aynish/helm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
helm/hosts/profiles/radicle-node/default.nix
T
Anish Lakhwara cd8bb0fe0f migrate to radicle
2026-01-21 21:55:37 -08:00

86 lines
2.0 KiB
Nix
Raw Permalink Blame History

{
self,
config,
pkgs,
...
}:
let
# Custom radicle-explorer configured for local box node
localExplorer = pkgs.radicle-explorer.withConfig {
preferredSeeds = [
{
hostname = "rad.mossnet.lan";
port = 80;
scheme = "http";
}
];
};
in
{
age.secrets.radicle-box-key.file = "${self}/secrets/radicle-box-key.age";
age.secrets.radicle-box-key.owner = "radicle";
services.radicle = {
enable = true;
privateKeyFile = config.age.secrets.radicle-box-key.path;
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII2QC5AbaTHCRVzGluWgXUlyBNFDxcLiIeViv81f3TYw mossnet.lan";
node = {
listenAddress = "0.0.0.0"; # Listen on all interfaces for local LAN access
listenPort = 8776;
openFirewall = true;
};
settings = {
node = {
alias = "mossnet.lan";
connect = [ "z6MkfPhJnbrHbB4FNcub7weT8CRcqFgfJinDfSYjPwK9tSXy@10.0.69.5:8776" ];
seedingPolicy.default = "block";
};
};
# HTTP API for local web access
httpd = {
enable = true;
listenAddress = "127.0.0.1";
listenPort = 8888;
};
};
# Nginx to serve radicle-explorer + proxy API
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts."rad.mossnet.lan" = {
root = localExplorer;
locations."/" = {
tryFiles = "$uri $uri/ /index.html";
index = "index.html";
};
# Proxy API requests to radicle-httpd
locations."/api" = {
proxyPass = "http://127.0.0.1:8888";
};
# Proxy raw file access to radicle-httpd
locations."/raw" = {
proxyPass = "http://127.0.0.1:8888";
};
# Proxy git protocol requests (rad:xxx) to radicle-httpd
locations."~ ^/rad:" = {
proxyPass = "http://127.0.0.1:8888";
};
};
};
# Open firewall for nginx
networking.firewall.allowedTCPPorts = [ 80 ];
# rad CLI for interactive use
environment.systemPackages = [ pkgs.radicle-node ];
}
Reference in New Issue View Git Blame Copy Permalink