# SPDX-FileCopyrightText: 2020 Luke Granger-Brown # # SPDX-License-Identifier: Apache-2.0 { depot, pkgs, config, ... }: { imports = [ ../lib/bvm.nix ]; # Networking! networking = { hostName = "bvm-twitterchiver"; hostId = "c7ff157c"; interfaces.enp1s0 = { ipv4.addresses = [{ address = "10.100.0.201"; prefixLength = 23; }]; }; }; my.ip.tailscale = "100.119.86.55"; my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6277:5637"; services.postgresql = { enable = true; package = pkgs.postgresql_14; ensureDatabases = [ "twitterchiver" ]; ensureUsers = [{ name = "twitterchiver"; ensurePermissions = { "DATABASE twitterchiver" = "ALL PRIVILEGES"; }; }]; }; services.postgresqlBackup.enable = true; users.groups.twitterchiver = {}; users.users.twitterchiver = { home = "/srv/twitterchiver"; isSystemUser = true; createHome = true; group = "twitterchiver"; }; systemd.services.twitterchiver-viewer = { description = "Twitterchiver Viewer"; wants = ["network-online.target"]; wantedBy = ["multi-user.target"]; serviceConfig = { ExecStart = "${depot.go.twitterchiver.viewer}/bin/viewer --user_to_twitter=lukegb@lukegb.com:lukegb,bgekul"; EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path; WorkingDirectory = "${depot.go.twitterchiver.viewer}/share"; User = "twitterchiver"; Restart = "always"; }; }; systemd.services.twitterchiver-relatedfetcher = { description = "Twitterchiver Related-Fetcher"; wants = ["network-online.target"]; wantedBy = ["multi-user.target"]; serviceConfig = { ExecStart = "${depot.go.twitterchiver.relatedfetcher}/bin/relatedfetcher --media_work_at_once 100 --media_tick_interval 10s"; EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path; User = "twitterchiver"; Restart = "always"; }; }; systemd.services.twitterchiver-archiver = { description = "Twitterchiver Archiver"; wants = ["network-online.target"]; wantedBy = ["multi-user.target"]; serviceConfig = { ExecStart = "${depot.go.twitterchiver.archiver}/bin/archiver"; EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path; User = "twitterchiver"; Restart = "always"; }; }; my.vault.secrets.twitterchiver-environment = { restartUnits = ["twitterchiver-viewer.service" "twitterchiver-relatedfetcher.service" "twitterchiver-archiver.service"]; group = "root"; template = '' {{ with secret "kv/apps/twitterchiver" }} {{ .Data.data.environment }} {{ end }} ''; }; system.stateVersion = "21.05"; }