migrate to radicle
This commit is contained in:
Anish Lakhwara
@@ -0,0 +1,85 @@
|
||||
{
|
||||
self,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
# Custom radicle-explorer configured for local box node
|
||||
localExplorer = pkgs.radicle-explorer.withConfig {
|
||||
preferredSeeds = [
|
||||
{
|
||||
hostname = "rad.mossnet.lan";
|
||||
port = 80;
|
||||
scheme = "http";
|
||||
}
|
||||
];
|
||||
};
|
||||
in
|
||||
{
|
||||
age.secrets.radicle-box-key.file = "${self}/secrets/radicle-box-key.age";
|
||||
age.secrets.radicle-box-key.owner = "radicle";
|
||||
|
||||
services.radicle = {
|
||||
enable = true;
|
||||
privateKeyFile = config.age.secrets.radicle-box-key.path;
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII2QC5AbaTHCRVzGluWgXUlyBNFDxcLiIeViv81f3TYw mossnet.lan";
|
||||
|
||||
node = {
|
||||
listenAddress = "0.0.0.0"; # Listen on all interfaces for local LAN access
|
||||
listenPort = 8776;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
settings = {
|
||||
node = {
|
||||
alias = "mossnet.lan";
|
||||
connect = [ "z6MkfPhJnbrHbB4FNcub7weT8CRcqFgfJinDfSYjPwK9tSXy@10.0.69.5:8776" ];
|
||||
seedingPolicy.default = "block";
|
||||
};
|
||||
};
|
||||
|
||||
# HTTP API for local web access
|
||||
httpd = {
|
||||
enable = true;
|
||||
listenAddress = "127.0.0.1";
|
||||
listenPort = 8888;
|
||||
};
|
||||
};
|
||||
|
||||
# Nginx to serve radicle-explorer + proxy API
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
|
||||
virtualHosts."rad.mossnet.lan" = {
|
||||
root = localExplorer;
|
||||
|
||||
locations."/" = {
|
||||
tryFiles = "$uri $uri/ /index.html";
|
||||
index = "index.html";
|
||||
};
|
||||
|
||||
# Proxy API requests to radicle-httpd
|
||||
locations."/api" = {
|
||||
proxyPass = "http://127.0.0.1:8888";
|
||||
};
|
||||
|
||||
# Proxy raw file access to radicle-httpd
|
||||
locations."/raw" = {
|
||||
proxyPass = "http://127.0.0.1:8888";
|
||||
};
|
||||
|
||||
# Proxy git protocol requests (rad:xxx) to radicle-httpd
|
||||
locations."~ ^/rad:" = {
|
||||
proxyPass = "http://127.0.0.1:8888";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Open firewall for nginx
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
|
||||
# rad CLI for interactive use
|
||||
environment.systemPackages = [ pkgs.radicle-node ];
|
||||
}
|
||||
Reference in New Issue
Block a user