{ config, lib, pkgs, pkgs-unstable, ... }: { imports = [ ./module.nix ]; services.lemmy-staging = { enable = true; server.package = pkgs.callPackage ../server.nix { Security = null; }; ui.package = pkgs.callPackage ../ui.nix { }; nginx.enable = true; database.createLocally = true; settings = { hostname = "breaking.awful.systems"; setup = { admin_username = "self"; admin_email = "self@awful.systems"; site_name = "a.s staging"; }; database = { user = "lemmy_staging"; database = "lemmy_staging"; }; }; }; sops.secrets."lemmy-staging/initial_admin_password" = { }; sops.secrets."lemmy-staging/smtp_server" = { }; sops.secrets."lemmy-staging/smtp_login" = { }; sops.secrets."lemmy-staging/smtp_password" = { }; sops.secrets."lemmy-staging/smtp_from_address" = { }; sops.templates.lemmy-staging.content = builtins.toJSON (config.services.lemmy-staging.settings // { setup = config.services.lemmy-staging.settings.setup // { admin_password = config.sops.placeholder."lemmy-staging/initial_admin_password"; }; # email = { # smtp_server = config.sops.placeholder."lemmy-staging/smtp_server"; # smtp_login = config.sops.placeholder."lemmy-staging/smtp_login"; # smtp_password = config.sops.placeholder."lemmy-staging/smtp_password"; # smtp_from_address = config.sops.placeholder."lemmy-staging/smtp_from_address"; # tls_type = "starttls"; # }; }); systemd.services.lemmy-staging = { serviceConfig = { User = "lemmy_staging"; Group = "lemmy_staging"; LoadCredential = "lemmy-staging:${config.sops.templates.lemmy-staging.path}"; }; environment = { LEMMY_CONFIG_LOCATION = lib.mkForce "%d/lemmy-staging"; RUST_BACKTRACE = "full"; LEMMY_DATABASE_URL = pkgs.lib.mkForce "postgres:///lemmy_staging?host=/run/postgresql&user=lemmy_staging"; }; }; networking.firewall.allowedTCPPorts = [ 80 ]; }