new services

instances/ds9/services/attic.nix

@@ -0,0 +1,29 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+{
+  xyno.services.caddy.wildcardHosts."hailsatan.eu".hosts.attic.extraConfig =
+    "reverse_proxy http://[::1]:8089";
+  services.postgresql.ensureDatabases = [ "atticd" ];
+  services.postgresql.ensureUsers = [
+    {
+      name = "atticd";
+      ensureDBOwnership = true;
+    }
+  ];
+  services.atticd = {
+    enable = true;
+    settings.database.url = "postgresql://atticd@localhost/atticd?host=/run/postgresql";
+    settings.listen = "[::1]:8089";
+    settings.allowed-hosts = [ "attic.hailsatan.eu" ];
+    settings.api_endpoint = [ "https://attic.hailsatan.eu/" ];
+    environmentFile = config.sops.secrets."atticd/env".path;
+  };
+  sops.secrets."atticd/env" = {
+    sopsFile = ../secrets/atticd.yaml;
+  };
+  xyno.impermanence.directories = [ "/var/lib/atticd" ];
+}

instances/ds9/services/woodpecker.nix

@@ -0,0 +1,75 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+{
+  xyno.services.caddy.wildcardHosts."hailsatan.eu".hosts.woodpecker.extraConfig =
+    "reverse_proxy http://[::1]:18000";
+  xyno.services.caddy.wildcardHosts."hailsatan.eu".hosts.woodpecker-agent.extraConfig =
+    "reverse_proxy h2c://[::1]:19000";
+  services.postgresql.ensureDatabases = [ "woodpecker" ];
+  services.postgresql.ensureUsers = [
+    {
+      name = "woodpecker";
+      ensureDBOwnership = true;
+    }
+  ];
+
+  services.woodpecker-server = {
+    enable = true;
+    environment = {
+      GITEA = true;
+      GITEA_URL = "https://git.xyno.systems";
+      GRPC_ADDR = ":19000";
+      SERVER_ADDR = ":18000";
+      WOODPECKER_DATABASE_DATASOURCE = "postgresql://woodpecker@localhost/woodpecker?host=/run/postgresql";
+      WOODPECKER_DATABASE_DRIVER = "postgres";
+      WOODPECKER_HOST = "https://woodpecker.hailsatan.eu";
+    };
+    environmentFile = [
+      config.sops.secrets."woodpecker/agent_secret".path
+      config.sops.secrets."woodpecker/gitea".path
+    ];
+  };
+
+  virtualisation.podman = {
+    dockerSocket.enable = true;
+    enable = true;
+    autoPrune.enable = true;
+    defaultNetwork.settings = {
+      dns_enabled = true;
+    };
+  };
+  # This is needed for podman to be able to talk over dns
+  networking.firewall.interfaces."podman0" = {
+    allowedUDPPorts = [ 53 ];
+    allowedTCPPorts = [ 53 ];
+  };
+  services.woodpecker-agents.podman = {
+    environment = {
+      WOODPECKER_SERVER = "[::1]:19000";
+      WOODPECKER_BACKEND = "docker";
+      WOODPECKER_MAX_WORKFLOWS = 4;
+      DOCKER_HOST = "unix:///run/podman/podman.sock";
+    };
+    environmentFile = [
+      config.sops.secrets."woodpecker/agent_secret".path
+    ];
+    extraGroups = [ "podman" ];
+  };
+  sops.secrets."woodpecker/agent_secret" = {
+    sopsFile = ../secrets/woodpecker.yaml;
+  };
+  sops.secrets."woodpecker/gitea" = {
+    sopsFile = ../secrets/woodpecker.yaml;
+  };
+  sops.secrets."woodpecker/prometheus" = {
+    sopsFile = ../secrets/woodpecker.yaml;
+  };
+  xyno.impermanence.directories = [
+    "/var/lib/woodpecker"
+    "/var/lib/containers"
+  ];
+}

instances/ds9/services/ytdl-sub.nix

@@ -0,0 +1,129 @@
+{
+  config,
+  pkgs,
+  lib,
+  inputs,
+  ...
+}:
+with lib;
+let
+  channels = {
+    "Entertainment" = [
+      "2BoredGuysOfficial"
+      "AlexPrinz"
+      "BagelBoyOfficial"
+      "DiedeutschenBackrooms"
+      "DankPods"
+      "Defunctland"
+      "Ididathing"
+      "GarbageTime420"
+      "Boy_Boy"
+      "ContraPoints"
+      "PhilosophyTube"
+      "PosyMusic"
+      "RobBubble"
+      "agingwheels"
+      "NileBlue"
+      "NileRed"
+      "styropyro"
+      "williamosman"
+      "billwurtz"
+      "f4micom"
+      "hbomberguy"
+      "simonegiertz"
+      "Parabelritter"
+      "DeviantOllam"
+      "MaxFosh"
+      "MichaelReeves"
+      "TomScottGo"
+      "WilliamOsman2"
+    ];
+    "Tism" = [
+      "Echoray1" # alwin meschede
+      "TechnologyConnections"
+      "TechnologyConnextras"
+      "TheB1M"
+      "bahnblick_eu"
+      "jameshoffmann"
+      "scottmanley"
+      "theCodyReeder"
+      "standupmaths"
+    ];
+    "Making" = [
+      "DIYPerks"
+      "MaxMakerChannel"
+      "Nerdforge"
+      "iliketomakestuff"
+      "ZackFreedman"
+
+    ];
+    "Games" = [
+      "TylerMcVicker1"
+      "gabe.follower"
+      "altf4games"
+    ];
+    "Programming" = [
+      "BenEater"
+      "NoBoilerplate"
+      "stacksmashing"
+    ];
+    "Tech" = [
+      "LinusTechTips"
+    ];
+  };
+in
+
+{
+  systemd.services."ytdl-sub-default".serviceConfig.ReadWritePaths = [ "/data/media/yt" ];
+  services.ytdl-sub = {
+    instances.default = {
+      enable = true;
+      schedule = "0/6:0";
+      config = {
+        presets."Sponsorblock" = {
+          ytdl_options.cookiefile = "/data/media/yt/cookies.Personal.txt";
+          subtitles = {
+            embed_subtitles = true;
+            languages = [
+              "en"
+              "de"
+            ];
+            allow_auto_generated_subtitles = false;
+          };
+          chapters = {
+            embed_chapters = true;
+            sponsorblock_categories = [
+              # "outro"
+              "selfpromo"
+              "preview"
+              "interaction"
+              "sponsor"
+              "music_offtopic"
+              # "intro"
+            ];
+            remove_sponsorblock_categories = "all";
+            force_key_frames = false;
+          };
+        };
+      };
+      subscriptions = {
+        "__preset__".overrides = {
+          tv_show_directory = "/data/media/yt";
+          only_recent_max_files = 30;
+          # only_recent_date_range = "30days";
+        };
+        "Jellyfin TV Show by Date | Sponsorblock | Only Recent | Max 1080p" = mapAttrs' (
+          n: v: nameValuePair "= ${n}" (genAttrs v (x: "https://youtube.com/@${x}"))
+        ) channels;
+        "Jellyfin TV Show Collection | Sponsorblock" = {
+          "~Murder Drones" = {
+            s01_url = "https://www.youtube.com/playlist?list=PLHovnlOusNLiJz3sm0d5i2Evwa2LDLdrg";
+            tv_show_collection_episode_ordering = "playlist-index";
+          };
+        };
+      };
+    };
+    group = "users";
+
+  };
+}