{ config, ... }: let wellKnownLocations = [ "/.well-known/webfinger" "/.well-known/host-meta" "/.well-known/nodeinfo" ]; gtsConfig = config.services.gotosocial.settings; in { services.gotosocial = { enable = true; openFirewall = false; setupPostgresqlDB = true; environmentFile = config.age.secrets.gtsEnv.path; settings = { application-name = "Dala's personnal instance"; landing-page-user = "dala"; host = "gts.dalaran.fr"; account-domain = "dalaran.fr"; bind-address = "localhost"; instance-languages = [ "en" "fr" ]; }; }; services.nginx.virtualHosts = { "dalaran.fr".locations = builtins.listToAttrs ( map (location: { name = location; value.return = "301 https://gts.dalaran.fr$request_uri"; }) wellKnownLocations ); "gts.dalaran.fr" = { enableACME = true; forceSSL = true; locations."/" = { recommendedProxySettings = true; proxyWebsockets = true; proxyPass = "http://${gtsConfig.bind-address}:${builtins.toString gtsConfig.port}"; }; }; }; }