modules/hyprspace: use upstream module

This commit is contained in:
Max Headroom 2024-06-02 20:06:10 +02:00
parent 51d668820d
commit 1c30250536
5 changed files with 21 additions and 57 deletions

View file

@ -39,5 +39,5 @@
networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ];
services.hyprspace.services.fbi-download = "/tcp/${toString config.services.transmission.settings.rpc-port}";
services.hyprspace.settings.services.fbi-download = "/tcp/${toString config.services.transmission.settings.rpc-port}";
}

View file

@ -13,5 +13,5 @@
};
};
services.hyprspace.services.invokeai = "/tcp/${toString config.services.invokeai.settings.port}";
services.hyprspace.settings.services.invokeai = "/tcp/${toString config.services.invokeai.settings.port}";
}

View file

@ -17,5 +17,5 @@ in
};
};
services.hyprspace.services.manage = "/tcp/${toString port}";
services.hyprspace.settings.services.manage = "/tcp/${toString port}";
}

View file

@ -1,7 +1,6 @@
{ inputs, pkgs, lib, hosts, config, ... }:
let
inherit (config.networking) hostName;
hyprspace = inputs.hyprspace.packages.${pkgs.system}.default;
hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hyprspace) hosts;
peersFormatted = builtins.mapAttrs (name: x: {
inherit name;
@ -12,8 +11,26 @@ let
peerList = builtins.attrValues peersFiltered;
myNode = hosts.${hostName};
listenPort = myNode.hyprspace.listenPort or 8001;
privateKeyFile = config.age.secrets.hyprspace-key.path;
in {
imports = [
inputs.hyprspace.nixosModules.default
];
age.secrets.hyprspace-key = {
file = ../../secrets/hyprspace-key- + "${hostName}.age";
mode = "0400";
};
interfaceConfig = pkgs.writeText "hyprspace.json" (builtins.toJSON {
systemd.services.hyprspace = {
environment = lib.optionalAttrs config.services.kubo.enable {
HYPRSPACE_IPFS_API = config.services.kubo.settings.Addresses.API;
};
};
services.hyprspace = {
enable = true;
inherit privateKeyFile;
settings = {
listenAddresses = let
port = toString listenPort;
in [
@ -22,53 +39,10 @@ let
"/ip6/::/tcp/${port}"
"/ip6/::/udp/${port}/quic-v1"
];
privateKey = "@HYPRSPACEPRIVATEKEY@";
peers = peerList;
inherit (config.services.hyprspace) services;
});
};
};
privateKeyFile = config.age.secrets.hyprspace-key.path;
runConfig = "/run/hyprspace.json";
in {
imports = [
./options.nix
];
age.secrets.hyprspace-key = {
file = ../../secrets/hyprspace-key- + "${hostName}.age";
mode = "0400";
};
environment.systemPackages = [
hyprspace
];
systemd.services.hyprspace = {
enable = true;
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
preStart = ''
test -e ${runConfig} && rm ${runConfig}
cp ${interfaceConfig} ${runConfig}
chmod 0600 ${runConfig}
${pkgs.replace-secret}/bin/replace-secret '@HYPRSPACEPRIVATEKEY@' "${privateKeyFile}" ${runConfig}
chmod 0400 ${runConfig}
'';
environment = lib.optionalAttrs config.services.kubo.enable {
HYPRSPACE_IPFS_API = config.services.kubo.settings.Addresses.API;
};
serviceConfig = {
Group = "wheel";
Restart = "on-failure";
RestartSec = "5s";
ExecStart = "${hyprspace}/bin/hyprspace up -c ${runConfig}";
ExecStopPost = "${pkgs.coreutils}/bin/rm -f /run/hyprspace-rpc.hyprspace.sock";
ExecReload = "${pkgs.coreutils}/bin/kill -USR1 $MAINPID";
};
};
networking.firewall = {
allowedTCPPorts = [ listenPort ];
allowedUDPPorts = [ listenPort ];
trustedInterfaces = [ "hyprspace" ];
};
networking.networkmanager.dispatcherScripts = [{
source = pkgs.writeShellScript "hyprspace-reconnect.sh" ''
[[ "$2" != "up" ]] && exit 0

View file

@ -1,10 +0,0 @@
{ lib, ... }:
{
options.services.hyprspace = {
services = lib.mkOption {
type = lib.types.attrsOf lib.types.path;
default = {};
};
};
}