···

       
1
       
1
       
 
       
certs

     

       
2
       
2
       
+
       
data

     

···

       
15
       
15
       
 
       
    header Content-Type "text/plain"

     

       
16
       
16
       
 
       
    respond "Hello API!" 200

     

       
17
       
17
       
 
       
}

     

       
18
       
18
       
+
       


     

       
19
       
19
       
+
       
pds.example.org:8443 {

     

       
20
       
20
       
+
       
    tls ./certs/cert.pem ./certs/key.pem

     

       
21
       
21
       
+
       


     

       
22
       
22
       
+
       
    reverse_proxy localhost:3000

     

       
23
       
23
       
+
       
}

     

       
24
       
24
       
+
       


     

       
25
       
25
       
+
       
plc.example.org:8444 {

     

       
26
       
26
       
+
       
    tls ./certs/cert.pem ./certs/key.pem

     

       
27
       
27
       
+
       


     

       
28
       
28
       
+
       
    reverse_proxy localhost:2582

     

       
29
       
29
       
+
       
}

     

···

       
32
       
32
       
 
       
          -key-file key.pem \

     

       
33
       
33
       
 
       
          localhost \

     

       
34
       
34
       
 
       
          127.0.0.1 \

     

       
35
       
35
       
-
       
          ::1

     

       
35
       
35
       
+
       
          ::1 \

     

       
36
       
36
       
+
       
          pds.example.org \

     

       
37
       
37
       
+
       
          plc.example.org

     

       
36
       
38
       
 
       


     

       
37
       
39
       
 
       
        echo "Certificates generated in ./certs/"

     

       
38
       
40
       
 
       
        echo "Files created:"

     
···

       
126
       
128
       
 
       
        # Run Caddy with the specified Caddyfile

     

       
127
       
129
       
 
       
        ${pkgs.caddy}/bin/caddy run --config "$CADDYFILE"

     

       
128
       
130
       
 
       
      '';

     

       
131
       
131
       
+
       


     

       
132
       
132
       
+
       
      # Script to start bluesky-pds

     

       
133
       
133
       
+
       
      pds = pkgs.writeShellScriptBin "pds" ''

     

       
134
       
134
       
+
       
        set -e

     

       
135
       
135
       
+
       
        

     

       
136
       
136
       
+
       
        # Default port for bluesky-pds

     

       
137
       
137
       
+
       
        PORT=''${BLUESKY_PDS_PORT:-3000}

     

       
138
       
138
       
+
       
        

     

       
139
       
139
       
+
       
        # Create data directories

     

       
140
       
140
       
+
       
        mkdir -p ./data/pds/blocks

     

       
141
       
141
       
+
       
        mkdir -p ./data/pds/db

     

       
142
       
142
       
+
       
        

     

       
143
       
143
       
+
       
        echo "Starting Bluesky PDS on port $PORT..."

     

       
144
       
144
       
+
       
        echo "Data directory: ./data/pds"

     

       
145
       
145
       
+
       
        

     

       
146
       
146
       
+
       
        # Configure for local disk storage

     

       
147
       
147
       
+
       
        export PDS_DATA_DIRECTORY="./data/pds"

     

       
148
       
148
       
+
       
        export PDS_BLOBSTORE_DISK_LOCATION="./data/pds/blocks"

     

       
149
       
149
       
+
       
        export PDS_DB_SQLITE_LOCATION="./data/pds/db/pds.sqlite"

     

       
150
       
150
       
+
       
        export PDS_PORT="$PORT"

     

       
151
       
151
       
+
       
        

     

       
152
       
152
       
+
       
        # Generate or use existing PLC rotation key

     

       
153
       
153
       
+
       
        if [ ! -f "./data/pds/plc-rotation-key.txt" ]; then

     

       
154
       
154
       
+
       
          echo "Generating PLC rotation key..."

     

       
155
       
155
       
+
       
          openssl rand -hex 32 > ./data/pds/plc-rotation-key.txt

     

       
156
       
156
       
+
       
        fi

     

       
157
       
157
       
+
       
        export PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="$(cat ./data/pds/plc-rotation-key.txt)"

     

       
158
       
158
       
+
       
        

     

       
159
       
159
       
+
       
        # Generate or use existing JWT secret

     

       
160
       
160
       
+
       
        if [ ! -f "./data/pds/jwt-secret.txt" ]; then

     

       
161
       
161
       
+
       
          echo "Generating JWT secret..."

     

       
162
       
162
       
+
       
          openssl rand -hex 32 > ./data/pds/jwt-secret.txt

     

       
163
       
163
       
+
       
        fi

     

       
164
       
164
       
+
       
        export PDS_JWT_SECRET="$(cat ./data/pds/jwt-secret.txt)"

     

       
165
       
165
       
+
       
        

     

       
166
       
166
       
+
       
        # Set admin password

     

       
167
       
167
       
+
       
        export PDS_ADMIN_PASSWORD="admin"

     

       
168
       
168
       
+
       
        

     

       
169
       
169
       
+
       
        # Set hostname and URL scheme (using example.org domain)

     

       
170
       
170
       
+
       
        export PDS_HOSTNAME="pds.example.org:8443"

     

       
171
       
171
       
+
       
        export PDS_SERVICE_URL="https://pds.example.org:8443"

     

       
172
       
172
       
+
       
        

     

       
173
       
173
       
+
       
        # Enable development mode

     

       
174
       
174
       
+
       
        export PDS_DEV_MODE="true"

     

       
175
       
175
       
+
       
        

     

       
176
       
176
       
+
       
        ${pkgs.bluesky-pds}/bin/pds

     

       
177
       
177
       
+
       
      '';

     

       
129
       
178
       
 
       
    };

     

       
130
       
179
       
 
       


     

       
131
       
180
       
 
       
    # Development shell

     
···

       
134
       
183
       
 
       
        caddy

     

       
135
       
184
       
 
       
        mkcert

     

       
136
       
185
       
 
       
        curl

     

       
186
       
186
       
+
       
        bluesky-pds

     

       
187
       
187
       
+
       
        openssl

     

       
137
       
188
       
 
       
      ];

     

       
138
       
189
       
 
       


     

       
139
       
190
       
 
       
      shellHook = ''

     

       
140
       
140
       
-
       
        echo "Caddy development environment"

     

       
191
       
191
       
+
       
        echo "Caddy development environment with Bluesky PDS"

     

       
141
       
192
       
 
       
        echo "Available commands:"

     

       
142
       
193
       
 
       
        echo "  nix run .#generate-certs  - Generate test certificates"

     

       
143
       
194
       
 
       
        echo "  nix run .#caddy-proxy     - Start Caddy with full config"

     

       
144
       
144
       
-
       
        echo "  nix run .#caddy-oneliner  - Start Caddy with minimal config"

     

       
195
       
195
       
+
       
        echo "  nix run .#pds             - Start Bluesky PDS server"

     

       
196
       
196
       
+
       
        echo ""

     

       
197
       
197
       
+
       
        echo "Services:"

     

       
198
       
198
       
+
       
        echo "  Bluesky PDS: https://pds.example.org:8443 (proxied from port 3000)"

     

       
199
       
199
       
+
       
        echo "  DID PLC:     https://plc.example.org:8444 (proxied from port 2582)"

     

       
200
       
200
       
+
       
        echo ""

     

       
201
       
201
       
+
       
        echo "Environment variables:"

     

       
202
       
202
       
+
       
        echo "  BLUESKY_PDS_PORT=3000     - Port for Bluesky PDS (default: 3000)"

     

       
203
       
203
       
+
       
        echo ""

     

       
204
       
204
       
+
       
        echo "Usage:"

     

       
205
       
205
       
+
       
        echo "  1. Add these lines to your /etc/hosts file:"

     

       
206
       
206
       
+
       
        echo "     127.0.0.1 pds.example.org"

     

       
207
       
207
       
+
       
        echo "     127.0.0.1 plc.example.org"

     

       
208
       
208
       
+
       
        echo "  2. Run 'nix run .#generate-certs' to create certificates"

     

       
209
       
209
       
+
       
        echo "  3. Run 'nix run .#did-plc-server' in one terminal (if needed)"

     

       
210
       
210
       
+
       
        echo "  4. Run 'nix run .#pds' in another terminal"

     

       
211
       
211
       
+
       
        echo "  5. Run 'nix run .#caddy-proxy' in another terminal"

     

       
212
       
212
       
+
       
        echo "  6. Access services at:"

     

       
213
       
213
       
+
       
        echo "     - Bluesky PDS: https://pds.example.org:8443"

     

       
214
       
214
       
+
       
        echo "     - DID PLC: https://plc.example.org:8444"

     

       
145
       
215
       
 
       
      '';

     

       
146
       
216
       
 
       
    };

     

       
147
       
217
       
 
       
  };