51 lines
1.5 KiB
Nix
51 lines
1.5 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
cfg = config.services.nitter;
|
|
in
|
|
{
|
|
services.nitter = {
|
|
enable = true;
|
|
#package = pkgs.unstable.nitter;
|
|
server = {
|
|
port = 8081;
|
|
hostname = "nitter.sbruder.xyz";
|
|
address = "127.0.0.1";
|
|
};
|
|
preferences = {
|
|
theme = "Auto";
|
|
replaceTwitter = "${cfg.server.hostname}";
|
|
muteVideos = true;
|
|
hlsPlayback = true;
|
|
replaceYouTube = "${config.services.invidious.domain}";
|
|
};
|
|
config = {
|
|
base64Media = true;
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts.${cfg.server.hostname} = {
|
|
extraConfig = ''
|
|
allow ${config.sbruder.wireguard.home.subnet};
|
|
deny all;
|
|
'';
|
|
locations = {
|
|
"/robots.txt".return = "200 'User-agent: *\\nDisallow: /'";
|
|
"/" = {
|
|
proxyPass = "http://${cfg.server.address}:${toString cfg.server.port}";
|
|
extraConfig =
|
|
let
|
|
# workaround for nginx dropping parent headers
|
|
# see https://github.com/yandex/gixy/blob/master/docs/en/plugins/addheaderredefinition.md
|
|
parentHeaders = lib.concatStringsSep "\n" (lib.filter
|
|
(lib.hasPrefix "add_header ")
|
|
(lib.splitString "\n" config.services.nginx.commonHttpConfig));
|
|
in
|
|
''
|
|
${parentHeaders}
|
|
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'; media-src 'self' blob:";
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
}
|