diff options
Diffstat (limited to 'modules/nixos/ipfs.nix')
| -rw-r--r-- | modules/nixos/ipfs.nix | 145 |
1 files changed, 0 insertions, 145 deletions
diff --git a/modules/nixos/ipfs.nix b/modules/nixos/ipfs.nix deleted file mode 100644 index cd28372..0000000 --- a/modules/nixos/ipfs.nix +++ /dev/null @@ -1,145 +0,0 @@ -{ - config, - lib, - libNginx, - this, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.ipfs; - - gatewayDefaultPort = 6001; - apiDefaultPort = 5001; - swarmDefaultPort = 4001; -in -{ - options.nixfiles.modules.ipfs = { - enable = mkEnableOption "IPFS daemon"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "ipfs.${config.networking.fqdn}"; - }; - - gatewayPort = mkOption { - description = "Gateway port."; - type = with types; port; - default = if this.isHeadless then gatewayDefaultPort + 990 else gatewayDefaultPort; - }; - - apiPort = mkOption { - description = "API port."; - type = with types; port; - default = if this.isHeadless then apiDefaultPort + 990 else apiDefaultPort; - }; - - swarmPort = mkOption { - description = "Swarm port."; - type = with types; port; - default = swarmDefaultPort; - }; - }; - - config = mkIf cfg.enable (mkMerge [ - { - services.kubo = { - enable = true; - - user = my.username; - inherit (config.my) group; - - dataDir = "${config.dirs.data}/ipfs"; - - autoMigrate = true; - autoMount = true; - emptyRepo = true; - enableGC = true; - - # https://github.com/ipfs/kubo/blob/master/docs/config.md - settings = mkMerge [ - ( - let - filterAddresses = - [ - "/ip4/100.64.0.0/ipcidr/10" - "/ip4/169.254.0.0/ipcidr/16" - "/ip4/172.16.0.0/ipcidr/12" - "/ip4/192.0.0.0/ipcidr/24" - "/ip4/192.0.2.0/ipcidr/24" - "/ip4/192.168.0.0/ipcidr/16" - "/ip4/198.18.0.0/ipcidr/15" - "/ip4/198.51.100.0/ipcidr/24" - "/ip4/203.0.113.0/ipcidr/24" - "/ip4/240.0.0.0/ipcidr/4" - "/ip6/100::/ipcidr/64" - "/ip6/2001:2::/ipcidr/48" - "/ip6/2001:db8::/ipcidr/32" - "/ip6/fe80::/ipcidr/10" - ] - ++ optionals (!hasAttr "wireguard" this) [ - "/ip4/10.0.0.0/ipcidr/8" - "/ip6/fc00::/ipcidr/7" - ]; - in - { - Addresses = { - API = "/ip4/127.0.0.1/tcp/${toString cfg.apiPort}"; - Gateway = "/ip4/127.0.0.1/tcp/${toString cfg.gatewayPort}"; - Swarm = - let - port = toString cfg.swarmPort; - in - [ - "/ip4/0.0.0.0/tcp/${port}" - "/ip6/::/tcp/${port}" - "/ip4/0.0.0.0/udp/${port}/quic" - "/ip4/0.0.0.0/udp/${port}/quic-v1" - "/ip4/0.0.0.0/udp/${port}/quic-v1/webtransport" - "/ip6/::/udp/${port}/quic" - "/ip6/::/udp/${port}/quic-v1" - "/ip6/::/udp/${port}/quic-v1/webtransport" - ]; - - NoAnnounce = filterAddresses; - }; - Swarm.AddrFilters = filterAddresses; - } - ) - ]; - - localDiscovery = true; - - startWhenNeeded = true; - }; - - networking.firewall = rec { - allowedTCPPorts = [ swarmDefaultPort ]; - allowedUDPPorts = allowedTCPPorts; - }; - } - (mkIf this.isHeadless { - nixfiles.modules.nginx = { - enable = true; - upstreams = with cfg; { - kubo_gateway.servers."127.0.0.1:${toString gatewayPort}" = { }; - kubo_api.servers."127.0.0.1:${toString apiPort}" = { }; - }; - virtualHosts = { - ${cfg.domain} = { - locations."/".proxyPass = "http://kubo_gateway"; - extraConfig = libNginx.config.internalOnly; - }; - "api.${cfg.domain}" = { - locations = { - "/".proxyPass = "http://kubo_api"; - "~ ^/$".return = "301 http${optionalString config.nixfiles.modules.acme.enable "s"}://api.${cfg.domain}/webui"; - }; - extraConfig = libNginx.config.internalOnly; - }; - }; - }; - }) - ]); -} |