1 { config, lib, pkgs, pkgs-unstable, ... }:
4 imports = [ ./module.nix ];
6 services.lemmy-prod = {
8 server.package = pkgs.callPackage ../server.nix { Security = null; };
9 ui.package = pkgs.callPackage ../ui.nix { };
11 database.createLocally = true;
14 hostname = "awful.systems";
16 admin_username = "self";
17 admin_email = "self@awful.systems";
18 site_name = "awful.systems";
23 sops.secrets."lemmy/initial_admin_password" = { };
24 sops.secrets."lemmy/smtp_server" = { };
25 sops.secrets."lemmy/smtp_login" = { };
26 sops.secrets."lemmy/smtp_password" = { };
27 sops.secrets."lemmy/smtp_from_address" = { };
29 sops.templates.lemmy-prod.content = builtins.toJSON
30 (config.services.lemmy-prod.settings // {
31 setup = config.services.lemmy-prod.settings.setup // {
32 admin_password = config.sops.placeholder."lemmy/initial_admin_password";
36 smtp_server = config.sops.placeholder."lemmy/smtp_server";
37 smtp_login = config.sops.placeholder."lemmy/smtp_login";
38 smtp_password = config.sops.placeholder."lemmy/smtp_password";
39 smtp_from_address = config.sops.placeholder."lemmy/smtp_from_address";
40 tls_type = "starttls";
44 systemd.services.lemmy-prod = {
48 LoadCredential = ''lemmy-prod:${config.sops.templates.lemmy-prod.path}'';
52 LEMMY_CONFIG_LOCATION = lib.mkForce "%d/lemmy-prod";
53 RUST_BACKTRACE = "full";
55 pkgs.lib.mkForce "postgres:///lemmy?host=/run/postgresql&user=lemmy";
59 networking.firewall.allowedTCPPorts = [ 80 ];