refactor({modules,test}): Migrate to a `by-name` structure

3 files changed, 144 insertions, 0 deletions

diff --git a/modules/by-name/pe/peertube/module.nix b/modules/by-name/pe/peertube/module.nix
new file mode 100644
index 0000000..29d1d07
--- /dev/null
+++ b/modules/by-name/pe/peertube/module.nix
@@ -0,0 +1,113 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  cfg = config.vhack.peertube;
+in {
+  options.vhack.peertube = {
+    enable = lib.mkEnableOption ''
+      the peertube video platform.
+    '';
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.peertube = {
+      enable = true;
+
+      configureNginx = true;
+      localDomain = "peertube.vhack.eu";
+      enableWebHttps = true;
+      listenWeb = 443;
+
+      smtp = {
+        createLocally = true;
+        passwordFile = "${config.age.secrets.peertubeSmtp.path}";
+      };
+      database = {
+        createLocally = true;
+      };
+      redis = {
+        enableUnixSocket = true;
+        createLocally = true;
+      };
+
+      secrets.secretsFile = "${config.age.secrets.peertubeGeneral.path}";
+
+      settings = {
+        signup = {
+          enabled = true;
+
+          limit = 10; # When the limit is reached, registrations are disabled. -1 == unlimited
+
+          minimum_age = 18; # Used to configure the signup form
+
+          # Users fill a form to register so moderators can accept/reject the registration
+          requires_approval = true;
+          requires_email_verification = true;
+        };
+        user = {
+          video_quota = "10GB";
+          video_quota_daily = "2GB";
+        };
+        auto_blacklist = {
+          videos = {
+            of_users = {
+              enabled = true;
+            };
+          };
+        };
+        listen.hostname = "127.0.0.1";
+        instance.name = "PeerTube at Vhack.eu";
+
+        admin.email = "admin@vhack.eu";
+
+        smtp = let
+          emailAddress = "peertube@vhack.eu";
+        in {
+          sendmail = "${pkgs.postfix}/bin/sendmail";
+
+          transport = "sendmail";
+          hostname = "server1.vhack.eu";
+          port = 587;
+          username = emailAddress;
+          tls = true;
+          disable_starttls = true;
+          from_address = emailAddress;
+        };
+      };
+    };
+
+    # The `configureNginx` option does not do this for some reason
+    # TODO(@bpeetz): Find out why <2024-06-27>
+    services.nginx.virtualHosts."${config.services.peertube.localDomain}" = {
+      enableACME = true;
+      forceSSL = true;
+    };
+
+    age.secrets = {
+      peertubeGeneral = {
+        file = ./secrets/general.age;
+        mode = "700";
+        owner = "peertube";
+        group = "peertube";
+      };
+      peertubeSmtp = {
+        file = ./secrets/smtp.age;
+        mode = "700";
+        owner = "peertube";
+        group = "peertube";
+      };
+    };
+
+    environment.persistence."/srv".directories = [
+      {
+        directory = "/var/lib/peertube";
+        user = "peertube";
+        group = "peertube";
+        mode = "0700";
+      }
+    ];
+  };
+}
diff --git a/modules/by-name/pe/peertube/secrets/general.age b/modules/by-name/pe/peertube/secrets/general.age
new file mode 100644
index 0000000..854ab1a
--- /dev/null
+++ b/modules/by-name/pe/peertube/secrets/general.age
@@ -0,0 +1,15 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlNjR4TDVUZmY2Y0hYT2hk
+YmtPcFIxSXplNWF4M0V1Kzh2b2VoSTFCK0dzCmpwT2tDa3FpR082V2pyelBoS05o
+RmlWRVdNdVhZbkRVUEVnaDlPdlN1bDAKLT4gWDI1NTE5IFlvaTFPc2JHcWczbEJy
+eVZDS2NaUzBvbnpadk5ySVFxRTlNVXhrd2N0a3MKanJ0NEZWaTg3dE5Cbm9uNHNS
+ZCs2dmU4RkFZOHNyNlJKa0cyd2VqSlFPQQotPiBzc2gtZWQyNTUxOSBPRDhUNGcg
+NXhFSHdWUk1sbEUyb3FTdGpIaHlyTUJlMnlzNXBEY2lzTXpuM09WVDBrOApmM05W
+d1VBSGlhMmlDYlhZS1hSdlJBUVkrVWs0bTJseS9BUmZGY1l5K0NBCi0+IEQkNi1l
+LWdyZWFzZSAhIUlaOnNsZCAsUVRVKiBfRig2KGg+NSA6CmI0Q0N0cmlFbnNGSFZQ
+WThEV0RHS0V2NTVaZnIyK2tUQXZTOHdsRkhyRlExdCtOeHRML2hFNDNxd08xQjlG
+V3oKMThoQnF4Y3FDU3hMZjhwRUNvVWRRR3I4c1k5QnhJS1dRR2dod0EKLS0tIEZT
+dHhnVXdHV3QzYThXWFJQL2szeTZ4SWM4czZYQWxJOFFIVjBZSnJ0K00KH8WdXv68
+rjAqo5RoWu91aVg5Bl2HKuiFbaGcnlkiMPZ9wGfpq4mpCc/yc4NTa6HhkaI5tA61
+PjKurnkiLXywcdyUTPuaykk+wANynLucbwfq/Mv3aLcG01soh+dFNKZV/g==
+-----END AGE ENCRYPTED FILE-----
diff --git a/modules/by-name/pe/peertube/secrets/smtp.age b/modules/by-name/pe/peertube/secrets/smtp.age
new file mode 100644
index 0000000..1979ea7
--- /dev/null
+++ b/modules/by-name/pe/peertube/secrets/smtp.age
@@ -0,0 +1,16 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtU05NMDN0Q2MrVGEraHpH
+Tkwyd0NuVEQwcjljd0NUNUpsSER0V0RldWxNCjlnRHZWNmprVDYxQm90Q3pFVHR5
+enJyUTZhSVdUL1I1aC9Ya2NkMElQaFUKLT4gWDI1NTE5IHprWjRDZVlMK3Rmd1A5
+K0pZRVBIYldsOW0wQXp4SmJzM1pXdzAvZVpiWEUKd1cwR2ZNZTh6WXhQNGZBVmdN
+VWpxZGxPZXJBT1dqUFd1aU4xaHAxckZLcwotPiBzc2gtZWQyNTUxOSBPRDhUNGcg
+akdaS3I3VHplOENIZDg5TSt2SmRCSGpjaUZoUHVYTFJRR2wzc1RHYWNnVQpFN1Ew
+MTZDNGNyKzB1aEdTMHpKaWlFLzE0blJpZ3RhOTZReTNucUp6SEdZCi0+IHloQSUq
+LWdyZWFzZQo5VitXYjNxck5FbnkwYlBvUyt6R2ROVG9JOWtQNGJma1ZYd29oVlFx
+blFzSytWNDA4d3lqWE9JTUVreCs2Wi92ClZCdFgwYmRmc1VsU0NhTVR4b2dtZkpK
+ZTU2M24zVjd0UTRrelFXYnFEZwotLS0gT2ZlRGJsZWNPcEwxK2drdDhVSndDV3Fj
+SENsN2piWWEzSFI2OW8xbk12cwrFU4dzHxb5M3miGDpWLh3XbwzsrqWlFWLLu0Ht
+SDvqJGrwAPsnVn4YLSG42q1BodYfcQVvVwqRCVbkubEUDcecDTdaYDvjaS3tmDZW
+u5Nabp1ujYuIewOEZ8w41napS0C553qq0mL5sYZH1C23ViW81va4X1XOJTCnmbz6
+lbh+lK8ZbZz3cer49nR8OHTtpjA9hrf4Pf/W2nMR+0exy4zDYw==
+-----END AGE ENCRYPTED FILE-----