From ba7d1fec08cd32f5dd902b345ac66a94e91212cb Mon Sep 17 00:00:00 2001 From: transcaffeine Date: Sat, 24 May 2025 21:14:52 +0200 Subject: [PATCH] nixos/fediwall: init --- .../manual/release-notes/rl-2511.section.md | 2 + nixos/modules/module-list.nix | 1 + nixos/modules/services/web-apps/fediwall.nix | 128 ++++++++++++++++++ 3 files changed, 131 insertions(+) create mode 100644 nixos/modules/services/web-apps/fediwall.nix diff --git a/nixos/doc/manual/release-notes/rl-2511.section.md b/nixos/doc/manual/release-notes/rl-2511.section.md index 9a236172dfe8..e5e3ef1ca4aa 100644 --- a/nixos/doc/manual/release-notes/rl-2511.section.md +++ b/nixos/doc/manual/release-notes/rl-2511.section.md @@ -17,6 +17,8 @@ - [Pi-hole](https://pi-hole.net/), a DNS sinkhole for advertisements based on Dnsmasq. Available as [services.pihole-ftl](#opt-services.pihole-ftl.enable), and [services.pihole-web](#opt-services.pihole-web.enable) for the web GUI and API. +- [Fediwall](https://fediwall.social), a web application for live displaying toots from mastodon, inspired by mastowall. Available as [services.fediwall](#opt-services.fediwall.enable). + - [FileBrowser](https://filebrowser.org/), a web application for managing and sharing files. Available as [services.filebrowser](#opt-services.filebrowser.enable). - Options under [networking.getaddrinfo](#opt-networking.getaddrinfo.enable) are now allowed to declaratively configure address selection and sorting behavior of `getaddrinfo` in dual-stack networks. diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 8b9c38d4ee71..d6a6e7d372df 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -1543,6 +1543,7 @@ ./services/web-apps/eintopf.nix ./services/web-apps/engelsystem.nix ./services/web-apps/ethercalc.nix + ./services/web-apps/fediwall.nix ./services/web-apps/fider.nix ./services/web-apps/filebrowser.nix ./services/web-apps/filesender.nix diff --git a/nixos/modules/services/web-apps/fediwall.nix b/nixos/modules/services/web-apps/fediwall.nix new file mode 100644 index 000000000000..1c223324b6c2 --- /dev/null +++ b/nixos/modules/services/web-apps/fediwall.nix @@ -0,0 +1,128 @@ +{ + lib, + pkgs, + config, + ... +}: + +let + cfg = config.services.fediwall; + pkg = cfg.package.override { conf = cfg.settings; }; + format = pkgs.formats.json { }; +in +{ + options.services.fediwall = { + enable = lib.mkEnableOption "fediwall, a social media wall for the fediverse"; + package = lib.mkPackageOption pkgs "fediwall" { }; + hostName = lib.mkOption { + type = lib.types.str; + default = config.networking.fqdnOrHostName; + defaultText = lib.literalExpression "config.networking.fqdnOrHostName"; + example = "fediwall.example.org"; + description = "The hostname to serve fediwall on."; + }; + settings = lib.mkOption { + default = { }; + description = '' + Fediwall configuration. See + https://github.com/defnull/fediwall/blob/main/public/wall-config.json.example + for information on supported values. + ''; + type = lib.types.submodule { + freeformType = format.type; + options = { + servers = lib.mkOption { + type = with lib.types; listOf str; + default = [ "mastodon.social" ]; + description = "Servers to load posts from"; + }; + tags = lib.mkOption { + type = with lib.types; listOf str; + default = [ ]; + example = lib.literalExpression "[ \"cats\" \"dogs\"]"; + description = "Tags to follow"; + }; + loadPublic = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Load public posts"; + }; + loadFederated = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Load federated posts"; + }; + loadTrends = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Load trending posts"; + }; + hideSensitive = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Hide sensitive (potentially NSFW) posts"; + }; + hideBots = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Hide posts from bot accounts"; + }; + hideReplies = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Hide replies"; + }; + hideBoosts = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Hide boosts"; + }; + showMedia = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Show media in posts"; + }; + playVideos = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Autoplay videos in posts"; + }; + }; + }; + }; + nginx = lib.mkOption { + type = lib.types.submodule ( + lib.recursiveUpdate (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) { } + ); + default = { }; + example = lib.literalExpression '' + { + serverAliases = [ + "fedi.''${config.networking.domain}" + ]; + # Enable TLS and use let's encrypt for ACME + forceSSL = true; + enableACME = true; + } + ''; + description = "Allows customizing the nginx virtualHost settings"; + }; + }; + + config = lib.mkIf cfg.enable { + services.nginx = { + enable = lib.mkDefault true; + virtualHosts."${cfg.hostName}" = lib.mkMerge [ + cfg.nginx + { + root = lib.mkForce "${pkg}"; + locations = { + "/" = { + index = "index.html"; + }; + }; + } + ]; + }; + }; +}