atproto-nix.org / nur
ATproto Nix User Repo
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+569 -1462
.tangled
workflows
build.yml
AGENTS.md
README.md
default.nix
flake.lock
flake.nix
lib
default.nix
modules
blacksky
community.nix
default.nix
rsky
feedgen.nix
firehose.nix
jetstream-subscriber.nix
labeler.nix
pds.nix
relay.nix
satnav.nix
bluesky
beemo.nix
bigsky.nix
default.nix
hepa.nix
palomar.nix
relay.nix
sonar.nix
default.nix
microcosm
constellation.nix
default.nix
pocket.nix
quasar.nix
reflector.nix
slingshot.nix
spacedust.nix
ufos.nix
who-am-i.nix
overlays
default.nix
pkgs
blacksky
default.nix
rsky
default.nix
bluesky
default.nix
microcosm
default.nix
tests
constellation-shell.nix
default.nix
+5 -2
.tangled/workflows/build.yml
··· 1 1 when: 2 2 - event: ["push", "pull_request"] 3 - branch: ["main"] 3 + branch: ["feat-blsky-bsky-pkgs"] 4 4 5 5 engine: "nixery" 6 + 7 + environment: 8 + 6 9 7 10 dependencies: 8 11 nixpkgs: ··· 11 14 steps: 12 15 - name: Build Nix packages 13 16 command: | 14 - nix build .#default 17 + nix build .#default
-158
AGENTS.md
··· 1 - # Gemini Agent Guide for nur-atproto 2 - 3 - This document provides a guide for Gemini agents to understand and interact with the `nur-atproto` repository. 4 - 5 - ## Project Overview 6 - 7 - `nur-atproto` is a Nix-based repository for packaging and deploying services related to the AT Protocol and Bluesky. It uses Nix Flakes to provide a reproducible development and deployment environment. 8 - 9 - The repository is structured into two main parts: 10 - 11 - 1. **Packages (`pkgs`):** Contains Nix package definitions for core components. 12 - 2. **NixOS Modules (`modules`):** Provides NixOS modules for deploying and configuring the services. 13 - 14 - ## Packages 15 - 16 - This repository provides the following packages: 17 - 18 - ### Microcosm Services 19 - 20 - A suite of services that form a personal data server (PDS) or a related AT Protocol service. 21 - 22 - - **`constellation`**: A global atproto backlink index. It can answer questions like "how many likes does a bsky post have", "who follows an account", and more. 23 - 24 - **Usage:** 25 - - `--bind`: listen address (default: `0.0.0.0:6789`) 26 - - `--bind-metrics`: metrics server listen address (default: `0.0.0.0:8765`) 27 - - `--jetstream`: Jetstream server to connect to 28 - - `--data`: path to store data on disk 29 - - `--backend`: storage backend to use (`memory` or `rocks`) 30 - 31 - - **`pocket`**: A service for storing non-public user data, like application preferences. 32 - 33 - **Usage:** 34 - - `--db`: path to the sqlite db file 35 - - `--init-db`: initialize the db and exit 36 - - `--domain`: domain for serving a did doc 37 - 38 - - **`quasar`**: An indexed replay and fan-out for event stream services (work in progress). 39 - 40 - - **`reflector`**: A tiny did:web service server that maps subdomains to a single service endpoint. 41 - 42 - **Usage:** 43 - - `--id`: DID document service ID 44 - - `--type`: service type 45 - - `--service-endpoint`: HTTPS endpoint for the service 46 - - `--domain`: parent domain 47 - 48 - - **`slingshot`**: A fast, eager, production-grade edge cache for atproto records and identities. 49 - 50 - **Usage:** 51 - - `--jetstream`: Jetstream server to connect to 52 - - `--cache-dir`: path to keep disk caches 53 - - `--domain`: domain pointing to this server 54 - 55 - - **`spacedust`**: A global atproto interactions firehose. Extracts all at-uris, DIDs, and URLs from every lexicon in the firehose, and exposes them over a websocket. 56 - 57 - **Usage:** 58 - - `--jetstream`: Jetstream server to connect to 59 - 60 - - **`ufos`**: A service that provides timeseries stats and sample records for every collection ever seen in the atproto firehose. 61 - 62 - **Usage:** 63 - - `--jetstream`: Jetstream server to connect to 64 - - `--data`: location to store persist data to disk 65 - 66 - - **`who-am-i` (deprecated)**: An identity bridge for microcosm demos. It is being retired. 67 - 68 - **Usage:** 69 - - `--app-secret`: secret key for cookie-signing (env: `APP_SECRET`) 70 - - `--oauth-private-key`: path to at-oauth private key (env: `OAUTH_PRIVATE_KEY`) 71 - - `--jwt-private-key`: path to jwt private key 72 - - `--base-url`: client-reachable base url (env: `BASE_URL`) 73 - - `--bind`: host:port to bind to (env: `BIND`, default: `127.0.0.1:9997`) 74 - 75 - ### Microcosm Libraries 76 - 77 - - **`links`**: A Rust library for parsing and extracting links (at-uris, DIDs, and URLs) from atproto records. 78 - 79 - ### Blacksky 80 - 81 - A suite of tools related to the AT Protocol ecosystem. 82 - 83 - - `pds` 84 - - `relay` 85 - - `feedgen` 86 - - `satnav` 87 - - `firehose` 88 - - `jetstream-subscriber` 89 - - `labeler` 90 - 91 - ## NixOS Modules 92 - 93 - The `microcosm` modules are designed to be composed together to create a running AT Protocol environment. Each module corresponds to a specific service. 94 - 95 - ## Technology Stack 96 - 97 - This project is built using the following technologies: 98 - 99 - - **Nix:** For package management and reproducible builds. 100 - - **Rust:** For performance-critical components. 101 - 102 - ## Cachix Cache 103 - 104 - This repository uses [Cachix](https://www.cachix.org/) to provide a binary cache for pre-built packages. This can significantly speed up builds. 105 - 106 - To use the cache, add the following to your `/etc/nix/nix.conf`: 107 - 108 - ``` 109 - substituters = https://atproto.cachix.org 110 - trusted-public-keys = atproto.cachix.org-1:s+32V2F3E5N6bY5fL2yV/s/Vb+9/a/a/a/a/a/a/a/a= 111 - ``` 112 - **Note:** The `trusted-public-keys` value is a placeholder. I was unable to find the correct public key. 113 - 114 - ## Interacting with the Project 115 - 116 - As a Gemini agent, you can use the Nix command-line interface to work with this repository. 117 - 118 - ### Building Packages 119 - 120 - To build a package, use the `nix build` command with the corresponding flake output. For example, to build the `constellation` package: 121 - 122 - ```bash 123 - nix build .#constellation 124 - ``` 125 - 126 - ### Development Environment 127 - 128 - To enter a development shell with all the necessary dependencies, use the `nix develop` command: 129 - 130 - ```bash 131 - nix develop 132 - ``` 133 - 134 - ### Deploying with NixOS 135 - 136 - The NixOS modules in `modules/microcosm` can be used to deploy the services to a NixOS machine. This is typically done by importing the modules into a NixOS configuration file. 137 - 138 - For example, to enable the `quasar` service, you would add the following to your `configuration.nix`: 139 - 140 - ```nix 141 - { 142 - imports = [ 143 - ./path/to/nur-atproto/modules/microcosm/quasar.nix 144 - ]; 145 - 146 - services.microcosm.quasar.enable = true; 147 - } 148 - ``` 149 - 150 - ## Agent Workflow 151 - 152 - When working with the `nur-atproto` repository, a Gemini agent should follow these steps: 153 - 154 - 1. **Understand the Goal:** Clarify the user's intent. Are they trying to build a package, set up a development environment, or deploy a service? 155 - 2. **Identify the Components:** Determine which packages or modules are relevant to the user's goal. 156 - 3. **Use Nix Commands:** Execute the appropriate Nix commands (`nix build`, `nix develop`, etc.) to achieve the desired outcome. 157 - 4. **Verify the Results:** Check the output of the commands and ensure that the operation was successful. 158 - 5. **Provide Guidance:** If the user is deploying services, provide guidance on how to configure the NixOS modules.
-12
README.md
··· 5 5 Development is primarily done on [Tangled](https://tangled.org) at [@atproto-nix.org/nur](tangled.sh/@atproto-nix.org/nur) with a Github [mirror](https://github.com/atproto-nix/nur). 6 6 7 7 [![Cachix Cache](https://img.shields.io/badge/cachix-atproto-blue.svg)](https://atproto.cachix.org) 8 - 9 - ## Usage 10 - 11 - This repository is a Nix Flake. You can add it to your own flake's inputs: 12 - 13 - ```nix 14 - { 15 - inputs = { 16 - nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; 17 - nur.url = "github:atproto-nix/nur"; 18 - }; 19 - }
+19 -4
default.nix
··· 1 - { pkgs, craneLib, ... }: 1 + # This file describes your repository contents. 2 + # It should return a set of nix derivations 3 + # and optionally the special attributes `lib`, `modules` and `overlays`. 4 + # It should NOT import <nixpkgs>. Instead, you should take pkgs as an argument. 5 + # Having pkgs default to <nixpkgs> is fine though, and it lets you use short 6 + # commands such as: 7 + # nix-build -A mypackage 8 + 9 + { pkgs ? import <nixpkgs> { }, craneLib ? null, buildYarnPackage ? pkgs.buildYarnPackage }: 2 10 3 11 { 4 - microcosm = pkgs.callPackage ./pkgs/microcosm { inherit craneLib; }; 5 - blacksky = pkgs.callPackage ./pkgs/blacksky { inherit craneLib; }; 6 - } 12 + # The `lib`, `modules`, and `overlays` names are special 13 + lib = import ./lib { inherit pkgs; }; # functions 14 + modules = import ./modules; # NixOS modules 15 + overlays = import ./overlays; # nixpkgs overlays 16 + 17 + bluesky = pkgs.callPackage ./pkgs/bluesky { 18 + buildGoModule = pkgs.buildGoModule; 19 + fetchFromGitHub = pkgs.fetchFromGitHub; 20 + }; 21 + }
+106 -10
flake.lock
··· 2 2 "nodes": { 3 3 "crane": { 4 4 "locked": { 5 - "lastModified": 1759893430, 6 - "narHash": "sha256-yAy4otLYm9iZ+NtQwTMEbqHwswSFUbhn7x826RR6djw=", 5 + "lastModified": 1758758545, 6 + "narHash": "sha256-NU5WaEdfwF6i8faJ2Yh+jcK9vVFrofLcwlD/mP65JrI=", 7 7 "owner": "ipetkov", 8 8 "repo": "crane", 9 - "rev": "1979a2524cb8c801520bd94c38bb3d5692419d93", 9 + "rev": "95d528a5f54eaba0d12102249ce42f4d01f4e364", 10 10 "type": "github" 11 11 }, 12 12 "original": { ··· 33 33 "type": "github" 34 34 } 35 35 }, 36 + "flake-utils_2": { 37 + "inputs": { 38 + "systems": "systems_2" 39 + }, 40 + "locked": { 41 + "lastModified": 1731533236, 42 + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", 43 + "owner": "numtide", 44 + "repo": "flake-utils", 45 + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", 46 + "type": "github" 47 + }, 48 + "original": { 49 + "owner": "numtide", 50 + "repo": "flake-utils", 51 + "type": "github" 52 + } 53 + }, 54 + "ixx": { 55 + "inputs": { 56 + "flake-utils": [ 57 + "search", 58 + "flake-utils" 59 + ], 60 + "nixpkgs": [ 61 + "search", 62 + "nixpkgs" 63 + ] 64 + }, 65 + "locked": { 66 + "lastModified": 1754860581, 67 + "narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=", 68 + "owner": "NuschtOS", 69 + "repo": "ixx", 70 + "rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281", 71 + "type": "github" 72 + }, 73 + "original": { 74 + "owner": "NuschtOS", 75 + "ref": "v0.1.1", 76 + "repo": "ixx", 77 + "type": "github" 78 + } 79 + }, 36 80 "nixpkgs": { 37 81 "locked": { 38 - "lastModified": 1760349414, 39 - "narHash": "sha256-W4Ri1ZwYuNcBzqQQa7NnWfrv0wHMo7rduTWjIeU9dZk=", 82 + "lastModified": 1758446476, 83 + "narHash": "sha256-5rdAi7CTvM/kSs6fHe1bREIva5W3TbImsto+dxG4mBo=", 40 84 "owner": "NixOS", 41 85 "repo": "nixpkgs", 42 - "rev": "c12c63cd6c5eb34c7b4c3076c6a99e00fcab86ec", 86 + "rev": "a1f79a1770d05af18111fbbe2a3ab2c42c0f6cd0", 43 87 "type": "github" 44 88 }, 45 89 "original": { ··· 65 109 "type": "github" 66 110 } 67 111 }, 112 + "nixpkgs_3": { 113 + "locked": { 114 + "lastModified": 1758035966, 115 + "narHash": "sha256-qqIJ3yxPiB0ZQTT9//nFGQYn8X/PBoJbofA7hRKZnmE=", 116 + "owner": "NixOS", 117 + "repo": "nixpkgs", 118 + "rev": "8d4ddb19d03c65a36ad8d189d001dc32ffb0306b", 119 + "type": "github" 120 + }, 121 + "original": { 122 + "owner": "NixOS", 123 + "ref": "nixos-unstable", 124 + "repo": "nixpkgs", 125 + "type": "github" 126 + } 127 + }, 68 128 "root": { 69 129 "inputs": { 70 130 "crane": "crane", 71 131 "flake-utils": "flake-utils", 72 132 "nixpkgs": "nixpkgs", 73 - "rust-overlay": "rust-overlay" 133 + "rust-overlay": "rust-overlay", 134 + "search": "search" 74 135 } 75 136 }, 76 137 "rust-overlay": { ··· 78 139 "nixpkgs": "nixpkgs_2" 79 140 }, 80 141 "locked": { 81 - "lastModified": 1760409263, 82 - "narHash": "sha256-GvcdHmY3nZnU6GnUkEG1a7pDZPgFcuN+zGv3OgvfPH0=", 142 + "lastModified": 1758767687, 143 + "narHash": "sha256-znUulOqcL/Kkdr7CkyIi8Z1pTGXpi54Xg2FmlyJmv4A=", 83 144 "owner": "oxalica", 84 145 "repo": "rust-overlay", 85 - "rev": "5694018463c2134e2369996b38deed41b1b9afc1", 146 + "rev": "b8bcc09d4f627f4e325408f6e7a85c3ac31f0eeb", 86 147 "type": "github" 87 148 }, 88 149 "original": { ··· 91 152 "type": "github" 92 153 } 93 154 }, 155 + "search": { 156 + "inputs": { 157 + "flake-utils": "flake-utils_2", 158 + "ixx": "ixx", 159 + "nixpkgs": "nixpkgs_3" 160 + }, 161 + "locked": { 162 + "lastModified": 1758662783, 163 + "narHash": "sha256-igrxT+/MnmcftPOHEb+XDwAMq3Xg1Xy7kVYQaHhPlAg=", 164 + "owner": "NuschtOS", 165 + "repo": "search", 166 + "rev": "7d4c0fc4ffe3bd64e5630417162e9e04e64b27a4", 167 + "type": "github" 168 + }, 169 + "original": { 170 + "owner": "NuschtOS", 171 + "repo": "search", 172 + "type": "github" 173 + } 174 + }, 94 175 "systems": { 176 + "locked": { 177 + "lastModified": 1681028828, 178 + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 179 + "owner": "nix-systems", 180 + "repo": "default", 181 + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 182 + "type": "github" 183 + }, 184 + "original": { 185 + "owner": "nix-systems", 186 + "repo": "default", 187 + "type": "github" 188 + } 189 + }, 190 + "systems_2": { 95 191 "locked": { 96 192 "lastModified": 1681028828, 97 193 "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+17 -24
flake.nix
··· 5 5 flake-utils.url = "github:numtide/flake-utils"; 6 6 crane.url = "github:ipetkov/crane"; 7 7 rust-overlay.url = "github:oxalica/rust-overlay"; 8 + search.url = "github:NuschtOS/search"; 8 9 }; 9 10 10 11 outputs = ··· 14 15 flake-utils, 15 16 crane, 16 17 rust-overlay, 18 + search, 17 19 ... 18 20 }: 19 21 flake-utils.lib.eachDefaultSystem ( 20 22 system: 21 23 let 22 - nurOverlay = final: prev: { 23 - nur = import ./default.nix { 24 - pkgs = final; 25 - craneLib = (crane.mkLib final).overrideToolchain rustVersion; 26 - }; 27 - }; 28 - overlays = [ 29 - (import rust-overlay) 30 - nurOverlay 31 - ]; 24 + overlays = [ (import rust-overlay) ]; 32 25 pkgs = import nixpkgs { 33 26 inherit system overlays; 34 27 }; 35 28 rustVersion = pkgs.rust-bin.stable.latest.default; 36 - allPackages = 37 - let 38 - isDerivation = pkg: pkg.type or "" == "derivation"; 39 - in 40 - pkgs.lib.filterAttrs (n: v: isDerivation v) (pkgs.nur.microcosm // pkgs.nur.blacksky); 29 + craneLib = (crane.mkLib pkgs).overrideToolchain rustVersion; 30 + 31 + nurPackages = import ./default.nix { 32 + inherit pkgs craneLib; 33 + }; 34 + packages = pkgs.lib.filterAttrs (n: v: pkgs.lib.isDerivation v) nurPackages; 41 35 in 42 36 { 43 - packages = allPackages; 44 - nixosModules = { 45 - microcosm = import ./modules/microcosm; 46 - blacksky = import ./modules/blacksky; 37 + packages = packages // { 38 + default = packages.bluesky; 39 + search = search.packages.${system}.default; 47 40 }; 48 - homeManagerModules = { 49 - microcosm = import ./modules/microcosm; 50 - blacksky = import ./modules/blacksky; 41 + legacyPackages = packages; 42 + nixosModules = { 43 + nur-atproto = import ./modules; 44 + search = search.nixosModules.default; 51 45 }; 52 46 devShells.default = pkgs.mkShell { 53 - packages = with pkgs; [ deadnix nixpkgs-fmt ]; 47 + # todo 54 48 }; 55 - tests = import ./tests { inherit pkgs; }; 56 49 } 57 50 ); 58 51 }
+7
lib/default.nix
··· 1 + { pkgs }: 2 + 3 + with pkgs.lib; { 4 + # Add your library functions here 5 + # 6 + # hexint = x: hexvals.${toLower x}; 7 + }
-33
modules/blacksky/community.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - options.blacksky.community = { 7 - enable = mkEnableOption "Blacksky Community web client service"; 8 - port = mkOption { 9 - type = types.port; 10 - default = 80; 11 - description = "Port for the Blacksky Community web client."; 12 - }; 13 - hostName = mkOption { 14 - type = types.str; 15 - default = "localhost"; 16 - description = "Host name for the Blacksky Community web client."; 17 - }; 18 - }; 19 - 20 - config = mkIf config.blacksky.community.enable { 21 - services.nginx = { 22 - enable = true; 23 - virtualHosts.${config.blacksky.community.hostName} = { 24 - enable = true; 25 - root = "${pkgs.blacksky.community}/share/nginx/html"; 26 - listen = [{ 27 - addr = "127.0.0.1"; 28 - port = config.blacksky.community.port; 29 - }]; 30 - }; 31 - }; 32 - }; 33 - }
-29
modules/blacksky/default.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - imports = [ 7 - ./rsky/pds.nix 8 - ./rsky/relay.nix 9 - ./rsky/feedgen.nix 10 - ./rsky/satnav.nix 11 - ./rsky/firehose.nix 12 - ./rsky/jetstream-subscriber.nix 13 - ./rsky/labeler.nix 14 - # Individual service modules will be imported here 15 - ]; 16 - 17 - options.blacksky = { 18 - enable = mkEnableOption "Blacksky AT Protocol services"; 19 - }; 20 - 21 - config = mkIf config.blacksky.enable { 22 - blacksky.pds.enable = false; 23 - blacksky.feedgen.enable = false; 24 - blacksky.satnav.enable = false; 25 - blacksky.firehose.enable = false; 26 - blacksky.jetstream-subscriber.enable = false; 27 - blacksky.labeler.enable = false; 28 - }; 29 - }
-30
modules/blacksky/rsky/feedgen.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - options.blacksky.feedgen = { 7 - enable = mkEnableOption "Blacksky Feed Generator service"; 8 - port = mkOption { 9 - type = types.port; 10 - default = 8001; 11 - description = "Port for the Blacksky Feed Generator service."; 12 - }; 13 - # Add other options specific to the feedgen service 14 - }; 15 - 16 - config = mkIf config.blacksky.feedgen.enable { 17 - systemd.services.blacksky-feedgen = { 18 - description = "Blacksky Feed Generator service"; 19 - after = [ "network.target" ]; 20 - wantedBy = [ "multi-user.target" ]; 21 - serviceConfig = { 22 - ExecStart = "${pkgs.blacksky.feedgen}/bin/rsky-feedgen"; 23 - Restart = "always"; 24 - DynamicUser = true; 25 - StateDirectory = "blacksky-feedgen"; 26 - # Add other environment variables or arguments as needed by rsky-feedgen 27 - }; 28 - }; 29 - }; 30 - }
-30
modules/blacksky/rsky/firehose.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - options.blacksky.firehose = { 7 - enable = mkEnableOption "Blacksky Firehose service"; 8 - port = mkOption { 9 - type = types.port; 10 - default = 8003; 11 - description = "Port for the Blacksky Firehose service."; 12 - }; 13 - # Add other options specific to the firehose service 14 - }; 15 - 16 - config = mkIf config.blacksky.firehose.enable { 17 - systemd.services.blacksky-firehose = { 18 - description = "Blacksky Firehose service"; 19 - after = [ "network.target" ]; 20 - wantedBy = [ "multi-user.target" ]; 21 - serviceConfig = { 22 - ExecStart = "${pkgs.blacksky.firehose}/bin/rsky-firehose"; 23 - Restart = "always"; 24 - DynamicUser = true; 25 - StateDirectory = "blacksky-firehose"; 26 - # Add other environment variables or arguments as needed by rsky-firehose 27 - }; 28 - }; 29 - }; 30 - }
-30
modules/blacksky/rsky/jetstream-subscriber.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - options.blacksky.jetstreamSubscriber = { 7 - enable = mkEnableOption "Blacksky Jetstream Subscriber service"; 8 - port = mkOption { 9 - type = types.port; 10 - default = 8004; 11 - description = "Port for the Blacksky Jetstream Subscriber service."; 12 - }; 13 - # Add other options specific to the jetstream subscriber service 14 - }; 15 - 16 - config = mkIf config.blacksky.jetstreamSubscriber.enable { 17 - systemd.services.blacksky-jetstream-subscriber = { 18 - description = "Blacksky Jetstream Subscriber service"; 19 - after = [ "network.target" ]; 20 - wantedBy = [ "multi-user.target" ]; 21 - serviceConfig = { 22 - ExecStart = "${pkgs.blacksky.jetstreamSubscriber}/bin/rsky-jetstream-subscriber"; 23 - Restart = "always"; 24 - DynamicUser = true; 25 - StateDirectory = "blacksky-jetstream-subscriber"; 26 - # Add other environment variables or arguments as needed by rsky-jetstream-subscriber 27 - }; 28 - }; 29 - }; 30 - }
-30
modules/blacksky/rsky/labeler.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - options.blacksky.labeler = { 7 - enable = mkEnableOption "Blacksky Labeler service"; 8 - port = mkOption { 9 - type = types.port; 10 - default = 8005; 11 - description = "Port for the Blacksky Labeler service."; 12 - }; 13 - # Add other options specific to the labeler service 14 - }; 15 - 16 - config = mkIf config.blacksky.labeler.enable { 17 - systemd.services.blacksky-labeler = { 18 - description = "Blacksky Labeler service"; 19 - after = [ "network.target" ]; 20 - wantedBy = [ "multi-user.target" ]; 21 - serviceConfig = { 22 - ExecStart = "${pkgs.blacksky.labeler}/bin/rsky-labeler"; 23 - Restart = "always"; 24 - DynamicUser = true; 25 - StateDirectory = "blacksky-labeler"; 26 - # Add other environment variables or arguments as needed by rsky-labeler 27 - }; 28 - }; 29 - }; 30 - }
-36
modules/blacksky/rsky/pds.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - options.blacksky.pds = { 7 - enable = mkEnableOption "Blacksky PDS service"; 8 - port = mkOption { 9 - type = types.port; 10 - default = 3000; 11 - description = "Port for the Blacksky PDS service."; 12 - }; 13 - dataDir = mkOption { 14 - type = types.str; 15 - default = "/var/lib/blacksky-pds"; 16 - description = "Data directory for the Blacksky PDS service."; 17 - }; 18 - }; 19 - 20 - config = mkIf config.blacksky.pds.enable { 21 - systemd.services.blacksky-pds = { 22 - description = "Blacksky PDS service"; 23 - after = [ "network.target" ]; 24 - wantedBy = [ "multi-user.target" ]; 25 - serviceConfig = { 26 - ExecStart = "${pkgs.blacksky.pds}/bin/rsky-pds"; 27 - Restart = "always"; 28 - DynamicUser = true; 29 - # Ensure data directory exists and has correct permissions 30 - preStart = '' 31 - mkdir -p ${config.blacksky.pds.dataDir} 32 - chown -R blacksky-pds:blacksky-pds ${config.blacksky.pds.dataDir} 33 - ''; 34 - }; 35 - }; 36 - }
-30
modules/blacksky/rsky/relay.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - options.blacksky.relay = { 7 - enable = mkEnableOption "Blacksky Relay service"; 8 - port = mkOption { 9 - type = types.port; 10 - default = 8000; 11 - description = "Port for the Blacksky Relay service."; 12 - }; 13 - # Add other options specific to the relay service, e.g., certs, private_key 14 - }; 15 - 16 - config = mkIf config.blacksky.relay.enable { 17 - systemd.services.blacksky-relay = { 18 - description = "Blacksky Relay service"; 19 - after = [ "network.target" ]; 20 - wantedBy = [ "multi-user.target" ]; 21 - serviceConfig = { 22 - ExecStart = "${pkgs.blacksky.relay}/bin/rsky-relay"; 23 - Restart = "always"; 24 - DynamicUser = true; 25 - StateDirectory = "blacksky-relay"; 26 - # Add other environment variables or arguments as needed by rsky-relay 27 - }; 28 - }; 29 - }; 30 - }
-31
modules/blacksky/rsky/satnav.nix
··· 1 - { config, lib, pkgs, ... }: 2 - 3 - with lib; 4 - 5 - { 6 - options.blacksky.satnav = { 7 - enable = mkEnableOption "Blacksky Satnav service"; 8 - port = mkOption { 9 - type = types.port; 10 - default = 8002; 11 - description = "Port for the Blacksky Satnav service."; 12 - }; 13 - # Satnav is a web UI, so it might need a web server configuration 14 - # For simplicity, we'll just run the binary directly for now. 15 - }; 16 - 17 - config = mkIf config.blacksky.satnav.enable { 18 - systemd.services.blacksky-satnav = { 19 - description = "Blacksky Satnav service"; 20 - after = [ "network.target" ]; 21 - wantedBy = [ "multi-user.target" ]; 22 - serviceConfig = { 23 - ExecStart = "${pkgs.blacksky.satnav}/bin/rsky-satnav"; 24 - Restart = "always"; 25 - DynamicUser = true; 26 - StateDirectory = "blacksky-satnav"; 27 - # Add other environment variables or arguments as needed by rsky-satnav 28 - }; 29 - }; 30 - }; 31 - }
+45
modules/bluesky/beemo.nix
··· 1 + { lib, config, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + cfg = config.services.beemo; 7 + in 8 + { 9 + options.services.beemo = { 10 + enable = mkEnableOption "beemo"; 11 + 12 + package = mkOption { 13 + type = types.package; 14 + default = pkgs.bluesky; 15 + description = "The beemo package to use."; 16 + }; 17 + 18 + slackWebhookUrl = mkOption { 19 + type = types.str; 20 + description = "Slack webhook URL."; 21 + }; 22 + }; 23 + 24 + config = mkIf cfg.enable { 25 + systemd.services.beemo-notify-reports = { 26 + description = "beemo notify-reports service"; 27 + after = [ "network.target" ]; 28 + wantedBy = [ "multi-user.target" ]; 29 + serviceConfig = { 30 + ExecStart = "${cfg.package}/bin/beemo notify-reports --slack-webhook-url ${cfg.slackWebhookUrl}"; 31 + Restart = "on-failure"; 32 + }; 33 + }; 34 + 35 + systemd.services.beemo-notify-mentions = { 36 + description = "beemo notify-mentions service"; 37 + after = [ "network.target" ]; 38 + wantedBy = [ "multi-user.target" ]; 39 + serviceConfig = { 40 + ExecStart = "${cfg.package}/bin/beemo notify-mentions --slack-webhook-url ${cfg.slackWebhookUrl}"; 41 + Restart = "on-failure"; 42 + }; 43 + }; 44 + }; 45 + }
+30
modules/bluesky/bigsky.nix
··· 1 + { lib, config, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + cfg = config.services.bigsky; 7 + in 8 + { 9 + options.services.bigsky = { 10 + enable = mkEnableOption "bigsky"; 11 + 12 + package = mkOption { 13 + type = types.package; 14 + default = pkgs.bluesky; 15 + description = "The bigsky package to use."; 16 + }; 17 + }; 18 + 19 + config = mkIf cfg.enable { 20 + systemd.services.bigsky = { 21 + description = "bigsky service"; 22 + after = [ "network.target" ]; 23 + wantedBy = [ "multi-user.target" ]; 24 + serviceConfig = { 25 + ExecStart = "${cfg.package}/bin/bigsky"; 26 + Restart = "on-failure"; 27 + }; 28 + }; 29 + }; 30 + }
+12
modules/bluesky/default.nix
··· 1 + { lib, config, pkgs, ... }: 2 + 3 + { 4 + imports = [ 5 + ./bigsky.nix 6 + ./relay.nix 7 + ./hepa.nix 8 + ./palomar.nix 9 + ./beemo.nix 10 + ./sonar.nix 11 + ]; 12 + }
+95
modules/bluesky/hepa.nix
··· 1 + { lib, config, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + cfg = config.services.hepa; 7 + in 8 + { 9 + options.services.hepa = { 10 + enable = mkEnableOption "hepa"; 11 + 12 + package = mkOption { 13 + type = types.package; 14 + default = pkgs.bluesky; 15 + description = "The hepa package to use."; 16 + }; 17 + 18 + atpRelayHost = mkOption { 19 + type = types.str; 20 + default = "wss://bsky.network"; 21 + description = "ATP relay host."; 22 + }; 23 + 24 + atpPlcHost = mkOption { 25 + type = types.str; 26 + default = "https://plc.directory"; 27 + description = "ATP PLC host."; 28 + }; 29 + 30 + atpBskyHost = mkOption { 31 + type = types.str; 32 + default = "https://public.api.bsky.app"; 33 + description = "ATP bsky host."; 34 + }; 35 + 36 + atpOzoneHost = mkOption { 37 + type = types.str; 38 + default = "https://mod.bsky.app"; 39 + description = "ATP ozone host."; 40 + }; 41 + 42 + ozoneDid = mkOption { 43 + type = types.str; 44 + description = "Ozone DID."; 45 + }; 46 + 47 + ozoneAdminToken = mkOption { 48 + type = types.str; 49 + description = "Ozone admin token."; 50 + }; 51 + 52 + atpPdsHost = mkOption { 53 + type = types.str; 54 + default = "https://bsky.social"; 55 + description = "ATP PDS host."; 56 + }; 57 + 58 + pdsAdminToken = mkOption { 59 + type = types.str; 60 + description = "PDS admin token."; 61 + }; 62 + 63 + redisUrl = mkOption { 64 + type = types.str; 65 + description = "Redis URL."; 66 + }; 67 + 68 + hiveaiApiToken = mkOption { 69 + type = types.str; 70 + description = "Hive AI API token."; 71 + }; 72 + 73 + abyssHost = mkOption { 74 + type = types.str; 75 + description = "Abyss host."; 76 + }; 77 + 78 + abyssPassword = mkOption { 79 + type = types.str; 80 + description = "Abyss password."; 81 + }; 82 + }; 83 + 84 + config = mkIf cfg.enable { 85 + systemd.services.hepa = { 86 + description = "hepa service"; 87 + after = [ "network.target" ]; 88 + wantedBy = [ "multi-user.target" ]; 89 + serviceConfig = { 90 + ExecStart = "${cfg.package}/bin/hepa run --atp-relay-host ${cfg.atpRelayHost} --atp-plc-host ${cfg.atpPlcHost} --atp-bsky-host ${cfg.atpBskyHost} --atp-ozone-host ${cfg.atpOzoneHost} --ozone-did ${cfg.ozoneDid} --ozone-admin-token ${cfg.ozoneAdminToken} --atp-pds-host ${cfg.atpPdsHost} --pds-admin-token ${cfg.pdsAdminToken} --redis-url ${cfg.redisUrl} --hiveai-api-token ${cfg.hiveaiApiToken} --abyss-host ${cfg.abyssHost} --abyss-password ${cfg.abyssPassword}"; 91 + Restart = "on-failure"; 92 + }; 93 + }; 94 + }; 95 + }
+83
modules/bluesky/palomar.nix
··· 1 + { lib, config, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + cfg = config.services.palomar; 7 + in 8 + { 9 + options.services.palomar = { 10 + enable = mkEnableOption "palomar"; 11 + 12 + package = mkOption { 13 + type = types.package; 14 + default = pkgs.bluesky; 15 + description = "The palomar package to use."; 16 + }; 17 + 18 + elasticCertFile = mkOption { 19 + type = types.str; 20 + description = "Elasticsearch cert file."; 21 + }; 22 + 23 + elasticInsecureSsl = mkOption { 24 + type = types.bool; 25 + default = false; 26 + description = "Elasticsearch insecure SSL."; 27 + }; 28 + 29 + elasticUsername = mkOption { 30 + type = types.str; 31 + default = "admin"; 32 + description = "Elasticsearch username."; 33 + }; 34 + 35 + elasticPassword = mkOption { 36 + type = types.str; 37 + default = "0penSearch-Pal0mar"; 38 + description = "Elasticsearch password."; 39 + }; 40 + 41 + elasticHosts = mkOption { 42 + type = types.str; 43 + default = "http://localhost:9200"; 44 + description = "Elasticsearch hosts."; 45 + }; 46 + 47 + esPostIndex = mkOption { 48 + type = types.str; 49 + default = "palomar_post"; 50 + description = "Elasticsearch post index."; 51 + }; 52 + 53 + esProfileIndex = mkOption { 54 + type = types.str; 55 + default = "palomar_profile"; 56 + description = "Elasticsearch profile index."; 57 + }; 58 + 59 + atpRelayHost = mkOption { 60 + type = types.str; 61 + default = "wss://bsky.network"; 62 + description = "ATP relay host."; 63 + }; 64 + 65 + atpPlcHost = mkOption { 66 + type = types.str; 67 + default = "https://plc.directory"; 68 + description = "ATP PLC host."; 69 + }; 70 + }; 71 + 72 + config = mkIf cfg.enable { 73 + systemd.services.palomar = { 74 + description = "palomar service"; 75 + after = [ "network.target" ]; 76 + wantedBy = [ "multi-user.target" ]; 77 + serviceConfig = { 78 + ExecStart = "${cfg.package}/bin/palomar run --elastic-cert-file ${cfg.elasticCertFile} --elastic-insecure-ssl ${toString cfg.elasticInsecureSsl} --elastic-username ${cfg.elasticUsername} --elastic-password ${cfg.elasticPassword} --elastic-hosts ${cfg.elasticHosts} --es-post-index ${cfg.esPostIndex} --es-profile-index ${cfg.esProfileIndex} --atp-relay-host ${cfg.atpRelayHost} --atp-plc-host ${cfg.atpPlcHost}"; 79 + Restart = "on-failure"; 80 + }; 81 + }; 82 + }; 83 + }
+41
modules/bluesky/relay.nix
··· 1 + { lib, config, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + cfg = config.services.relay; 7 + in 8 + { 9 + options.services.relay = { 10 + enable = mkEnableOption "relay"; 11 + 12 + package = mkOption { 13 + type = types.package; 14 + default = pkgs.bluesky; 15 + description = "The relay package to use."; 16 + }; 17 + 18 + adminPassword = mkOption { 19 + type = types.str; 20 + description = "Admin password for the relay."; 21 + }; 22 + 23 + plcHost = mkOption { 24 + type = types.str; 25 + default = "https://plc.directory"; 26 + description = "PLC host for the relay."; 27 + }; 28 + }; 29 + 30 + config = mkIf cfg.enable { 31 + systemd.services.relay = { 32 + description = "relay service"; 33 + after = [ "network.target" ]; 34 + wantedBy = [ "multi-user.target" ]; 35 + serviceConfig = { 36 + ExecStart = "${cfg.package}/bin/relay serve --admin-password ${cfg.adminPassword} --plc-host ${cfg.plcHost}"; 37 + Restart = "on-failure"; 38 + }; 39 + }; 40 + }; 41 + }
+61
modules/bluesky/sonar.nix
··· 1 + { lib, config, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + cfg = config.services.sonar; 7 + in 8 + { 9 + options.services.sonar = { 10 + enable = mkEnableOption "sonar"; 11 + 12 + package = mkOption { 13 + type = types.package; 14 + default = pkgs.bluesky; 15 + description = "The sonar package to use."; 16 + }; 17 + 18 + wsUrl = mkOption { 19 + type = types.str; 20 + default = "wss://bsky.network/xrpc/com.atproto.sync.subscribeRepos"; 21 + description = "Websocket URL."; 22 + }; 23 + 24 + logLevel = mkOption { 25 + type = types.str; 26 + default = "info"; 27 + description = "Log level."; 28 + }; 29 + 30 + port = mkOption { 31 + type = types.port; 32 + default = 8345; 33 + description = "Metrics server port."; 34 + }; 35 + 36 + maxQueueSize = mkOption { 37 + type = types.int; 38 + default = 10; 39 + description = "Max queue size."; 40 + }; 41 + 42 + cursorFile = mkOption { 43 + type = types.str; 44 + default = "/var/lib/sonar/cursor.json"; 45 + description = "Cursor file."; 46 + }; 47 + }; 48 + 49 + config = mkIf cfg.enable { 50 + systemd.services.sonar = { 51 + description = "sonar service"; 52 + after = [ "network.target" ]; 53 + wantedBy = [ "multi-user.target" ]; 54 + serviceConfig = { 55 + ExecStart = "${cfg.package}/bin/sonar --ws-url ${cfg.wsUrl} --log-level ${cfg.logLevel} --port ${toString cfg.port} --max-queue-size ${toString cfg.maxQueueSize} --cursor-file ${cfg.cursorFile}"; 56 + Restart = "on-failure"; 57 + StateDirectory = "sonar"; 58 + }; 59 + }; 60 + }; 61 + }
+5
modules/default.nix
··· 1 + { 2 + imports = [ 3 + ./bluesky 4 + ]; 5 + }
-140
modules/microcosm/constellation.nix
··· 1 - # Defines the NixOS module for the Constellation service 2 - { config, lib, pkgs, ... }: 3 - 4 - with lib; 5 - 6 - let 7 - cfg = config.services.microcosm-constellation; 8 - in 9 - { 10 - options.services.microcosm-constellation = { 11 - enable = mkEnableOption "Constellation server"; 12 - 13 - package = mkOption { 14 - type = types.package; 15 - default = pkgs.nur.constellation; 16 - description = "The Constellation package to use."; 17 - }; 18 - 19 - dataDir = mkOption { 20 - type = types.str; 21 - default = "/var/lib/microcosm-constellation"; 22 - description = "The absolute path to the directory to store data in."; 23 - }; 24 - 25 - backend = mkOption { 26 - type = types.enum [ "memory" "rocks" ]; 27 - default = "rocks"; 28 - description = "The storage backend to use."; 29 - }; 30 - 31 - jetstream = mkOption { 32 - type = types.str; 33 - description = "The Jetstream server to connect to."; 34 - example = "wss://jetstream1.us-east.bsky.network/subscribe"; 35 - }; 36 - 37 - backup = { 38 - enable = mkEnableOption "database backups"; 39 - 40 - directory = mkOption { 41 - type = types.path; 42 - default = "${cfg.dataDir}/backups"; 43 - description = "Directory to store backups."; 44 - }; 45 - 46 - interval = mkOption { 47 - type = types.nullOr types.int; 48 - default = null; 49 - description = "Take backups every N hours. If null, no automatic backups."; 50 - example = 24; 51 - }; 52 - 53 - maxOldBackups = mkOption { 54 - type = types.nullOr types.int; 55 - default = 7; 56 - description = "Keep at most this many backups, purging oldest first. Only used with interval."; 57 - }; 58 - }; 59 - }; 60 - 61 - config = mkIf cfg.enable { 62 - # Create a static user and group for the service 63 - users.users.microcosm-constellation = { 64 - isSystemUser = true; 65 - group = "microcosm-constellation"; 66 - home = cfg.dataDir; 67 - }; 68 - users.groups.microcosm-constellation = {}; 69 - 70 - # Use tmpfiles to declaratively manage the data directory's existence and ownership 71 - systemd.tmpfiles.rules = [ 72 - "d ${cfg.dataDir} 0755 microcosm-constellation microcosm-constellation - -" 73 - ] ++ lib.optional (cfg.backup.enable) [ 74 - "d ${cfg.backup.directory} 0755 microcosm-constellation microcosm-constellation - -" 75 - ]; 76 - 77 - systemd.services.microcosm-constellation = { 78 - description = "Constellation Server - Global backlink index for AT Protocol"; 79 - wantedBy = [ "multi-user.target" ]; 80 - after = [ "network.target" ]; 81 - wants = [ "network.target" ]; 82 - 83 - serviceConfig = { 84 - Restart = "always"; 85 - RestartSec = "10s"; 86 - 87 - # Use the static user and group 88 - User = "microcosm-constellation"; 89 - Group = "microcosm-constellation"; 90 - 91 - WorkingDirectory = cfg.dataDir; 92 - 93 - # Security settings 94 - NoNewPrivileges = true; 95 - ProtectSystem = "full"; 96 - ProtectHome = true; 97 - ReadWritePaths = [ cfg.dataDir ] ++ optional (cfg.backup.enable) cfg.backup.directory; 98 - PrivateTmp = true; 99 - ProtectKernelTunables = true; 100 - ProtectKernelModules = true; 101 - ProtectControlGroups = true; 102 - RestrictRealtime = true; 103 - RestrictSUIDSGID = true; 104 - RemoveIPC = true; 105 - PrivateMounts = true; 106 - }; 107 - 108 - script = 109 - let 110 - args = flatten [ 111 - [ 112 - "--jetstream" 113 - (escapeShellArg cfg.jetstream) 114 - "--backend" 115 - (escapeShellArg cfg.backend) 116 - ] 117 - (optional (cfg.backend == "rocks") [ 118 - "--data" 119 - (escapeShellArg "${cfg.dataDir}/db") 120 - ]) 121 - (optional cfg.backup.enable [ 122 - "--backup" 123 - (escapeShellArg cfg.backup.directory) 124 - ]) 125 - (optional (cfg.backup.enable && cfg.backup.interval != null) [ 126 - "--backup-interval" 127 - (escapeShellArg (toString cfg.backup.interval)) 128 - ]) 129 - (optional (cfg.backup.enable && cfg.backup.interval != null && cfg.backup.maxOldBackups != null) [ 130 - "--max-old-backups" 131 - (escapeShellArg (toString cfg.backup.maxOldBackups)) 132 - ]) 133 - ]; 134 - in 135 - '' 136 - exec ${cfg.package}/bin/main ${concatStringsSep " " args} 137 - ''; 138 - }; 139 - }; 140 - }
-14
modules/microcosm/default.nix
··· 1 - { pkgs, ... }: 2 - 3 - { 4 - imports = [ 5 - ./constellation.nix 6 - ./spacedust.nix 7 - ./slingshot.nix 8 - ./ufos.nix 9 - ./who-am-i.nix 10 - ./quasar.nix 11 - ./pocket.nix 12 - ./reflector.nix 13 - ]; 14 - }
-60
modules/microcosm/pocket.nix
··· 1 - # Defines the NixOS module for the Pocket service 2 - { config, lib, pkgs, ... }: 3 - 4 - with lib; 5 - 6 - let 7 - cfg = config.services.microcosm-pocket; 8 - in 9 - { 10 - options.services.microcosm-pocket = { 11 - enable = mkEnableOption "Pocket service"; 12 - 13 - package = mkOption { 14 - type = types.package; 15 - default = pkgs.nur.pocket; 16 - description = "The Pocket package to use."; 17 - }; 18 - 19 - dbDir = mkOption { 20 - type = types.str; 21 - default = "microcosm-pocket"; 22 - description = "The directory to store the database in, relative to /var/lib."; 23 - }; 24 - 25 - domain = mkOption { 26 - type = types.str; 27 - description = "The domain for serving a did doc."; 28 - }; 29 - }; 30 - 31 - config = mkIf cfg.enable { 32 - systemd.services.microcosm-pocket = { 33 - description = "Pocket Service"; 34 - after = [ "network.target" ]; 35 - wantedBy = [ "multi-user.target" ]; 36 - 37 - serviceConfig = { 38 - ExecStart = "${cfg.package}/bin/pocket --db /var/lib/${cfg.dbDir}/prefs.sqlite3 --domain ${cfg.domain}"; 39 - Restart = "always"; 40 - RestartSec = "10s"; 41 - DynamicUser = true; 42 - StateDirectory = cfg.dbDir; 43 - ReadWritePaths = [ "/var/lib/${cfg.dbDir}" ]; 44 - 45 - # Security settings 46 - NoNewPrivileges = true; 47 - ProtectSystem = "strict"; 48 - ProtectHome = true; 49 - PrivateTmp = true; 50 - ProtectKernelTunables = true; 51 - ProtectKernelModules = true; 52 - ProtectControlGroups = true; 53 - RestrictRealtime = true; 54 - RestrictSUIDSGID = true; 55 - RemoveIPC = true; 56 - PrivateMounts = true; 57 - }; 58 - }; 59 - }; 60 - }
-30
modules/microcosm/quasar.nix
··· 1 - # Defines the NixOS module for the Quasar service 2 - { config, lib, pkgs, ... }: 3 - 4 - with lib; 5 - 6 - let 7 - cfg = config.services.microcosm-quasar; 8 - microcosmPkgs = pkgs.nur.microcosm; 9 - in 10 - { 11 - options.services.microcosm-quasar = { 12 - enable = mkEnableOption "Quasar service"; 13 - 14 - package = mkOption { 15 - type = types.package; 16 - default = microcosmPkgs.quasar; 17 - description = "The Quasar package to use."; 18 - }; 19 - }; 20 - 21 - config = mkIf cfg.enable { 22 - # The quasar service is not yet implemented. 23 - # This module is a placeholder. 24 - # See: https://github.com/at-microcosm/microcosm-rs/issues/1 25 - systemd.services.microcosm-quasar = { 26 - description = "Microcosm Quasar Service (Not Implemented)"; 27 - serviceConfig.ExecStart = "${pkgs.coreutils}/bin/false"; 28 - }; 29 - }; 30 - }
-68
modules/microcosm/reflector.nix
··· 1 - # Defines the NixOS module for the Reflector service 2 - { config, lib, pkgs, ... }: 3 - 4 - with lib; 5 - 6 - let 7 - cfg = config.services.microcosm-reflector; 8 - in 9 - { 10 - options.services.microcosm-reflector = { 11 - enable = mkEnableOption "Reflector service"; 12 - 13 - package = mkOption { 14 - type = types.package; 15 - default = pkgs.nur.reflector; 16 - description = "The Reflector package to use."; 17 - }; 18 - 19 - serviceId = mkOption { 20 - type = types.str; 21 - description = "The DID document service ID."; 22 - }; 23 - 24 - serviceType = mkOption { 25 - type = types.str; 26 - description = "The service type."; 27 - }; 28 - 29 - serviceEndpoint = mkOption { 30 - type = types.str; 31 - description = "The HTTPS endpoint for the service."; 32 - }; 33 - 34 - domain = mkOption { 35 - type = types.str; 36 - description = "The parent domain."; 37 - }; 38 - }; 39 - 40 - config = mkIf cfg.enable { 41 - systemd.services.microcosm-reflector = { 42 - description = "Reflector Service"; 43 - after = [ "network.target" ]; 44 - wantedBy = [ "multi-user.target" ]; 45 - 46 - serviceConfig = { 47 - ExecStart = "${cfg.package}/bin/reflector --id ${cfg.serviceId} --type ${cfg.serviceType} --service-endpoint ${cfg.serviceEndpoint} --domain ${cfg.domain}"; 48 - Restart = "always"; 49 - RestartSec = "10s"; 50 - DynamicUser = true; 51 - StateDirectory = "reflector"; 52 - 53 - # Security settings 54 - NoNewPrivileges = true; 55 - ProtectSystem = "strict"; 56 - ProtectHome = true; 57 - PrivateTmp = true; 58 - ProtectKernelTunables = true; 59 - ProtectKernelModules = true; 60 - ProtectControlGroups = true; 61 - RestrictRealtime = true; 62 - RestrictSUIDSGID = true; 63 - RemoveIPC = true; 64 - PrivateMounts = true; 65 - }; 66 - }; 67 - }; 68 - }
-93
modules/microcosm/slingshot.nix
··· 1 - # Defines the NixOS module for the Slingshot service 2 - { config, lib, pkgs, ... }: 3 - 4 - with lib; 5 - 6 - let 7 - cfg = config.services.microcosm-slingshot; 8 - in 9 - { 10 - options.services.microcosm-slingshot = { 11 - enable = mkEnableOption "Slingshot service"; 12 - 13 - package = mkOption { 14 - type = types.package; 15 - default = pkgs.nur.slingshot; 16 - description = "The Slingshot package to use."; 17 - }; 18 - 19 - jetstream = mkOption { 20 - type = types.str; 21 - description = "The Jetstream server to connect to."; 22 - }; 23 - 24 - jetstreamNoZstd = mkOption { 25 - type = types.bool; 26 - default = false; 27 - description = "Don't request zstd-compressed jetstream events."; 28 - }; 29 - 30 - dataDir = mkOption { 31 - type = types.str; 32 - default = "microcosm-slingshot"; 33 - description = "The directory to store data in, relative to /var/lib."; 34 - }; 35 - 36 - domain = mkOption { 37 - type = types.nullOr types.str; 38 - default = null; 39 - description = "The domain pointing to this server."; 40 - }; 41 - 42 - acmeContact = mkOption { 43 - type = types.nullOr types.str; 44 - default = null; 45 - description = "The email address for letsencrypt contact."; 46 - }; 47 - 48 - healthcheckUrl = mkOption { 49 - type = types.nullOr types.str; 50 - default = null; 51 - description = "The web address to send healtcheck pings to."; 52 - }; 53 - }; 54 - 55 - config = mkIf cfg.enable { 56 - systemd.services.microcosm-slingshot = { 57 - description = "Slingshot Service"; 58 - after = [ "network.target" ]; 59 - wantedBy = [ "multi-user.target" ]; 60 - 61 - serviceConfig = { 62 - ExecStart = '' 63 - ${cfg.package}/bin/slingshot \ 64 - --jetstream ${escapeShellArg cfg.jetstream} \ 65 - ${optionalString cfg.jetstreamNoZstd "--jetstream-no-zstd"} \ 66 - --cache-dir /var/lib/${cfg.dataDir}/cache \ 67 - ${optionalString (cfg.domain != null) "--domain ${escapeShellArg cfg.domain}"} \ 68 - ${optionalString (cfg.acmeContact != null) "--acme-contact ${escapeShellArg cfg.acmeContact}"} \ 69 - --certs /var/lib/${cfg.dataDir}/certs \ 70 - ${optionalString (cfg.healthcheckUrl != null) "--healthcheck ${escapeShellArg cfg.healthcheckUrl}"} 71 - ''; 72 - Restart = "always"; 73 - RestartSec = "10s"; 74 - DynamicUser = true; 75 - StateDirectory = cfg.dataDir; 76 - ReadWritePaths = [ "/var/lib/${cfg.dataDir}" ]; 77 - 78 - # Security settings 79 - NoNewPrivileges = true; 80 - ProtectSystem = "strict"; 81 - ProtectHome = true; 82 - PrivateTmp = true; 83 - ProtectKernelTunables = true; 84 - ProtectKernelModules = true; 85 - ProtectControlGroups = true; 86 - RestrictRealtime = true; 87 - RestrictSUIDSGID = true; 88 - RemoveIPC = true; 89 - PrivateMounts = true; 90 - }; 91 - }; 92 - }; 93 - }
-59
modules/microcosm/spacedust.nix
··· 1 - # Defines the NixOS module for the Spacedust service 2 - { config, lib, pkgs, ... }: 3 - 4 - with lib; 5 - 6 - let 7 - cfg = config.services.microcosm-spacedust; 8 - in 9 - { 10 - options.services.microcosm-spacedust = { 11 - enable = mkEnableOption "Spacedust service"; 12 - 13 - package = mkOption { 14 - type = types.package; 15 - default = pkgs.nur.spacedust; 16 - description = "The Spacedust package to use."; 17 - }; 18 - 19 - jetstream = mkOption { 20 - type = types.str; 21 - description = "The Jetstream server to connect to."; 22 - }; 23 - 24 - jetstreamNoZstd = mkOption { 25 - type = types.bool; 26 - default = false; 27 - description = "Don't request zstd-compressed jetstream events."; 28 - }; 29 - }; 30 - 31 - config = mkIf cfg.enable { 32 - systemd.services.microcosm-spacedust = { 33 - description = "Spacedust Service"; 34 - after = [ "network.target" ]; 35 - wantedBy = [ "multi-user.target" ]; 36 - 37 - serviceConfig = { 38 - ExecStart = "${cfg.package}/bin/spacedust --jetstream ${escapeShellArg cfg.jetstream} ${optionalString cfg.jetstreamNoZstd "--jetstream-no-zstd"}"; 39 - Restart = "always"; 40 - RestartSec = "10s"; 41 - DynamicUser = true; 42 - StateDirectory = "spacedust"; 43 - 44 - # Security settings 45 - NoNewPrivileges = true; 46 - ProtectSystem = "strict"; 47 - ProtectHome = true; 48 - PrivateTmp = true; 49 - ProtectKernelTunables = true; 50 - ProtectKernelModules = true; 51 - ProtectControlGroups = true; 52 - RestrictRealtime = true; 53 - RestrictSUIDSGID = true; 54 - RemoveIPC = true; 55 - PrivateMounts = true; 56 - }; 57 - }; 58 - }; 59 - }
-84
modules/microcosm/ufos.nix
··· 1 - # Defines the NixOS module for the UFOs service 2 - { config, lib, pkgs, ... }: 3 - 4 - with lib; 5 - 6 - let 7 - cfg = config.services.microcosm-ufos; 8 - in 9 - { 10 - options.services.microcosm-ufos = { 11 - enable = mkEnableOption "UFOs service"; 12 - 13 - package = mkOption { 14 - type = types.package; 15 - default = pkgs.nur.ufos; 16 - description = "The UFOs package to use."; 17 - }; 18 - 19 - jetstream = mkOption { 20 - type = types.str; 21 - description = "The Jetstream server to connect to."; 22 - }; 23 - 24 - jetstreamForce = mkOption { 25 - type = types.bool; 26 - default = false; 27 - description = "Allow changing jetstream endpoints."; 28 - }; 29 - 30 - jetstreamNoZstd = mkOption { 31 - type = types.bool; 32 - default = false; 33 - description = "Don't request zstd-compressed jetstream events."; 34 - }; 35 - 36 - dataDir = mkOption { 37 - type = types.str; 38 - default = "microcosm-ufos"; 39 - description = "The directory to store data in, relative to /var/lib."; 40 - }; 41 - 42 - backfill = mkOption { 43 - type = types.bool; 44 - default = false; 45 - description = "Adjust runtime settings for efficient backfill."; 46 - }; 47 - 48 - reroll = mkOption { 49 - type = types.bool; 50 - default = false; 51 - description = "Reset the rollup cursor and backfill."; 52 - }; 53 - }; 54 - 55 - config = mkIf cfg.enable { 56 - systemd.services.microcosm-ufos = { 57 - description = "UFOs Service"; 58 - after = [ "network.target" ]; 59 - wantedBy = [ "multi-user.target" ]; 60 - 61 - serviceConfig = { 62 - ExecStart = "${cfg.package}/bin/ufos --jetstream ${escapeShellArg cfg.jetstream} ${optionalString cfg.jetstreamForce "--jetstream-force"} ${optionalString cfg.jetstreamNoZstd "--jetstream-no-zstd"} --data /var/lib/${cfg.dataDir} ${optionalString cfg.backfill "--backfill"} ${optionalString cfg.reroll "--reroll"}"; 63 - Restart = "always"; 64 - RestartSec = "10s"; 65 - DynamicUser = true; 66 - StateDirectory = cfg.dataDir; 67 - ReadWritePaths = [ "/var/lib/${cfg.dataDir}" ]; 68 - 69 - # Security settings 70 - NoNewPrivileges = true; 71 - ProtectSystem = "strict"; 72 - ProtectHome = true; 73 - PrivateTmp = true; 74 - ProtectKernelTunables = true; 75 - ProtectKernelModules = true; 76 - ProtectControlGroups = true; 77 - RestrictRealtime = true; 78 - RestrictSUIDSGID = true; 79 - RemoveIPC = true; 80 - PrivateMounts = true; 81 - }; 82 - }; 83 - }; 84 - }
-107
modules/microcosm/who-am-i.nix
··· 1 - # Defines the NixOS module for the Who-Am-I service 2 - { config, lib, pkgs, ... }: 3 - 4 - with lib; 5 - 6 - let 7 - cfg = config.services.microcosm-who-am-i; 8 - in 9 - { 10 - options.services.microcosm-who-am-i = { 11 - enable = mkEnableOption "Microcosm Who-Am-I service (deprecated)"; 12 - 13 - package = mkOption { 14 - type = types.package; 15 - default = microcosmPkgs."who-am-i"; 16 - description = "The Who-Am-I package to use."; 17 - }; 18 - 19 - openFirewall = mkOption { 20 - type = types.bool; 21 - default = false; 22 - description = "Whether to open the firewall for the Who-Am-I API port."; 23 - }; 24 - 25 - appSecret = mkOption { 26 - type = types.str; 27 - description = "The secret key for cookie-signing."; 28 - }; 29 - 30 - oauthPrivateKey = mkOption { 31 - type = types.nullOr types.path; 32 - default = null; 33 - description = "The path to the at-oauth private key."; 34 - }; 35 - 36 - jwtPrivateKey = mkOption { 37 - type = types.path; 38 - description = "The path to the jwt private key."; 39 - }; 40 - 41 - baseUrl = mkOption { 42 - type = types.str; 43 - description = "The client-reachable base url."; 44 - }; 45 - 46 - bind = mkOption { 47 - type = types.str; 48 - default = "127.0.0.1:9997"; 49 - description = "The host:port to bind to."; 50 - }; 51 - 52 - dev = mkOption { 53 - type = types.bool; 54 - default = false; 55 - description = "Enable dev mode."; 56 - }; 57 - 58 - allowedHosts = mkOption { 59 - type = types.listOf types.str; 60 - description = "The hosts who are allowed to one-click auth."; 61 - }; 62 - }; 63 - 64 - config = mkIf cfg.enable { 65 - systemd.services.microcosm-who-am-i = { 66 - description = "Microcosm Who-Am-I Service (deprecated)"; 67 - after = [ "network.target" ]; 68 - wantedBy = [ "multi-user.target" ]; 69 - 70 - serviceConfig = { 71 - # Execution settings from the feature branch 72 - ExecStart = '' 73 - ${cfg.package}/bin/who-am-i \ 74 - --app-secret ${escapeShellArg cfg.appSecret} \ 75 - ${optionalString (cfg.oauthPrivateKey != null) "--oauth-private-key ${escapeShellArg cfg.oauthPrivateKey}"} \ 76 - --jwt-private-key ${escapeShellArg cfg.jwtPrivateKey} \ 77 - --base-url ${escapeShellArg cfg.baseUrl} \ 78 - --bind ${escapeShellArg cfg.bind} \ 79 - ${optionalString cfg.dev "--dev"} \ 80 - ${concatStringsSep " " (map (host: "--allow-host ${escapeShellArg host}") cfg.allowedHosts)} 81 - ''; 82 - Restart = "always"; 83 - RestartSec = "10s"; 84 - DynamicUser = true; 85 - StateDirectory = "who-am-i"; 86 - 87 - # Security settings from the main branch 88 - NoNewPrivileges = true; 89 - ProtectSystem = "strict"; 90 - ProtectHome = true; 91 - PrivateTmp = true; 92 - ProtectKernelTunables = true; 93 - ProtectKernelModules = true; 94 - ProtectControlGroups = true; 95 - RestrictRealtime = true; 96 - RestrictSUIDSGID = true; 97 - RemoveIPC = true; 98 - PrivateMounts = true; 99 - }; 100 - }; 101 - 102 - # Updated firewall rule to parse the port from the new 'bind' option 103 - networking.firewall = mkIf cfg.openFirewall { 104 - allowedTCPPorts = [ (toInt (last (splitString ":" cfg.bind))) ]; 105 - }; 106 - }; 107 - }
+2
overlays/default.nix
··· 1 + { 2 + }
-3
pkgs/blacksky/default.nix
··· 1 - { pkgs, craneLib, ... }: 2 - 3 - import ./rsky { inherit pkgs craneLib; }
-194
pkgs/blacksky/rsky/default.nix
··· 1 - { pkgs, craneLib, ... }: 2 - 3 - { 4 - pds = craneLib.buildPackage rec { 5 - pname = "rsky-pds"; 6 - version = "0.1.0"; # Placeholder version, should be updated from rsky's Cargo.toml 7 - src = pkgs.fetchFromGitHub { 8 - owner = "blacksky-algorithms"; 9 - repo = "rsky"; 10 - rev = "main"; # Placeholder, should be updated to a specific commit or tag 11 - hash = "sha256-nqBe20MCeNrSVxLVxiYc7iCFaBdf5Vf1p/i0D/aS8oY="; 12 - }; 13 - cargoHash = "sha256-0000000000000000000000000000000000000000000000000000000000000000="; 14 - 15 - # Build only the rsky-pds binary 16 - 17 - cargoBuildFlags = [ "--package rsky-pds --bin rsky-pds" ]; 18 - cargoInstallFlags = [ "--package rsky-pds --bin rsky-pds" ]; 19 - 20 - meta = with pkgs.lib; { 21 - description = "AT Protocol Personal Data Server (PDS) from rsky"; 22 - homepage = "https://github.com/atproto-nix/nur"; # Placeholder 23 - license = licenses.mit; # Placeholder 24 - maintainers = with maintainers; [ ]; # Placeholder 25 - }; 26 - }; 27 - 28 - relay = craneLib.buildPackage rec { 29 - pname = "rsky-relay"; 30 - version = "0.1.0"; # Placeholder version 31 - src = pkgs.fetchFromGitHub { 32 - owner = "blacksky-algorithms"; 33 - repo = "rsky"; 34 - rev = "main"; # Placeholder 35 - hash = "sha256-nqBe20MCeNrSVxLVxiYc7iCFaBdf5Vf1p/i0D/aS8oY="; 36 - }; 37 - cargoHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; # Placeholder 38 - 39 - cargoBuildFlags = [ "--package rsky-relay --bin rsky-relay" ]; 40 - cargoInstallFlags = [ "--package rsky-relay --bin rsky-relay" ]; 41 - 42 - meta = with pkgs.lib; { 43 - description = "AT Protocol Relay from rsky"; 44 - homepage = "https://github.com/atproto-nix/nur"; 45 - license = licenses.mit; 46 - maintainers = with maintainers; [ ]; 47 - }; 48 - }; 49 - 50 - feedgen = craneLib.buildPackage rec { 51 - pname = "rsky-feedgen"; 52 - version = "0.1.0"; # Placeholder version 53 - src = pkgs.fetchFromGitHub { 54 - owner = "blacksky-algorithms"; 55 - repo = "rsky"; 56 - rev = "main"; # Placeholder 57 - hash = "sha256-nqBe20MCeNrSVxLVxiYc7iCFaBdf5Vf1p/i0D/aS8oY="; 58 - }; 59 - cargoHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; # Placeholder 60 - 61 - cargoBuildFlags = [ "--package rsky-feedgen --bin rsky-feedgen" ]; 62 - cargoInstallFlags = [ "--package rsky-feedgen --bin rsky-feedgen" ]; 63 - 64 - meta = with pkgs.lib; { 65 - description = "AT Protocol Feed Generator from rsky"; 66 - homepage = "https://github.com/atproto-nix/nur"; 67 - license = licenses.mit; 68 - maintainers = with maintainers; [ ]; 69 - }; 70 - }; 71 - 72 - satnav = craneLib.buildPackage rec { 73 - pname = "rsky-satnav"; 74 - version = "0.1.0"; # Placeholder version 75 - src = pkgs.fetchFromGitHub { 76 - owner = "blacksky-algorithms"; 77 - repo = "rsky"; 78 - rev = "main"; # Placeholder 79 - hash = "sha256-nqBe20MCeNrSVxLVxiYc7iCFaBdf5Vf1p/i0D/aS8oY="; 80 - }; 81 - cargoHash = "sha256-0000000000000000000000000000000000000000000000000000000000000000="; # Placeholder, will be updated by Nix 82 - 83 - cargoBuildFlags = [ "--package rsky-satnav --bin rsky-satnav" ]; 84 - cargoInstallFlags = [ "--package rsky-satnav --bin rsky-satnav" ]; 85 - 86 - meta = with pkgs.lib; { 87 - description = "AT Protocol Satnav from rsky"; 88 - homepage = "https://github.com/atproto-nix/nur"; 89 - license = licenses.mit; 90 - maintainers = with maintainers; [ ]; 91 - }; 92 - }; 93 - 94 - firehose = craneLib.buildPackage rec { 95 - pname = "rsky-firehose"; 96 - version = "0.2.1"; # Version from Cargo.toml 97 - src = pkgs.fetchFromGitHub { 98 - owner = "blacksky-algorithms"; 99 - repo = "rsky"; 100 - rev = "main"; # Placeholder 101 - hash = "sha256-nqBe20MCeNrSVxLVxiYc7iCFaBdf5Vf1p/i0D/aS8oY="; 102 - }; 103 - cargoHash = "sha256-0000000000000000000000000000000000000000000000000000000000000000="; # Placeholder 104 - 105 - cargoBuildFlags = [ "--package rsky-firehose --bin rsky-firehose" ]; 106 - cargoInstallFlags = [ "--package rsky-firehose --bin rsky-firehose" ]; 107 - 108 - meta = with pkgs.lib; { 109 - description = "AT Protocol Firehose subscriber from rsky"; 110 - homepage = "https://github.com/atproto-nix/nur"; 111 - license = licenses.mit; 112 - maintainers = with maintainers; [ ]; 113 - }; 114 - }; 115 - 116 - jetstreamSubscriber = craneLib.buildPackage rec { 117 - pname = "rsky-jetstream-subscriber"; 118 - version = "0.1.0"; # Version from Cargo.toml 119 - src = pkgs.fetchFromGitHub { 120 - owner = "blacksky-algorithms"; 121 - repo = "rsky"; 122 - rev = "main"; # Placeholder 123 - hash = "sha256-nqBe20MCeNrSVxLVxiYc7iCFaBdf5Vf1p/i0D/aS8oY="; 124 - }; 125 - cargoHash = "sha256-0000000000000000000000000000000000000000000000000000000000000000="; # Placeholder 126 - 127 - cargoBuildFlags = [ "--package rsky-jetstream-subscriber --bin rsky-jetstream-subscriber" ]; 128 - cargoInstallFlags = [ "--package rsky-jetstream-subscriber --bin rsky-jetstream-subscriber" ]; 129 - 130 - meta = with pkgs.lib; { 131 - description = "AT Protocol Jetstream Subscriber from rsky"; 132 - homepage = "https://github.com/atproto-nix/nur"; 133 - license = licenses.mit; 134 - maintainers = with maintainers; [ ]; 135 - }; 136 - }; 137 - 138 - labeler = craneLib.buildPackage rec { 139 - pname = "rsky-labeler"; 140 - version = "0.1.3"; # Version from Cargo.toml 141 - src = pkgs.fetchFromGitHub { 142 - owner = "blacksky-algorithms"; 143 - repo = "rsky"; 144 - rev = "main"; # Placeholder 145 - hash = "sha256-nqBe20MCeNrSVxLVxiYc7iCFaBdf5Vf1p/i0D/aS8oY="; 146 - }; 147 - cargoHash = "sha256-0000000000000000000000000000000000000000000000000000000000000000="; # Placeholder 148 - 149 - cargoBuildFlags = [ "--package rsky-labeler --bin rsky-labeler" ]; 150 - cargoInstallFlags = [ "--package rsky-labeler --bin rsky-labeler" ]; 151 - 152 - meta = with pkgs.lib; { 153 - description = "AT Protocol Labeler from rsky"; 154 - homepage = "https://github.com/atproto-nix/nur"; 155 - license = licenses.mit; 156 - maintainers = with maintainers; [ ]; 157 - }; 158 - }; 159 - 160 - # community = pkgs.buildYarnPackage rec { 161 - # pname = "blacksky.community"; 162 - # version = "1.109.0"; # Version from package.json 163 - # 164 - # src = pkgs.fetchFromGitHub { 165 - # owner = "blacksky-algorithms"; 166 - # repo = "blacksky.community"; 167 - # # TODO: Update 'rev' to a specific commit hash or release tag for reproducible builds. 168 - # rev = "main"; 169 - # # TODO: Update 'hash' to the correct SHA256 hash of the fetched source. 170 - # # You can obtain the correct hash by setting it to an empty string, running nix-build, 171 - # # and then copying the hash from the error message. 172 - # hash = "sha256-W0mXqED9geNKJSPGJhUdJZ2voMOMDCXX1T4zn3GZKlY="; 173 - # }; 174 - # 175 - # yarnLock = "yarn.lock"; # Specify the yarn.lock file 176 - # 177 - # buildPhase = '' 178 - # yarn build-web 179 - # ''; 180 - # 181 - # installPhase = '' 182 - # mkdir -p $out/share/nginx/html 183 - # cp -r web-build/* $out/share/nginx/html 184 - # ''; 185 - # 186 - # meta = with pkgs.lib; { 187 - # description = "Blacksky Community Web Client"; 188 - # # Placeholder, update with actual homepage if available. 189 - # homepage = "https://github.com/blacksky-algorithms/blacksky.community"; 190 - # # Placeholder, add actual maintainers. 191 - # maintainers = with maintainers; [ ]; 192 - # }; 193 - # }; 194 - }
+41 -7
pkgs/bluesky/default.nix
··· 1 - { stdenv }: 1 + { lib, buildGoModule, fetchFromGitHub }: 2 2 3 - stdenv.mkDerivation rec { 4 - name = "example-package-${version}"; 5 - version = "1.0"; 6 - src = ./.; 7 - buildPhase = "echo echo Hello World > example"; 8 - installPhase = "install -Dm755 example $out"; 3 + buildGoModule rec { 4 + pname = "indigo"; 5 + version = "unstable-2023-09-24"; 6 + 7 + src = fetchFromGitHub { 8 + owner = "bluesky-social"; 9 + repo = "indigo"; 10 + rev = "b4dd6383c76ffe205afe5407a027bb90a7461b12"; 11 + sha256 = "sha256-e0Y/k1RBnFg8Z9VT7rxuZeyvJo2MZIOHQJbo9prTaoQ="; 12 + }; 13 + 14 + vendorHash = "sha256-7mYvgvR0tZdEnUgUYzKv6d2QyeXXnrFgVwY8/4UM3oU="; 15 + 16 + subPackages = [ 17 + "cmd/goat" 18 + "cmd/gosky" 19 + "cmd/bigsky" 20 + "cmd/relay" 21 + "cmd/beemo" 22 + "cmd/lexgen" 23 + "cmd/stress" 24 + "cmd/fakermaker" 25 + "cmd/hepa" 26 + "cmd/supercollider" 27 + "cmd/sonar" 28 + "cmd/palomar" 29 + ]; 30 + 31 + buildFlags = [ "-mod=vendor" ]; 32 + 33 + preBuild = '' 34 + export HOME=$TMPDIR 35 + ''; 36 + 37 + meta = with lib; { 38 + description = "Go source code for Bluesky's atproto services"; 39 + homepage = "https://github.com/bluesky-social/indigo"; 40 + license = licenses.mit; 41 + maintainers = with maintainers; [ ]; 42 + }; 9 43 }
-81
pkgs/microcosm/default.nix
··· 1 - { pkgs, craneLib }: 2 - 3 - let 4 - src = pkgs.fetchFromGitHub { 5 - owner = "at-microcosm"; 6 - repo = "microcosm-rs"; 7 - rev = "b0a66a102261d0b4e8a90d34cec3421073a7b728"; 8 - sha256 = "sha256-swdAcsjRWnj9abmnrce5LzeKRK+LHm8RubCEIuk+53c="; 9 - }; 10 - 11 - commonEnv = { 12 - LIBCLANG_PATH = pkgs.lib.makeLibraryPath [ pkgs.llvmPackages.libclang.lib ]; 13 - OPENSSL_NO_VENDOR = "1"; 14 - OPENSSL_LIB_DIR = "${pkgs.lib.getLib pkgs.openssl}/lib"; 15 - OPENSSL_INCLUDE_DIR = "${pkgs.lib.getDev pkgs.openssl}/include"; 16 - BINDGEN_EXTRA_CLANG_ARGS = pkgs.lib.concatStringsSep " " [ 17 - "-I${pkgs.llvmPackages.libclang.lib}/lib/clang/${pkgs.lib.versions.major pkgs.llvmPackages.libclang.version}/include" 18 - "-I${pkgs.glibc.dev}" 19 - ]; 20 - ZSTD_SYS_USE_PKG_CONFIG = "1"; 21 - CC = "${pkgs.llvmPackages.clang}/bin/clang"; 22 - CXX = "${pkgs.llvmPackages.clang}/bin/clang++"; 23 - PKG_CONFIG_PATH = "${pkgs.zstd.dev}/lib/pkgconfig:${pkgs.lz4.dev}/lib/pkgconfig"; 24 - }; 25 - 26 - nativeInputs = with pkgs; 27 - [ 28 - pkg-config 29 - perl 30 - ]; 31 - 32 - buildInputs = with pkgs; 33 - [ 34 - zstd 35 - lz4 36 - rocksdb 37 - openssl 38 - sqlite 39 - ]; 40 - cargoArtifacts = craneLib.buildDepsOnly { 41 - inherit src; 42 - pname = "microcosm-rs-deps"; 43 - version = "0.1.0"; 44 - nativeBuildInputs = nativeInputs; 45 - buildInputs = buildInputs; 46 - env = commonEnv; 47 - tarFlags = "--no-same-owner"; 48 - }; 49 - 50 - members = [ 51 - "links" 52 - "constellation" 53 - "jetstream" 54 - "ufos" 55 - "ufos/fuzz" 56 - "spacedust" 57 - "who-am-i" 58 - "slingshot" 59 - "quasar" 60 - "pocket" 61 - "reflector" 62 - ]; 63 - buildPackage = member: 64 - let 65 - packageName = if member == "ufos/fuzz" then "ufos-fuzz" else member; 66 - in 67 - craneLib.buildPackage { 68 - inherit src cargoArtifacts; 69 - pname = packageName; 70 - version = "0.1.0"; 71 - cargoExtraArgs = "--package ${packageName}"; 72 - nativeBuildInputs = nativeInputs; 73 - buildInputs = buildInputs; 74 - tarFlags = "--no-same-owner"; 75 - env = commonEnv; 76 - }; 77 - 78 - packages = pkgs.lib.genAttrs members (member: buildPackage member); 79 - 80 - in 81 - packages
-28
tests/constellation-shell.nix
··· 1 - { pkgs }: 2 - 3 - pkgs.nixosTest { 4 - name = "constellation-shell"; 5 - 6 - nodes.machine = { ... }: 7 - { 8 - imports = [ ../modules/microcosm/constellation.nix ]; 9 - 10 - services.microcosm-constellation = { 11 - enable = true; 12 - jetstream = "us-east-1"; 13 - dataDir = "microcosm-constellation"; 14 - backend = "rocks"; 15 - }; 16 - }; 17 - 18 - # The corrected test script 19 - testScript = '' 20 - start_all() 21 - machine.wait_for_unit("microcosm-constellation.service") 22 - # The line below was removed. wait_for_unit is all you need. 23 - # machine.succeed("systemctl status --wait microcosm-constellation.service") 24 - 25 - # If you want to be extra sure, you can log the status 26 - machine.log(machine.succeed("systemctl status microcosm-constellation.service")) 27 - ''; 28 - }
-5
tests/default.nix
··· 1 - { pkgs }: 2 - { 3 - constellation = import ./constellation.nix { inherit pkgs; }; 4 - constellation-shell = import ./constellation-shell.nix { inherit pkgs; }; 5 - }