arch/infra
arch/infra
1
0
Fork 0
Code Actions Packages Activity
infra/homelab/piped.nix

100 lines
2.6 KiB
Nix
Raw Blame History

{
lib,
config,
kubenix,
...
}: {
kubernetes.helm.releases.piped = {
namespace = "default";
chart = kubenix.lib.helm.fetch {
repo = "https://helm.piped.video";
chart = "piped";
version = "5.0.0";
sha256 = "wfw0e37q52VW+bUMBmXILwUM0F1O1cH7Jk+6tmLAcS8=";
};
values = {
postgresql.enabled = false;
backend.config = {
FRONTEND_URL = "https://piped.gmem.ca";
API_URL = "https://pipedapi.gmem.ca";
PROXY_PART = "https://ytproxy.gmem.ca";
database.connection_url = "jdbc:postgresql://hippo-primary.default.svc:5432/piped";
database.secret = {
name = "hippo-pguser-piped";
username = "user";
password = "password";
};
};
fontend.env.BACKEND_HOSTNAME = "pipedapi.gmem.ca";
ingress = {
main = {
tls = [
{
hosts = ["piped.gmem.ca"];
secretName = "gmem-ca-wildcard";
}
];
hosts = [
{
host = "piped.gmem.ca";
paths = [{path = "/";}];
}
];
};
backend = {
tls = [
{
hosts = ["pipedapi.gmem.ca"];
secretName = "gmem-ca-wildcard";
}
];
hosts = [
{
host = "pipedapi.gmem.ca";
paths = [{path = "/";}];
}
];
};
ytproxy = {
tls = [
{
hosts = ["ytproxy.gmem.ca"];
secretName = "gmem-ca-wildcard";
}
];
hosts = [
{
host = "ytproxy.gmem.ca";
paths = [{path = "/";}];
}
];
};
};
};
};
kubernetes.resources.cronJobs.piped-refresh.spec = {
schedule = "*/10 * * * *";
jobTemplate.spec.template.spec = {
restartPolicy = "Never";
containers.refresh-subscriptions = {
image = "alpine:3.15";
envFrom = [{secretRef.name = "hippo-pguser-piped";}];
command = [
"/bin/ash"
"-c"
''
apk --no-cache add postgresql-client curl &&
export PGPASSWORD=$password &&
export subs=$(psql -U piped -h hippo-primary.default.svc -qtAX -c 'select id from public.pubsub;') &&
while IFS= read -r line; do
echo "refreshing $line"
curl -k -S -s -o /dev/null "https://pipedapi.gmem.ca/channel/$line"
done < <(printf '%s' "$subs")
''
];
};
};
};
}
View git blame Copy permalink