minimal peertube VM

This commit is contained in:
Taeer Bar-Yam 2024-03-19 19:43:20 -04:00
parent dc6e4936ed
commit 8c40168532
5 changed files with 109 additions and 23 deletions

View file

@ -14,6 +14,31 @@ Remember that if you want to clear the state from one launch to the next, you sh
- email, when it works, will be accessible at <https://mastodon.localhost:55001/letter_opener>
## peertube
```bash
nixos-rebuild build-vm --flake .#peertube
./result/bin/run-nixos-vm
```
Now you can access peertube at <https://peertube.localhost:9000>
The root account can be logged in with username "root". The password can be obtained with the command
```bash
journalctl -u peertube | perl -ne '/password: (.*)/ && print $1'
```
or just
```bash
journalctl -u peertube | grep password
```
and look at the end of the line.
Creating other accounts has to be enabled via the admin interface. `Administration > Configuration > Basic > Enable Signup` or just add an account directly from `Administration > Create user`. But functionality can also be tested from the root account.
# TODOs
- [ ] set up a domain name and a DNS service so we can do deploy this to an actual machine
@ -37,3 +62,5 @@ Remember that if you want to clear the state from one launch to the next, you sh
- Tutorial for setting up better logging: https://krisztianfekete.org/self-hosting-mastodon-on-nixos-a-proof-of-concept/
- Setting up development environment: https://docs.joinmastodon.org/dev/setup/
- Tutorial for PeerTube that doesn't use `createLocally`: https://nixos.wiki/wiki/PeerTube

37
common.nix Normal file
View file

@ -0,0 +1,37 @@
{ pkgs, ... }: {
virtualisation.vmVariant = {
# let us log in
users.mutableUsers = false;
users.users.root.hashedPassword = "";
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "yes";
PermitEmptyPasswords = "yes";
UsePAM = "no";
};
};
# automatically log in
services.getty.autologinUser = "root";
# access to convenient things
environment.systemPackages = with pkgs; [ w3m python3 ];
nix.extraOptions = ''
extra-experimental-features = nix-command flakes
'';
# no graphics. see nixos-shell
virtualisation = {
graphics = false;
qemu.consoles = [ "tty0" "hvc0" ];
qemu.options = [
"-serial null"
"-device virtio-serial"
"-chardev stdio,mux=on,id=char0,signal=off"
"-mon chardev=char0,mode=readline"
"-device virtconsole,chardev=char0,nr=0"
];
};
};
}

View file

@ -14,7 +14,12 @@
nixosConfigurations = {
mastodon = nixpkgs.lib.nixosSystem {
inherit system;
modules = [ ./configuration.nix ];
modules = [ ./common.nix ./mastodon.nix ];
};
peertube = nixpkgs.lib.nixosSystem {
inherit system;
modules = [ ./common.nix ./peertube.nix ];
};
};

View file

@ -1,25 +1,4 @@
{ config, lib, pkgs, ... }: lib.mkMerge [
# not mastodon related
{
# let us log in
users.mutableUsers = false;
users.users.root.hashedPassword = "";
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "yes";
PermitEmptyPasswords = "yes";
UsePAM = "no";
};
};
# access to convenient things
environment.systemPackages = with pkgs; [ w3m python3 ];
nix.extraOptions = ''
extra-experimental-features = nix-command flakes
'';
}
# mastodon setup
{
# open up access to the mastodon web interface
@ -46,7 +25,6 @@
# defaults.email = "test@example.com";
};
}
# VM setup
{
# these configurations only apply when producing a VM (e.g. nixos-rebuild build-vm)

39
peertube.nix Normal file
View file

@ -0,0 +1,39 @@
{ config, lib, pkgs, ... }: {
networking.firewall.allowedTCPPorts = [ 80 9000 ];
# these configurations only apply when producing a VM (e.g. nixos-rebuild build-vm)
virtualisation.vmVariant = { config, ... }: {
services.peertube = {
enable = true;
# redirects to localhost, but allows it to have a proper domain name
localDomain = "peertube.localhost";
enableWebHttps = false;
settings = {
listen.hostname = "0.0.0.0";
instance.name = "PeerTube Test VM";
};
# TODO: use agenix
secrets.secretsFile = pkgs.runCommand "secret-gen" {
nativeBuildInputs = [ pkgs.openssl ];
} ''
openssl rand -hex 32 > $out
'';
redis.createLocally = true;
database.createLocally = true;
configureNginx = true;
};
virtualisation.forwardPorts = [
{
from = "host";
host.port = 9000;
guest.port = 9000;
}
{
from = "host";
host.port = 2222;
guest.port = 22;
}
];
};
}