modules/hyprspace: use upstream module
This commit is contained in:
parent
51d668820d
commit
1c30250536
5 changed files with 21 additions and 57 deletions
|
|
@ -39,5 +39,5 @@
|
||||||
|
|
||||||
networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ];
|
networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ];
|
||||||
|
|
||||||
services.hyprspace.services.fbi-download = "/tcp/${toString config.services.transmission.settings.rpc-port}";
|
services.hyprspace.settings.services.fbi-download = "/tcp/${toString config.services.transmission.settings.rpc-port}";
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,5 +13,5 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.hyprspace.services.invokeai = "/tcp/${toString config.services.invokeai.settings.port}";
|
services.hyprspace.settings.services.invokeai = "/tcp/${toString config.services.invokeai.settings.port}";
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -17,5 +17,5 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.hyprspace.services.manage = "/tcp/${toString port}";
|
services.hyprspace.settings.services.manage = "/tcp/${toString port}";
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
{ inputs, pkgs, lib, hosts, config, ... }:
|
{ inputs, pkgs, lib, hosts, config, ... }:
|
||||||
let
|
let
|
||||||
inherit (config.networking) hostName;
|
inherit (config.networking) hostName;
|
||||||
hyprspace = inputs.hyprspace.packages.${pkgs.system}.default;
|
|
||||||
hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hyprspace) hosts;
|
hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hyprspace) hosts;
|
||||||
peersFormatted = builtins.mapAttrs (name: x: {
|
peersFormatted = builtins.mapAttrs (name: x: {
|
||||||
inherit name;
|
inherit name;
|
||||||
|
|
@ -12,8 +11,26 @@ let
|
||||||
peerList = builtins.attrValues peersFiltered;
|
peerList = builtins.attrValues peersFiltered;
|
||||||
myNode = hosts.${hostName};
|
myNode = hosts.${hostName};
|
||||||
listenPort = myNode.hyprspace.listenPort or 8001;
|
listenPort = myNode.hyprspace.listenPort or 8001;
|
||||||
|
privateKeyFile = config.age.secrets.hyprspace-key.path;
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
inputs.hyprspace.nixosModules.default
|
||||||
|
];
|
||||||
|
age.secrets.hyprspace-key = {
|
||||||
|
file = ../../secrets/hyprspace-key- + "${hostName}.age";
|
||||||
|
mode = "0400";
|
||||||
|
};
|
||||||
|
|
||||||
interfaceConfig = pkgs.writeText "hyprspace.json" (builtins.toJSON {
|
systemd.services.hyprspace = {
|
||||||
|
environment = lib.optionalAttrs config.services.kubo.enable {
|
||||||
|
HYPRSPACE_IPFS_API = config.services.kubo.settings.Addresses.API;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.hyprspace = {
|
||||||
|
enable = true;
|
||||||
|
inherit privateKeyFile;
|
||||||
|
settings = {
|
||||||
listenAddresses = let
|
listenAddresses = let
|
||||||
port = toString listenPort;
|
port = toString listenPort;
|
||||||
in [
|
in [
|
||||||
|
|
@ -22,53 +39,10 @@ let
|
||||||
"/ip6/::/tcp/${port}"
|
"/ip6/::/tcp/${port}"
|
||||||
"/ip6/::/udp/${port}/quic-v1"
|
"/ip6/::/udp/${port}/quic-v1"
|
||||||
];
|
];
|
||||||
privateKey = "@HYPRSPACEPRIVATEKEY@";
|
|
||||||
peers = peerList;
|
peers = peerList;
|
||||||
inherit (config.services.hyprspace) services;
|
};
|
||||||
});
|
};
|
||||||
|
|
||||||
privateKeyFile = config.age.secrets.hyprspace-key.path;
|
|
||||||
runConfig = "/run/hyprspace.json";
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
./options.nix
|
|
||||||
];
|
|
||||||
age.secrets.hyprspace-key = {
|
|
||||||
file = ../../secrets/hyprspace-key- + "${hostName}.age";
|
|
||||||
mode = "0400";
|
|
||||||
};
|
|
||||||
environment.systemPackages = [
|
|
||||||
hyprspace
|
|
||||||
];
|
|
||||||
systemd.services.hyprspace = {
|
|
||||||
enable = true;
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
wants = [ "network-online.target" ];
|
|
||||||
after = [ "network-online.target" ];
|
|
||||||
preStart = ''
|
|
||||||
test -e ${runConfig} && rm ${runConfig}
|
|
||||||
cp ${interfaceConfig} ${runConfig}
|
|
||||||
chmod 0600 ${runConfig}
|
|
||||||
${pkgs.replace-secret}/bin/replace-secret '@HYPRSPACEPRIVATEKEY@' "${privateKeyFile}" ${runConfig}
|
|
||||||
chmod 0400 ${runConfig}
|
|
||||||
'';
|
|
||||||
environment = lib.optionalAttrs config.services.kubo.enable {
|
|
||||||
HYPRSPACE_IPFS_API = config.services.kubo.settings.Addresses.API;
|
|
||||||
};
|
|
||||||
serviceConfig = {
|
|
||||||
Group = "wheel";
|
|
||||||
Restart = "on-failure";
|
|
||||||
RestartSec = "5s";
|
|
||||||
ExecStart = "${hyprspace}/bin/hyprspace up -c ${runConfig}";
|
|
||||||
ExecStopPost = "${pkgs.coreutils}/bin/rm -f /run/hyprspace-rpc.hyprspace.sock";
|
|
||||||
ExecReload = "${pkgs.coreutils}/bin/kill -USR1 $MAINPID";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
networking.firewall = {
|
|
||||||
allowedTCPPorts = [ listenPort ];
|
|
||||||
allowedUDPPorts = [ listenPort ];
|
|
||||||
trustedInterfaces = [ "hyprspace" ];
|
|
||||||
};
|
|
||||||
networking.networkmanager.dispatcherScripts = [{
|
networking.networkmanager.dispatcherScripts = [{
|
||||||
source = pkgs.writeShellScript "hyprspace-reconnect.sh" ''
|
source = pkgs.writeShellScript "hyprspace-reconnect.sh" ''
|
||||||
[[ "$2" != "up" ]] && exit 0
|
[[ "$2" != "up" ]] && exit 0
|
||||||
|
|
|
||||||
|
|
@ -1,10 +0,0 @@
|
||||||
{ lib, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
options.services.hyprspace = {
|
|
||||||
services = lib.mkOption {
|
|
||||||
type = lib.types.attrsOf lib.types.path;
|
|
||||||
default = {};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
Loading…
Reference in a new issue