arch/infra
arch/infra
1
0
Fork 0
Code Actions Packages Activity
infra/homelab/piped.nix

70 lines
2.2 KiB
Nix
Raw Blame History

{ lib, config, kubenix, ... }: {
kubernetes.helm.releases.piped = {
namespace = "default";
chart = kubenix.lib.helm.fetch {
repo = "https://helm.piped.video";
chart = "piped";
version = "5.0.0";
sha256 = "wfw0e37q52VW+bUMBmXILwUM0F1O1cH7Jk+6tmLAcS8=";
};
values = {
postgresql.enabled = false;
backend.config = {
FRONTEND_URL = "https://piped.gmem.ca";
API_URL = "https://pipedapi.gmem.ca";
PROXY_PART = "https://ytproxy.gmem.ca";
database.connection_url = "jdbc:postgresql://hippo-primary.default.svc:5432/piped";
database.secret = {
name = "hippo-pguser-piped";
username = "user";
password = "password";
};
};
fontend.env.BACKEND_HOSTNAME= "pipedapi.gmem.ca";
ingress = {
main = {
tls = [ { hosts = [ "piped.gmem.ca" ]; secretName = "gmem-ca-wildcard"; } ];
hosts = [
{ host = "piped.gmem.ca"; paths = [ { path = "/"; } ]; }
];
};
backend = {
tls = [ { hosts = [ "pipedapi.gmem.ca" ]; secretName = "gmem-ca-wildcard"; } ];
hosts = [
{ host = "pipedapi.gmem.ca"; paths = [ { path = "/"; } ]; }
];
};
ytproxy = {
tls = [ { hosts = [ "ytproxy.gmem.ca" ]; secretName = "gmem-ca-wildcard"; } ];
hosts = [
{ host = "ytproxy.gmem.ca"; paths = [ { path = "/"; } ]; }
];
};
};
};
};
kubernetes.resources.cronJobs.piped-refresh.spec = {
schedule = "*/5 * * * *";
jobTemplate.spec.template.spec = {
restartPolicy = "Never";
containers.refresh-subscriptions = {
image = "alpine:3.15";
envFrom = [ { secretRef.name = "hippo-pguser-piped"; } ];
command = [
"/bin/ash"
"-c"
''
apk --no-cache add postgresql-client curl &&
export PGPASSWORD=$password &&
export subs=$(psql -U piped -h hippo-primary.default.svc -qtAX -c 'select id from public.pubsub;') &&
while IFS= read -r line; do
curl -k "https://pipedapi.gmem.ca/channel/$line" > /dev/null
done < <(printf '%s' "$subs")
''
];
};
};
};
}
View git blame Copy permalink