Skip to content

Commit

Permalink
feat: add po_token and visitor_data to invidious
Browse files Browse the repository at this point in the history 
Been having some invidious issues. So going to try to add `po_token` and
`visitor_data` to the config to smooth things out. 

NOTE: There are privacy implications here. Going to eat it for now.

Also kudos to whoever made the services.invidious.extraSettingsFile
option. You are my hero.
  • Loading branch information
@ajaxbits
ajaxbits committed Sep 24, 2024
1 parent 8eb4b88 commit 4441b32
Show file tree
Hide file tree
Showing 3 changed files with 67 additions and 31 deletions.
95 changes: 64 additions & 31 deletions components/mediacenter/invidious/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,65 +1,98 @@
{
lib,
config,
self,
pkgsUnstable,
...
}: let
}:
let
inherit (lib) mkIf optionalString;

cfg = config.components.mediacenter.invidious;
caddyEnabled = config.components.caddy.enable;
in {

user = "invidious";
group = user;
in
{
config = mkIf cfg.enable {
services.invidious = {
enable = true;
package = pkgsUnstable.invidious;

domain = optionalString caddyEnabled "yt.ajax.casa";
address =
if caddyEnabled
then "127.0.0.1"
else "0.0.0.0";
address = if caddyEnabled then "127.0.0.1" else "0.0.0.0";
port = 3111;

settings = {
db.user = "invidious";
db.user = user;
https_only = caddyEnabled;
external_port = optionalString caddyEnabled 443;
popular_enabled = false;
};

extraSettingsFile = config.age.secrets."invidious/config.extra.yml".path;

http3-ytproxy = {
enable = true;
package = pkgsUnstable.http3-ytproxy;
};
};

systemd.services.http3-ytproxy = {
serviceConfig.User = mkIf caddyEnabled config.services.caddy.user;
environment.DISABLE_WEBP = "1";
systemd.services = {
http3-ytproxy = {
serviceConfig.User = mkIf caddyEnabled config.services.caddy.user;
environment.DISABLE_WEBP = "1";
};
invidious.serviceConfig = {
User = user;
Group = group;
};
};

users.users.${user} = {
inherit group;
isSystemUser = true;
};
users.groups.${group} = { };

services.caddy.virtualHosts = mkIf caddyEnabled (
let
inherit (config.services.invidious) address domain port;
in
{
"https://${domain}".extraConfig = ''
encode gzip zstd
reverse_proxy http://${address}:${toString port}
import cloudflare
services.caddy.virtualHosts = mkIf caddyEnabled (let
inherit (config.services.invidious) address domain port;
in {
"https://${domain}".extraConfig = ''
encode gzip zstd
reverse_proxy http://${address}:${toString port}
import cloudflare
log {
output discard
}
@ytproxy path_regexp ytproxy ^/videoplayback|^/vi/|^/ggpht/|^/sb/
reverse_proxy @ytproxy unix//run/http3-ytproxy/socket/http-proxy.sock {
header_up X-Forwarded-For ""
header_up CF-Connecting-IP ""
header_down -alt-svc
header_down -Cache-Control
header_down -etag
header_down Cache-Control "private"
transport http {
versions 1.1
}
}
'';
});
@ytproxy path_regexp ytproxy ^/videoplayback|^/vi/|^/ggpht/|^/sb/
reverse_proxy @ytproxy unix//run/http3-ytproxy/socket/http-proxy.sock {
header_up X-Forwarded-For ""
header_up CF-Connecting-IP ""
header_down -alt-svc
header_down -Cache-Control
header_down -etag
header_down Cache-Control "private"
transport http {
versions 1.1
}
}
'';
}
);

age.secrets = {
"invidious/extraSettingsFile" = {
file = "${self}/secrets/invidious/extraSettingsFile.age";
mode = "440";
owner = user;
inherit group;
};
};
};
}
Binary file added secrets/invidious/extraSettingsFile.age
View file
Binary file not shown.
3 changes: 3 additions & 0 deletions secrets/secrets.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@ in {
# immich
"immich/.env.age".publicKeys = allKeys;

# invidious
"invidious/extraSettingsFile.age".publicKeys = allKeys;

# libation
"libation/Settings.json.age".publicKeys = allKeys;
"libation/AccountsSettings.json.age".publicKeys = allKeys;
Expand Down

0 comments on commit 4441b32

Please sign in to comment.