Anish Lakhwara
a8ddc2ef34
The deployed PDS was on v0.4.182 with a 50 MB blob upload limit, causing
upload failures for large images. Add an overlay that overrides bluesky-pds
to v0.4.219 (the latest tag in the bluesky-social/pds repo, ahead of
nixpkgs-unstable's 0.4.204) and set PDS_BLOB_UPLOAD_LIMIT explicitly to
100 MB.
Also fix `services.tangled-{knot,spindle}` -> `services.tangled.{knot,spindle}`
to match the option names exposed by the official tangled.org/@tangled.org/core
flake we import. The hyphenated names came from an older third-party flake
and have been causing every auto-update to fail since the tangled rev bumped
on Apr 20.
67 lines
2.0 KiB
Nix
67 lines
2.0 KiB
Nix
{ config, ... }:
|
|
{
|
|
age.secrets.pds-env = {
|
|
file = ../../secrets/pds-env.age;
|
|
mode = "0400";
|
|
owner = "pds";
|
|
};
|
|
|
|
services.bluesky-pds = {
|
|
enable = true;
|
|
environmentFiles = [ config.age.secrets.pds-env.path ];
|
|
settings = {
|
|
PDS_PORT = 5556;
|
|
PDS_HOSTNAME = "pds.commonscomputer.com";
|
|
# 100 MB blob upload limit (matches upstream default as of v0.4.219).
|
|
# Set explicitly so the limit is visible in our config rather than
|
|
# depending on whatever default the pinned nixpkgs module ships with.
|
|
PDS_BLOB_UPLOAD_LIMIT = "104857600";
|
|
# We can set a bunch of other things too
|
|
# PDS_BSKY_APP_VIEW_URL
|
|
# PDS_CRAWLERS
|
|
# Full list available here: https://github.com/bluesky-social/atproto/blob/main/packages/pds/src/config/env.ts
|
|
};
|
|
};
|
|
|
|
# Note: the option namespace is `services.tangled.<service>` (with a dot),
|
|
# not `services.tangled-<service>` (with a dash). The dashed form was used
|
|
# by an older third-party `tangled-knot-nix` flake; the official monorepo
|
|
# at tangled.org/@tangled.org/core (which we import) uses the dotted form.
|
|
# See nix/modules/{knot,spindle}.nix in the tangled core flake for the
|
|
# full list of options.
|
|
services.tangled.spindle = {
|
|
enable = true;
|
|
server = {
|
|
hostname = "spindle.commonscomputer.com";
|
|
owner = "did:plc:om5yygegi4yxcbay5gemn2wm";
|
|
};
|
|
};
|
|
|
|
services.tangled.knot = {
|
|
enable = true;
|
|
server = {
|
|
hostname = "knot.commonscomputer.com";
|
|
owner = "did:plc:om5yygegi4yxcbay5gemn2wm";
|
|
};
|
|
};
|
|
|
|
services.caddy = {
|
|
enable = true;
|
|
virtualHosts = {
|
|
"knot.commonscomputer.com".extraConfig = ''
|
|
reverse_proxy http://localhost:5555
|
|
'';
|
|
"pds.commonscomputer.com".extraConfig = ''
|
|
reverse_proxy http://localhost:5556
|
|
'';
|
|
"spindle.commonscomputer.com".extraConfig = ''
|
|
reverse_proxy http://localhost:6555
|
|
'';
|
|
};
|
|
};
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
];
|
|
}
|