1
0
Fork 0
dotfiles/system/nixos/invidious.nix
2023-03-20 14:00:36 +01:00

57 lines
1.1 KiB
Nix

{ config, ... }:
let
fqdn = "yt.daniel.sx";
in
{
services.invidious = {
enable = true;
domain = fqdn;
port = 8007;
database = {
createLocally = false;
host = "10.99.99.3";
port = 5432;
passwordFile = "%d/databasePassword";
};
settings = {
db = {
user = "invidious";
dbname = "invidious";
};
host_binding = "127.0.0.1";
https_only = true;
statistics_enabled = false;
registration_enabled = true;
login_enabled = true;
captcha_enabled = false;
admins = [ "daniel" ];
use_pubsub_feeds = false;
};
nginx.enable = false;
};
systemd.services.invidious.serviceConfig.LoadCredential = "databasePassword:${config.age.secrets.invidious-database-password.path}";
services.nginx.virtualHosts."${fqdn}" = {
http3 = true;
onlySSL = true;
useACMEHost = "daniel.sx";
basicAuthFile = config.age.secrets.invidious-auth.path;
locations."/" = {
recommendedProxySettings = true;
proxyPass = "http://127.0.0.1:8007";
};
};
}