BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nixos/invidious: add option to configure http3-ytproxy for invidious

Browse source
This commit is contained in:
Sophie Tauchert 2023-11-06 17:54:28 +01:00
parent 5e320dba22
commit ac5c1886fd
No known key found for this signature in database
GPG key ID: 52701DE5F5F51125
2 changed files with 67 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
nixos/modules/services/web-apps/invidious.nix
View file

@ -171,6 +171,34 @@ let
};
};
ytproxyConfig = lib.mkIf cfg.http3-ytproxy.enable {
systemd.services.http3-ytproxy = {
description = "HTTP3 ytproxy for Invidious";
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
script = ''
mkdir -p socket
exec ${lib.getExe cfg.http3-ytproxy.package};
'';
serviceConfig = {
RestartSec = "2s";
DynamicUser = true;
User = lib.mkIf cfg.nginx.enable config.services.nginx.user;
RuntimeDirectory = "http3-ytproxy";
WorkingDirectory = "/run/http3-ytproxy";
};
};
services.nginx.virtualHosts.${cfg.domain} = lib.mkIf cfg.nginx.enable {
locations."~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/)" = {
proxyPass = "http://unix:/run/http3-ytproxy/socket/http-proxy.sock";
};
};
};
nginxConfig = lib.mkIf cfg.nginx.enable {
services.invidious.settings = {
https_only = config.services.nginx.virtualHosts.${cfg.domain}.forceSSL;
@ -348,11 +376,28 @@ in
which can also be used to disable AMCE and TLS.
'';
};
http3-ytproxy = {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = lib.mdDoc ''
Whether to enable http3-ytproxy for faster loading of images and video playback.
If {option}`services.invidious.nginx.enable` is used, nginx will be configured automatically. If not, you
need to configure a reverse proxy yourself according to
https://docs.invidious.io/improve-public-instance/#3-speed-up-video-playback-with-http3-ytproxy.
'';
};
package = lib.mkPackageOptionMD pkgs "http3-ytproxy" { };
};
};
config = lib.mkIf cfg.enable (lib.mkMerge [
serviceConfig
localDatabaseConfig
nginxConfig
ytproxyConfig
]);
}

22
nixos/tests/invidious.nix
View file

@ -53,6 +53,19 @@ import ./make-test-python.nix ({ pkgs, ... }: {
};
networking.hosts."127.0.0.1" = [ "invidious.example.com" ];
};
nginx-scale-ytproxy.configuration = {
services.invidious = {
nginx.enable = true;
http3-ytproxy.enable = true;
domain = "invidious.example.com";
serviceScale = 3;
};
services.nginx.virtualHosts."invidious.example.com" = {
forceSSL = false;
enableACME = false;
};
networking.hosts."127.0.0.1" = [ "invidious.example.com" ];
};
postgres-tcp.configuration = {
services.invidious = {
database = {
@ -98,6 +111,15 @@ import ./make-test-python.nix ({ pkgs, ... }: {
machine.succeed("journalctl -eu invidious-1.service | grep -o '200 GET /search'")
machine.succeed("journalctl -eu invidious-2.service | grep -o '200 GET /search'")
activate_specialisation("nginx-scale-ytproxy")
machine.wait_for_unit("http3-ytproxy.service")
machine.wait_for_open_port(80)
machine.wait_until_succeeds("ls /run/http3-ytproxy/socket/http-proxy.sock")
curl_assert_status_code("http://invidious.example.com/search", 200)
# this should error out as no internet connectivity is available in the test
curl_assert_status_code("http://invidious.example.com/vi/dQw4w9WgXcQ/mqdefault.jpg", 502)
machine.succeed("journalctl -eu http3-ytproxy.service | grep -o 'dQw4w9WgXcQ'")
postgres_tcp.wait_for_unit("postgresql.service")
activate_specialisation("postgres-tcp")
machine.wait_for_open_port(port)