nki/nix-home
1
0
Fork 0
Code Issues Pull requests 2 Packages Projects Releases Wiki Activity

Add the timer

Browse source
This commit is contained in:
Natsu Kagami 2023-10-15 22:44:10 +02:00
parent c972247ee8
commit dc12f861c9
Signed by: nki
GPG key ID: 55A032EB38B49ADB
2 changed files with 49 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
nki-personal-do/invidious.nix
View file

@ -1,14 +1,42 @@
{ config, pkgs, lib, ... }: {
{ config, pkgs, lib, ... }:
let
ipv6-rotator =
let
src = pkgs.fetchFromGitHub {
owner = "iv-org";
repo = "smart-ipv6-rotator";
rev = "61c019c2b14304c2a111a6db4c492d10ab2308cf";
hash = "sha256-a4BQH2D7La51vdPqMQSlZB73twX9Zcjq8mxbT5SdCpo=";
};
in
pkgs.writeShellApplication {
name = "smart-ipv6-rotator";
runtimeInputs = [ (pkgs.python3.withPackages (p: with p; [ pyroute2 requests ])) ];
text = ''
if [ -z "$IPV6_ROTATOR_RANGE" ]; then
echo "Range required"
exit 1
fi
python3 ${src}/smart-ipv6-rotator.py "$@" --ipv6range="$IPV6_ROTATOR_RANGE"
'';
};
in
{
sops.secrets."invidious" = { mode = "0444"; };
sops.secrets."invidious-rotator-env" = { mode = "0444"; };
cloud.postgresql.databases = [ "invidious" ];
cloud.traefik.hosts.invidious = { host = "invi.dtth.ch"; port = 61191; };
services.invidious = {
enable = true;
package = pkgs.unstable.invidious;
domain = "invi.dtth.ch";
port = 61191;
extraSettingsFile = config.sops.secrets.invidious.path;
settings = {
db.user = "invidious";
db.dbname = "invidious";
external_port = 443;
https_only = true;
hsts = false;
@ -25,4 +53,20 @@
# captions = [ "en" "vi" "de" "fr" ];
};
};
systemd.timers.smart-ipv6-rotator = {
description = "Rotate ipv6 routes to Google";
timerConfig = { OnCalendar = "*-*-* 00,06,12,18:00:00"; };
wantedBy = [ "invidious.service" ];
unitConfig = { };
};
systemd.services.smart-ipv6-rotator = {
serviceConfig = {
Type = "oneshot";
ExecStart = "${ipv6-rotator}/bin/smart-ipv6-rotator run";
EnvironmentFile = [
config.sops.secrets.invidious-rotator-env.path
];
};
};
}

6
nki-personal-do/secrets/secrets.yaml
View file

@ -36,6 +36,8 @@ matrix-synapse-dtth:
appservice-discord: ENC[AES256_GCM,data:lAAEa6ltXi29+POrG87bMAvv8du3DiGYl8f7npqW0ga3YgrvofgYnC8QJUyznIQ3Ye9yWxzjzaClu7viFgkN0yIXlpENIOcSTrdlMgg5mdJ8f9elltp/VPiwVimubPa8QnpLNRy/NAEVpDFygw9VOM+Fu203M/pofK0qX6NfO9PeQGma1iKQeMKrV/6RwjF+70rnTMEhO0PCyTl2PEwZiDtkxgI7Yyl37p8bUuJ4YZ5MhZN94lODb+toPaN29BZT4q23VrJmxiW3VEeJj+tEmx4X+KeCO5AArtPl9YOkoRt/uSRKljsf109AIiclRj0wITqOx/QL2qntFuAidxTm8MoJQ6eoq/bwQp/BUpPubIMeY+z2b8XIgZGZSPZMdaObvaqDFdMLq7GW61GxYKFgNxHYA4uhndbE5VDNkcFkw4FEC5x40fwqGaunmqvAdb3p4I9EhlQ28e5S+hX1FFrMHjsJWlnjSySDRjCodJMtep19J+qVVgyf5A==,iv:PBo7+OSqBGxI7DzUpclcGWEFwTpcNqySRJzqHu7medU=,tag:fi06xru3e92WfqOJxHXd2w==,type:str]
#ENC[AES256_GCM,data:iOzQ7k/EJPjMhjdl4do0VZ0UblYW/oKzGHfdghJ7BR/QiLD5QVfwPmN7gctVftD1wAveOvdAl9s93cDBLAF5eVCi/gfTBrXJ3MKvAZ8vCEVQtdlZl37GrDCsV54EHt7I3d6F6nX9EAG0cF/pT25JyFqGDRgFUJVDPUVG7x8tr+q38BjWgNHRXQ==,iv:VOwPsPU/9jx6MAnnnS1d1JAAfKfdFqq5G64AHqJuG9A=,tag:iw11y5UXxEPxeGhykoHVkw==,type:comment]
vaultwarden-env: ENC[AES256_GCM,data:Cj1CWuPB8Tc/8E1suAoAw5MK8egzy5KLTIyIAkRuVVRNmjiBq0wEw23m4/VKz4Pq/FmUj6BGyLD0zXTp9AMlGugaDDlyihmCTt0FJOCaG3g0vrLfTY5jGnZCNR1B3fX3kf/yI/nvQsl8OqsKkTf66YznzUWtetKGa0KZICmvq/HW9Cjh+Q==,iv:Q2zGh84hPwthPeMsZbYgpZu2br2rWtaG6rcsKjtlUvQ=,tag:IllbcJz91qg08IFU1vnMWA==,type:str]
invidious: ENC[AES256_GCM,data:pCRlBaHRJyOHj2t04V6DkGVAPuAc8hz+Sn24nQ3IvcXNIdaYijpy,iv:ZPrP6guN7oyOfys7tmIAX1M86cpHUwp9wh3OSHdPSHM=,tag:oxo2TZk/UOB0xKlpapNCVg==,type:str]
invidious-rotator-env: ENC[AES256_GCM,data:Q5c/sga+Nn0C7bKkTphob3tWNvKE1Zz0CIbXIayc73cfEsUgOIZdrm8BlAW7,iv:f0ccZsjNJ9UQCcfN/lZQdtxSg9ADFuykb8qw07c1xFI=,tag:4mUzgOHOE16FPhSTlbx+Rw==,type:str]
sops:
kms: []
gcp_kms: []
@ -69,8 +71,8 @@ sops:
by9kZFlTRVdCZFkxYTVVb0RIRk8zUlkKCqMw9oL9RaYBV5Hhy3o8Nm5xmGrPH8Sd
hv36sxRFFNZT/DCKaHaSRbT3mfpBZSTXJt1dgl4nZe6whH54t/1KmA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-08-09T07:39:16Z"
mac: ENC[AES256_GCM,data:xljlzQbsRf+JRlL/N/DEW6rta392Yk/DzKN5goyJlMuAZq56E1GQYSflS2bKQQlEIKv+y/jzsFPQpe2qeIdNhvjb2c6G/WjvBiodYZ4O5tnih9Aou86H1zr3qdtc55ovgOg3WwzKJhe1KAeAPXn7T+7xSpZ3ATrN0Pe0r+r/IjY=,iv:EmpuS5jv8jBXouwsDH8MpmeRvhJoF1rDDdc79/euzYg=,tag:II4M1FrS6foUiKe55cOpfQ==,type:str]
lastmodified: "2023-10-15T20:36:24Z"
mac: ENC[AES256_GCM,data:zdcVJ+DQANfuQIu+i1gh+Y+mTGU6sY4Uqt6TZtHQvrPu2M+I0kP2j34UCy8buRIr0vM0bpCG6WVVnYzsT5h/WHTf640oFvDXjYcowDXrGIEmJjay4sPqTx62u/KEz1VKvINNk2woJ4K5th5EVXF3JPXJfxnACfxab0FLDpNNqtY=,iv:Hj1+lCmHU9teZsLN2fif814XrWTd3aqGNaIUWiEIeds=,tag:8HhunlHljvAxO5aiB/7w5Q==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3