pyrox.dev / nix
My Nix Configuration
fork atom
nix / hosts / marvin / services / pinchflat.nix
at main 1.1 kB view raw
1{ 2 config, 3 lib, 4 self, 5 ... 6}: 7let 8 cfg = config.services.pinchflat; 9 age = config.age.secrets; 10 d = self.lib.data.services.pinchflat; 11in 12{ 13 services.pinchflat = { 14 enable = true; 15 inherit (d) port; 16 secretsFile = age.pinchflat-secrets.path; 17 mediaDir = "/var/media/youtube"; 18 extraConfig = { 19 YT_DLP_WORKER_CONCURRENCY = 2; 20 }; 21 }; 22 systemd.services.pinchflat = lib.mkIf cfg.enable { 23 serviceConfig = { 24 DynamicUser = lib.mkForce false; 25 User = lib.mkForce "pinchflat"; 26 Group = lib.mkForce "pinchflat"; 27 }; 28 }; 29 users.users.pinchflat = lib.mkIf cfg.enable { 30 isSystemUser = true; 31 group = "pinchflat"; 32 }; 33 users.groups.pinchflat = lib.mkIf cfg.enable { }; 34 age.secrets = lib.mkIf cfg.enable { 35 pinchflat-secrets = { 36 owner = "pinchflat"; 37 group = "pinchflat"; 38 file = ./secrets/pinchflat-secrets.age; 39 }; 40 }; 41 # BGUtil Docker Container for yt-dlp 42 virtualisation.oci-containers.containers.ytdlp-bgutil-provider = lib.mkIf cfg.enable { 43 image = "brainicism/bgutil-ytdlp-pot-provider"; 44 ports = [ 45 "4416:4416" 46 ]; 47 }; 48}