pyrox.dev / nixpkgs
lol
fork atom

nixos/akkoma: check that upload and media proxy base url is specified

new versions of akkoma require the upload base url to be specified in
order for updates to work properly.
this will be a breaking change in 24.05, but for now a reasonable
default is set.

tcmal d598b5d8 855667ea

options
unified split
Changed files
+51 -1
nixos
doc
manual
release-notes
rl-2405.section.md
modules
services
web-apps
akkoma.nix
tests
akkoma.nix
+4
nixos/doc/manual/release-notes/rl-2405.section.md 
···

       
402

       
402

       
 

       
- The `erlang_node_short_name`, `erlang_node_name`, `port` and `options` configuration parameters are gone, and have been replaced with an `environment` parameter.


     

       
403

       
403

       
 

       
    Use the appropriate [environment variables](https://hexdocs.pm/livebook/readme.html#environment-variables) inside `environment` to configure the service instead.


     

       
404

       
404

       
 

       



     

       

       
405

       
+

       
- `akkoma` now requires explicitly setting the base URL for uploaded media (`settings."Pleroma.Upload".base_url`), as well as for the media proxy if enabled (`settings."Media"`).


     

       

       
406

       
+

       
  This is recommended to be a separate (sub)domain to the one Akkoma is hosted at.


     

       

       
407

       
+

       
  See [here](https://meta.akkoma.dev/t/akkoma-stable-2024-03-securer-i-barely-know-her/681#explicit-upload-and-media-proxy-domains-5) for more details.


     

       

       
408

       
+

       



     

       
405

       
409

       
 

       
- The `crystal` package has been updated to 1.11.x, which has some breaking changes.


     

       
406

       
410

       
 

       
  Refer to crystal's changelog for more information. ([v1.10](https://github.com/crystal-lang/crystal/blob/master/CHANGELOG.md#1100-2023-10-09), [v1.11](https://github.com/crystal-lang/crystal/blob/master/CHANGELOG.md#1110-2024-01-08))


     

       
407

       
411
+42
nixos/modules/services/web-apps/akkoma.nix 
···

       
764

       
764

       
 

       
                };


     

       
765

       
765

       
 

       
              };


     

       
766

       
766

       
 

       



     

       

       
767

       
+

       
              "Pleroma.Upload" = let


     

       

       
768

       
+

       
                httpConf = cfg.config.":pleroma"."Pleroma.Web.Endpoint".url;


     

       

       
769

       
+

       
              in {


     

       

       
770

       
+

       
                base_url = mkOption {


     

       

       
771

       
+

       
                    type = types.nonEmptyStr;


     

       

       
772

       
+

       
                    default = if lib.versionOlder config.system.stateVersion "24.05"


     

       

       
773

       
+

       
                              then "${httpConf.scheme}://${httpConf.host}:${builtins.toString httpConf.port}/media/"


     

       

       
774

       
+

       
                              else null;


     

       

       
775

       
+

       
                    description = mdDoc ''


     

       

       
776

       
+

       
                      Base path which uploads will be stored at.


     

       

       
777

       
+

       
                      Whilst this can just be set to a subdirectory of the main domain, it is now recommended to use a different subdomain.


     

       

       
778

       
+

       
                    '';


     

       

       
779

       
+

       
                };


     

       

       
780

       
+

       
              };


     

       

       
781

       
+

       



     

       
767

       
782

       
 

       
              ":frontends" = mkOption {


     

       
768

       
783

       
 

       
                type = elixirValue;


     

       
769

       
784

       
 

       
                default = mapAttrs


     
···

       
781

       
796

       
 

       
                  [{option}`config.services.akkoma.frontends`](#opt-services.akkoma.frontends).


     

       
782

       
797

       
 

       
                '';


     

       
783

       
798

       
 

       
              };


     

       

       
799

       
+

       



     

       

       
800

       
+

       



     

       

       
801

       
+

       
              ":media_proxy" = let


     

       

       
802

       
+

       
                httpConf = cfg.config.":pleroma"."Pleroma.Web.Endpoint".url;


     

       

       
803

       
+

       
              in {


     

       

       
804

       
+

       
                enabled = mkOption {


     

       

       
805

       
+

       
                    type = types.bool;


     

       

       
806

       
+

       
                    default = false;


     

       

       
807

       
+

       
                    description = mdDoc ''


     

       

       
808

       
+

       
                      Whether to enable proxying of remote media through the instance's proxy.


     

       

       
809

       
+

       
                    '';


     

       

       
810

       
+

       
                };


     

       

       
811

       
+

       
                base_url = mkOption {


     

       

       
812

       
+

       
                    type = types.nullOr types.nonEmptyStr;


     

       

       
813

       
+

       
                    default = if lib.versionOlder config.system.stateVersion "24.05"


     

       

       
814

       
+

       
                              then "${httpConf.scheme}://${httpConf.host}:${builtins.toString httpConf.port}/media/"


     

       

       
815

       
+

       
                              else null;


     

       

       
816

       
+

       
                    description = mdDoc ''


     

       

       
817

       
+

       
                      Base path for the media proxy.


     

       

       
818

       
+

       
                      Whilst this can just be set to a subdirectory of the main domain, it is now recommended to use a different subdomain.


     

       

       
819

       
+

       
                    '';


     

       

       
820

       
+

       
                };


     

       

       
821

       
+

       
              };


     

       

       
822

       
+

       



     

       
784

       
823

       
 

       
            };


     

       
785

       
824

       
 

       



     

       
786

       
825

       
 

       
            ":web_push_encryption" = mkOption {


     
···

       
904

       
943

       
 

       
  };


     

       
905

       
944

       
 

       



     

       
906

       
945

       
 

       
  config = mkIf cfg.enable {


     

       

       
946

       
+

       
    assertions = optionals (cfg.config.":pleroma".":media_proxy".enabled && cfg.config.":pleroma".":media_proxy".base_url == null) [''


     

       

       
947

       
+

       
      `services.akkoma.config.":pleroma".":media_proxy".base_url` must be set when the media proxy is enabled.


     

       

       
948

       
+

       
    ''];


     

       
907

       
949

       
 

       
    warnings = optionals (with config.security; (!sudo.enable) && (!sudo-rs.enable)) [''


     

       
908

       
950

       
 

       
      The pleroma_ctl wrapper enabled by the installWrapper option relies on


     

       
909

       
951

       
 

       
      sudo, which appears to have been disabled through security.sudo.enable.
+5 -1
nixos/tests/akkoma.nix 
···

       
36

       
36

       
 

       
    ${pkgs.toot}/bin/toot timeline -1 | grep -F -q "hello world Jamy here"


     

       
37

       
37

       
 

       



     

       
38

       
38

       
 

       
    # Test file upload


     

       
39

       

       
-

       
    ${pkgs.toot}/bin/toot upload <(dd if=/dev/zero bs=1024 count=1024 status=none)


     

       

       
39

       
+

       
    echo "y" | ${pkgs.toot}/bin/toot upload <(dd if=/dev/zero bs=1024 count=1024 status=none) \


     

       

       
40

       
+

       
      | grep -F -q "https://akkoma.nixos.test:443/media"


     

       
40

       
41

       
 

       
  '';


     

       
41

       
42

       
 

       



     

       
42

       
43

       
 

       
  checkFe = pkgs.writers.writeBashBin "checkFe" ''


     
···

       
89

       
90

       
 

       



     

       
90

       
91

       
 

       
            "Pleroma.Web.Endpoint" = {


     

       
91

       
92

       
 

       
              url.host = "akkoma.nixos.test";


     

       

       
93

       
+

       
            };


     

       

       
94

       
+

       
            "Pleroma.Upload" = {


     

       

       
95

       
+

       
              base_url = "https://akkoma.nixos.test:443/media/";


     

       
92

       
96

       
 

       
            };


     

       
93

       
97

       
 

       
          };


     

       
94

       
98

       
 

       
        };