nixos-config/config/services/kubo.nix

79 lines
1.9 KiB
Nix
Raw Normal View History

2023-05-21 18:32:58 +01:00
{
pkgs,
config,
lib,
...
}: {
2023-05-30 08:36:52 +01:00
imports = [../../modules/kubo.nix ./kubo-common.nix];
2023-05-21 18:32:58 +01:00
services.kubo = {
settings = {
Addresses = {
2023-05-30 08:36:52 +01:00
API = lib.mkForce [
"/ip4/0.0.0.0/tcp/5001"
"/ip6/::/tcp/5001"
2023-05-21 18:32:58 +01:00
]; # Only exposed over the tailed scale
};
API.HTTPHeaders = {
Access-Control-Allow-Origin = [
2023-11-17 16:31:38 +01:00
"http://bafybeiamycmd52xvg6k3nzr6z3n33de6a2teyhquhj4kspdtnvetnkrfim.ipfs.localhost:41876"
2023-05-21 18:32:58 +01:00
"http://localhost:3000"
"http://127.0.0.1:5001"
"https://webui.ipfs.io"
];
Access-Control-Allow-Methods = ["PUT" "POST"];
};
Datastore = {
Spec = {
mounts = [
{
child = {
2023-11-16 21:46:57 +01:00
type = "s3ds";
region = "ams1";
bucket = "ipfs-chir-rs";
rootDirectory = "/";
regionEndpoint = "ams1.vultrobjects.com";
2023-05-21 18:32:58 +01:00
};
2023-11-16 21:46:57 +01:00
mountpoint = "/blocks";
prefix = "s3.datastore";
2023-05-21 18:32:58 +01:00
type = "measure";
}
2023-11-17 16:31:38 +01:00
{
2023-11-18 10:53:21 +01:00
child = {
compression = "none";
path = "datastore";
type = "levelds";
};
mountpoint = "/";
prefix = "leveldb.datastore";
type = "measure";
2023-11-17 16:31:38 +01:00
}
2023-05-21 18:32:58 +01:00
];
type = "mount";
};
};
};
};
2023-11-16 21:46:57 +01:00
sops.secrets."services/ipfs/accessKey".owner = "ipfs";
sops.secrets."services/ipfs/secretKey".owner = "ipfs";
2023-05-21 18:32:58 +01:00
networking.firewall.allowedTCPPorts = [
4001
4002
];
networking.firewall.allowedUDPPorts = [
4001
];
services.caddy.virtualHosts."ipfs-nocdn.chir.rs" = {
useACMEHost = "chir.rs";
logFormat = pkgs.lib.mkForce "";
extraConfig = ''
import baseConfig
reverse_proxy http://127.0.0.1:41876
'';
};
2023-06-10 09:18:18 +01:00
fileSystems."/persist/var/lib/ipfs/root" = {
device = "/";
options = ["bind" "ro"];
};
2023-05-21 18:32:58 +01:00
}