{ lib, config, kubenix, ... }: { kubernetes.helm.releases.piped = { namespace = "default"; chart = kubenix.lib.helm.fetch { repo = "https://helm.piped.video"; chart = "piped"; version = "5.0.0"; sha256 = "wfw0e37q52VW+bUMBmXILwUM0F1O1cH7Jk+6tmLAcS8="; }; values = { postgresql.enabled = false; backend.config = { FRONTEND_URL = "https://piped.gmem.ca"; API_URL = "https://pipedapi.gmem.ca"; PROXY_PART = "https://ytproxy.gmem.ca"; database.connection_url = "jdbc:postgresql://hippo-primary.default.svc:5432/piped"; database.secret = { name = "hippo-pguser-piped"; username = "user"; password = "password"; }; }; fontend.env.BACKEND_HOSTNAME = "pipedapi.gmem.ca"; ingress = { main = { tls = [ { hosts = ["piped.gmem.ca"]; secretName = "gmem-ca-wildcard"; } ]; hosts = [ { host = "piped.gmem.ca"; paths = [{path = "/";}]; } ]; }; backend = { tls = [ { hosts = ["pipedapi.gmem.ca"]; secretName = "gmem-ca-wildcard"; } ]; hosts = [ { host = "pipedapi.gmem.ca"; paths = [{path = "/";}]; } ]; }; ytproxy = { tls = [ { hosts = ["ytproxy.gmem.ca"]; secretName = "gmem-ca-wildcard"; } ]; hosts = [ { host = "ytproxy.gmem.ca"; paths = [{path = "/";}]; } ]; }; }; }; }; kubernetes.resources.cronJobs.piped-refresh.spec = { schedule = "*/5 * * * *"; jobTemplate.spec.template.spec = { restartPolicy = "Never"; containers.refresh-subscriptions = { image = "alpine:3.15"; envFrom = [{secretRef.name = "hippo-pguser-piped";}]; command = [ "/bin/ash" "-c" '' apk --no-cache add postgresql-client curl && export PGPASSWORD=$password && export subs=$(psql -U piped -h hippo-primary.default.svc -qtAX -c 'select id from public.pubsub;') && while IFS= read -r line; do curl -k "https://pipedapi.gmem.ca/channel/$line" > /dev/null done < <(printf '%s' "$subs") '' ]; }; }; }; }