···
97
-
mastodonTootctl = pkgs.writeShellScriptBin "mastodon-tootctl" ''
97
+
mastodonTootctl = let
98
+
sourceExtraEnv = lib.concatMapStrings (p: "source ${p}\n") cfg.extraEnvFiles;
99
+
in pkgs.writeShellScriptBin "mastodon-tootctl" ''
export RAILS_ROOT="${cfg.package}"
source /var/lib/mastodon/.secrets_env
if [[ "$USER" != ${cfg.user} ]]; then
···
433
+
extraEnvFiles = lib.mkOption {
434
+
type = with lib.types; listOf path;
436
+
description = lib.mdDoc ''
437
+
Extra environment files to pass to all mastodon services. Useful for passing down environemntal secrets.
439
+
example = [ "/etc/mastodon/s3config.env" ];
automaticMigrations = lib.mkOption {
···
582
-
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ];
594
+
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ] ++ cfg.extraEnvFiles;
WorkingDirectory = cfg.package;
SystemCallFilter = [ ("~" + lib.concatStringsSep " " (systemCallsList ++ [ "@resources" ])) "@chown" "pipe" "pipe2" ];
···
ExecStart = "${cfg.package}/run-streaming.sh";
610
-
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ];
622
+
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ] ++ cfg.extraEnvFiles;
WorkingDirectory = cfg.package;
# Runtime directory and mode
RuntimeDirectory = "mastodon-streaming";
···
ExecStart = "${cfg.package}/bin/puma -C config/puma.rb";
637
-
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ];
649
+
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ] ++ cfg.extraEnvFiles;
WorkingDirectory = cfg.package;
# Runtime directory and mode
RuntimeDirectory = "mastodon-web";
···
ExecStart = "${cfg.package}/bin/sidekiq -c ${toString cfg.sidekiqThreads} -r ${cfg.package}";
665
-
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ];
677
+
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ] ++ cfg.extraEnvFiles;
WorkingDirectory = cfg.package;
SystemCallFilter = [ ("~" + lib.concatStringsSep " " systemCallsList) "@chown" "pipe" "pipe2" ];
···
678
-
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ];
690
+
EnvironmentFile = [ "/var/lib/mastodon/.secrets_env" ] ++ cfg.extraEnvFiles;
olderThanDays = toString cfg.mediaAutoRemove.olderThanDays;
pyrox.dev