastodon/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/mastodon/default.nix b/modules/nixos/mastodon/default.nix index 6717745..d135ac3 100644 --- a/modules/nixos/mastodon/default.nix +++ b/modules/nixos/mastodon/default.nix @@ -13,7 +13,7 @@ env = { # General Config RAILS_ENV = "production"; - RAILS_LOG_LEVEL = "debug"; + RAILS_LOG_LEVEL = "info"; NODE_ENV = "production"; RAILS_SERVE_STATIC_FILES = "true"; SINGLE_USER_MODE = "true"; @@ -28,7 +28,7 @@ # Run Puma in single-mode (as this is a single user instance) WEB_CONCURRENCY = "0"; # Read: Puma Processes SIDEKIQ_CONCURRENCY = "1"; # Read: Sidekiq Processes - SIDEKIQ_THREADS = "15"; # This gets passed as a cli arg, but is here for consistency + SIDEKIQ_THREADS = "6"; # This gets passed as a cli arg, but is here for consistency # Mail SMTP_SERVER = "smtp.improvmx.com"; From 419e1821d3bce1f9d292cb55fe4bc7bc0523d8aa Mon Sep 17 00:00:00 2001 From: Henrik VT Date: Tue, 4 Feb 2025 13:59:59 -0500 Subject: [PATCH 56/56] remove weird error for now --- machines/nixos/valcour/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machines/nixos/valcour/default.nix b/machines/nixos/valcour/default.nix index 6aecd45..20be597 100644 --- a/machines/nixos/valcour/default.nix +++ b/machines/nixos/valcour/default.nix @@ -38,7 +38,7 @@ svcs.tailscale = { advertiseExitNode = true; - advertiseRoutes = ["10.205.16.212/32"]; + # advertiseRoutes = ["10.205.16.212/32"]; }; svcs.netcheck = {