zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

attempt at peertube

Browse Source
This commit is contained in:
zuckerberg 2021-08-02 13:10:14 -04:00
parent 316afc7bf1
commit 95a39c77e3
7 changed files with 102 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
flake.nix
View File

@ -1,6 +1,7 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.05"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.05";
nixpkgs-peertube.url = "github:Izorkin/nixpkgs/add-peertube-service";
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-21.05"; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-21.05";
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
}; };
@ -9,8 +10,10 @@
nixosConfigurations = nixosConfigurations =
let let
mkSystem = system: path: nixpkgs = inputs.nixpkgs;
inputs.nixpkgs.lib.nixosSystem { nixpkgs-peertube = inputs.nixpkgs-peertube;
mkSystem = system: nixpkgs: path:
nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
path path
@ -25,21 +28,21 @@
}; };
in in
{ {
"reg" = mkSystem "x86_64-linux" ./machines/reg/configuration.nix; "reg" = mkSystem "x86_64-linux" nixpkgs ./machines/reg/configuration.nix;
"ray" = mkSystem "x86_64-linux" ./machines/ray/configuration.nix; "ray" = mkSystem "x86_64-linux" nixpkgs ./machines/ray/configuration.nix;
"mitty" = mkSystem "x86_64-linux" ./machines/mitty/configuration.nix; "mitty" = mkSystem "x86_64-linux" nixpkgs ./machines/mitty/configuration.nix;
"nanachi" = mkSystem "x86_64-linux" ./machines/nanachi/configuration.nix; "nanachi" = mkSystem "x86_64-linux" nixpkgs ./machines/nanachi/configuration.nix;
"riko" = mkSystem "x86_64-linux" ./machines/riko/configuration.nix; "riko" = mkSystem "x86_64-linux" nixpkgs ./machines/riko/configuration.nix;
"neetdev" = mkSystem "x86_64-linux" ./machines/neet.dev/configuration.nix; "neetdev" = mkSystem "x86_64-linux" nixpkgs ./machines/neet.dev/configuration.nix;
"liza" = mkSystem "x86_64-linux" ./machines/liza/configuration.nix; "liza" = mkSystem "x86_64-linux" nixpkgs-peertube ./machines/liza/configuration.nix;
"s0" = mkSystem "aarch64-linux" ./machines/storage/s0/configuration.nix; "s0" = mkSystem "aarch64-linux" nixpkgs ./machines/storage/s0/configuration.nix;
"n1" = mkSystem "aarch64-linux" ./machines/compute/n1/configuration.nix; "n1" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n1/configuration.nix;
"n2" = mkSystem "aarch64-linux" ./machines/compute/n2/configuration.nix; "n2" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n2/configuration.nix;
"n3" = mkSystem "aarch64-linux" ./machines/compute/n3/configuration.nix; "n3" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n3/configuration.nix;
"n4" = mkSystem "aarch64-linux" ./machines/compute/n4/configuration.nix; "n4" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n4/configuration.nix;
"n5" = mkSystem "aarch64-linux" ./machines/compute/n5/configuration.nix; "n5" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n5/configuration.nix;
"n6" = mkSystem "aarch64-linux" ./machines/compute/n6/configuration.nix; "n6" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n6/configuration.nix;
"n7" = mkSystem "aarch64-linux" ./machines/compute/n7/configuration.nix; "n7" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n7/configuration.nix;
}; };
}; };
} }

34
machines/liza/configuration.nix
View File

@ -29,6 +29,40 @@
disableRegistration = true; disableRegistration = true;
}; };
services.peertube = {
enable = true;
localDomain = "tube.neet.space";
listenHttp = 9000;
listenWeb = 9000;
enableWebHttps = false;
# dataDirs
serviceEnvironmentFile = "/run/secrets/peertube-init";
# settings
database = {
createLocally = true;
passwordFile = "/run/secrets/peertube-db-pw";
};
redis = {
createLocally = true;
passwordFile = "/run/secrets/peertube-redis-pw";
};
smtp = {
createLocally = true;
passwordFile = "/run/secrets/peertube-smtp";
};
};
services.nginx.virtualHosts."tube.neet.space" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.peertube.listenHttp}";
};
};
age.secrets.peertube-init.file = ../../secrets/peertube-init.age;
age.secrets.peertube-db-pw.file = ../../secrets/peertube-db-pw.age;
age.secrets.peertube-redis-pw.file = ../../secrets/peertube-redis-pw.age;
age.secrets.peertube-smtp.file = ../../secrets/peertube-smtp.age;
services.searx = { services.searx = {
enable = true; enable = true;
environmentFile = "/run/secrets/searx"; environmentFile = "/run/secrets/searx";

21
secrets/peertube-db-pw.age Normal file
View File

@ -0,0 +1,21 @@
age-encryption.org/v1
-> ssh-ed25519 ebHUtA MdbXWrBOZgRkuzyPJYvgLio9CVIbE09MIfbp5UdCkiI
mVx6QhyWHGQKUJ4aCs5Mde65nuqYjYzDsaJvN7Gpyb8
-> ssh-ed25519 WVH30Q astoRjNBcdJiE7pJpX6ECjIUulylnrSEnPbcRv2ocSY
a6v3yGtcqVPDYSWWXBnP+tGCx4HIrgEJ3V1Atp2AhJA
-> ssh-ed25519 G2eSCQ rlNb5q7338/hqUC9LlSt+RcTe67X9ufsK4v2QGZAwy4
2PUYij5W42mfgqv5qvtx3hqAseq0Qc2xqwfTkdc6+J8
-> ssh-ed25519 Xqs6ZQ Xqf6sl5m3abf/mdLbG4ScpZeXcvMOFlxeBe06SykmGc
fkbKVdtdg07qonkWDKKZXlWotSNHm27t+plBPSLicpY
-> ssh-ed25519 2a2Yhw nv5rssB+VqT8KByTgoLf6uA87dOzxTnIKWEpY8dmQkI
d5JXnDjXKf+DMG4tQvd6c4xEoMxHfqGnS0sGndvZvAg
-> ssh-ed25519 N240Tg U+WsKtfdmBPfD18EH4Jsd0QRdp5Kjlnp6KmY6mIJkh4
Eu1V/0kx7gVmJ2srhPvGePAo0Jq4ltz9Lvk9v47R0vw
-> ssh-ed25519 mbw8xA Lpi4CslMaa6CCA+kKHN//OPLXUh8lQ+4rJwT1CQpS2U
1JRhI1YC16r+cLua4qRLsDkmWR5UcuPq2+rkXosWIXA
-> ssh-ed25519 xoAm7w 5IfOvIHWVxEzuGI+E+ftPOst3zwyOdEnXzIyEJnaylQ
NGnngbBaLsRAA+2xBZWPOEsAohzaRFcvUcpitPrDUmQ
-> 3,LuzD'-grease zz.&
LFrNo1dUXU6JBoVkh0+R5NqJ2a4lyWpwLzXTUP46qGTz3NlJtMplqkpflsI
--- VSrznMReh1Fnhea+tZeUvoTuFqVM3IXNsKtikxhqsts
aª@5á[=Ñ]²çÅmÄî•Ãð¤ÜXÔFð¥VüãàIÝ/ålÎaê>¯s¢áO ñ˜›‡ô Y0ñÄwÜí³ØeD@§Ûmà§ÅUt0†³

BIN
secrets/peertube-init.age Normal file
View File

Binary file not shown.

BIN
secrets/peertube-redis-pw.age Normal file
View File

Binary file not shown.

23
secrets/peertube-smtp.age Normal file
View File

@ -0,0 +1,23 @@
age-encryption.org/v1
-> ssh-ed25519 ebHUtA fYicgxmFo7Qp1lekNns7HPTN65wiGu8UwfdLBk2E4mU
3eEtdth3czNSHJVdT+ccQtLXS/vMzh0CipiGCQmMA9w
-> ssh-ed25519 WVH30Q fWbRdH24IpukRQQxV02s23MkeOsnlObePG+AHCCkzAA
YqdtYbP4lued8V62QWUksSGd7of3eTh1BH6Zt6FEw2A
-> ssh-ed25519 G2eSCQ Du62+/27HVwZPQgOy7S3Bciov7O/N9PNlFQmnaiK0lk
Tli1XwEurWZapVqdGIaN534gfDRXOFmRbml+tGHQlfg
-> ssh-ed25519 Xqs6ZQ ah7/wjx+Xj4B5oNQqcZQP4Sz+kVvIbLUjp8bAoDB4SA
wdNQXKU09KIv3pAzqyEJwbkqc6r5mngVtqosDd23+XQ
-> ssh-ed25519 2a2Yhw 3DoK66S8Unum5RCop8Ktr/mmlyZegPKGA+haknQyhWY
685xq3S8Sh8RAVpaiog8DrM98fEwo9veQLhrDm4twpo
-> ssh-ed25519 N240Tg H3gptakJ0wVMRSV/oV/3ekc1K9mJWjfAc7BGe+e19l4
f+zZibzUMLhz31ZLok+OK43dLsVUHOKGfm5m+MPdgqA
-> ssh-ed25519 mbw8xA 9P2ZL3vSx5d7iKahLuUZBzWZvZn4NA5CkYB8Hidr0yI
/g7HG0G8WpjlDeHH5QDkCwNZtxyO7QAgMRwhoA+4mao
-> ssh-ed25519 xoAm7w a1oSyqLCddxQwytQ7BGEsTUy//d/I2eGvW3SKQoxtys
LiBRTXubOG3h4zeINa1IgZyq7Q7h5WQmmS8Kkt7OoXc
-> :4JC`NcH-grease
8GHBG04S2dGc+j99nGgkfd+wenbTV1xEXIOGwpB2Nd+nzY4pydJ6w2lvhX/DXDk0
EIwaFw
--- 89LUIINoAmzt61rEdFKF2iwkj8o+LveMJBysTF7mQGg
ðÀMÛÙêób´¾òz6sÁ¾!9N«Ç©^¼]tÓ`&
°/Ó)ËÛà‰ÏufÎV{ #lfRpæ=KhcÚÂ-R-”uQ~<7E>^z0 4ñL„

4
secrets/secrets.nix
View File

@ -7,4 +7,8 @@ in
{ {
"searx.age".publicKeys = all; "searx.age".publicKeys = all;
"pia-login.conf".publicKeys = all; "pia-login.conf".publicKeys = all;
"peertube-init.age".publicKeys = all;
"peertube-db-pw.age".publicKeys = all;
"peertube-redis-pw.age".publicKeys = all;
"peertube-smtp.age".publicKeys = all;
} }