98 lines
2.6 KiB
Nix
98 lines
2.6 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
{
|
|
# Invidious - Privacy-focused YouTube frontend
|
|
# Replaces Piped with native NixOS service
|
|
|
|
# Main Invidious service
|
|
services.invidious = {
|
|
enable = true;
|
|
domain = "invidious.cloonar.com";
|
|
port = 3000;
|
|
|
|
# PostgreSQL database configuration
|
|
database = {
|
|
createLocally = true;
|
|
};
|
|
|
|
# Enable nginx reverse proxy with automatic TLS
|
|
nginx.enable = true;
|
|
|
|
# Enable http3-ytproxy for video/image proxying
|
|
# Handles /videoplayback, /vi/, /ggpht/, /sb/ paths
|
|
http3-ytproxy.enable = true;
|
|
|
|
# Signature helper - crashes with current YouTube player format
|
|
# sig-helper = {
|
|
# enable = true;
|
|
# };
|
|
|
|
# Service settings
|
|
settings = {
|
|
# Disable registration - admin user created via init script
|
|
registration_enabled = false;
|
|
|
|
# Disable CAPTCHA (not needed for private instance)
|
|
captcha_enabled = false;
|
|
|
|
# Database configuration
|
|
check_tables = true;
|
|
db = {
|
|
user = "invidious";
|
|
dbname = "invidious";
|
|
};
|
|
|
|
# Optional: Instance customization
|
|
default_home = "Popular";
|
|
feed_menu = [ "Popular" "Trending" "Subscriptions" ];
|
|
|
|
# YouTube compatibility settings
|
|
use_quic = true;
|
|
force_resolve = "ipv4";
|
|
};
|
|
};
|
|
|
|
# Override nginx vhost configuration
|
|
services.nginx.virtualHosts."invidious.cloonar.com" = {
|
|
acmeRoot = null;
|
|
|
|
# Complete http3-ytproxy configuration with proper headers and buffering
|
|
# This overrides the minimal config from the NixOS module
|
|
locations."~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/)" = {
|
|
proxyPass = "http://unix:/run/http3-ytproxy/socket/http-proxy.sock";
|
|
extraConfig = ''
|
|
# Enable buffering for large video files
|
|
proxy_buffering on;
|
|
proxy_buffers 1024 16k;
|
|
proxy_buffer_size 128k;
|
|
proxy_busy_buffers_size 256k;
|
|
|
|
# Use HTTP/1.1 with keepalive for better performance
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Connection "";
|
|
|
|
# Hide headers that might cause issues
|
|
proxy_hide_header Cache-Control;
|
|
proxy_hide_header etag;
|
|
proxy_hide_header "alt-svc";
|
|
|
|
# Optimize for large file transfers
|
|
sendfile on;
|
|
sendfile_max_chunk 512k;
|
|
tcp_nopush on;
|
|
|
|
# Disable access logging for video traffic
|
|
access_log off;
|
|
'';
|
|
};
|
|
};
|
|
|
|
# Firewall configuration for Invidious
|
|
# (nginx handles external access on ports 80/443)
|
|
|
|
# PostgreSQL backup for Invidious database
|
|
services.postgresqlBackup = {
|
|
databases = [ "invidious" ];
|
|
};
|
|
}
|