depot/ops/nixos/bvm-twitterchiver/default.nix

91 lines
2.7 KiB
Nix
Raw Normal View History

# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0
2022-04-09 20:51:24 +00:00
{ depot, pkgs, config, ... }:
{
imports = [
../lib/bvm.nix
];
# Networking!
networking = {
hostName = "bvm-twitterchiver";
hostId = "c7ff157c";
interfaces.enp1s0 = {
ipv4.addresses = [{ address = "10.100.0.201"; prefixLength = 23; }];
};
};
2021-03-28 14:32:16 +00:00
my.ip.tailscale = "100.119.86.55";
2022-09-01 23:22:16 +00:00
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6277:5637";
2021-03-28 22:46:44 +00:00
services.postgresql = {
enable = true;
2021-12-08 02:37:12 +00:00
package = pkgs.postgresql_14;
2021-03-28 22:46:44 +00:00
ensureDatabases = [
"twitterchiver"
];
ensureUsers = [{
name = "twitterchiver";
ensurePermissions = { "DATABASE twitterchiver" = "ALL PRIVILEGES"; };
}];
};
services.postgresqlBackup.enable = true;
users.groups.twitterchiver = {};
users.users.twitterchiver = {
home = "/srv/twitterchiver";
isSystemUser = true;
createHome = true;
group = "twitterchiver";
};
systemd.services.twitterchiver-viewer = {
description = "Twitterchiver Viewer";
wants = ["network-online.target"];
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = "${depot.go.twitterchiver.viewer}/bin/viewer --user_to_twitter=lukegb@lukegb.com:lukegb,bgekul";
2022-04-09 20:51:24 +00:00
EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
2021-03-31 23:38:39 +00:00
WorkingDirectory = "${depot.go.twitterchiver.viewer}/share";
User = "twitterchiver";
Restart = "always";
};
};
systemd.services.twitterchiver-relatedfetcher = {
description = "Twitterchiver Related-Fetcher";
wants = ["network-online.target"];
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = "${depot.go.twitterchiver.relatedfetcher}/bin/relatedfetcher --media_work_at_once 100 --media_tick_interval 10s";
2022-04-09 20:51:24 +00:00
EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
User = "twitterchiver";
Restart = "always";
};
};
systemd.services.twitterchiver-archiver = {
description = "Twitterchiver Archiver";
wants = ["network-online.target"];
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = "${depot.go.twitterchiver.archiver}/bin/archiver";
2022-04-09 20:51:24 +00:00
EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
User = "twitterchiver";
Restart = "always";
};
};
2022-04-09 20:51:24 +00:00
my.vault.secrets.twitterchiver-environment = {
restartUnits = ["twitterchiver-viewer.service" "twitterchiver-relatedfetcher.service" "twitterchiver-archiver.service"];
group = "root";
template = ''
{{ with secret "kv/apps/twitterchiver" }}
{{ .Data.data.environment }}
{{ end }}
'';
};
system.stateVersion = "21.05";
}