forked from pub-solar/infra
feat: add invidious
This commit is contained in:
parent
62e1e0cddc
commit
1426ee4189
31
hosts/nachtigall/apps/invidious.nix
Normal file
31
hosts/nachtigall/apps/invidious.nix
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
{
|
||||||
|
flake,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
age.secrets.invidious-database-password = {
|
||||||
|
file = "${flake.self}/secrets/invidious-database-password.age";
|
||||||
|
mode = "600";
|
||||||
|
owner = "invidious";
|
||||||
|
};
|
||||||
|
age.secrets.invidious-extra-settings = {
|
||||||
|
file = "${flake.self}/secrets/invidious-extra-settings.age";
|
||||||
|
mode = "600";
|
||||||
|
owner = "invidious";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.invidious = {
|
||||||
|
enable = true;
|
||||||
|
domain = "tube.pub.solar";
|
||||||
|
nginx.enable = true;
|
||||||
|
|
||||||
|
database.passwordFile = config.age.secrets.invidious-database-password.path;
|
||||||
|
settings = {
|
||||||
|
db = {
|
||||||
|
user = "invidious";
|
||||||
|
dbname = "invidious";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
extraSettingsFile = config.age.secrets.invidious-extra-settings.path;
|
||||||
|
};
|
||||||
|
}
|
|
@ -11,6 +11,7 @@
|
||||||
|
|
||||||
./apps/collabora.nix
|
./apps/collabora.nix
|
||||||
./apps/forgejo.nix
|
./apps/forgejo.nix
|
||||||
|
./apps/invidious.nix
|
||||||
./apps/keycloak.nix
|
./apps/keycloak.nix
|
||||||
./apps/mailman.nix
|
./apps/mailman.nix
|
||||||
./apps/mastodon.nix
|
./apps/mastodon.nix
|
||||||
|
|
29
secrets/invidious-database-password.age
Normal file
29
secrets/invidious-database-password.age
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 iDKjwg p7jggAXuyIk50ge45uJ3LekCOiH9zvfRZXj5SNovs0Q
|
||||||
|
nBZapSy7/4bRLkh8v7ZIk3WHR5tGUOM140XlIvD9K8Q
|
||||||
|
-> ssh-ed25519 uYcDNw uYuqv3+0bMtm7Vnimcg0U63mWcCoz+Gx0ivIBGma+jA
|
||||||
|
rb89GPsKC7IAedggC5XAhdijkH6dI+kiNMyAQqdF+1M
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
LHAXPytPbesF+/AI7Zxjy4JdBv+ZLvyzy9c3JrUWWWGpzFNX4SkGfbQqUQ4ilY7O
|
||||||
|
WoLECqPl0j3HxAjsv+Lr0sSNZ5nQbi+CJ1YnQcHVMKjgHIAwYk2KbOnL4wybO88h
|
||||||
|
kz79CPEfH013nXwk1e1u5PytPRVLyd9Yb4cxQEHhoAXyq+n1dU+1P6t3Vn1ieGhI
|
||||||
|
GwvtRhlED9ZYx8sGnwmE6CcoiYs3mnQzSPSNQgTnxHrSYRfVEbfVUcnHle9kMinz
|
||||||
|
kFhx1UViuAhAM0ISsJY7bv+l9HR3Wr5ZCYIMJqhb62J+So6eW4dHmqWUVoZJod4W
|
||||||
|
rqmekRT+ex3MM1TUsKNtAOnSvXRQ4g9IJmVfhNZift/s/MhMXnqKNaZEPGoyUiDB
|
||||||
|
lzTqJIEgvhlDcCxG8exTHGtwzrpQWZigYn77PXpNSs3Oh5CxvvJxsmmm6gZ73glX
|
||||||
|
Kr0odISVG8LNzWHkNtoFJ/STZ2Ij7iyKDM+GsB8UF5ohvmqsHUVZtMtC/1DJxN3h
|
||||||
|
3l+XbFhK2qxV3Q4MNGmZQtIsrkthd2Yegi71Xx6AciBFGLpYfX1PgmUAob736Qib
|
||||||
|
VdksSO774PWGspdrHhA9eMdj3t0F+hSJSCB1rbmCDxgFFHZCkFyM/GTyFIc9dAMZ
|
||||||
|
WC8IOb+98pZHZpRAu02m3EzXU4CC52PKbcsPFwRVAUw
|
||||||
|
-> ssh-ed25519 YFSOsg ewcjor0jQHIfRUXkHPaAB4kSLiB7IumiYs/jdgPWaA4
|
||||||
|
oWGBH2GrDxfiZs5HNh10KOVCGWXjQ4k0ntDqTs5DM1M
|
||||||
|
-> ssh-ed25519 iHV63A xmgyajkliaH7IZRrEhBKIkxoeyfpffO3RHTIcAwYGAA
|
||||||
|
NAHSGl96hfBcK7n/g020l2LFfgqD2Ia9bgU8AGoA5sg
|
||||||
|
-> ssh-ed25519 BVsyTA KMqATFcF2CP5XWWt+BGfFnF5twAeb61zHup0POFwqEs
|
||||||
|
s7zyECDDq5iGVanCTO2KHHcs9DMgrbfd9ZZBHCwT7GE
|
||||||
|
-> c?-grease | f bq* !Gin
|
||||||
|
Jw+r7o44l6g8tLr/Ooq8zp7UIreJTVzDxr1ljQstc1Aad29h9qBs3PuRPSPpwpx5
|
||||||
|
97hCnte/qg
|
||||||
|
--- L+s1PdpjGHtOk8SahLJwUOC5E/qQgkdhmm3ATw530DE
|
||||||
|
ワロ。仍、ル鑷)
|
||||||
|
値、「春e1Iメ瞋Fタvfチチ繧リ{gメ宝4厭E*旋h<E6978B>鹹辯脣嬋dホZ
|
28
secrets/invidious-extra-settings.age
Normal file
28
secrets/invidious-extra-settings.age
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 iDKjwg si7vZyKK9pJnOG3KJb1Dw8avgmV0O4JhCHEKjxEl6EU
|
||||||
|
iWNDTYfOQAgOBbxpH6utRdG5NssnzzqmRiblnkDXXfU
|
||||||
|
-> ssh-ed25519 uYcDNw p70448VEqAm0pWuBo990itnegs8CL0rCMSrUHjvsaFI
|
||||||
|
MQl2NR2rAajDWhpJ8pYjo2WCrhMMDnsh3XDuSJarXX8
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
IF0HiErsklaOOPUCVQvzfQVJZ++FZYjYAAwiEVLrPnQEZbFkz6rz+AMfBGoZ/o+y
|
||||||
|
5eToVTeCuqlFUvLo1PL65k9noHVPkTRBFcrZEfjxzOEmkin2mHGQDCHdmOuCYExb
|
||||||
|
W+9zrT+B7oeP9pVkynGm4qeV9UWKtZujKaaCQ6mA8drppRqpuyId7YlEjwvIkz/O
|
||||||
|
KxTGMCX+OX+fwYf9yE2QbaLikMSJZ45TyvA50vJJ/bEoeqgo/6nk6hlCUlJs/rvM
|
||||||
|
F251XxcqgicznSg77jaqJ3+AHLzAppIqXcsJ3PrdhtmtwuDlRByqzGeaYIm+fTxv
|
||||||
|
xrRg20B2kB/kRj/OlS4lg/YMpZvwTWiny66gCxiqoAcDlTWVmdYx+r41SUqmfYo4
|
||||||
|
Ka5LTcWuUQKZHfgturqxzhwPVhDiXitB5iYGeyqSx2Mtl0XeEotqXCf0L1wmUL5t
|
||||||
|
i9MaCsfcUjPl60BZrrcLFkzWUfj67E4red7fJYFlvov+E8AXcRwCGj9N0CM55W2d
|
||||||
|
ACMTu1S5oO4Q8qbPjCKCbSZVDVDzvGiiZjt68QLmCjovEAjoG7+JOvtNsRwKOh9T
|
||||||
|
6lAY2tzZO1iwq0+yJCRTVk/hTfQc6qAhZneo3RyeRxxpGMqLTTfSrHO5DltcCfAU
|
||||||
|
1pHmoD1VMVSeATaFGz30ZDuDHtfvvLWY2OAcYlPQmhc
|
||||||
|
-> ssh-ed25519 YFSOsg pKCQfsn94Ymf+OEUJou/2uLW/kq5bPLOvHHoTesAYyY
|
||||||
|
YVTtRYBlGP8tOfMFsiKjOkqkh/8k9wli916rdNQDHOE
|
||||||
|
-> ssh-ed25519 iHV63A 329hKjiWetnYDPMzzfjcvKbzq+PjfizJlNj6Qfkm/Bg
|
||||||
|
NnRKpHSJGCoFHETRzfuprqK35bGDPqPxoJ1t+QAnWx4
|
||||||
|
-> ssh-ed25519 BVsyTA WKbRFjE0Rljsk2zdvlvOxtSf+aNmwoe2Sk1KAnwBhlA
|
||||||
|
bHn/YD0CZAKudz63O1pyWJMNxw0aBJuATQO3IQf1gec
|
||||||
|
-> &4a-grease
|
||||||
|
r68wGZ/DS7Oithir1pjMQQGgV+8emqCwo77c3BnAYwDdeo0nfBhWzOXEm0YsxosI
|
||||||
|
3wPVNALurCr1MMt7Knbe
|
||||||
|
--- 1ofmrBN2UO8Pm7jnZzxYav2MqoIgy91LCxw1sZoF9ao
|
||||||
|
8F<EFBFBD>bF:òÔŸVQH÷ ÉD +8ZôÏÚ'B¶JáWfóïÝŒ ¡âÑsʦÌQ¡†kÜAEKôø×Æl«“Éô|êÉž^¦?z
|
|
@ -43,4 +43,7 @@ in {
|
||||||
"nextcloud-admin-pass.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"nextcloud-admin-pass.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"searx-environment.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"searx-environment.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
|
"invidious-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
"invidious-extra-settings.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
}
|
}
|
||||||
|
|
|
@ -123,6 +123,11 @@ resource "namecheap_domain_records" "pub-solar" {
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
address = "nachtigall.pub.solar."
|
address = "nachtigall.pub.solar."
|
||||||
}
|
}
|
||||||
|
record {
|
||||||
|
hostname = "tube"
|
||||||
|
type = "CNAME"
|
||||||
|
address = "nachtigall.pub.solar."
|
||||||
|
}
|
||||||
record {
|
record {
|
||||||
hostname = "matrix"
|
hostname = "matrix"
|
||||||
type = "A"
|
type = "A"
|
||||||
|
|
Loading…
Reference in a new issue