minimal peertube VM

2024-03-19 19:43:20 -04:00 · 2024-03-19 19:43:20 -04:00 · 8c40168532
parent dc6e4936ed
commit 8c40168532
5 changed files with 109 additions and 23 deletions
--- a/README.md
+++ b/README.md
@ -14,6 +14,31 @@ Remember that if you want to clear the state from one launch to the next, you sh

 - email, when it works, will be accessible at <https://mastodon.localhost:55001/letter_opener>

+## peertube
+
+```bash
+nixos-rebuild build-vm --flake .#peertube 
+./result/bin/run-nixos-vm
+```
+
+Now you can access peertube at <https://peertube.localhost:9000>
+
+The root account can be logged in with username "root". The password can be obtained with the command 
+```bash
+journalctl -u peertube | perl -ne '/password: (.*)/ && print $1'
+```
+
+or just
+
+```bash
+journalctl -u peertube | grep password
+```
+
+and look at the end of the line.
+
+Creating other accounts has to be enabled via the admin interface. `Administration > Configuration > Basic > Enable Signup` or just add an account directly from `Administration > Create user`. But functionality can also be tested from the root account.
+
+
 # TODOs

 - [ ] set up a domain name and a DNS service so we can do deploy this to an actual machine
@ -37,3 +62,5 @@ Remember that if you want to clear the state from one launch to the next, you sh

 - Tutorial for setting up better logging: https://krisztianfekete.org/self-hosting-mastodon-on-nixos-a-proof-of-concept/
 - Setting up development environment: https://docs.joinmastodon.org/dev/setup/
+
+- Tutorial for PeerTube that doesn't use `createLocally`: https://nixos.wiki/wiki/PeerTube
--- a/common.nix
+++ b/common.nix
@ -0,0 +1,37 @@
+{ pkgs, ... }: {
+  virtualisation.vmVariant = {
+    # let us log in
+    users.mutableUsers = false;
+    users.users.root.hashedPassword = "";
+    services.openssh = {
+      enable = true;
+      settings = {
+        PermitRootLogin = "yes";
+        PermitEmptyPasswords = "yes";
+        UsePAM = "no";
+      };
+    };
+
+    # automatically log in
+    services.getty.autologinUser = "root";
+
+    # access to convenient things
+    environment.systemPackages = with pkgs; [ w3m python3 ];
+    nix.extraOptions = ''
+      extra-experimental-features = nix-command flakes
+    '';
+
+    # no graphics. see nixos-shell
+    virtualisation = {
+      graphics = false;
+      qemu.consoles = [ "tty0" "hvc0" ];
+      qemu.options = [
+        "-serial null"
+        "-device virtio-serial"
+        "-chardev stdio,mux=on,id=char0,signal=off"
+        "-mon chardev=char0,mode=readline"
+        "-device virtconsole,chardev=char0,nr=0"
+      ];
+    };
+  };
+}
--- a/flake.nix
+++ b/flake.nix
@ -14,7 +14,12 @@
    nixosConfigurations = {
      mastodon = nixpkgs.lib.nixosSystem {
        inherit system;
-        modules = [ ./configuration.nix ];
+        modules = [ ./common.nix ./mastodon.nix ];
+      };
+
+      peertube = nixpkgs.lib.nixosSystem {
+        inherit system;
+        modules = [ ./common.nix ./peertube.nix ];
      };
    };

--- a/configuration.nix
+++ b/configuration.nix
@ -1,25 +1,4 @@
 { config, lib, pkgs, ... }: lib.mkMerge [
-  # not mastodon related
-  {
-    # let us log in
-    users.mutableUsers = false;
-    users.users.root.hashedPassword = "";
-    services.openssh = {
-      enable = true;
-      settings = {
-        PermitRootLogin = "yes";
-        PermitEmptyPasswords = "yes";
-        UsePAM = "no";
-      };
-    };
-
-    # access to convenient things
-    environment.systemPackages = with pkgs; [ w3m python3 ];
-    nix.extraOptions = ''
-      extra-experimental-features = nix-command flakes
-    '';
-  }
-
  # mastodon setup
  {
    # open up access to the mastodon web interface
@ -46,7 +25,6 @@
      # defaults.email = "test@example.com";
    };
  }
-
  # VM setup
  {
    # these configurations only apply when producing a VM (e.g. nixos-rebuild build-vm)
--- a/peertube.nix
+++ b/peertube.nix
@ -0,0 +1,39 @@
+{ config, lib, pkgs, ... }: {
+  networking.firewall.allowedTCPPorts = [ 80 9000 ];
+
+  # these configurations only apply when producing a VM (e.g. nixos-rebuild build-vm)
+  virtualisation.vmVariant = { config, ... }: {
+    services.peertube = {
+      enable = true;
+      # redirects to localhost, but allows it to have a proper domain name
+      localDomain = "peertube.localhost";
+      enableWebHttps = false;
+      settings = {
+        listen.hostname = "0.0.0.0";
+        instance.name = "PeerTube Test VM";
+      };
+      # TODO: use agenix
+      secrets.secretsFile = pkgs.runCommand "secret-gen" {
+        nativeBuildInputs = [ pkgs.openssl ];
+      } ''
+        openssl rand -hex 32 > $out
+      '';
+      redis.createLocally = true;
+      database.createLocally = true;
+      configureNginx = true;
+    };
+
+    virtualisation.forwardPorts = [
+      {
+        from = "host";
+        host.port = 9000;
+        guest.port = 9000;
+      }
+      {
+        from = "host";
+        host.port = 2222;
+        guest.port = 22;
+      }
+    ];
+  };
+}