2023-05-21 18:32:58 +01:00
|
|
|
{
|
|
|
|
pkgs,
|
|
|
|
config,
|
|
|
|
lib,
|
|
|
|
...
|
|
|
|
}: {
|
2023-05-30 08:36:52 +01:00
|
|
|
imports = [../../modules/kubo.nix ./kubo-common.nix];
|
2023-05-21 18:32:58 +01:00
|
|
|
services.kubo = {
|
|
|
|
settings = {
|
|
|
|
Addresses = {
|
2023-05-30 08:36:52 +01:00
|
|
|
API = lib.mkForce [
|
|
|
|
"/ip4/0.0.0.0/tcp/5001"
|
|
|
|
"/ip6/::/tcp/5001"
|
2023-05-21 18:32:58 +01:00
|
|
|
]; # Only exposed over the tailed scale
|
|
|
|
};
|
|
|
|
API.HTTPHeaders = {
|
|
|
|
Access-Control-Allow-Origin = [
|
2023-11-17 16:31:38 +01:00
|
|
|
"http://bafybeiamycmd52xvg6k3nzr6z3n33de6a2teyhquhj4kspdtnvetnkrfim.ipfs.localhost:41876"
|
2023-05-21 18:32:58 +01:00
|
|
|
"http://localhost:3000"
|
|
|
|
"http://127.0.0.1:5001"
|
|
|
|
"https://webui.ipfs.io"
|
|
|
|
];
|
|
|
|
Access-Control-Allow-Methods = ["PUT" "POST"];
|
|
|
|
};
|
|
|
|
Datastore = {
|
|
|
|
Spec = {
|
|
|
|
mounts = [
|
|
|
|
{
|
|
|
|
child = {
|
2023-11-16 21:46:57 +01:00
|
|
|
type = "s3ds";
|
|
|
|
region = "ams1";
|
|
|
|
bucket = "ipfs-chir-rs";
|
|
|
|
rootDirectory = "/";
|
|
|
|
regionEndpoint = "ams1.vultrobjects.com";
|
2023-05-21 18:32:58 +01:00
|
|
|
};
|
2023-11-16 21:46:57 +01:00
|
|
|
mountpoint = "/blocks";
|
|
|
|
prefix = "s3.datastore";
|
2023-05-21 18:32:58 +01:00
|
|
|
type = "measure";
|
|
|
|
}
|
2023-11-17 16:31:38 +01:00
|
|
|
{
|
2023-11-18 10:53:21 +01:00
|
|
|
child = {
|
|
|
|
compression = "none";
|
|
|
|
path = "datastore";
|
|
|
|
type = "levelds";
|
|
|
|
};
|
|
|
|
mountpoint = "/";
|
|
|
|
prefix = "leveldb.datastore";
|
|
|
|
type = "measure";
|
2023-11-17 16:31:38 +01:00
|
|
|
}
|
2023-05-21 18:32:58 +01:00
|
|
|
];
|
|
|
|
type = "mount";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2023-11-16 21:46:57 +01:00
|
|
|
sops.secrets."services/ipfs/accessKey".owner = "ipfs";
|
|
|
|
sops.secrets."services/ipfs/secretKey".owner = "ipfs";
|
2023-05-21 18:32:58 +01:00
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
4001
|
|
|
|
4002
|
|
|
|
];
|
|
|
|
networking.firewall.allowedUDPPorts = [
|
|
|
|
4001
|
|
|
|
];
|
|
|
|
services.caddy.virtualHosts."ipfs-nocdn.chir.rs" = {
|
|
|
|
useACMEHost = "chir.rs";
|
|
|
|
logFormat = pkgs.lib.mkForce "";
|
|
|
|
extraConfig = ''
|
|
|
|
import baseConfig
|
|
|
|
reverse_proxy http://127.0.0.1:41876
|
|
|
|
'';
|
|
|
|
};
|
2023-06-10 09:18:18 +01:00
|
|
|
fileSystems."/persist/var/lib/ipfs/root" = {
|
|
|
|
device = "/";
|
|
|
|
options = ["bind" "ro"];
|
|
|
|
};
|
2023-05-21 18:32:58 +01:00
|
|
|
}
|