nichts/modules/services/radicle.mod.nix

{
  config,
  lib,
  ...
}:
let
  inherit (lib.lists) singleton;
  inherit (lib.modules) mkIf;
  inherit (lib.options) mkEnableOption;
  inherit (builtins) toString;
  port = 3867;
  httpd_port = 3868;
  domain = "seed.faukah.com";

  cfg = config.modules.system.services.radicle;
in
{
  options.modules.system.services.radicle.enable = mkEnableOption "radicle";
  config.services = mkIf cfg.enable {
    nginx = {
      enable = true;
      virtualHosts.${domain} = {
        addSSL = true;
        enableACME = true;
        locations."/" = {
          proxyPass = "http://localhost:${toString httpd_port}";
        };
      };
    };
    radicle = {
      enable = true;
      checkConfig = true;
      privateKeyFile = "/etc/ssh/ssh_host_ed25519_key";
      publicKey = "/etc/ssh/ssh_host_ed25519_key.pub";
      httpd = {
        enable = true;
        listenPort = httpd_port;
      };
      settings = {
        preferredSeeds = [
          "z6MkrLMMsiPWUcNPHcRajuMi9mDfYckSoJyPwwnknocNYPm7@iris.radicle.xyz:8776"
          "z6Mkmqogy2qEM2ummccUthFEaaHvyYmYBYh3dbe9W4ebScxo@rosa.radicle.xyz:8776"
        ];
        node = {
          alias = domain;
          listen = singleton "[::]:${toString port}";
          externalAddresses = singleton "${domain}:${toString port}";
          seedingPolicy = {
            default = "block";
            scope = "all";
          };
        };
      };
    };
  };
}
radicle: init module 2025-09-03 19:58:27 +02:00			`{`
			`config,`
			`lib,`
			`...`
			`}:`
			`let`
			`inherit (lib.lists) singleton;`
			`inherit (lib.modules) mkIf;`
			`inherit (lib.options) mkEnableOption;`
radicle: fix port config, fix enabling 2025-09-04 11:56:17 +02:00			`inherit (builtins) toString;`
radicle: working seed 2025-09-04 12:00:00 +02:00			`port = 3867;`
			`httpd_port = 3868;`
			`domain = "seed.faukah.com";`
radicle: init module 2025-09-03 19:58:27 +02:00
			`cfg = config.modules.system.services.radicle;`
			`in`
			`{`
			`options.modules.system.services.radicle.enable = mkEnableOption "radicle";`
radicle: working seed 2025-09-04 12:00:00 +02:00			`config.services = mkIf cfg.enable {`
			`nginx = {`
radicle: init module 2025-09-03 19:58:27 +02:00			`enable = true;`
radicle: working seed 2025-09-04 12:00:00 +02:00			`virtualHosts.${domain} = {`
radicle: init module 2025-09-03 19:58:27 +02:00			`addSSL = true;`
			`enableACME = true;`
radicle: working seed 2025-09-04 12:00:00 +02:00			`locations."/" = {`
			`proxyPass = "http://localhost:${toString httpd_port}";`
			`};`
radicle: init module 2025-09-03 19:58:27 +02:00			`};`
			`};`
radicle: working seed 2025-09-04 12:00:00 +02:00			`radicle = {`
			`enable = true;`
			`checkConfig = true;`
			`privateKeyFile = "/etc/ssh/ssh_host_ed25519_key";`
			`publicKey = "/etc/ssh/ssh_host_ed25519_key.pub";`
			`httpd = {`
			`enable = true;`
			`listenPort = httpd_port;`
			`};`
			`settings = {`
radicle: add preferredSeeds 2025-09-06 16:13:27 +02:00			`preferredSeeds = [`
			`"z6MkrLMMsiPWUcNPHcRajuMi9mDfYckSoJyPwwnknocNYPm7@iris.radicle.xyz:8776"`
			`"z6Mkmqogy2qEM2ummccUthFEaaHvyYmYBYh3dbe9W4ebScxo@rosa.radicle.xyz:8776"`
			`];`
radicle: working seed 2025-09-04 12:00:00 +02:00			`node = {`
			`alias = domain;`
			`listen = singleton "[::]:${toString port}";`
			`externalAddresses = singleton "${domain}:${toString port}";`
			`seedingPolicy = {`
			`default = "block";`
			`scope = "all";`
			`};`
radicle: init module 2025-09-03 19:58:27 +02:00			`};`
			`};`
			`};`
			`};`
			`}`