remove(technitium,invidious): remove all containered services from config

2025-06-20 15:44:29 +02:00 · 2025-06-20 15:44:29 +02:00 · b32f5d48d8
commit b32f5d48d8
parent ebbf8dcfb1
12 changed files with 0 additions and 339 deletions
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/annotations.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/annotations.sql
@ -1,12 +0,0 @@
 -- Table: public.annotations
 -- DROP TABLE public.annotations;
 CREATE TABLE IF NOT EXISTS public.annotations
 (
  id text NOT NULL,
  annotations xml,
  CONSTRAINT annotations_id_key UNIQUE (id)
 );
 GRANT ALL ON TABLE public.annotations TO current_user;
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/channel_videos.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/channel_videos.sql
@ -1,30 +0,0 @@
 -- Table: public.channel_videos
 -- DROP TABLE public.channel_videos;
 CREATE TABLE IF NOT EXISTS public.channel_videos
 (
  id text NOT NULL,
  title text,
  published timestamp with time zone,
  updated timestamp with time zone,
  ucid text,
  author text,
  length_seconds integer,
  live_now boolean,
  premiere_timestamp timestamp with time zone,
  views bigint,
  CONSTRAINT channel_videos_id_key UNIQUE (id)
 );
 GRANT ALL ON TABLE public.channel_videos TO current_user;
 -- Index: public.channel_videos_ucid_idx
 -- DROP INDEX public.channel_videos_ucid_idx;
 CREATE INDEX IF NOT EXISTS channel_videos_ucid_idx
  ON public.channel_videos
  USING btree
  (ucid COLLATE pg_catalog."default");
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/channels.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/channels.sql
@ -1,25 +0,0 @@
 -- Table: public.channels
 -- DROP TABLE public.channels;
 CREATE TABLE IF NOT EXISTS public.channels
 (
  id text NOT NULL,
  author text,
  updated timestamp with time zone,
  deleted boolean,
  subscribed timestamp with time zone,
  CONSTRAINT channels_id_key UNIQUE (id)
 );
 GRANT ALL ON TABLE public.channels TO current_user;
 -- Index: public.channels_id_idx
 -- DROP INDEX public.channels_id_idx;
 CREATE INDEX IF NOT EXISTS channels_id_idx
  ON public.channels
  USING btree
  (id COLLATE pg_catalog."default");
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/nonces.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/nonces.sql
@ -1,22 +0,0 @@
 -- Table: public.nonces
 -- DROP TABLE public.nonces;
 CREATE TABLE IF NOT EXISTS public.nonces
 (
  nonce text,
  expire timestamp with time zone,
  CONSTRAINT nonces_id_key UNIQUE (nonce)
 );
 GRANT ALL ON TABLE public.nonces TO current_user;
 -- Index: public.nonces_nonce_idx
 -- DROP INDEX public.nonces_nonce_idx;
 CREATE INDEX IF NOT EXISTS nonces_nonce_idx
  ON public.nonces
  USING btree
  (nonce COLLATE pg_catalog."default");
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/playlist_videos.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/playlist_videos.sql
@ -1,19 +0,0 @@
 -- Table: public.playlist_videos
 -- DROP TABLE public.playlist_videos;
 CREATE TABLE IF NOT EXISTS public.playlist_videos
 (
    title text,
    id text,
    author text,
    ucid text,
    length_seconds integer,
    published timestamptz,
    plid text references playlists(id),
    index int8,
    live_now boolean,
    PRIMARY KEY (index,plid)
 );
 GRANT ALL ON TABLE public.playlist_videos TO current_user;
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/playlists.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/playlists.sql
@ -1,29 +0,0 @@
 -- Type: public.privacy
 -- DROP TYPE public.privacy;
 CREATE TYPE public.privacy AS ENUM
 (
    'Public',
    'Unlisted',
    'Private'
 );
 -- Table: public.playlists
 -- DROP TABLE public.playlists;
 CREATE TABLE IF NOT EXISTS public.playlists
 (
    title text,
    id text primary key,
    author text,
    description text,
    video_count integer,
    created timestamptz,
    updated timestamptz,
    privacy privacy,
    index int8[]
 );
 GRANT ALL ON public.playlists TO current_user;
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/session_ids.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/session_ids.sql
@ -1,23 +0,0 @@
 -- Table: public.session_ids
 -- DROP TABLE public.session_ids;
 CREATE TABLE IF NOT EXISTS public.session_ids
 (
  id text NOT NULL,
  email text,
  issued timestamp with time zone,
  CONSTRAINT session_ids_pkey PRIMARY KEY (id)
 );
 GRANT ALL ON TABLE public.session_ids TO current_user;
 -- Index: public.session_ids_id_idx
 -- DROP INDEX public.session_ids_id_idx;
 CREATE INDEX IF NOT EXISTS session_ids_id_idx
  ON public.session_ids
  USING btree
  (id COLLATE pg_catalog."default");
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/users.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/users.sql
@ -1,29 +0,0 @@
 -- Table: public.users
 -- DROP TABLE public.users;
 CREATE TABLE IF NOT EXISTS public.users
 (
  updated timestamp with time zone,
  notifications text[],
  subscriptions text[],
  email text NOT NULL,
  preferences text,
  password text,
  token text,
  watched text[],
  feed_needs_update boolean,
  CONSTRAINT users_email_key UNIQUE (email)
 );
 GRANT ALL ON TABLE public.users TO current_user;
 -- Index: public.email_unique_idx
 -- DROP INDEX public.email_unique_idx;
 CREATE UNIQUE INDEX IF NOT EXISTS email_unique_idx
  ON public.users
  USING btree
  (lower(email) COLLATE pg_catalog."default");
--- a/modules/nixos/virtualisation/podman/invidious/config/sql/videos.sql
+++ b/modules/nixos/virtualisation/podman/invidious/config/sql/videos.sql
@ -1,23 +0,0 @@
 -- Table: public.videos
 -- DROP TABLE public.videos;
 CREATE UNLOGGED TABLE IF NOT EXISTS public.videos
 (
  id text NOT NULL,
  info text,
  updated timestamp with time zone,
  CONSTRAINT videos_pkey PRIMARY KEY (id)
 );
 GRANT ALL ON TABLE public.videos TO current_user;
 -- Index: public.id_idx
 -- DROP INDEX public.id_idx;
 CREATE UNIQUE INDEX IF NOT EXISTS id_idx
  ON public.videos
  USING btree
  (id COLLATE pg_catalog."default");
--- a/modules/nixos/virtualisation/podman/invidious/default.nix
+++ b/modules/nixos/virtualisation/podman/invidious/default.nix
@ -1,83 +0,0 @@
 {
  lib,
  config,
  namespace,
  ...
 }:
 with lib;
 with lib.${namespace};
 let
  cfg = config.${namespace}.container.invidious;
 in
 {
  options.${namespace}.container.invidious = {
    enable = mkEnableOption "Invidious";
  };
  config = mkIf cfg.enable {
    networking.firewall.allowedTCPPorts = [
      3000
    ];
    sops.secrets.invidious-db = {
      format = "dotenv";
      sopsFile = ../../../../../secrets/invidious-db.env;
      key = "";
    };
    sops.secrets.invidious-config = {
      mode = "666";
      format = "yaml";
      sopsFile = ../../../../../secrets/invidious-config.yaml;
      key = "";
    };
    security.unprivilegedUsernsClone = true;
    virtualisation = {
      podman = {
        enable = true;
        autoPrune = {
          enable = true;
          dates = "weekly";
          flags = [ "--all" ];
        };
        defaultNetwork.settings = {
          dns_enabled = true;
        };
      };
    };
    virtualisation.oci-containers.containers = {
      invidious = {
        image = "quay.io/invidious/invidious:latest";
        hostname = "invidious";
        volumes = [ "/run/secrets/invidious-config:/invidious/config/config.yml" ];
        ports = [
          "192.168.10.3:3000:3000"
          "[fd00:192:168:10::3]:3000:3000"
        ];
        dependsOn = [ "invidious-db" ];
      };
      signature-helper = {
        image = "quay.io/invidious/inv-sig-helper:latest";
        hostname = "signature-helper";
        cmd = [
          "--tcp"
          "0.0.0.0:12999"
        ];
      };
      invidious-db = {
        image = "docker.io/library/postgres:14";
        hostname = "invidious-db";
        volumes = [
          "postgresdata:/var/lib/postgresql/data"
          "${config.flakeRoot}/modules/nixos/virtualisation/podman/invidious/config/sql:/config/sql"
          "${config.flakeRoot}/modules/nixos/virtualisation/podman/invidious/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh"
        ];
        environmentFiles = [ /run/secrets/invidious-db ];
      };
    };
  };
 }
--- a/modules/nixos/virtualisation/podman/invidious/init-invidious-db.sh
+++ b/modules/nixos/virtualisation/podman/invidious/init-invidious-db.sh
@ -1,12 +0,0 @@
 #!/bin/bash
 set -eou pipefail
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/channels.sql
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/videos.sql
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/channel_videos.sql
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/users.sql
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/session_ids.sql
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/nonces.sql
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/annotations.sql
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/playlists.sql
 psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/playlist_videos.sql
--- a/modules/nixos/virtualisation/podman/technitium/default.nix
+++ b/modules/nixos/virtualisation/podman/technitium/default.nix
@ -1,32 +0,0 @@
 {
  lib,
  config,
  namespace,
  ...
 }:
 with lib;
 with lib.${namespace};
 let
  cfg = config.${namespace}.container.technitium;
 in
 {
  options.${namespace}.container.technitium = {
    enable = mkEnableOption "Technitium";
  };
  config = mkIf cfg.enable {
    virtualisation.oci-containers.containers.technitium = {
      image = "technitium/dns-server";
      hostname = "blarm-dns";
      ports = [
        "192.168.1.202:5380:5380"
        "192.168.1.202:53:53"
        "192.168.1.202:53:53/udp"
        "[fd00:192:168:1::202]:53:53"
        "[fd00:192:168:1::202]:53:53/udp"
        "[fd00:192:168:1::202]:5380:5380"
      ];
      volumes = [ "config:/etc/dns" ];
    };
  };
 }