youthlic/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

complete radicle module and enable it on Cape

Browse source
This commit is contained in:
ulic-youthlic 2025-05-13 08:00:32 +08:00
parent 9913207890
commit e9f186d8ff
Signed by: youthlic
GPG key ID: 63E86C3C14A0D721
3 changed files with 94 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

1
nixos/configurations/Cape/default.nix
View file

@ -7,6 +7,7 @@
./users
./disko-config.nix
./miniflux.nix
./radicle.nix
];
youthlic = {

9
nixos/configurations/Cape/radicle.nix Normal file
View file

@ -0,0 +1,9 @@
{config, ...}: {
sops.secrets."ssh-private-key/radicle/Cape" = {};
youthlic.programs.radicle = {
enable = true;
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbQrJNWcWsFncTX4w/hkhz6zPNwHrTjA+6lnq5dmu/s radicle";
privateKeyFile = config.sops.secrets."ssh-private-key/radicle/Cape".path;
domain = "seed.youthlic.fun";
};
}

143
nixos/modules/programs/radicle.nix
View file

@ -14,66 +14,91 @@ in {
publicKey = lib.mkOption {
type = with lib.types; either path str;
};
};
};
config = lib.mkIf cfg.enable {
services.radicle = {
enable = true;
node.listenAddress = "127.0.0.1";
inherit (cfg) publicKey privateKeyFile;
settings = {
publicExplorer = "https://app.radicle.xyz/nodes/$host/$rid$path";
preferredSeeds = [
"z6Mkmqogy2qEM2ummccUthFEaaHvyYmYBYh3dbe9W4ebScxo@ash.radicle.garden:8776"
"z6MksmpU5b1dS7oaqF2bHXhQi1DWy2hB7Mh9CuN7y1DN6QSz@seed.radicle.xyz:8776"
"z6MkrLMMsiPWUcNPHcRajuMi9mDfYckSoJyPwwnknocNYPm7@seed.radicle.garden:8776"
];
web = {
pinned = {
repositories = [];
};
};
cli = {
hints = true;
};
node = {
alias = "youthlic";
listen = [];
peers = {
type = "dynamic";
};
connect = [];
extrnalAddresses = [];
network = "main";
log = "INFO";
relay = "auto";
limits = {
routingMaxSize = 1000;
routingMaxAge = 604800;
gossipMaxAge = 1209600;
fetchConcurrency = 1;
maxOpenFiles = 4096;
rate = {
inbound = {
fillRate = 5.0;
capacity = 1024;
};
outbound = {
fillRate = 10.0;
capacity = 2048;
};
};
connection = {
inbound = 128;
outbound = 16;
};
};
workers = 8;
seedingPolicy = {
default = "block";
};
};
domain = lib.mkOption {
type = lib.types.str;
};
};
};
config = lib.mkMerge [
(lib.mkIf cfg.enable {
services.radicle = {
enable = true;
inherit (cfg) publicKey privateKeyFile;
node.openFirewall = true;
httpd = {
enable = true;
listenPort = 8489;
};
settings = {
publicExplorer = "https://app.radicle.xyz/nodes/$host/$rid$path";
preferredSeeds = [
"z6Mkmqogy2qEM2ummccUthFEaaHvyYmYBYh3dbe9W4ebScxo@ash.radicle.garden:8776"
"z6MksmpU5b1dS7oaqF2bHXhQi1DWy2hB7Mh9CuN7y1DN6QSz@seed.radicle.xyz:8776"
"z6MkrLMMsiPWUcNPHcRajuMi9mDfYckSoJyPwwnknocNYPm7@seed.radicle.garden:8776"
];
web = {
pinned = {
repositories = [
"rad:z3gqcJUoA1n9HaHKufZs5FCSGazv5"
"rad:z4D5UCArafTzTQpDZNQRuqswh3ury"
"rad:z4V1sjrXqjvFdnCUbxPFqd5p4DtH5"
"rad:z6cFWeWpnZNHh9rUW8phgA3b5yGt"
];
};
};
cli = {
hints = true;
};
node = {
alias = cfg.domain;
listen = [];
peers = {
type = "dynamic";
};
connect = [];
externalAddresses = [
"${cfg.domain}:8776"
];
network = "main";
log = "INFO";
relay = "auto";
limits = {
routingMaxSize = 1000;
routingMaxAge = 604800;
gossipMaxAge = 1209600;
fetchConcurrency = 1;
maxOpenFiles = 4096;
rate = {
inbound = {
fillRate = 5.0;
capacity = 1024;
};
outbound = {
fillRate = 10.0;
capacity = 2048;
};
};
connection = {
inbound = 128;
outbound = 16;
};
};
workers = 8;
seedingPolicy = {
default = "block";
};
};
};
};
})
(lib.mkIf (cfg.enable && config.youthlic.programs.caddy.enable) {
services.caddy.virtualHosts = {
"${cfg.domain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:8489
'';
};
};
})
];
}