{ pkgs, nixpkgs-unstable, ... }: let mastodonNekoversePatches = pkgs.fetchgit { url = "https://github.com/yuri-qq/nekoverse-mastodon-patches.git"; hash = "sha256-HZP9UndsOcBhFV5T70R1HlYrCL+cqViZVJxHptxZKB8="; }; mastodonNekoverseOverlay = final: prev: { mastodon = (prev.mastodon.override rec { version = "4.2.1"; srcOverride = final.applyPatches { src = final.fetchgit { url = "https://github.com/mastodon/mastodon.git"; rev = "v${version}"; sha256 = "sha256-SM9WdD+xpxo+gfBft9DARV6QjwNbF2Y9McVrrdDT3fw="; }; patches = [ "${mastodonNekoversePatches}/patches/001_increase_image_dimensions_limit.patch" #"${mastodonNekoversePatches}/patches/002_disable_image_reprocessing.patch" "${mastodonNekoversePatches}/patches/003_make_toot_cute.patch" "${mastodonNekoversePatches}/patches/005_improve_custom_emoji_support.patch" "${mastodonNekoversePatches}/patches/006_increase_display_name_character_limit.patch" "${mastodonNekoversePatches}/patches/007_increase_toot_character_limit.patch" ]; }; yarnHash = "sha256-qoLesubmSvRsXhKwMEWHHXcpcqRszqcdZgHQqnTpNPE="; }); }; pkgs-overlay = nixpkgs-unstable.legacyPackages."x86_64-linux".extend mastodonNekoverseOverlay; vapidPublicKey = pkgs.writeText "vapid-public-key" "BDCbFEDCZ8eFuWr3uEq4Qc30UFZUQeNpF8OCw6OjPwAtaKS1yTM3Ue749Xjqy5WhBDjakzlixh4Gk7gluUhIdsU="; in { disabledModules = [ "services/web-apps/mastodon.nix" ]; imports = [ "${nixpkgs-unstable}/nixos/modules/services/web-apps/mastodon.nix" ]; services.mastodon = { enable = true; package = pkgs-overlay.mastodon; localDomain = "social.nekover.se"; secretKeyBaseFile = "/secrets/mastodon-secret-key-base.secret"; otpSecretFile = "/secrets/mastodon-otp-secret.secret"; vapidPublicKeyFile = "${vapidPublicKey}"; vapidPrivateKeyFile = "/secrets/mastodon-vapid-private-key.secret"; smtp = { authenticate = true; host = "mail-1.grzb.de"; port = 465; user = "social@nekover.se"; passwordFile = "/secrets/mastodon-email-smtp-pass.secret"; fromAddress = "Nekoverse "; }; streamingProcesses = 3; extraConfig = { SMTP_TLS = "true"; ES_PRESET = "single_node_cluster"; }; elasticsearch.host = "127.0.0.1"; }; }