edouard.paris / atproto-nix-env
Flake to setup a local env for atproto development
fork atom

Add pds

edouard.paris 42f26759 65e74fc2

verified
options
unified split
Changed files
+86 -3
.gitignore
Caddyfile
flake.nix
+1
.gitignore 
···

       
1

       
 

       
certs


     

       

       

       
     
···

       
1

       
 

       
certs


     

       
2

       
+

       
data
+12
Caddyfile 
···

       
15

       
 

       
    header Content-Type "text/plain"


     

       
16

       
 

       
    respond "Hello API!" 200


     

       
17

       
 

       
}


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
15

       
 

       
    header Content-Type "text/plain"


     

       
16

       
 

       
    respond "Hello API!" 200


     

       
17

       
 

       
}


     

       
18

       
+

       



     

       
19

       
+

       
pds.example.org:8443 {


     

       
20

       
+

       
    tls ./certs/cert.pem ./certs/key.pem


     

       
21

       
+

       



     

       
22

       
+

       
    reverse_proxy localhost:3000


     

       
23

       
+

       
}


     

       
24

       
+

       



     

       
25

       
+

       
plc.example.org:8444 {


     

       
26

       
+

       
    tls ./certs/cert.pem ./certs/key.pem


     

       
27

       
+

       



     

       
28

       
+

       
    reverse_proxy localhost:2582


     

       
29

       
+

       
}
+73 -3
flake.nix 
···

       
32

       
 

       
          -key-file key.pem \


     

       
33

       
 

       
          localhost \


     

       
34

       
 

       
          127.0.0.1 \


     

       
35

       
-

       
          ::1


     

       

       

       
     

       

       

       
     

       
36

       
 

       



     

       
37

       
 

       
        echo "Certificates generated in ./certs/"


     

       
38

       
 

       
        echo "Files created:"


     
···

       
126

       
 

       
        # Run Caddy with the specified Caddyfile


     

       
127

       
 

       
        ${pkgs.caddy}/bin/caddy run --config "$CADDYFILE"


     

       
128

       
 

       
      '';


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
129

       
 

       
    };


     

       
130

       
 

       



     

       
131

       
 

       
    # Development shell


     
···

       
134

       
 

       
        caddy


     

       
135

       
 

       
        mkcert


     

       
136

       
 

       
        curl


     

       

       

       
     

       

       

       
     

       
137

       
 

       
      ];


     

       
138

       
 

       



     

       
139

       
 

       
      shellHook = ''


     

       
140

       
-

       
        echo "Caddy development environment"


     

       
141

       
 

       
        echo "Available commands:"


     

       
142

       
 

       
        echo "  nix run .#generate-certs  - Generate test certificates"


     

       
143

       
 

       
        echo "  nix run .#caddy-proxy     - Start Caddy with full config"


     

       
144

       
-

       
        echo "  nix run .#caddy-oneliner  - Start Caddy with minimal config"


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
145

       
 

       
      '';


     

       
146

       
 

       
    };


     

       
147

       
 

       
  };


     
···

       
32

       
 

       
          -key-file key.pem \


     

       
33

       
 

       
          localhost \


     

       
34

       
 

       
          127.0.0.1 \


     

       
35

       
+

       
          ::1 \


     

       
36

       
+

       
          pds.example.org \


     

       
37

       
+

       
          plc.example.org


     

       
38

       
 

       



     

       
39

       
 

       
        echo "Certificates generated in ./certs/"


     

       
40

       
 

       
        echo "Files created:"


     
···

       
128

       
 

       
        # Run Caddy with the specified Caddyfile


     

       
129

       
 

       
        ${pkgs.caddy}/bin/caddy run --config "$CADDYFILE"


     

       
130

       
 

       
      '';


     

       
131

       
+

       



     

       
132

       
+

       
      # Script to start bluesky-pds


     

       
133

       
+

       
      pds = pkgs.writeShellScriptBin "pds" ''


     

       
134

       
+

       
        set -e


     

       
135

       
+

       
        


     

       
136

       
+

       
        # Default port for bluesky-pds


     

       
137

       
+

       
        PORT=''${BLUESKY_PDS_PORT:-3000}


     

       
138

       
+

       
        


     

       
139

       
+

       
        # Create data directories


     

       
140

       
+

       
        mkdir -p ./data/pds/blocks


     

       
141

       
+

       
        mkdir -p ./data/pds/db


     

       
142

       
+

       
        


     

       
143

       
+

       
        echo "Starting Bluesky PDS on port $PORT..."


     

       
144

       
+

       
        echo "Data directory: ./data/pds"


     

       
145

       
+

       
        


     

       
146

       
+

       
        # Configure for local disk storage


     

       
147

       
+

       
        export PDS_DATA_DIRECTORY="./data/pds"


     

       
148

       
+

       
        export PDS_BLOBSTORE_DISK_LOCATION="./data/pds/blocks"


     

       
149

       
+

       
        export PDS_DB_SQLITE_LOCATION="./data/pds/db/pds.sqlite"


     

       
150

       
+

       
        export PDS_PORT="$PORT"


     

       
151

       
+

       
        


     

       
152

       
+

       
        # Generate or use existing PLC rotation key


     

       
153

       
+

       
        if [ ! -f "./data/pds/plc-rotation-key.txt" ]; then


     

       
154

       
+

       
          echo "Generating PLC rotation key..."


     

       
155

       
+

       
          openssl rand -hex 32 > ./data/pds/plc-rotation-key.txt


     

       
156

       
+

       
        fi


     

       
157

       
+

       
        export PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="$(cat ./data/pds/plc-rotation-key.txt)"


     

       
158

       
+

       
        


     

       
159

       
+

       
        # Generate or use existing JWT secret


     

       
160

       
+

       
        if [ ! -f "./data/pds/jwt-secret.txt" ]; then


     

       
161

       
+

       
          echo "Generating JWT secret..."


     

       
162

       
+

       
          openssl rand -hex 32 > ./data/pds/jwt-secret.txt


     

       
163

       
+

       
        fi


     

       
164

       
+

       
        export PDS_JWT_SECRET="$(cat ./data/pds/jwt-secret.txt)"


     

       
165

       
+

       
        


     

       
166

       
+

       
        # Set admin password


     

       
167

       
+

       
        export PDS_ADMIN_PASSWORD="admin"


     

       
168

       
+

       
        


     

       
169

       
+

       
        # Set hostname and URL scheme (using example.org domain)


     

       
170

       
+

       
        export PDS_HOSTNAME="pds.example.org:8443"


     

       
171

       
+

       
        export PDS_SERVICE_URL="https://pds.example.org:8443"


     

       
172

       
+

       
        


     

       
173

       
+

       
        # Enable development mode


     

       
174

       
+

       
        export PDS_DEV_MODE="true"


     

       
175

       
+

       
        


     

       
176

       
+

       
        ${pkgs.bluesky-pds}/bin/pds


     

       
177

       
+

       
      '';


     

       
178

       
 

       
    };


     

       
179

       
 

       



     

       
180

       
 

       
    # Development shell


     
···

       
183

       
 

       
        caddy


     

       
184

       
 

       
        mkcert


     

       
185

       
 

       
        curl


     

       
186

       
+

       
        bluesky-pds


     

       
187

       
+

       
        openssl


     

       
188

       
 

       
      ];


     

       
189

       
 

       



     

       
190

       
 

       
      shellHook = ''


     

       
191

       
+

       
        echo "Caddy development environment with Bluesky PDS"


     

       
192

       
 

       
        echo "Available commands:"


     

       
193

       
 

       
        echo "  nix run .#generate-certs  - Generate test certificates"


     

       
194

       
 

       
        echo "  nix run .#caddy-proxy     - Start Caddy with full config"


     

       
195

       
+

       
        echo "  nix run .#pds             - Start Bluesky PDS server"


     

       
196

       
+

       
        echo ""


     

       
197

       
+

       
        echo "Services:"


     

       
198

       
+

       
        echo "  Bluesky PDS: https://pds.example.org:8443 (proxied from port 3000)"


     

       
199

       
+

       
        echo "  DID PLC:     https://plc.example.org:8444 (proxied from port 2582)"


     

       
200

       
+

       
        echo ""


     

       
201

       
+

       
        echo "Environment variables:"


     

       
202

       
+

       
        echo "  BLUESKY_PDS_PORT=3000     - Port for Bluesky PDS (default: 3000)"


     

       
203

       
+

       
        echo ""


     

       
204

       
+

       
        echo "Usage:"


     

       
205

       
+

       
        echo "  1. Add these lines to your /etc/hosts file:"


     

       
206

       
+

       
        echo "     127.0.0.1 pds.example.org"


     

       
207

       
+

       
        echo "     127.0.0.1 plc.example.org"


     

       
208

       
+

       
        echo "  2. Run 'nix run .#generate-certs' to create certificates"


     

       
209

       
+

       
        echo "  3. Run 'nix run .#did-plc-server' in one terminal (if needed)"


     

       
210

       
+

       
        echo "  4. Run 'nix run .#pds' in another terminal"


     

       
211

       
+

       
        echo "  5. Run 'nix run .#caddy-proxy' in another terminal"


     

       
212

       
+

       
        echo "  6. Access services at:"


     

       
213

       
+

       
        echo "     - Bluesky PDS: https://pds.example.org:8443"


     

       
214

       
+

       
        echo "     - DID PLC: https://plc.example.org:8444"


     

       
215

       
 

       
      '';


     

       
216

       
 

       
    };


     

       
217

       
 

       
  };