From 991320789093b034b08f84195a2f0cef53668834 Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Mon, 12 May 2025 22:10:19 +0800 Subject: [PATCH 1/2] update flake inputs --- flake.lock | 108 ++++++++++++++++++++++++++--------------------------- 1 file changed, 54 insertions(+), 54 deletions(-) diff --git a/flake.lock b/flake.lock index 8943ab2..4af4b86 100644 --- a/flake.lock +++ b/flake.lock @@ -5,11 +5,11 @@ "fromYaml": "fromYaml" }, "locked": { - "lastModified": 1745523430, - "narHash": "sha256-EAYWV+kXbwsH+8G/8UtmcunDeKwLwSOyfcmzZUkWE/c=", + "lastModified": 1746562888, + "narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=", "owner": "SenchoPens", "repo": "base16.nix", - "rev": "58bfe2553d937d8af0564f79d5b950afbef69717", + "rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89", "type": "github" }, "original": { @@ -90,11 +90,11 @@ "bt-tracker": { "flake": false, "locked": { - "lastModified": 1746864607, - "narHash": "sha256-1+IXJn2krSWeuLoLlTT9/F/Ej0f9yKxAbaM+ya/8YAY=", + "lastModified": 1747037349, + "narHash": "sha256-713+WCKwPBC5rsW+/8emVRDNlU0tKXJR03ahDGOfM30=", "owner": "XIU2", "repo": "TrackersListCollection", - "rev": "8717ac5dd34f91c21c591235e2ba17d22cd9142f", + "rev": "042c12af41ecb32dd05b3b4911224c43980b49e9", "type": "github" }, "original": { @@ -113,11 +113,11 @@ ] }, "locked": { - "lastModified": 1746104585, - "narHash": "sha256-wfrNTYEx5ZfTvUKquiBc+hW44wg3VrPPMcPLnQ0q7bY=", + "lastModified": 1747009814, + "narHash": "sha256-b3sOJbDYjqGtoRbgg7jichWclNHYBX0xHkWV/lzs9j0=", "owner": "daeuniverse", "repo": "flake.nix", - "rev": "44f8089999107b0bfe4b7cf909f56d8da67ec951", + "rev": "0b7800c3fe6e1596521d8270c428b7aced42f3da", "type": "github" }, "original": { @@ -352,11 +352,11 @@ "zon2nix": "zon2nix" }, "locked": { - "lastModified": 1746806042, - "narHash": "sha256-Hx92i3f5IjHaWpReyCKvGdqG55bZFU3wxGzA3wv9VLA=", + "lastModified": 1746999930, + "narHash": "sha256-Y2sj7S8bmqTaUB5dIfOvg08MVxf+IujS0GssRXbGfpE=", "owner": "ghostty-org", "repo": "ghostty", - "rev": "7f9bb3c0e54f585e11259bc0c9064813d061929c", + "rev": "0eebebb75e6c5db9ab7947508ee0d8346d628339", "type": "github" }, "original": { @@ -438,11 +438,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1746882514, - "narHash": "sha256-1f7Mis5Wj24jkQVxER5mbjBy8ZgQgEZhOMwQwBCSRfY=", + "lastModified": 1747056424, + "narHash": "sha256-hemqYn6ivGLGn1fC32/rK3xyby63lTNrG5/IK3vX5Xs=", "owner": "helix-editor", "repo": "helix", - "rev": "4c8600967c5d6f7cc5f15eb8e6d50f68cfe99704", + "rev": "47547e94ad89cda4dbab15b57abcf4981d101b85", "type": "github" }, "original": { @@ -459,11 +459,11 @@ ] }, "locked": { - "lastModified": 1746798521, - "narHash": "sha256-axfz/jBEH9XHpS7YSumstV7b2PrPf7L8bhWUtLBv3nA=", + "lastModified": 1747021744, + "narHash": "sha256-IDsM/9/tHQBlhG3tXI2fTM84AUN1uRa7JDPT1LMlGes=", "owner": "nix-community", "repo": "home-manager", - "rev": "e95a7c5b6fa93304cd2fd78cf676c4f6d23c422c", + "rev": "fb061f555f821fe4fb49f8f6f2a0cc3d5728bd52", "type": "github" }, "original": { @@ -483,11 +483,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1746871470, - "narHash": "sha256-cFjXllMbOwnU/va6LrRXMgZOLBGhYUuIXb7fqtsGgrk=", + "lastModified": 1747057235, + "narHash": "sha256-PT7HKest+t1eNRem79d3Ypvgn/dkwppjooZNOOs+tmg=", "owner": "jj-vcs", "repo": "jj", - "rev": "1194b94e51155f7955be16dfbc8c972f0672be2c", + "rev": "9d1f799a8a554c15d3c986741f5bb0a718971bea", "type": "github" }, "original": { @@ -548,11 +548,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1746142190, - "narHash": "sha256-t36K3TWLMRWoGyjYyo+H8bBquDcp4orZqNZVagWNjwY=", + "lastModified": 1747055269, + "narHash": "sha256-c1NBnpBj7PpcW4Pz4niMqVl2UgsPwOt7xF15cSyNVpE=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "af701c1c16c289b1b14f333d844b4f756308d244", + "rev": "dde1f313e068a7171b685fdf4ef399f10343037c", "type": "github" }, "original": { @@ -581,11 +581,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1746124654, - "narHash": "sha256-LmhkAt2KLvf8lp+kEUQuTFmmv7iXO8IkwwSaPasfXJw=", + "lastModified": 1747048431, + "narHash": "sha256-JdvI6LBy7RSyTsIauqMZcxWQxyD+EKL2FQ3pymMvc1k=", "owner": "YaLTeR", "repo": "niri", - "rev": "6c9705dd4b2eaba25f024d1a3efd7943fd393632", + "rev": "defd4c5c4db8b22b2a5db468c0618c37b30e95dd", "type": "github" }, "original": { @@ -602,11 +602,11 @@ "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1746875335, - "narHash": "sha256-hPoOSOPSK9UHZJQ87WO9s7eZbVJYvwfYv1PSPUtIQNo=", + "lastModified": 1747048878, + "narHash": "sha256-YSGK+etuuFrMo0PSMWdiIHSuEDybrgCIuyOq0V7Hmt8=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "0e3779afdf0ef51958071b151fc11dc74bb8971c", + "rev": "f430a256db90c7d6035f2d738e2e8acd5c633f16", "type": "github" }, "original": { @@ -633,11 +633,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746663147, - "narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=", + "lastModified": 1746904237, + "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54", + "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", "type": "github" }, "original": { @@ -680,11 +680,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1746055187, - "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", + "lastModified": 1746810718, + "narHash": "sha256-VljtYzyttmvkWUKTVJVW93qAsJsrBbgAzy7DdnJaQfI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", + "rev": "0c0bf9c057382d5f6f63d54fd61f1abd5e1c2f63", "type": "github" }, "original": { @@ -696,11 +696,11 @@ }, "nixpkgs-stable_3": { "locked": { - "lastModified": 1746557022, - "narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=", + "lastModified": 1746810718, + "narHash": "sha256-VljtYzyttmvkWUKTVJVW93qAsJsrBbgAzy7DdnJaQfI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860", + "rev": "0c0bf9c057382d5f6f63d54fd61f1abd5e1c2f63", "type": "github" }, "original": { @@ -712,11 +712,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1746663147, - "narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=", + "lastModified": 1746904237, + "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54", + "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", "type": "github" }, "original": { @@ -752,11 +752,11 @@ "nur-rycee": { "flake": false, "locked": { - "lastModified": 1746849806, - "narHash": "sha256-6vJX4DnhDlWNtOOh3v08YqPgjJblfgHnV9562nPHNEo=", + "lastModified": 1747022610, + "narHash": "sha256-d6SvA0gTHDrOqt4tZRVD0Gm5G4w6jAFJ6lis79PjSPw=", "owner": "rycee", "repo": "nur-expressions", - "rev": "e2408d3f94a6b658e12f135501aa7fd38efabc72", + "rev": "d4b3ffe3e719e42b175ccdef13598516f0a8025d", "type": "gitlab" }, "original": { @@ -839,11 +839,11 @@ ] }, "locked": { - "lastModified": 1746844454, - "narHash": "sha256-GcUWDQUDRYrD34ol90KGUpjbVcOfUNbv0s955jPecko=", + "lastModified": 1747017456, + "narHash": "sha256-C/U12fcO+HEF071b5mK65lt4XtAIZyJSSJAg9hdlvTk=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "be092436d4c0c303b654e4007453b69c0e33009e", + "rev": "5b07506ae89b025b14de91f697eba23b48654c52", "type": "github" }, "original": { @@ -900,11 +900,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1746875263, - "narHash": "sha256-WhcWBF8c7l9LoLQ18n9NjuvCBF5WJ6c2DemDTZgGKsI=", + "lastModified": 1747005453, + "narHash": "sha256-78PfIpo3jCuX7pT3k4DkEES+KEy7pnrFGugsQ2w652o=", "owner": "danth", "repo": "stylix", - "rev": "1c71f3bde228f7b17c1aad75f2b97276daf8db42", + "rev": "6b8309550e50358b63366d9bf3edb7ef08b9a7cc", "type": "github" }, "original": { @@ -1067,11 +1067,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1745730655, - "narHash": "sha256-Tdsw5lD/XM8i1GnQr7ombqnEaCpt/voPs2AbjuYBbjI=", + "lastModified": 1746978389, + "narHash": "sha256-X2iAGQm5pheZ4VRnGCik4laxB6hyJh1i5cexGyis3oo=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "56a681bfecc5831f41f8eb0ec8c7e96c6b277153", + "rev": "51300780f84cb61d04a3c469099c758461b2a816", "type": "github" }, "original": { From e9f186d8fff3b468752b3f8a6999ca2c9b93127d Mon Sep 17 00:00:00 2001 From: ulic-youthlic Date: Tue, 13 May 2025 08:00:32 +0800 Subject: [PATCH 2/2] complete radicle module and enable it on Cape --- nixos/configurations/Cape/default.nix | 1 + nixos/configurations/Cape/radicle.nix | 9 ++ nixos/modules/programs/radicle.nix | 143 +++++++++++++++----------- 3 files changed, 94 insertions(+), 59 deletions(-) create mode 100644 nixos/configurations/Cape/radicle.nix diff --git a/nixos/configurations/Cape/default.nix b/nixos/configurations/Cape/default.nix index 84e4523..0587d08 100644 --- a/nixos/configurations/Cape/default.nix +++ b/nixos/configurations/Cape/default.nix @@ -7,6 +7,7 @@ ./users ./disko-config.nix ./miniflux.nix + ./radicle.nix ]; youthlic = { diff --git a/nixos/configurations/Cape/radicle.nix b/nixos/configurations/Cape/radicle.nix new file mode 100644 index 0000000..c3ee316 --- /dev/null +++ b/nixos/configurations/Cape/radicle.nix @@ -0,0 +1,9 @@ +{config, ...}: { + sops.secrets."ssh-private-key/radicle/Cape" = {}; + youthlic.programs.radicle = { + enable = true; + publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbQrJNWcWsFncTX4w/hkhz6zPNwHrTjA+6lnq5dmu/s radicle"; + privateKeyFile = config.sops.secrets."ssh-private-key/radicle/Cape".path; + domain = "seed.youthlic.fun"; + }; +} diff --git a/nixos/modules/programs/radicle.nix b/nixos/modules/programs/radicle.nix index 265d0d0..d652cc2 100644 --- a/nixos/modules/programs/radicle.nix +++ b/nixos/modules/programs/radicle.nix @@ -14,66 +14,91 @@ in { publicKey = lib.mkOption { type = with lib.types; either path str; }; - }; - }; - config = lib.mkIf cfg.enable { - services.radicle = { - enable = true; - node.listenAddress = "127.0.0.1"; - inherit (cfg) publicKey privateKeyFile; - settings = { - publicExplorer = "https://app.radicle.xyz/nodes/$host/$rid$path"; - preferredSeeds = [ - "z6Mkmqogy2qEM2ummccUthFEaaHvyYmYBYh3dbe9W4ebScxo@ash.radicle.garden:8776" - "z6MksmpU5b1dS7oaqF2bHXhQi1DWy2hB7Mh9CuN7y1DN6QSz@seed.radicle.xyz:8776" - "z6MkrLMMsiPWUcNPHcRajuMi9mDfYckSoJyPwwnknocNYPm7@seed.radicle.garden:8776" - ]; - web = { - pinned = { - repositories = []; - }; - }; - cli = { - hints = true; - }; - node = { - alias = "youthlic"; - listen = []; - peers = { - type = "dynamic"; - }; - connect = []; - extrnalAddresses = []; - network = "main"; - log = "INFO"; - relay = "auto"; - limits = { - routingMaxSize = 1000; - routingMaxAge = 604800; - gossipMaxAge = 1209600; - fetchConcurrency = 1; - maxOpenFiles = 4096; - rate = { - inbound = { - fillRate = 5.0; - capacity = 1024; - }; - outbound = { - fillRate = 10.0; - capacity = 2048; - }; - }; - connection = { - inbound = 128; - outbound = 16; - }; - }; - workers = 8; - seedingPolicy = { - default = "block"; - }; - }; + domain = lib.mkOption { + type = lib.types.str; }; }; }; + config = lib.mkMerge [ + (lib.mkIf cfg.enable { + services.radicle = { + enable = true; + inherit (cfg) publicKey privateKeyFile; + node.openFirewall = true; + httpd = { + enable = true; + listenPort = 8489; + }; + settings = { + publicExplorer = "https://app.radicle.xyz/nodes/$host/$rid$path"; + preferredSeeds = [ + "z6Mkmqogy2qEM2ummccUthFEaaHvyYmYBYh3dbe9W4ebScxo@ash.radicle.garden:8776" + "z6MksmpU5b1dS7oaqF2bHXhQi1DWy2hB7Mh9CuN7y1DN6QSz@seed.radicle.xyz:8776" + "z6MkrLMMsiPWUcNPHcRajuMi9mDfYckSoJyPwwnknocNYPm7@seed.radicle.garden:8776" + ]; + web = { + pinned = { + repositories = [ + "rad:z3gqcJUoA1n9HaHKufZs5FCSGazv5" + "rad:z4D5UCArafTzTQpDZNQRuqswh3ury" + "rad:z4V1sjrXqjvFdnCUbxPFqd5p4DtH5" + "rad:z6cFWeWpnZNHh9rUW8phgA3b5yGt" + ]; + }; + }; + cli = { + hints = true; + }; + node = { + alias = cfg.domain; + listen = []; + peers = { + type = "dynamic"; + }; + connect = []; + externalAddresses = [ + "${cfg.domain}:8776" + ]; + network = "main"; + log = "INFO"; + relay = "auto"; + limits = { + routingMaxSize = 1000; + routingMaxAge = 604800; + gossipMaxAge = 1209600; + fetchConcurrency = 1; + maxOpenFiles = 4096; + rate = { + inbound = { + fillRate = 5.0; + capacity = 1024; + }; + outbound = { + fillRate = 10.0; + capacity = 2048; + }; + }; + connection = { + inbound = 128; + outbound = 16; + }; + }; + workers = 8; + seedingPolicy = { + default = "block"; + }; + }; + }; + }; + }) + (lib.mkIf (cfg.enable && config.youthlic.programs.caddy.enable) { + services.caddy.virtualHosts = { + "${cfg.domain}" = { + extraConfig = '' + reverse_proxy 127.0.0.1:8489 + ''; + }; + }; + }) + ]; }