Akkoma
services.akkoma.config
Configuration for Akkoma. The attributes are serialised to Elixir DSL.
Refer to https://docs.akkoma.dev/stable/configuration/cheatsheet/ for configuration options.
Settings containing secret data should be set to an attribute set containing the
attribute _secret - a string pointing to a file containing the value the option
should be set to.
Type: attribute set of attribute set of (Elixir value)
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":joken".":default_signer"
JWT signing secret.
The attribute _secret should point to a file containing the secret.
This secret can be generated as follows:
$ tr -dc 'A-Za-z0-9-._~' </dev/urandom | head -c 64
Type: secret value
Default
{_secret = "/var/lib/secrets/akkoma/jwt-signer";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":logger".":ex_syslogger".level
Log level.
Refer to https://hexdocs.pm/logger/Logger.html#module-levels for options.
Type: non-empty string
Default
":info"
Example
":warning"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma".":frontends"
Frontend configuration.
Users should rely on the default value and prefer to configure frontends through
{option}config.services.akkoma.frontends.
Type: Elixir value
Default
lib.mapAttrs (key: val:(pkgs.formats.elixirConf { }).lib.mkMap { name = val.name; ref = val.ref; })config.services.akkoma.frontends;
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma".":instance".description
Instance description.
Type: non-empty string
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma".":instance".email
Instance administrator email.
Type: non-empty string
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma".":instance".name
Instance name.
Type: non-empty string
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma".":instance".static_dir
Directory of static files.
This directory can be built using a derivation, or it can be managed as mutable state by setting the option to an absolute path.
Type: path
Default
Derivation gathering the following paths into a directory:
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma".":instance".upload_dir
Directory where Akkoma will put uploaded files.
Type: absolute path
Default
"/var/lib/akkoma/uploads"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma".":media_proxy".base_url
Base path for the media proxy. Whilst this can just be set to a subdirectory of the main domain, it is now recommended to use a different subdomain.
Type: null or non-empty string
Default
if lib.versionOlder config.system.stateVersion "24.05"then "$\{httpConf.scheme}://$\{httpConf.host}:$\{builtins.toString httpConf.port}"else null;
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma".":media_proxy".enabled
Whether to enable proxying of remote media through the instance's proxy.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Repo"
Database configuration.
Refer to https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options for options.
Type: Elixir value
Default
{adapter = (pkgs.formats.elixirConf { }).lib.mkRaw "Ecto.Adapters.Postgres";socket_dir = "/run/postgresql";username = config.services.akkoma.user;database = "akkoma";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Upload".base_url
Base path which uploads will be stored at. Whilst this can just be set to a subdirectory of the main domain, it is now recommended to use a different subdomain.
Type: non-empty string
Default
if lib.versionOlder config.system.stateVersion "24.05"then "$\{httpConf.scheme}://$\{httpConf.host}:$\{builtins.toString httpConf.port}/media/"else null;
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".http.ip
Listener IP address or Unix socket path.
The value is automatically converted to Elixir’s internal address representation during serialisation.
Type: absolute path or IPv4 or IPv6 address
Default
"/run/akkoma/socket"
Example
"::1"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".http.port
Listener port number.
Must be 0 if using a Unix socket.
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default
if isAbsolutePath config.services.akkoma.config.:pleroma"."Pleroma.Web.Endpoint".http.ip then 0 else 4000;
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".live_view.signing_salt
LiveView signing salt.
The attribute _secret should point to a file containing the secret.
This salt can be generated as follows:
$ tr -dc 'A-Za-z0-9-._~' </dev/urandom | head -c 8
Type: secret value
Default
{_secret = "/var/lib/secrets/akkoma/liveview-salt";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".secret_key_base
Secret key used as a base to generate further secrets for encrypting and signing data.
The attribute _secret should point to a file containing the secret.
This key can generated can be generated as follows:
$ tr -dc 'A-Za-z-._~' </dev/urandom | head -c 64
Type: secret value
Default
{_secret = "/var/lib/secrets/akkoma/key-base";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".signing_salt
Signing salt.
The attribute _secret should point to a file containing the secret.
This salt can be generated as follows:
$ tr -dc 'A-Za-z0-9-._~' </dev/urandom | head -c 8
Type: secret value
Default
{_secret = "/var/lib/secrets/akkoma/signing-salt";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".url.host
Domain name of the instance.
Type: non-empty string
Default
config.networking.fqdn
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".url.port
External port number.
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default
443
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".url.scheme
URL scheme.
Type: non-empty string
Default
"https"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":web_push_encryption"
Web Push Notifications configuration.
The necessary key pair can be generated as follows:
$ nix-shell -p nodejs --run 'npx web-push generate-vapid-keys'
Type: Elixir value
Default
{ }
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":web_push_encryption".":vapid_details".private_key
base64-encoded private ECDH key.
The attribute _secret should point to a file containing the secret.
Type: secret value
Default
{_secret = "/var/lib/secrets/akkoma/vapid-private";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":web_push_encryption".":vapid_details".public_key
base64-encoded public ECDH key.
Type: non-empty string or secret value
Default
{_secret = "/var/lib/secrets/akkoma/vapid-public";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.config.":web_push_encryption".":vapid_details".subject
mailto URI for administrative contact.
Type: non-empty string
Default
"mailto:${config.services.akkoma.config.":pleroma".":instance".email}"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.dist.address
Listen address for Erlang distribution protocol and Port Mapper Daemon (epmd).
Type: IPv4 or IPv6 address
Default
"127.0.0.1"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.dist.cookie
Erlang release cookie.
If set to null, a temporary random cookie will be generated.
Type: null or secret value
Default
null
Example
{_secret = "/var/lib/secrets/akkoma/releaseCookie";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.dist.epmdPort
TCP port to bind Erlang Port Mapper Daemon to.
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default
4369
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.dist.extraFlags
Extra flags to pass to Erlang
Type: list of string
Default
[ ]
Example
["+sbwt""none""+sbwtdcpu""none""+sbwtdio""none"]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.dist.portMax
Upper bound for Erlang distribution protocol TCP port.
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default
65535
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.dist.portMin
Lower bound for Erlang distribution protocol TCP port.
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default
49152
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.enable
Whether to enable Akkoma.
Type: boolean
Default
false
Example
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.extraPackages
List of extra packages to include in the executable search path of the service unit. These are needed by various configurable components such as:
- ExifTool for the
Pleroma.Upload.Filter.Exiftoolupload filter, - ImageMagick for still image previews in the media proxy as well as for the
Pleroma.Upload.Filters.Mogrifyupload filter, and - ffmpeg for video previews in the media proxy.
Type: list of package
Default
with pkgs; [ exiftool graphicsmagick-imagemagick-compat ffmpeg_5-headless ]
Example
with pkgs; [ exiftool imagemagick ffmpeg_5-full ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.extraStatic
Attribute set of extra packages to add to the static files directory.
Do not add frontends here. These should be configured through
{option}services.akkoma.frontends.
Type: null or (attribute set of package)
Default
null
Example
`#!nix { "emoji/blobs.gg" = pkgs.akkoma-emoji.blobs_gg; "static/terms-of-service.html" = pkgs.writeText "terms-of-service.html" '' … ''; "favicon.png" = let rev = "697a8211b0f427a921e7935a35d14bb3e32d0a2c"; in pkgs.stdenvNoCC.mkDerivation { name = "favicon.png";
src = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/TilCreator/NixOwO/${rev}/NixOwO_plain.svg";
hash = "sha256-tWhHMfJ3Od58N9H5yOKPMfM56hYWSOnr/TGCBi8bo9E=";
};
nativeBuildInputs = with pkgs; [ librsvg ];
dontUnpack = true;
installPhase = ''
rsvg-convert -o $out -w 96 -h 96 $src
'';
}; } `
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.frontends
Akkoma frontends.
Type: attribute set of (submodule)
Default
{primary = {package = pkgs.akkoma-frontends.akkoma-fe;name = "akkoma-fe";ref = "stable";};admin = {package = pkgs.akkoma-frontends.admin-fe;name = "admin-fe";ref = "stable";};}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.frontends.<name>.name
Akkoma frontend name.
Type: non-empty string
Example
"akkoma-fe"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.frontends.<name>.package
Akkoma frontend package.
Type: package
Example
pkgs.akkoma-frontends.akkoma-fe
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.frontends.<name>.ref
Akkoma frontend reference.
Type: non-empty string
Example
"stable"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.group
Group account under which Akkoma runs.
Type: non-empty string
Default
"akkoma"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.initDb.enable
Whether to automatically initialise the database on startup. This will create a database role and database if they do not already exist, and (re)set the role password and the ownership of the database.
This setting can be used safely even if the database already exists and contains data.
The database settings are configured through
{option}config.services.akkoma.config.":pleroma"."Pleroma.Repo".
If disabled, the database has to be set up manually:
CREATE ROLE akkoma LOGIN;
CREATE DATABASE akkoma
OWNER akkoma
TEMPLATE template0
ENCODING 'utf8'
LOCALE 'C';
\connect akkoma
CREATE EXTENSION IF NOT EXISTS citext;
CREATE EXTENSION IF NOT EXISTS pg_trgm;
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
Type: boolean
Default
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.initDb.password
Password of the database user to initialise the database with.
If set to null, no password will be used.
The attribute _secret should point to a file containing the secret.
Type: null or secret value
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.initDb.username
Name of the database user to initialise the database with.
This user is required to have the CREATEROLE and CREATEDB capabilities.
Type: non-empty string
Default
config.services.postgresql.superUser
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.initSecrets
Whether to initialise non‐existent secrets with random values.
If enabled, appropriate secrets for the following options will be created automatically
if the files referenced in the _secrets attribute do not exist during startup.
- {option}
config.":pleroma"."Pleroma.Web.Endpoint".secret_key_base - {option}
config.":pleroma"."Pleroma.Web.Endpoint".signing_salt - {option}
config.":pleroma"."Pleroma.Web.Endpoint".live_view.signing_salt - {option}
config.":web_push_encryption".":vapid_details".private_key - {option}
config.":web_push_encryption".":vapid_details".public_key - {option}
config.":joken".":default_signer"
Type: boolean
Default
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.installWrapper
Whether to install a wrapper around pleroma_ctl to simplify administration of the
Akkoma instance.
Type: boolean
Default
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx
Extra configuration for the nginx virtual host of Akkoma.
If set to null, no virtual host will be added to the nginx configuration.
Type: null or (submodule)
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.acmeFallbackHost
Host which to proxy requests to if ACME challenge is not found. Useful if you want multiple hosts to be able to verify the same domain name.
With this option, you could request certificates for the present domain with an ACME client that is running on another host, which you would specify here.
Type: null or string
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.acmeRoot
Directory for the ACME challenge, which is public. Don't put certs or keys in here. Set to null to inherit from config.security.acme.
Type: null or string
Default
"/var/lib/acme/acme-challenge"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.addSSL
Whether to enable HTTPS in addition to plain HTTP. This will set defaults for
listen to listen on all interfaces on the respective default
ports (80, 443).
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.basicAuth
Basic Auth protection for a vhost.
WARNING: This is implemented to store the password in plain text in the Nix store.
Type: attribute set of string
Default
{ }
Example
{user = "password";};
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.basicAuthFile
Basic Auth password file for a vhost.
Can be created via: {command}htpasswd -c <filename> <username>.
WARNING: The generate file contains the users' passwords in a non-cryptographically-securely hashed way.
Type: null or path
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.default
Makes this vhost the default.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.enableACME
Whether to ask Let's Encrypt to sign a certificate for this vhost.
Alternately, you can use an existing certificate through {option}useACMEHost.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.extraConfig
These lines go to the end of the vhost verbatim.
Type: strings concatenated with "\n"
Default
""
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.forceSSL
Whether to add a separate nginx server block that redirects (defaults
to 301, configurable with redirectCode) all plain HTTP traffic to
HTTPS. This will set defaults for listen to listen on all interfaces
on the respective default ports (80, 443), where the non-SSL listens
are used for the redirect vhosts.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.globalRedirect
If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
Type: null or string
Default
null
Example
"newserver.example.org"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.http2
Whether to enable the HTTP/2 protocol. Note that (as of writing) due to nginx's implementation, to disable HTTP/2 you have to disable it on all vhosts that use a given IP address / port. If there is one server block configured to enable http2, then it is enabled for all server blocks on this IP. See https://stackoverflow.com/a/39466948/263061.
Type: boolean
Default
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.http3
Whether to enable the HTTP/3 protocol.
This requires using pkgs.nginxQuic package
which can be achieved by setting services.nginx.package = pkgs.nginxQuic;
and activate the QUIC transport protocol
services.nginx.virtualHosts.<name>.quic = true;.
Note that HTTP/3 support is experimental and not yet recommended for production.
Read more at https://quic.nginx.org/
HTTP/3 availability must be manually advertised, preferably in each location block.
Type: boolean
Default
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.http3_hq
Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests.
This requires using pkgs.nginxQuic package
which can be achieved by setting services.nginx.package = pkgs.nginxQuic;
and activate the QUIC transport protocol
services.nginx.virtualHosts.<name>.quic = true;.
Note that special application protocol support is experimental and not yet recommended for production.
Read more at https://quic.nginx.org/
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.kTLS
Whether to enable kTLS support. Implementing TLS in the kernel (kTLS) improves performance by significantly reducing the need for copying operations between user space and the kernel. Required Nginx version 1.21.4 or later.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.listen
Listen addresses and ports for this virtual host.
IPv6 addresses must be enclosed in square brackets.
Note: this option overrides addSSL
and onlySSL.
If you only want to set the addresses manually and not
the ports, take a look at listenAddresses.
Type: list of (submodule)
Default
[ ]
Example
[{addr = "195.154.1.1";port = 443;ssl = true;}{addr = "192.154.1.1";port = 80;}{addr = "unix:/var/run/nginx.sock";}]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.listen.*.addr
Listen address.
Type: string
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.listen.*.extraParameters
Extra parameters of this listen directive.
Type: list of string
Default
[ ]
Example
["backlog=1024""deferred"]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.listen.*.port
Port number to listen on. If unset and the listen address is not a socket then nginx defaults to 80.
Type: null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.listen.*.proxyProtocol
Enable PROXY protocol.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.listen.*.ssl
Enable SSL.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.listenAddresses
Listen addresses for this virtual host.
Compared to listen this only sets the addresses
and the ports are chosen automatically.
Note: This option overrides enableIPv6
Type: list of string
Default
[ ]
Example
["127.0.0.1""[::1]"]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations
Declarative location config
Type: attribute set of (submodule)
Default
{ }
Example
{"/" = {proxyPass = "http://localhost:3000";};};
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.alias
Alias directory for requests.
Type: null or path
Default
null
Example
"/your/alias/directory"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.basicAuth
Basic Auth protection for a vhost.
WARNING: This is implemented to store the password in plain text in the Nix store.
Type: attribute set of string
Default
{ }
Example
{user = "password";};
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.basicAuthFile
Basic Auth password file for a vhost.
Can be created via: {command}htpasswd -c <filename> <username>.
WARNING: The generate file contains the users' passwords in a non-cryptographically-securely hashed way.
Type: null or path
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.extraConfig
These lines go to the end of the location verbatim.
Type: strings concatenated with "\n"
Default
""
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.fastcgiParams
FastCGI parameters to override. Unlike in the Nginx configuration file, overriding only some default parameters won't unset the default values for other parameters.
Type: attribute set of (string or path)
Default
{ }
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.index
Adds index directive.
Type: null or string
Default
null
Example
"index.php index.html"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.priority
Order of this location block in relation to the others in the vhost.
The semantics are the same as with lib.mkOrder. Smaller values have
a greater priority.
Type: signed integer
Default
1000
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.proxyPass
Adds proxy_pass directive and sets recommended proxy headers if recommendedProxySettings is enabled.
Type: null or string
Default
null
Example
"http://www.example.org/"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.proxyWebsockets
Whether to support proxying websocket connections with HTTP/1.1.
Type: boolean
Default
false
Example
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.recommendedProxySettings
Enable recommended proxy settings.
Type: boolean
Default
config.services.nginx.recommendedProxySettings
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.return
Adds a return directive, for e.g. redirections.
Type: null or string or signed integer
Default
null
Example
"301 http://example.com$request_uri"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.root
Root directory for requests.
Type: null or path
Default
null
Example
"/your/root/directory"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.locations.<name>.tryFiles
Adds try_files directive.
Type: null or string
Default
null
Example
"$uri =404"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.onlySSL
Whether to enable HTTPS and reject plain HTTP connections. This will set
defaults for listen to listen on all interfaces on port 443.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.quic
Whether to enable the QUIC transport protocol.
This requires using pkgs.nginxQuic package
which can be achieved by setting services.nginx.package = pkgs.nginxQuic;.
Note that QUIC support is experimental and
not yet recommended for production.
Read more at https://quic.nginx.org/
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.redirectCode
HTTP status used by globalRedirect and forceSSL. Possible usecases
include temporary (302, 307) redirects, keeping the request method and
body (307, 308), or explicitly resetting the method to GET (303).
See https://developer.mozilla.org/en-US/docs/Web/HTTP/Redirections.
Type: integer between 300 and 399 (both inclusive)
Default
301
Example
308
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.rejectSSL
Whether to listen for and reject all HTTPS connections to this vhost. Useful in
default
server blocks to avoid serving the certificate for another vhost. Uses the
ssl_reject_handshake directive available in nginx versions
1.19.4 and above.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.reuseport
Create an individual listening socket . It is required to specify only once on one of the hosts.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.root
The path of the web root directory.
Type: null or path
Default
null
Example
"/data/webserver/docs"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.serverAliases
Additional names of virtual hosts served by this virtual host configuration.
Type: list of string
Default
[ ]
Example
["www.example.org""example.org"]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.serverName
Name of this virtual host. Defaults to attribute name in virtualHosts.
Type: null or string
Default
null
Example
"example.org"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.sslCertificate
Path to server SSL certificate.
Type: path
Example
"/var/host.cert"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.sslCertificateKey
Path to server SSL certificate key.
Type: path
Example
"/var/host.key"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.sslTrustedCertificate
Path to root SSL certificate for stapling and client certificates.
Type: null or path
Default
null
Example
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.nginx.useACMEHost
A host of an existing Let's Encrypt certificate to use.
This is useful if you have many subdomains and want to avoid hitting the
rate limit.
Alternately, you can generate a certificate through {option}enableACME.
Note that this option does not create any certificates, nor it does add subdomains to existing ones – you will need to create them manually using .
Type: null or string
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.package
The akkoma package to use.
Type: package
Default
pkgs.akkoma
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix
services.akkoma.user
User account under which Akkoma runs.
Type: non-empty string
Default
"akkoma"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/akkoma.nix