Make akkoma mediaproxy use bunny
This commit is contained in:
parent
b901ea5fb3
commit
574525db3e
GPG key ID:
AB2BD8DAF2E37122
3 changed files with 22 additions and 4 deletions
|
|
@ -7,6 +7,13 @@
|
|||
system,
|
||||
...
|
||||
}: let
|
||||
purge_url_script = pkgs.writeScript "purge-url" ''
|
||||
access_key=$(cat ${config.sops.secrets."services/bunny-key".path})
|
||||
for url in $@; do
|
||||
url=$(echo $url | ${pkgs.python3}/bin/python3 -c "import sys; import urllib.parse; print(urllib.parse.quote(sys.stdin.read().strip()))")
|
||||
${pkgs.curl}/bin/curl -H "Authorization: Bearer $access_key" -X POST "https://api.bunny.net/purge?url=$url&async=false"
|
||||
done
|
||||
'';
|
||||
emoji_set_names = ["volpeon-blobfox-flip" "volpeon-blobfox" "volpeon-bunhd-flip" "volpeon-bunhd" "volpeon-drgn" "volpeon-fox" "volpeon-raccoon" "volpeon-vlpn" "lotte" "caro"];
|
||||
emoji_sets = builtins.listToAttrs (map (name: {
|
||||
inherit name;
|
||||
|
|
@ -141,9 +148,17 @@
|
|||
};
|
||||
":media_proxy" = {
|
||||
enabled = true;
|
||||
base_url = "https://mediaproxy.chir.rs";
|
||||
proxy_opts = {
|
||||
redirect_on_failure = true;
|
||||
};
|
||||
invalidation = {
|
||||
enabled = true;
|
||||
provider = mkRaw "Pleroma.Web.MediaProxy.Invalidation.Script";
|
||||
};
|
||||
};
|
||||
"Pleroma.Web.MediaProxy.Invalidation.Script" = {
|
||||
script_path = "${purge_url_script}";
|
||||
};
|
||||
"Pleroma.Repo" = {
|
||||
adapter = mkRaw "Ecto.Adapters.Postgres";
|
||||
|
|
@ -214,6 +229,7 @@ in {
|
|||
}
|
||||
];
|
||||
sops.secrets."services/akkoma.exs" = {owner = "akkoma";};
|
||||
sops.secrets."services/bunny-key".owner = "akkoma";
|
||||
services.caddy.virtualHosts."akko.chir.rs" = {
|
||||
useACMEHost = "chir.rs";
|
||||
extraConfig = ''
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ security:
|
|||
services:
|
||||
nix:
|
||||
cache-key: ENC[AES256_GCM,data:aLUW21G4ubmxS97LOwvUY+9ovrk02tZwq3D6tSO5tK9DwhySEuquQIHKsmuhsQtuCZRDLPgRh+T1XIKykWxv0S42NhdMGiE6GuRs8SbnEwcYMHwEPwHHMppG38G+EEKmTA==,iv:nm0yWYS8xk2C5mn3lpSEocqmCFOx2rL57euMfcXOXHA=,tag:WXEAMiMS9S/0hKrd63mBLQ==,type:str]
|
||||
bunny-key: ENC[AES256_GCM,data:Jby03Y/0MjzED+fGNn8dLQkVhR9D5mhz8gzkG27hxQ1UezdzhxaPV56fIeCmn8yDespwMLMjEXPiIsM/GFS0y58ctl7OHuEW,iv:3R8+z/KuRaqybs4KbfZtrXiIAMZ5oCIH8tZhFN8MjWs=,tag:VIb442EBs0TlLfwWNvMmng==,type:str]
|
||||
peertube: ENC[AES256_GCM,data:7ZFddxNg4bgXnn56OhcY23aU7Yz6qIyQgOxXg0wDgG7jOyefU2VAQwupmr0OUmD6I1C12gGLv0JymktVSLcZ4pEIhx/cbSmn2dHrWqHDyzp/xRfUYFjTxtc+rKQUpH4vX9hnqC0dx7Hp9/7kIPGQOTkUneg/f9amw2zZlMj/XsuUpzSF5g==,iv:KdaWy211C2H5QTVweLWmE8/r3GV2StTJUE0fXrudo4U=,tag:5WMWhJMgH11byV7EHIHn2w==,type:str]
|
||||
akkoma.exs: ENC[AES256_GCM,data:snEg7wZKp0Oa+tQnZjjeMwUbsFXdFHP2g4UwjPIHit2YYuR7HJQGra6RP+2mnmr9v8rceWyEXx8JQi5zbveT/NAg6Hp9WZ3gI2ClwazchiAeJ35wMHi49AgfSaRIVjDam1EI2uOfxjOUi5nsgTqb5raQDmwFV/NsK8qCUwzHb9oGoaT+PV3kl601Ua6gWWVoB7vX/X5NIxfxx3cTvzYPRdlJqNQUHCHLIrGO6qkeu0iVeJiU8iTCG/7ZFSP5mbO8d/H3LmRQbenPpCYSTdRy1zNwHCk5THtmcoMiytpj8/AmMJS0Yq8JcKST0fdgevU0eV4c6B34ZbRS4hKBG/ppnGy/WnnN1i/R14YP6SPmbsHoYJ/4ksAMS7TvQFnes1HEMoMkM5gwCyoiEV9GLcs/NhWwVxKZnLtb1S/hwYWJ32WnJuQxzcspR+n7dPawD31bxO1sT4tfmRxU3eFtO53g9TkNDLVV8ntZHZlnc6WKOVW6eeVHmrACaJO1zfJpnc6oEAiay5fK0xMRlmLvhZcDu8USHj7IGvaEn5G2HgmDjxmOJeM9T9S5+yZUkfGkbQSAKzPbcXZQdvdepqqHibBNSYgiIvIHojqLUy/cjQwB7Yek13EwsC2KJR2j/IsrdPr6Qef6Cru4aUh1IN+IiBVseo/ohOGKJADf0gGfW4ul84SrAIuMGM+nKN0LFv1XLXXlkSYcBCiyUfwoO0rfeU/a53NZKR+Vk7MvMF3n1DW6KZ3Nlo2/8VMZAgBdPk3AHjpcAYqMMjbuYg8QJ8XKgs2u7f9LmIcVWbmHR48ZdzswUGHGVSb+Uf+/gu2J7sEFFu2vqZb9Kzwglmo1tmN7ZvElU3EsolqVX3ybs/PEOtwIISbfHBFLgiYiUwm0Qu/BoMMRs8mRA6USDRxdCjD4OWeqJ5m6XfZN+qJne+rz1B+FmQo8uXBoVLiGbpymGX4nIGl61rfdfsrAYMtgCPL9xky5BiieSUb8C27/P0XXMp4=,iv:HRszf3GE1/4xFwdWpTF7sz9TIKXO/2Y8j5Qd+Dk3zj0=,tag:iLSSIiOG4m+YuEcfCXyf/g==,type:str]
|
||||
matrix-media-repo:
|
||||
|
|
@ -76,8 +77,8 @@ sops:
|
|||
N1lNTTRhSDFsczd4VjNudUU2NEt4MUEKdVJIJmaoGcwUHa0BGB45jqYnm9aPVZxP
|
||||
dl1vkMx8EAiKhWKbBwQm5fFZcNh371rspGE7KOXmwNbNWef5bVfHpQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-11-27T09:42:45Z"
|
||||
mac: ENC[AES256_GCM,data:qnicU8esh7GytPm4v2PdZ2f8MEL+u/VkSnU/Zutnj+qKBfT91/MVxHV24mX9ozZhvTv/qFv0cl2hhBj4FOY/nnm2xGTJZ9TpkyFy69rg1c860uaqhTu3MnNNtmDAb13ywXNfri9rUG4xqXtJZMnvSUeQHjhns8KXjvC7Aj1Dvrs=,iv:zSpE/1kKLc9fL2mAD2ByZWGqJ1wE6JuxChMifjs1q0c=,tag:o8g+taLxtnZb3mF72sxrbA==,type:str]
|
||||
lastmodified: "2022-12-04T12:33:55Z"
|
||||
mac: ENC[AES256_GCM,data:32UzO0QJVp1YtEaL67k9BCckx3G2E7eX7Sa+MORwidjGCEg2UrEzn15DlBuLKHr/iaZzOO3eQSODnJXBGCv6h5m8WOCFyieCHClC3HpiOGPAaUPSZjx5xD5Lnvaziy6q5sZe7a+3DnQf3G8ajb2YSwB+CsjuRjAulnZJzxvKCQA=,iv:K795ZLX86GekNWlkJUmVZSaclEL3URABH33nD+/TG5E=,tag:R33H43tw1zUta7Pqu1nEWQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-02-02T17:50:42Z"
|
||||
enc: |
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@ with dns.lib.combinators; let
|
|||
SOA = {
|
||||
nameServer = "ns1.chir.rs.";
|
||||
adminEmail = "lotte@chir.rs";
|
||||
serial = 19;
|
||||
serial = 20;
|
||||
};
|
||||
NS = [
|
||||
"ns1.chir.rs."
|
||||
|
|
@ -171,7 +171,7 @@ with dns.lib.combinators; let
|
|||
_keybase.TXT = [
|
||||
(ttl zoneTTL (txt "keybase-site-verification=r044cwg0wOTW-ws35BA5MMRLNwjdTNJ4uOu6kgdTopI"))
|
||||
];
|
||||
|
||||
|
||||
www = createZone {};
|
||||
api = createZone {};
|
||||
git = createZone {};
|
||||
|
|
@ -193,6 +193,7 @@ with dns.lib.combinators; let
|
|||
"cache-chir-rs.b-cdn.net."
|
||||
];
|
||||
peertube = createZone {};
|
||||
mediaproxy.CNAME = [ "mediaproxy-chir-rs.b-cdn.net." ];
|
||||
|
||||
int =
|
||||
delegateTo [
|
||||
|
|
|
|||
Loading…
Reference in a new issue