diff --git a/hosts/nixedo/homelab.nix b/hosts/nixedo/homelab.nix index 9a014895..f287fdb6 100644 --- a/hosts/nixedo/homelab.nix +++ b/hosts/nixedo/homelab.nix @@ -15,6 +15,7 @@ immich.enable = true; jellyfin.enable = true; paperless.enable = true; + peertube.enable = false; tubearchivist.enable = true; uptime-kuma.enable = true; vaultwarden.enable = true; diff --git a/hosts/nixedo/modules/default.nix b/hosts/nixedo/modules/default.nix index a9f0517b..aaef0087 100644 --- a/hosts/nixedo/modules/default.nix +++ b/hosts/nixedo/modules/default.nix @@ -28,5 +28,6 @@ with lib; ./jellyfin.nix ./nginx ./paperless.nix + ./peertube.nix ]; } diff --git a/hosts/nixedo/modules/peertube.nix b/hosts/nixedo/modules/peertube.nix new file mode 100644 index 00000000..3184bd40 --- /dev/null +++ b/hosts/nixedo/modules/peertube.nix @@ -0,0 +1,62 @@ +{ + config, + inputs, + lib, + ... +}: + +let + inherit (lib) + mkEnableOption + mkIf + mkOption + types + ; + + cfg = homelab.services.${service}; + homelab = config.homelab; + service = "peertube"; +in +{ + options.homelab.services.${service} = { + enable = mkEnableOption "Enable ${service}"; + + url = mkOption { + default = "videos.${homelab.domain}"; + type = types.str; + }; + }; + + config = mkIf cfg.enable { + services = { + ${service} = { + enable = true; + + configureNginx = true; + enableWebHttps = false; + listenWeb = 80; + localDomain = cfg.url; + + database = { + createLocally = true; + }; + + redis = { + createLocally = true; + enableUnixSocket = true; + }; + + secrets.secretsFile = config.age.secrets.peertube-env.path; + }; + + cloudflared.tunnels.${homelab.cloudflared.tunnelId}.ingress = { + ${cfg.url} = "http://${toString config.services.${service}.listenWeb}"; + }; + }; + + age.secrets."${service}-env" = { + file = "${inputs.self}/secrets/${service}-env.age"; + owner = config.services.${service}.user; + }; + }; +} diff --git a/secrets.nix b/secrets.nix index fed13e5d..2ca983a2 100644 --- a/secrets.nix +++ b/secrets.nix @@ -24,6 +24,10 @@ in hosts.nixedo ] ++ [ users.opdavies ]; + "secrets/peertube-env.age".publicKeys = [ + hosts.nixedo + ] ++ [ users.opdavies ]; + "secrets/tubearchivist-env.age".publicKeys = [ hosts.nixedo hosts.t480 diff --git a/secrets/peertube-env.age b/secrets/peertube-env.age new file mode 100644 index 00000000..0b03f08f --- /dev/null +++ b/secrets/peertube-env.age @@ -0,0 +1,18 @@ +age-encryption.org/v1 +-> ssh-ed25519 IsVD3g kyLYyMMYENXy2F1cnjVyptUhci5xfC8yrhvBtH8THUw +Q8sXfg7Wm4UMZ6jWGiBLgEKOqVvlCrHy8IthdpjRS/8 +-> ssh-rsa +vTWQw +i0sLs+iG1P7pvUAHCn1StChdaMlT+ze4qkI0beSzTbWm6+qoC7X9tBoJoBJbNGmQ +vIaJpYncYUn04r4WrYcjhBaYKYoECPGR0z/i9EtPT67DG6zuNEJLTclMStdudv4P +Y5uHDku3CoEF6l1nBabQmYtA6/7RT/wqQf+yYICp8pJX9fPtgkjbUtwx/EBOTz29 +t1Y6USjHI45IW9Od3G7XcZGuNkLkeV3clBEqWiFeck7+x3/SU8f8sv63M++Bitqb +F/ZXiLd/JDrlRhcgO0XsfKX+M6eodUg3ZQ7/0GFAjfYyiQp6uA5p/srIuTq40W1f +i7zzs0dewz75GjSKIWyivcYvQQzeobxDd6/1nhgtdjHCYyL5HV3QnE7Ew/ZoQPss +kIr25ftZ/sA87wg77J0c7koZneycSV1PioB2RyuW7cXP4ptMUOEaM0KjkLABBWNF ++WxIdGVd8d8E/zBbVnNNPNuKZYHEb6+eCo61Z8x7VAZhz61ziXOdOzeaN1Obgv+2 +Banoulrje4oF1L4KgO64NckVpYi6Od0Cl9W0hOxSt1BafokHYi4yxYiB2rmv/cdO +Q2IR10fKCd1BNYKvMPFia8j3Uv+OYJnilSNUi0bs+42UfFGcURZEgsSGluSIWP3W +ag1ENk3Y0tLR1WMj2mjbybk9JpEAWJ0oxT+oBOV2g9Q +--- iraOjJc4e+c1tH/YoiRIoEyyLVPgRx2xWaM5BUO1Fes +ÜÀ%—UžÈck !ÓX÷Ew–+¦1¬±ê¸‘;+ÀÁ +Úw& Ð&óźøm^uÜsœ_ˆnLâÌë<í^,›¤UÎé \ No newline at end of file