simple-nixos-fediverse/fediversity/peertube.nix

90 lines
2.4 KiB
Nix
Raw Normal View History

2024-04-03 14:40:19 +02:00
let
snakeoil_key = {
id = "GK1f9feea9960f6f95ff404c9b";
secret = "7295c4201966a02c2c3d25b5cea4a5ff782966a2415e3a196f91924631191395";
};
in
{ config, lib, pkgs, ... }:
lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) {
2024-03-20 00:43:20 +01:00
networking.firewall.allowedTCPPorts = [ 80 9000 ];
2024-04-03 14:40:19 +02:00
services.garage = {
ensureBuckets = {
peertube-videos = {
website = true;
2024-05-25 01:02:12 +02:00
# TODO: these are too broad, after getting everything works narrow it down to the domain we actually want
2024-04-03 14:40:19 +02:00
corsRules = {
enable = true;
allowedHeaders = [ "*" ];
allowedMethods = [ "GET" ];
allowedOrigins = [ "*" ];
};
};
2024-05-25 01:02:12 +02:00
# TODO: these are too broad, after getting everything works narrow it down to the domain we actually want
2024-04-03 14:40:19 +02:00
peertube-playlists = {
website = true;
corsRules = {
enable = true;
allowedHeaders = [ "*" ];
allowedMethods = [ "GET" ];
allowedOrigins = [ "*" ];
};
};
};
ensureKeys = {
peertube = {
inherit (snakeoil_key) id secret;
ensureAccess = {
peertube-videos = {
read = true;
write = true;
owner = true;
};
peertube-playlists = {
read = true;
write = true;
owner = true;
};
};
};
};
};
services.peertube = {
settings = {
object_storage = {
enabled = true;
endpoint = "http://s3.garage.localhost:3900";
region = "garage";
# not supported by garage
# SEE: https://garagehq.deuxfleurs.fr/documentation/connect/apps/#peertube
proxy.proxyify_private_files = false;
web_videos = {
bucket_name = "peertube-videos";
prefix = "";
base_url = "http://peertube-videos.web.garage.localhost:3902";
};
videos = {
bucket_name = "peertube-videos";
prefix = "";
base_url = "http://peertube-videos.web.garage.localhost:3902";
};
streaming_playlists = {
bucket_name = "peertube-playlists";
prefix = "";
base_url = "http://peertube-playlists.web.garage.localhost:3902";
};
};
};
serviceEnvironmentFile = "/etc/peertube-env";
};
environment.etc.peertube-env.text = ''
AWS_ACCESS_KEY_ID=${snakeoil_key.id}
AWS_SECRET_ACCESS_KEY=${snakeoil_key.secret}
'';
2024-03-20 00:43:20 +01:00
}