diff --git a/modules/server/containers/apps/.todo.md b/modules/server/containers/apps/.todo.md index 77e5685..8f14b24 100644 --- a/modules/server/containers/apps/.todo.md +++ b/modules/server/containers/apps/.todo.md @@ -4,5 +4,4 @@ RSS: TTRSS / FreshRSS Monitoring: Telegraf + InfluxDB https://github.com/tarampampam/error-pages ? -- JellyFin external mkData for config (system.xml) - Transmission Cfg and API/Token handling diff --git a/modules/server/containers/apps/invidious.nix b/modules/server/containers/apps/invidious.nix index 76c4f77..cd18ef2 100644 --- a/modules/server/containers/apps/invidious.nix +++ b/modules/server/containers/apps/invidious.nix @@ -2,15 +2,32 @@ let serverCfg = config.syscfg.server; - invidiousImage = pkgs.dockerTools.pullImage { - imageName = "quay.io/invidious/invidious"; - imageDigest = "sha256:7b5cfca1b369cbb87a6c983a54d588cb375ff60c6d71b3e1f0e2f59265f2a1b9"; # Pin tag digest - sha256 = lib.fakeSha256; - }; - companionImage = pkgs.dockerTools.pullImage { - imageName = "quay.io/invidious/inv-sig-helper"; - imageDigest = "sha256:2d150b07b1406b3a0c25a5f1e8e25d6b46efbb12dbfde6125026bc9812a647ad"; - sha256 = lib.fakeSha256; + patchedInvidious = pkgs.invidious.overrideAttrs (oldAttrs: { + # If using a standard .patch file: + # patches = (oldAttrs.patches or []) ++ [ ./your-file-replacement.patch ]; + + postPatch = (oldAttrs.postPatch or "") + '' + cp ${../data/invidious/login.cr} src/invidious/routes/login.cr + ''; + }); + + image = pkgs.dockerTools.streamLayeredImage { + name = "invidious-custom"; + tag = "1.0.0"; + # Include both patched invidious and companion/helper packages + contents = [ + patchedInvidious + pkgs.inv-sig-helper # The companion signature helper tool + pkgs.bashInteractive + ]; + config = { + # Point to your custom invidious binary location + Entrypoint = [ "${patchedInvidious}/bin/invidious" ]; + Cmd = [ "--config" "/etc/invidious/config.yml" ]; + ExposedPorts = { + "3000/tcp" = {}; # Default Invidious web UI port + }; + }; }; in { @@ -32,16 +49,39 @@ in { INVIDIOUS_PORT = "3000"; INVIDIOUS_COMPANION_KEY = "\${INVIDIOUS_KEY}"; INVIDIOUS_DOMAIN = "${containerCfg.subdomain}.${serverCfg.domain}"; + # INVIDIOUS_CONFIG: | + # channel_threads: 1 + # check_tables: true + # feed_threads: 1 + # hmac_key: 1058f1474503055f8663dd99dbae561b9a5b3f1e + # db: + # dbname: invidious + # user: kemal + # password: xXrmHRHXcZLF2yDhF2ER4LhZ7FDgW5fb + # host: postgres_inv + # port: 5432 + # full_refresh: false + # https_only: true + # domain: yt.helcel.net + # external_port: 80 + # invidious_companion: + # - private_url: "http://invidious-companion:8282/companion" + # invidious_companion_key: "fee4cai" + + # visitor_data: CgtzS3RSVUN + # po_token: MnR6UWTyMu4mYnppjHRmSLk #registration_enabled: false }; }; companion = builder.mkContainer { - imageStream = companionImage; - port = 12999; - overrides = { - cmd = [ "--tcp" "0.0.0.0:12999" ]; - }; + image = "quay.io/invidious/invidious-companion:latest"; + port = 8282; + # - SERVER_SECRET_KEY=fee4caePhoVohjei + # cap_drop: + # - ALL + # security_opt: + # - no-new-privileges:true }; }; } \ No newline at end of file diff --git a/modules/server/containers/apps/miniflux.nix b/modules/server/containers/apps/miniflux.nix new file mode 100644 index 0000000..e69de29 diff --git a/modules/server/containers/data/invidious/login.cr b/modules/server/containers/data/invidious/login.cr new file mode 100644 index 0000000..e69de29