From 1d00aacc8b1986f6f120ceb827d3e8122cef6e18 Mon Sep 17 00:00:00 2001
From: Victor Mignot <root@victormignot.fr>
Date: Sat, 6 Jul 2024 09:23:24 +0200
Subject: [PATCH] Camelot: add GoToSocial instance

---
 configurations/camelot/default.nix    | 12 ++++++-
 configurations/camelot/gotosocial.nix | 47 +++++++++++++++++++++++++++
 modules/server/builder.nix            |  3 +-
 3 files changed, 60 insertions(+), 2 deletions(-)
 create mode 100644 configurations/camelot/gotosocial.nix

diff --git a/configurations/camelot/default.nix b/configurations/camelot/default.nix
index 7f395c2..6e0ac4d 100644
--- a/configurations/camelot/default.nix
+++ b/configurations/camelot/default.nix
@@ -42,13 +42,23 @@
     ./jellyfin.nix
     ./wireguard.nix
     ./nextcloud.nix
+    ./gotosocial.nix
   ];
 
   swapDeviceUUID = "a7c628ab-c5cb-4094-89d0-19b153fbead4";
 
   server.networking.enableSSH = true;
 
-  services.nginx.enable = true;
+  services.nginx = {
+    enable = true;
+    clientMaxBodySize = "40m";
+
+    virtualHosts."dalaran.fr" = {
+      default = true;
+      enableACME = true;
+      forceSSL = true;
+    };
+  };
 
   environment.systemPackages = with pkgs; [
     neovim
diff --git a/configurations/camelot/gotosocial.nix b/configurations/camelot/gotosocial.nix
new file mode 100644
index 0000000..245b61c
--- /dev/null
+++ b/configurations/camelot/gotosocial.nix
@@ -0,0 +1,47 @@
+{ config, ... }:
+let
+  wellKnownLocations = [
+    "/.well-known/webfinger"
+    "/.well-known/host-meta"
+    "/.well-known/nodeinfo"
+  ];
+  gtsConfig = config.services.gotosocial.settings;
+in
+{
+  services.gotosocial = {
+    enable = true;
+    openFirewall = true;
+    setupPostgresqlDB = true;
+    settings = {
+      applications-name = "Dala's personnal instance";
+      host = "gts.dalaran.fr";
+      account-domain = "dalaran.fr";
+      bind-address = "localhost";
+    };
+  };
+
+  services.nginx.virtualHosts = {
+    "dalaran.fr".locations = builtins.listToAttrs (
+      map (location: {
+        name = location;
+        value.return = "301 https://gts.dalaran.fr$request_uri";
+      }) wellKnownLocations
+    );
+
+    "gts.dalaran.fr" = {
+      enableACME = true;
+      forceSSL = true;
+
+      locations."/" = {
+        proxyPass = "http://${gtsConfig.bind-address}:${builtins.toString gtsConfig.port}";
+        extraConfig = ''
+          proxy_set_header Host $host;
+          proxy_set_header Upgrade $http_upgrade;
+          proxy_set_header Connection "upgrade";
+          proxy_set_header X-Forwarded-For $remote_addr;
+          proxy_set_header X-Forwarded-Proto $scheme;
+        '';
+      };
+    };
+  };
+}
diff --git a/modules/server/builder.nix b/modules/server/builder.nix
index 090ec50..268c775 100644
--- a/modules/server/builder.nix
+++ b/modules/server/builder.nix
@@ -2,7 +2,8 @@
 with lib;
 let
   host = extraInfo.woodpeckerURI;
-in {
+in
+{
   options.server.build.enable = mkOption {
     type = types.bool;
     default = false;