89 lines
2.6 KiB
Nix
89 lines
2.6 KiB
Nix
# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
{ depot, pkgs, config, ... }:
|
|
{
|
|
imports = [
|
|
../lib/bvm.nix
|
|
];
|
|
|
|
# Networking!
|
|
networking = {
|
|
hostName = "bvm-twitterchiver";
|
|
hostId = "c7ff157c";
|
|
|
|
interfaces.enp1s0 = {
|
|
ipv4.addresses = [{ address = "10.100.0.201"; prefixLength = 23; }];
|
|
};
|
|
};
|
|
my.ip.tailscale = "100.119.86.55";
|
|
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6277:5637";
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_14;
|
|
ensureDatabases = [
|
|
"twitterchiver"
|
|
];
|
|
ensureUsers = [{
|
|
name = "twitterchiver";
|
|
}];
|
|
};
|
|
services.postgresqlBackup.enable = true;
|
|
|
|
users.groups.twitterchiver = {};
|
|
users.users.twitterchiver = {
|
|
home = "/srv/twitterchiver";
|
|
isSystemUser = true;
|
|
createHome = true;
|
|
group = "twitterchiver";
|
|
};
|
|
|
|
systemd.services.twitterchiver-viewer = {
|
|
description = "Twitterchiver Viewer";
|
|
wants = ["network-online.target"];
|
|
wantedBy = ["multi-user.target"];
|
|
serviceConfig = {
|
|
ExecStart = "${depot.go.twitterchiver.viewer}/bin/viewer --user_to_twitter=lukegb@lukegb.com:lukegb,bgekul";
|
|
EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
|
|
WorkingDirectory = "${depot.go.twitterchiver.viewer}/share";
|
|
User = "twitterchiver";
|
|
Restart = "always";
|
|
};
|
|
};
|
|
systemd.services.twitterchiver-relatedfetcher = {
|
|
description = "Twitterchiver Related-Fetcher";
|
|
wants = ["network-online.target"];
|
|
wantedBy = ["multi-user.target"];
|
|
serviceConfig = {
|
|
ExecStart = "${depot.go.twitterchiver.relatedfetcher}/bin/relatedfetcher --media_work_at_once 100 --media_tick_interval 10s";
|
|
EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
|
|
User = "twitterchiver";
|
|
Restart = "always";
|
|
};
|
|
};
|
|
systemd.services.twitterchiver-archiver = {
|
|
description = "Twitterchiver Archiver";
|
|
wants = ["network-online.target"];
|
|
wantedBy = ["multi-user.target"];
|
|
serviceConfig = {
|
|
ExecStart = "${depot.go.twitterchiver.archiver}/bin/archiver";
|
|
EnvironmentFile = config.my.vault.secrets.twitterchiver-environment.path;
|
|
User = "twitterchiver";
|
|
Restart = "always";
|
|
};
|
|
};
|
|
|
|
my.vault.secrets.twitterchiver-environment = {
|
|
restartUnits = ["twitterchiver-viewer.service" "twitterchiver-relatedfetcher.service" "twitterchiver-archiver.service"];
|
|
group = "root";
|
|
template = ''
|
|
{{ with secret "kv/apps/twitterchiver" }}
|
|
{{ .Data.data.environment }}
|
|
{{ end }}
|
|
'';
|
|
};
|
|
|
|
system.stateVersion = "21.05";
|
|
}
|