init temp while waiting for public ip address

hosts/asusmini/atproto.nix

@@ -0,0 +1,75 @@
+{ config, ... }:
+{
+  age.secrets.pds-env = {
+    file = ../../secrets/pds-env.age;
+    mode = "0400";
+    owner = "pds";
+  };
+
+  services.pds = {
+    enable = true;
+    environmentFiles = [ config.age.secrets.pds-env.path ];
+    settings = {
+      PDS_PORT = 5556;
+      PDS_HOSTNAME = "pds.commonscomputer.com";
+      # We can set a bunch of other things too
+      # PDS_BSKY_APP_VIEW_URL
+      # PDS_CRAWLERS
+      # PDS_BLOB_UPLOAD_LIMIT
+      # Full list available here: https://github.com/bluesky-social/atproto/blob/main/packages/pds/src/config/env.ts
+    };
+  };
+
+  services.tangled-spindle = {
+    enable = true;
+    server = {
+      hostname = "spindle.commonscomputer.com";
+      owner = "did:plc:dy6ekftqerqu5bcz76kgy6ux";
+    };
+  };
+
+  # stolen from https://tangled.org/@isuggest.selfce.st/tangled-knot-nix/blob/main/knot.nix
+  services.tangled-knot = {
+    enable = true;
+    server = {
+      hostname = "knot.commonscomputer.com"; # put in the hostname where your knot can be accessed at. e.g. knot.a.tgirl.gay
+      owner = "did:plc:dy6ekftqerqu5bcz76kgy6ux"; # your did, must be did:plc:<whatever> or did:web:<whatever>.
+    };
+    # optional configuration options. the current value is the default provided to the knot server.
+    # appviewEndpoint = "https://tangled.sh"; # appview endpoint.
+    # gitUser = "git"; # user that hosts git repos and performs git operations.
+    # openFirewall = true; # open port 22 in the firewall for ssh.
+    # stateDir = "/home/${cfg.gitUser}"; # tangled knot data directory.
+    # repo = {
+    #   scanPath = cfg.stateDir; # path where repositories are scanned from;
+    #   mainBranch = "main"; # default branch name for repositories;
+    # };
+    # motd = ""; # message of the day. the contents are shown as-is; eg. you will want to add a newline if setting a non-empty message since the knot won't do this for you.
+    # motdFile = null; # "file containing message of the day. the contents are shown as-is; eg. you will want to add a newline if setting a non-empty message since the knot won't do this for you."
+    # server = {
+    #   listenAddr = "0.0.0.0:5555"; # address to listen on.
+    #   internalListenAddr = "127.0.0.1:5444"; # internal address for inter-service communication.
+    #   dbPath = "${cfg.stateDir}/knotserver.db"; # path to the database file.
+    #   dev = false; # enable development mode (disables signature verification)
+    # };
+  };
+
+  services.caddy = {
+    enable = true;
+    virtualHosts = {
+      "knot.commonscomputer.org".extraConfig = ''
+        reverse_proxy http://localhost:5555
+      ''; 
+      "pds.commonscomputer.org".extraConfig = ''
+        reverse_proxy http://localhost:5556
+      '';
+      "spindle.commonscomputer.com".extraConfig = ''
+        reverse_proxy http://localhost:6555
+      '';
+    };
+  };
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];
+}