aynish/commoncomputing-nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bump bluesky-pds to v0.4.219 and fix tangled service options

Browse Source 
The deployed PDS was on v0.4.182 with a 50 MB blob upload limit, causing
upload failures for large images. Add an overlay that overrides bluesky-pds
to v0.4.219 (the latest tag in the bluesky-social/pds repo, ahead of
nixpkgs-unstable's 0.4.204) and set PDS_BLOB_UPLOAD_LIMIT explicitly to
100 MB.

Also fix `services.tangled-{knot,spindle}` -> `services.tangled.{knot,spindle}`
to match the option names exposed by the official tangled.org/@tangled.org/core
flake we import. The hyphenated names came from an older third-party flake
and have been causing every auto-update to fail since the tangled rev bumped
on Apr 20.
This commit is contained in:
Anish Lakhwara
2026-04-26 16:24:59 -07:00
parent 2c0d8a278f
commit a8ddc2ef34
3 changed files with 108 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files
flake.nix
+16 -8
View File
@@ -13,42 +13,50 @@
}; };
}; };
outputs = { outputs =
{
self, self,
nixpkgs, nixpkgs,
tangled, tangled,
agenix, agenix,
... ...
} @ inputs: let }@inputs:
let
inherit (self) outputs; inherit (self) outputs;
in { in
{
# Available through 'nixos-rebuild --flake .#your-hostname' # Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = { nixosConfigurations = {
asusmini = nixpkgs.lib.nixosSystem { asusmini = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs;}; specialArgs = { inherit inputs outputs; };
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
./hosts/asusmini ./hosts/asusmini
tangled.nixosModules.knot tangled.nixosModules.knot
tangled.nixosModules.spindle tangled.nixosModules.spindle
agenix.nixosModules.default agenix.nixosModules.default
{ nixpkgs.overlays = [ (import ./overlays) ]; }
]; ];
}; };
}; };
devShells = { devShells = {
aarch64-darwin.default = let aarch64-darwin.default =
let
pkgs = nixpkgs.legacyPackages.aarch64-darwin; pkgs = nixpkgs.legacyPackages.aarch64-darwin;
in pkgs.mkShell { in
pkgs.mkShell {
packages = [ packages = [
agenix.packages.aarch64-darwin.default agenix.packages.aarch64-darwin.default
pkgs.dnscontrol pkgs.dnscontrol
]; ];
}; };
x86_64-linux.default = let x86_64-linux.default =
let
pkgs = nixpkgs.legacyPackages.x86_64-linux; pkgs = nixpkgs.legacyPackages.x86_64-linux;
in pkgs.mkShell { in
pkgs.mkShell {
packages = [ packages = [
agenix.packages.x86_64-linux.default agenix.packages.x86_64-linux.default
pkgs.dnscontrol pkgs.dnscontrol
hosts/asusmini/atproto.nix
+14 -23
View File
@@ -12,15 +12,24 @@
settings = { settings = {
PDS_PORT = 5556; PDS_PORT = 5556;
PDS_HOSTNAME = "pds.commonscomputer.com"; PDS_HOSTNAME = "pds.commonscomputer.com";
# 100 MB blob upload limit (matches upstream default as of v0.4.219).
# Set explicitly so the limit is visible in our config rather than
# depending on whatever default the pinned nixpkgs module ships with.
PDS_BLOB_UPLOAD_LIMIT = "104857600";
# We can set a bunch of other things too # We can set a bunch of other things too
# PDS_BSKY_APP_VIEW_URL # PDS_BSKY_APP_VIEW_URL
# PDS_CRAWLERS # PDS_CRAWLERS
# PDS_BLOB_UPLOAD_LIMIT
# Full list available here: https://github.com/bluesky-social/atproto/blob/main/packages/pds/src/config/env.ts # Full list available here: https://github.com/bluesky-social/atproto/blob/main/packages/pds/src/config/env.ts
}; };
}; };
services.tangled-spindle = { # Note: the option namespace is `services.tangled.<service>` (with a dot),
# not `services.tangled-<service>` (with a dash). The dashed form was used
# by an older third-party `tangled-knot-nix` flake; the official monorepo
# at tangled.org/@tangled.org/core (which we import) uses the dotted form.
# See nix/modules/{knot,spindle}.nix in the tangled core flake for the
# full list of options.
services.tangled.spindle = {
enable = true; enable = true;
server = { server = {
hostname = "spindle.commonscomputer.com"; hostname = "spindle.commonscomputer.com";
@@ -28,30 +37,12 @@
}; };
}; };
# stolen from https://tangled.org/@isuggest.selfce.st/tangled-knot-nix/blob/main/knot.nix services.tangled.knot = {
services.tangled-knot = {
enable = true; enable = true;
server = { server = {
hostname = "knot.commonscomputer.com"; # put in the hostname where your knot can be accessed at. e.g. knot.a.tgirl.gay hostname = "knot.commonscomputer.com";
owner = "did:plc:om5yygegi4yxcbay5gemn2wm"; # your did, must be did:plc:<whatever> or did:web:<whatever>. owner = "did:plc:om5yygegi4yxcbay5gemn2wm";
}; };
# optional configuration options. the current value is the default provided to the knot server.
# appviewEndpoint = "https://tangled.sh"; # appview endpoint.
# gitUser = "git"; # user that hosts git repos and performs git operations.
# openFirewall = true; # open port 22 in the firewall for ssh.
# stateDir = "/home/${cfg.gitUser}"; # tangled knot data directory.
# repo = {
# scanPath = cfg.stateDir; # path where repositories are scanned from;
# mainBranch = "main"; # default branch name for repositories;
# };
# motd = ""; # message of the day. the contents are shown as-is; eg. you will want to add a newline if setting a non-empty message since the knot won't do this for you.
# motdFile = null; # "file containing message of the day. the contents are shown as-is; eg. you will want to add a newline if setting a non-empty message since the knot won't do this for you."
# server = {
# listenAddr = "0.0.0.0:5555"; # address to listen on.
# internalListenAddr = "127.0.0.1:5444"; # internal address for inter-service communication.
# dbPath = "${cfg.stateDir}/knotserver.db"; # path to the database file.
# dev = false; # enable development mode (disables signature verification)
# };
}; };
services.caddy = { services.caddy = {
overlays/default.nix
+46
View File
@@ -0,0 +1,46 @@
# Nixpkgs overlay for commonscomputing
#
# Overlays modify the global pkgs set. Anything that references
# `pkgs.<name>` (including NixOS service modules using `mkPackageOption`)
# automatically picks up our overrides without further config changes.
#
# Each override below should include a brief note about why we're overriding
# and when the override can be removed (e.g. when nixpkgs catches up).
final: prev: {
# Override bluesky-pds to v0.4.219 (latest tag in bluesky-social/pds repo).
#
# As of 2026-04-26 nixpkgs-unstable ships 0.4.204. The deployed version on
# z-space (from our pinned flake.lock) is even older at 0.4.182.
#
# Notable changes between 0.4.182 and 0.4.219:
# - Default PDS_BLOB_UPLOAD_LIMIT doubled to 100 MB (commit cc0e9ac)
# - Rate limits enabled by default (PR #308)
# - Node bumped to v20.20 (commit 0ef7817)
# - pdsadmin account commands replaced with goat (PR #313)
#
# Remove this override once nixpkgs ships bluesky-pds >= 0.4.219.
bluesky-pds = prev.bluesky-pds.overrideAttrs (old: rec {
version = "0.4.219";
src = prev.fetchFromGitHub {
owner = "bluesky-social";
repo = "pds";
tag = "v${version}";
hash = "sha256-zXNg1rtXN9qdTBvRlSiPlRu6k1Pv3T8nhROsEarev5U=";
};
sourceRoot = "${src.name}/service";
# pnpmDeps must be re-fetched whenever src changes because pnpm-lock.yaml
# may have changed. The hash below was computed by running a build with
# an empty hash and reading the correct one from the build failure.
pnpmDeps = prev.fetchPnpmDeps {
pname = "pds";
inherit version src sourceRoot;
pnpm = prev.pnpm_9;
fetcherVersion = 2;
hash = "sha256-n7UurqgR15vu1yNRXCWTWpEU42xgqVVaKurIMvt3XYk=";
};
});
}