This way updating these values is much less hacky. A downside is that tools
like nix-update will no longer be able to update these, but this should not
be too important for invidious.
This update disables QUIC by default which fixes Invidious not loading
anything except for the home page due to YouTube no longer accepting
HTTP/3 (Upstream Issue:
https://github.com/iv-org/invidious/issues/2577).
It therefore uses Crystal’s internal HTTP client, which failed because
the statically linked boringssl (required by lsquic) overrides OpenSSL’s
CA certificate file location. This is fixed by applying the same patch
to boringssl that is applied to openssl for using the correct CA
certificate file.
This also adds a derivation for lsquic, but places it inside invidious’
directory. That is because lsquic.cr (the library used by invidious)
requires a specific lsquic version that is probably not useful for other
derivations.
Co-authored-by: Simon Bruder <simon@sbruder.de>
