systems/x86_64-linux/marvin/services/pinchflat.nix at ec64701c852fef17653bcc1034443dab720a0cd0 · pyrox.dev/nix

pyrox.dev / nix

My Nix Configuration

nix / systems / x86_64-linux / marvin / services / pinchflat.nix

at ec64701c852fef17653bcc1034443dab720a0cd0 1.1 kB view raw

 1{ config, lib, ... }:
 2let
 3  cfg = config.services.pinchflat;
 4  age = config.age.secrets;
 5  d = lib.py.data.services.pinchflat;
 6in
 7{
 8  services.pinchflat = {
 9    enable = true;
10    port = d.port;
11    secretsFile = age.pinchflat-secrets.path;
12    mediaDir = "/var/media/youtube";
13    extraConfig = {
14      YT_DLP_WORKER_CONCURRENCY = 2;
15    };
16  };
17  systemd.services.pinchflat = lib.mkIf cfg.enable {
18    serviceConfig = {
19      DynamicUser = lib.mkForce false;
20      User = lib.mkForce "pinchflat";
21      Group = lib.mkForce "pinchflat";
22    };
23  };
24  users.users.pinchflat = lib.mkIf cfg.enable {
25    isSystemUser = true;
26    group = "pinchflat";
27  };
28  users.groups.pinchflat = lib.mkIf cfg.enable { };
29  age.secrets = lib.mkIf cfg.enable {
30    pinchflat-secrets = {
31      owner = "pinchflat";
32      group = "pinchflat";
33      file = ./secrets/pinchflat-secrets.age;
34    };
35  };
36  # BGUtil Docker Container for yt-dlp
37  virtualisation.oci-containers.containers.ytdlp-bgutil-provider = lib.mkIf cfg.enable {
38    image = "brainicism/bgutil-ytdlp-pot-provider";
39    ports = [
40      "4416:4416"
41    ];
42  };
43}