Coffee journaling on ATProto (alpha) alpha.arabica.social
coffee
17
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat: moderation settings in nix module

+95 -1
+95 -1
module.nix
··· 1 1 { config, lib, pkgs, ... }: 2 2 3 - let cfg = config.services.arabica; 3 + let 4 + cfg = config.services.arabica; 5 + 6 + moderatorUserType = lib.types.submodule { 7 + options = { 8 + did = lib.mkOption { 9 + type = lib.types.str; 10 + description = "AT Protocol DID of the moderator."; 11 + example = "did:plc:abc123xyz"; 12 + }; 13 + handle = lib.mkOption { 14 + type = lib.types.str; 15 + default = ""; 16 + description = "Optional handle for the moderator (for readability)."; 17 + example = "alice.bsky.social"; 18 + }; 19 + role = lib.mkOption { 20 + type = lib.types.enum [ "admin" "moderator" ]; 21 + description = "The moderation role assigned to this user."; 22 + }; 23 + note = lib.mkOption { 24 + type = lib.types.str; 25 + default = ""; 26 + description = "Optional note about this moderator."; 27 + }; 28 + }; 29 + }; 30 + 31 + # Build the moderators JSON config file from Nix settings 32 + moderatorsConfigFile = pkgs.writeText "moderators.json" (builtins.toJSON { 33 + roles = { 34 + admin = { 35 + description = "Full platform control"; 36 + permissions = [ 37 + "hide_record" 38 + "unhide_record" 39 + "blacklist_user" 40 + "unblacklist_user" 41 + "view_reports" 42 + "dismiss_report" 43 + "view_audit_log" 44 + ]; 45 + }; 46 + moderator = { 47 + description = "Content moderation"; 48 + permissions = 49 + [ "hide_record" "unhide_record" "view_reports" "dismiss_report" ]; 50 + }; 51 + }; 52 + users = map (u: 53 + { 54 + inherit (u) did role; 55 + } // lib.optionalAttrs (u.handle != "") { inherit (u) handle; } 56 + // lib.optionalAttrs (u.note != "") { inherit (u) note; }) 57 + cfg.moderation.moderators; 58 + }); 59 + 60 + # Resolve the config path: explicit file takes priority, then generated from moderators list 61 + effectiveConfigPath = if cfg.moderation.configFile != null then 62 + cfg.moderation.configFile 63 + else if cfg.moderation.moderators != [ ] then 64 + moderatorsConfigFile 65 + else 66 + null; 4 67 in { 5 68 options.services.arabica = { 6 69 enable = lib.mkEnableOption "Arabica coffee brew tracking service"; ··· 37 100 default = true; 38 101 description = 39 102 "Whether to set the Secure flag on cookies. Should be true when using HTTPS."; 103 + }; 104 + }; 105 + 106 + moderation = { 107 + configFile = lib.mkOption { 108 + type = lib.types.nullOr lib.types.path; 109 + default = null; 110 + description = '' 111 + Path to a moderators JSON config file. If set, this takes priority 112 + over the `moderators` list option. See the project README for the 113 + expected format. 114 + ''; 115 + example = "/etc/arabica/moderators.json"; 116 + }; 117 + 118 + moderators = lib.mkOption { 119 + type = lib.types.listOf moderatorUserType; 120 + default = [ ]; 121 + description = '' 122 + List of moderator users. When set, a config file is generated 123 + automatically with the standard admin and moderator roles. 124 + Ignored if `configFile` is set. 125 + ''; 126 + example = lib.literalExpression '' 127 + [ 128 + { did = "did:plc:abc123"; role = "admin"; handle = "alice.bsky.social"; note = "Platform owner"; } 129 + { did = "did:plc:def456"; role = "moderator"; handle = "bob.bsky.social"; } 130 + ] 131 + ''; 40 132 }; 41 133 }; 42 134 ··· 137 229 OAUTH_CLIENT_ID = cfg.oauth.clientId; 138 230 OAUTH_REDIRECT_URI = cfg.oauth.redirectUri; 139 231 ARABICA_DB_PATH = "${cfg.dataDir}/arabica.db"; 232 + } // lib.optionalAttrs (effectiveConfigPath != null) { 233 + ARABICA_MODERATORS_CONFIG = toString effectiveConfigPath; 140 234 }; 141 235 }; 142 236