about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--configuration.nix1
-rw-r--r--ipfs.nix87
2 files changed, 0 insertions, 88 deletions
diff --git a/configuration.nix b/configuration.nix
index 6654bd9..5f94597 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -33,7 +33,6 @@
     ./automation.nix
     ./dbms.nix
     ./dns.nix
-    ./ipfs.nix
     ./irc.nix
     ./git.nix
     ./matrix.nix
diff --git a/ipfs.nix b/ipfs.nix
deleted file mode 100644
index 876b74c..0000000
--- a/ipfs.nix
+++ /dev/null
@@ -1,87 +0,0 @@
-# IPFS and IPWHL configuration
-# Copyright (C) 2022  Nguyễn Gia Phong
-#
-# This file is part of loang configuration.
-#
-# Loang configuration is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published
-# by the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Loang configuration is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with loang configuration.  If not, see <https://www.gnu.org/licenses/>.
-
-{ config, ... }:
-let inherit (config.networking) domain;
-in {
-  networking.firewall = {
-    allowedTCPPorts = [ 4001 ];
-    allowedUDPPorts = [ 4001 ];
-  };
-
-  security = {
-    acme.certs.${domain} = {
-      credentialsFile = builtins.toFile "knot.env" ''
-        RFC2136_NAMESERVER=127.0.0.1
-        RFC2136_TSIG_KEY=lego
-        RFC2136_TSIG_ALGORITHM=hmac-sha256
-        RFC2136_TSIG_SECRET_FILE=/var/lib/acme/knot.secret
-      '';
-      dnsProvider = "rfc2136";
-      extraDomainNames = [
-        "*.ipfs.${domain}"
-        "*.ipns.${domain}"
-      ];
-      webroot = null;
-    };
-
-    sudo.extraRules = [
-      {
-        users = [ "xarvos" ];
-        commands = [ "ALL" ];
-        runAs = "ipfs";
-      }
-    ];
-  };
-
-  services = {
-    kubo = {
-      dataDir = "/mnt/nas/ipfs";
-      enable = true;
-      enableGC = true;
-      settings.GateWay = {
-        NoFetch = true;
-        PublicGateways."${domain}" = {
-          Paths =  [ "/ipfs" "/ipns" ];
-          UseSubdomains = true;
-        };
-      };
-    };
-
-    nginx.virtualHosts = let
-      ipfsGateway = "http://localhost:8080";
-      ipfsProxy = {
-        forceSSL = true;
-        locations."/".proxyPass = ipfsGateway;
-        useACMEHost = domain;
-      };
-    in {
-      "${domain}".locations = {
-        "/ipfs".proxyPass = ipfsGateway;
-        "/ipns".proxyPass = ipfsGateway;
-      };
-      "*.ipfs.${domain}" = ipfsProxy;
-      "*.ipns.${domain}" = ipfsProxy;
-      "ipwhl.${domain}" = {
-        enableACME = true;
-        forceSSL = true;
-        locations."/".proxyPass = ipfsGateway;
-      };
-    };
-  };
-}