From dcc84756ab606b359d023100979d200c164501b2 Mon Sep 17 00:00:00 2001 From: uku Date: Mon, 17 Mar 2025 11:33:27 +0100 Subject: [PATCH] feat(systems/vesuvio): add nitter instance --- secrets/secrets.nix | 1 + secrets/vesuvio/nitterAccounts.age | 16 ++++++++++++ systems/vesuvio/default.nix | 1 + systems/vesuvio/nitter.nix | 42 ++++++++++++++++++++++++++++++ 4 files changed, 60 insertions(+) create mode 100644 secrets/vesuvio/nitterAccounts.age create mode 100644 systems/vesuvio/nitter.nix diff --git a/secrets/secrets.nix b/secrets/secrets.nix index e6e9799..10c2df9 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -48,4 +48,5 @@ in "vesuvio/maddyEnv.age".publicKeys = main ++ [ vesuvio ]; "vesuvio/rspamdPassword.age".publicKeys = main ++ [ vesuvio ]; "vesuvio/roundcubeDbPass.age".publicKeys = main ++ [ vesuvio ]; + "vesuvio/nitterAccounts.age".publicKeys = main ++ [ vesuvio ]; } diff --git a/secrets/vesuvio/nitterAccounts.age b/secrets/vesuvio/nitterAccounts.age new file mode 100644 index 0000000..1ea1665 --- /dev/null +++ b/secrets/vesuvio/nitterAccounts.age @@ -0,0 +1,16 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6bTRydmdWOElIN1BqU2pG +TUtQcGZTWU9nVDdVbGNmK0I2cWRFcDE3QVNrCmV6OXg0ang5WlVPWnZoVE5JQzFU +OGd3b0dzTCt5Y1ZJWmJKbGYrM1JVaDQKLT4gWDI1NTE5IGEyYm1hNHZqNTc0dGhK +SitXaW1EUXJ6RmIzYVZrck8zbDA3bE01TVNOQlEKdkZYTWwxVjYyd0pWZGxqa3M4 +K29kaDVoeWxMRGJMcWE5ZnZnZW1QaExZVQotPiBYMjU1MTkgQmxhTEIyRHFyeEN0 +WWpOUVgyUjVQMEtuVSszZXNqMUNGditydm5pRUlTOAp1cFR5V2NRbS9PK3ZxSWlH +TklCaVFjYnFLS3RsSkZIT0JxWTVnclJrS1RBCi0+IFgyNTUxOSB5MlRNUEprZGNj +NGhwUGFUYmVwM2lsdmc3OEF6ampzdFFCV2Y3dS95aEdNClV4cHVEVEFzcXkwSXN2 +d1FWWHNJKzF2aVpzdkRxWlZjZHpQZWhqR3dwV3cKLS0tIDdCdDduZ1UzTHFDK0dK +U1BJSlJaUWhpVVR4QjBEQnV0d0FDckdDWDU2R2MKuZJNT8ka9/mba5qEY+Ml7iR4 +1jnx4wr+5f+OFF1SwVvwGYXwvspWS37vf4NjrQIyoRo8dw5bDbYo39ECe/zMzWIV +Bxx0RLrcR19RX6IAOwpISt3R5Scpz6BttmBC2QIDF1zeVMkmbK2shPWl+IfuGdFU +3RM4IYs+8oOyNMUm2oajymItTcfCE4VE6msedvUv/n+1F0lYVH7DRXXAjh3J/OWD +jRVcDPVzug1vD/o= +-----END AGE ENCRYPTED FILE----- diff --git a/systems/vesuvio/default.nix b/systems/vesuvio/default.nix index b2037b6..cf0e458 100644 --- a/systems/vesuvio/default.nix +++ b/systems/vesuvio/default.nix @@ -7,6 +7,7 @@ ./hetzner.nix ./mail ./nginx.nix + ./nitter.nix ]; environment.systemPackages = with pkgs; [ diff --git a/systems/vesuvio/nitter.nix b/systems/vesuvio/nitter.nix new file mode 100644 index 0000000..74ae5fa --- /dev/null +++ b/systems/vesuvio/nitter.nix @@ -0,0 +1,42 @@ +{ + pkgs, + config, + _utils, + ... +}: +let + accounts = _utils.setupSingleSecret config "nitterAccounts" { }; + + nitterUpdated = pkgs.nitter.overrideAttrs { + version = "0-unstable-2025-02-26"; + src = pkgs.fetchFromGitHub { + owner = "zedeus"; + repo = "nitter"; + rev = "41fa47bfbf3917e9b3ac4f7b49c89a75a7a2bd44"; + hash = "sha256-cmYlmzCJl1405TuYExGw3AOmjdY0r7ObmmLCAom+Fyw="; + }; + }; +in +{ + imports = [ accounts.generate ]; + + services.nitter = { + enable = true; + package = nitterUpdated; + guestAccounts = accounts.path; + server = { + hostname = "nit.uku.moe"; + port = 8081; + }; + }; + + systemd.services.nitter.environment = { + NITTER_SESSIONS_FILE = "%d/guestAccountsFile"; + }; + + services.nginx.virtualHosts."nit.uku.moe" = { + forceSSL = true; + enableACME = true; + locations."/".proxyPass = "http://localhost:8081"; + }; +}