From 5ef2fd57b983e96e3bcd110827ed2331f0250ecd Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Mon, 12 May 2025 18:13:12 +0800 Subject: [PATCH] add radicle module(incomplete), and add radicle-node for Tytonidae and Akun --- nixos/configurations/Akun/default.nix | 1 + nixos/configurations/Tytonidae/default.nix | 1 + nixos/modules/programs/default.nix | 1 + nixos/modules/programs/radicle.nix | 79 ++++++++++++++++++++++ secrets/general.yaml | 8 ++- 5 files changed, 87 insertions(+), 3 deletions(-) create mode 100644 nixos/modules/programs/radicle.nix diff --git a/nixos/configurations/Akun/default.nix b/nixos/configurations/Akun/default.nix index c16e8bd..ab71e8d 100644 --- a/nixos/configurations/Akun/default.nix +++ b/nixos/configurations/Akun/default.nix @@ -44,6 +44,7 @@ services.printing.enable = true; environment.systemPackages = with pkgs; [ + radicle-node nix-output-monitor wget git diff --git a/nixos/configurations/Tytonidae/default.nix b/nixos/configurations/Tytonidae/default.nix index 4b26f79..ebcdfbf 100644 --- a/nixos/configurations/Tytonidae/default.nix +++ b/nixos/configurations/Tytonidae/default.nix @@ -66,6 +66,7 @@ services.printing.enable = true; environment.systemPackages = with pkgs; [ + radicle-node nix-output-monitor wget git diff --git a/nixos/modules/programs/default.nix b/nixos/modules/programs/default.nix index eb21583..2a83c37 100644 --- a/nixos/modules/programs/default.nix +++ b/nixos/modules/programs/default.nix @@ -27,5 +27,6 @@ ./owncast.nix ./minio.nix ./supergfxd.nix + ./radicle.nix ]; } diff --git a/nixos/modules/programs/radicle.nix b/nixos/modules/programs/radicle.nix new file mode 100644 index 0000000..265d0d0 --- /dev/null +++ b/nixos/modules/programs/radicle.nix @@ -0,0 +1,79 @@ +{ + config, + lib, + ... +}: let + cfg = config.youthlic.programs.radicle; +in { + options = { + youthlic.programs.radicle = { + enable = lib.mkEnableOption "radicle"; + privateKeyFile = lib.mkOption { + type = with lib.types; either path str; + }; + publicKey = lib.mkOption { + type = with lib.types; either path str; + }; + }; + }; + config = lib.mkIf cfg.enable { + services.radicle = { + enable = true; + node.listenAddress = "127.0.0.1"; + inherit (cfg) publicKey privateKeyFile; + settings = { + publicExplorer = "https://app.radicle.xyz/nodes/$host/$rid$path"; + preferredSeeds = [ + "z6Mkmqogy2qEM2ummccUthFEaaHvyYmYBYh3dbe9W4ebScxo@ash.radicle.garden:8776" + "z6MksmpU5b1dS7oaqF2bHXhQi1DWy2hB7Mh9CuN7y1DN6QSz@seed.radicle.xyz:8776" + "z6MkrLMMsiPWUcNPHcRajuMi9mDfYckSoJyPwwnknocNYPm7@seed.radicle.garden:8776" + ]; + web = { + pinned = { + repositories = []; + }; + }; + cli = { + hints = true; + }; + node = { + alias = "youthlic"; + listen = []; + peers = { + type = "dynamic"; + }; + connect = []; + extrnalAddresses = []; + network = "main"; + log = "INFO"; + relay = "auto"; + limits = { + routingMaxSize = 1000; + routingMaxAge = 604800; + gossipMaxAge = 1209600; + fetchConcurrency = 1; + maxOpenFiles = 4096; + rate = { + inbound = { + fillRate = 5.0; + capacity = 1024; + }; + outbound = { + fillRate = 10.0; + capacity = 2048; + }; + }; + connection = { + inbound = 128; + outbound = 16; + }; + }; + workers = 8; + seedingPolicy = { + default = "block"; + }; + }; + }; + }; + }; +} diff --git a/secrets/general.yaml b/secrets/general.yaml index 7f672a7..a6a7b59 100644 --- a/secrets/general.yaml +++ b/secrets/general.yaml @@ -8,6 +8,8 @@ access-tokens: ENC[AES256_GCM,data:Y1qJQaOYHIednHAYpcMVWk+5j5E27QDXrlTAfu/jt7prC matrix-telegram-bot: ENC[AES256_GCM,data:4G9JSR4l3043SM63gvJr0xBFuS11eoesi9rrobTxN9HpEGNklYDWHH/+Bm7P/2Bxnye3CiO/Z8KffvbjH8slRHLtbSpo8lRsfi9uRAbeMl7aXe/nTjpN078QSN3WXXc9XqYq0sxwNKPrnW3bmPQsHUiykZ3Go5A9Qw1iIPvPpXITyNbeD0gA+2CBB7PIURI7X0PIgSfUtMFZvl2J9znqCnlfC41bj6aC3sywsEkpuFJiMEojrwl+XmVS/u4eNMq8KiofVn9QlGx5gdGZ9LfZZdc+8E6u5GovqP2JTwwfaeZPzdwdZ2YsdoAvmgAusMfjCNZvHF7msLsOyNJW4592ZC7+fHhRbkKnVKc3OwA4ILWd9Jl0p0BoS0Ckn3V5nUQFgxVJ2O0yd/FLFaEqbeBLHNqC6u9CTYk82Uy23ilXQYKIc9h2wQkM329E6j9Mk0f9uavoYVPkpz6ahLzcni2W26FUkeaZ7PkrHmHWfJvvvi32GB4+q1m0phPmcd3cKVhXhbhLXiBcx2Rj7Q==,iv:Br0w0SiYajFr8p5CZEg47x3KpJ+AOleHthsEc3ho4YI=,tag:k+wptcSnNzfefF66Ug824Q==,type:str] matrix-reg-token: ENC[AES256_GCM,data:Cr5560L9gQo/tKUz1sQOAg5dckI6SyDxeNyrjW4oI6qkV8bxUrMaAGnVkkeF9TF9FgAnRb+7Lm+axd2SmkPWnqrLll2NzLC01zXht9Mq9RroAPXFraEV1X1Ge1qAAtkr,iv:42r93HLVDKuDCOYlfem7oi3gcHfhDYiNbFKOCHxim+o=,tag:9hWGQrWHsv2eYNgFlHtfeA==,type:str] ssh-private-key: + radicle: + Cape: ENC[AES256_GCM,data:6C4YwlcIpC0ZT1TosOGPm15B+i/bEeGEOw+FCib8vJU9M89LviqeftjcycBCiHmLJms4lKzsWpLn2Rmw9PovBZ0FI2geb+Lthm9etvaJxLtc4DofgLsa3uB79EH8kS93xEN8lfnPct0nYW1z9z/7FB6RaYxUWWX5dlFAxgkM4WtxTjtJ+F48dzoYRUtSfRx/egSJ9PLw2sm8mgBNNt2SDEncX6Im58TuvKA8RTHchnvmguc7HqqNKPAtnvrwOi0jdn+vduP8qZDU9C2spswuyE6NEl0JkV4Wag4Dct6j3A1KcD4W/qf+F6geURhGkvaAKEr6Y7IEEibti/2pCcXYPEQ8CeCdgH1SC9+SruiGCGODuYIXHCEmwhq3geEDr5xGhVdB1F79BCm6k1WQKPHfJA/e9fnUZlzO/U6F7eLopVLPT3cNuaY0qiFnkiHsQj74Wnd3L5Ugw5ZNxzjsnnriGPjn28OXPEbvKwciZLQndb+VFvxJNWk8conIIWcDpLw3cQ/EiwwcnKcQjnDmRASv,iv:Tu3tFmlUFoAD/j4TK8vvQLglmq03jvc35NmELWC+1ak=,tag:bVwBzhqewIdsArJKxdZ5cg==,type:str] deploy: ENC[AES256_GCM,data:tYCsym/IY7uE9is56Qvdm+PxouFPng5hY/nlk/Xsm2qOCjdD2G9PyBTSs4dSil8GYusOdSRAFluCf1awJIHV9CJbCDOBVdzJOeXt19VYm2LQOiU7uOtlhUJYMOyIJjedVpRUfUAI8rQNaANIJ+p40ApnUi3jQbXp66iLZhMs+F2vnWimrorV5if74P+wUCSQEkhWWNBebIlP/JQkmGlS7hSDX9RAUF2m5YzyeTTPEmz/F19Sobq7ws0bxo++v6FiM1Zw/uDPX/NT4h1X/qEu1treRk8eo4+j4ha4OWvM62mecvoPln+Rwp+1q/1Ky0WROFSmIQ0CGJHIwWP4TcDJJeazC/0L5WZAvbHQr6tR7zVeu81OboHfgbrWe4wTzpxGxaRHQVFz+8Q9jpuzYbRnaqUZEfeXQKmSxsmu1SZLIJx/3BFMy8WQnsI0aZJm7Ol/WMY17ikPjC9hFLdzZzDV7zfMIl4TjaFxKpRvWsqtGW55r1IuqnrEFL0M4x9yzGWwT2LQIKqM7AM04phF8Ot8GiNAUPzC5Cm2gwWm,iv:jnNrRZAOsgOiGayLj2mUgODrKMQ66dIYG56G2+1ypYQ=,tag:1jD+1NtWKZye21aTVLTqBw==,type:str] tytonidae: ENC[AES256_GCM,data:I1RF/umtOGAuSVoLfwDnN2DG+w1yWqPkhZzM61y5XRSxF2Xq5C/iUJGWeCc+1Hwbw+oEMnm2e57m79Uke0LIJJrw//kRMqNOewQtx2xHkNSscWKCIANoNiDdhlOnB0r0BfXObr0xEu/69ST11lupPGIGQiWhjT1BY7c4NhAhhzfThttQCwznfrX3SfLu4p2Akg6p8QmRcU6h9kox+PK1Im+h956W0dYVnIe4ePZ3NGitQll9hxLxM+agnxF9wDDO+4pQ3i8aadbxLr8ug/boEhBy/e+sOKqzboAiWpuDjfQRUxklz0IxBihK8z6J/AHgXusxs70EdUDKf5sH7RIi95poYqJdl6bKToSCJtuM7JQ/eNTUjHvUZlRvlXSZG4iNypUYTOxSHTFGH7rA0wNeE0sMXkaTfJHD5utZDjxibICW1+BYXam8mTKWhXMUyfAL2bLMRmshxRB81bPnik08axpzJ22oSxZ1AfPz5I98zn/o0bDlAPTRetImQtSN181WrRHCCVUMe4wZIfgQvVryFgfPU06gqztgU2DB22QphXXysHn4p3jbAF3Hqvgq0f+iNXoh6NJLaUD+i7xb,iv:nSTfnDbaS9DZL2WhVgcu8qIPkYH1Zws58yvcIeSZCzk=,tag:JJV7vJylaFOYdVjyeeOt9g==,type:str] akun: ENC[AES256_GCM,data:d04sdY1cvJuOPSq9H2lT26jrUFSA1sHz1i9jj+XtXGeagQyc4XaknTmfC3EDfvNghoizZWZ/Ma+BfIvnlWDBFqhkGhdhB7X8PnI9rySOfkMmOk2HXHtvP4GfSy2oQ4BMRfYX2N9TcViascnXA9MRsetDjD3fhiCKkZ+2H/sthxw38JgK95O74lFCze7sc4ZzK/RhXaBkLFrQpMdqnGBYpH9wuHiQSlFxBQ0jHJDUeOSxOdCanw2xfdkJnNe5dKRweoYp4Mtit2C3DRdaT3lMQ/SQjfEhUs/0TIXyunoWE7nX5tUN2F2s/FtkPMU5lpiW1x+kntMBBfY9TA+r4CyH4lkhFit+DsIkPfdUZGzSquQAHHWzDzS5vXnKTf8NFCzHIeoQzegkf4JS+CWf51Iy15FfWy+Pd6CmxLikAQnGTixGDa7LMqOV48BhZ5it/hJmrzg0FMkNFeeJW/s9YvCNMae8lMt/0K+N+pUD/Ud8VJnIxP4MmWGKRwNNFHivGuZjtKCJR9agf1N7NPBDDqV7HRDYAfxa2sPozWZ5ZGGGlsmINeymNk10aY4ovRs/6CcRWw2gPspNuxvqb9HQ7r/cQFmGhLYpkliRLpFM/skLCHA=,iv:YVPvHL4nxqJMR8PE+hraS0piboGYXqyljgGcBHqG38g=,tag:HSab+C3Xd5wMzyomF9dGMA==,type:str] @@ -52,7 +54,7 @@ sops: a1Y1NU9CK2h1SS83VW42bzBMa01yMXMKI1DBtgNlkNCrxUQvnD6a45mQKNfg5gM4 Zb5buo9Jofj4dn/HFwng3T3gxKTrP2Dh74CAH4L0M5yrF9fzk5TCcQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-04-11T18:22:48Z" - mac: ENC[AES256_GCM,data:vcjsB08W6LAjQ9ez7a1HtqRCLhK2GIE0Ub5+HYX8zACgjVziklnMRjrM6TSKtRiAe4QKsAF1pfKsx6atJvo2z+J4HizxmRf+sXC5mTZk8zUsKx4SwKsRZP5XWvK67Ge35klSP9/G3hkwpenE30Y7ijEVMBbjK4NedHvVRh7xaT8=,iv:xnQyl7i2MPPo9TE1RgXYrmjOl1+5NerT9lFYP5GjM+Q=,tag:MC7eMbBZq6hL6m66DipKOQ==,type:str] + lastmodified: "2025-05-12T11:16:40Z" + mac: ENC[AES256_GCM,data:+c/i6oH4tOoBr8Uouej+v3lYGMbTjo3bti23Lh6IKA+o79pennRj9v7FEv21DcEwdlH+ebFvZgZwqS5c6cnbQFJkSKLPq15ecQXWEXAPklCV5C0tF3CHy5SgJxaQExYqcbq4/vdrWgKb1Bk53H32KfP1hzPdrr1aFe0jS8IZOSk=,iv:10G6Oc2Azeur1mt4pMj3kEI7g2CeDzhlUPfwz43C0QE=,tag:fN20RLv7pebWBV+trSSXsQ==,type:str] unencrypted_suffix: _unencrypted - version: 3.10.1 + version: 3.10.2