setting up invidious was a mess

2026-04-11 13:52:15 +03:00 · 2026-04-11 13:52:15 +03:00 · ee9afc74c2
commit ee9afc74c2
parent 6a4bf43560
2 changed files with 73 additions and 0 deletions
--- a/server/configuration.nix
+++ b/server/configuration.nix
@ -8,6 +8,7 @@
    ./matrix.nix
    ./element.nix
    ./forgejo.nix
+    ./iv.nix
  ];

  nixpkgs.config.permittedInsecurePackages = [
--- a/server/iv.nix
+++ b/server/iv.nix
@ -0,0 +1,72 @@
+{ config, pkgs, lib, ... }:
+let
+  companionImage = pkgs.dockerTools.pullImage {
+    imageName = "quay.io/invidious/invidious-companion";
+    imageDigest = "sha256:1f59440ef39c4a3377be6d9dc76a7adebb7cfc9b7be03f671dd06741d01be491";
+    finalImageName = "invidious-companion";
+    finalImageTag = "latest";
+    os = "linux";
+    arch = "amd64";
+    sha256 = "sha256-QsKu0XyHYvad/saO4zDrHZU9o4GzihK30pMITYpcVoI=";
+  };
+in
+{
+  services.invidious = {
+    enable = true;
+    domain = "iv.itamar.site";
+    port = 3002;
+    nginx.enable = true;
+    extraSettingsFile = "/var/lib/invidious/companion-secret.yaml";
+    settings = {
+      https_only = true;
+      registration_enabled = false;
+      statistics_enabled = false;
+      default_user_preferences = {
+        locale = "en-US";
+        dark_mode = "dark";
+        thin_mode = false;
+        default_home = "feed";
+        feed_menu = ["Popular" "Trending" "Subscriptions" "Playlists"];
+        player_style = "invidious";
+        quality = "hd720";
+        volume = 100;
+        autoplay = false;
+        comments = ["youtube" ""];
+        related_videos = true;
+      };
+    };
+  };
+
+  virtualisation.docker.enable = true;
+
+  virtualisation.oci-containers = {
+    backend = "docker";
+    containers.invidious-companion = {
+      image = "invidious-companion:latest";
+      imageFile = companionImage;
+      ports = [ "127.0.0.1:3001:8282" ];
+      environmentFiles = [ "/var/lib/invidious/companion-env" ];
+      volumes = [ "/var/lib/invidious-companion-cache:/var/tmp/youtubei.js" ];
+      extraOptions = [ "--no-healthcheck" ];
+    };
+  };
+
+  services.nginx = {
+    enable = true;
+    recommendedTlsSettings = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedProxySettings = true;
+    virtualHosts."iv.itamar.site" = {
+      enableACME = true;
+      forceSSL = true;
+    };
+  };
+
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "admin@itamar.site";
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+}