commit 65e74fc2b38643f9f259732188761435a29d1d13 · edouard.paris/atproto-nix-env

.gitignore

···

       0

···

       1
       +
       certs

+17

Caddyfile

···

       1
       +
       {

     

       2
       +
           auto_https off

     

       3
       +
       }

     

       4
       +
       

     

       5
       +
       localhost:8443 {

     

       6
       +
           tls ./certs/cert.pem ./certs/key.pem

     

       7
       +
       

     

       8
       +
           header Content-Type "text/plain"

     

       9
       +
           respond "Hello World!" 200

     

       10
       +
       }

     

       11
       +
       

     

       12
       +
       localhost:8444 {

     

       13
       +
           tls ./certs/cert.pem ./certs/key.pem

     

       14
       +
       

     

       15
       +
           header Content-Type "text/plain"

     

       16
       +
           respond "Hello API!" 200

     

       17
       +
       }

+27

flake.lock

···

       1
       +
       {

     

       2
       +
         "nodes": {

     

       3
       +
           "nixpkgs": {

     

       4
       +
             "locked": {

     

       5
       +
               "lastModified": 1758427187,

     

       6
       +
               "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=",

     

       7
       +
               "owner": "NixOS",

     

       8
       +
               "repo": "nixpkgs",

     

       9
       +
               "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46",

     

       10
       +
               "type": "github"

     

       11
       +
             },

     

       12
       +
             "original": {

     

       13
       +
               "owner": "NixOS",

     

       14
       +
               "ref": "nixos-unstable",

     

       15
       +
               "repo": "nixpkgs",

     

       16
       +
               "type": "github"

     

       17
       +
             }

     

       18
       +
           },

     

       19
       +
           "root": {

     

       20
       +
             "inputs": {

     

       21
       +
               "nixpkgs": "nixpkgs"

     

       22
       +
             }

     

       23
       +
           }

     

       24
       +
         },

     

       25
       +
         "root": "root",

     

       26
       +
         "version": 7

     

       27
       +
       }

+148

flake.nix

···

       1
       +
       {

     

       2
       +
         description = "Simple Caddy Hello World with custom certificates";

     

       3
       +
       

     

       4
       +
         inputs = {

     

       5
       +
           nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";

     

       6
       +
         };

     

       7
       +
       

     

       8
       +
         outputs = { self, nixpkgs }:

     

       9
       +
         let

     

       10
       +
           system = "x86_64-linux";

     

       11
       +
           pkgs = nixpkgs.legacyPackages.${system};

     

       12
       +
           did-plc-server = pkgs.callPackage ./packages/did-method-plc.nix { };

     

       13
       +
         in

     

       14
       +
         {

     

       15
       +
           packages.${system} = {

     

       16
       +
       

     

       17
       +
             did-plc-server = did-plc-server;

     

       18
       +
       

     

       19
       +
             # Script to generate certificates on host

     

       20
       +
             generate-certs = pkgs.writeShellScriptBin "generate-certs" ''

     

       21
       +
               set -e

     

       22
       +
       

     

       23
       +
               # Create certs directory

     

       24
       +
               mkdir -p ./certs

     

       25
       +
               cd ./certs

     

       26
       +
       

     

       27
       +
               echo "Generating certificates with mkcert..."

     

       28
       +
       

     

       29
       +
               # Generate wildcard certificate

     

       30
       +
               ${pkgs.mkcert}/bin/mkcert \

     

       31
       +
                 -cert-file cert.pem \

     

       32
       +
                 -key-file key.pem \

     

       33
       +
                 localhost \

     

       34
       +
                 127.0.0.1 \

     

       35
       +
                 ::1

     

       36
       +
       

     

       37
       +
               echo "Certificates generated in ./certs/"

     

       38
       +
               echo "Files created:"

     

       39
       +
               ls -la .

     

       40
       +
             '';

     

       41
       +
       

     

       42
       +
             caddy-proxy = pkgs.writeShellScriptBin "caddy-proxy" ''

     

       43
       +
               set -e

     

       44
       +
       

     

       45
       +
               # Default values

     

       46
       +
               CERT_DIR="./certs"

     

       47
       +
               CADDYFILE="./Caddyfile"

     

       48
       +
       

     

       49
       +
               # Parse arguments

     

       50
       +
               while [[ $# -gt 0 ]]; do

     

       51
       +
                 case $1 in

     

       52
       +
                   --cert-dir)

     

       53
       +
                     CERT_DIR="$2"

     

       54
       +
                     shift 2

     

       55
       +
                     ;;

     

       56
       +
                   --caddyfile)

     

       57
       +
                     CADDYFILE="$2"

     

       58
       +
                     shift 2

     

       59
       +
                     ;;

     

       60
       +
                   --help|-h)

     

       61
       +
                     echo "Usage: $0 [--cert-dir <directory>] [--caddyfile <file>]"

     

       62
       +
                     echo ""

     

       63
       +
                     echo "Options:"

     

       64
       +
                     echo "  --cert-dir <dir>     Directory containing certificates (default: ./certs)"

     

       65
       +
                     echo "  --caddyfile <file>   Path to Caddyfile (default: ./Caddyfile)"

     

       66
       +
                     echo "  --help, -h           Show this help message"

     

       67
       +
                     echo ""

     

       68
       +
                     echo "The certificate directory should contain:"

     

       69
       +
                     echo "  - cert.pem (certificate file)"

     

       70
       +
                     echo "  - key.pem (private key file)"

     

       71
       +
                     echo ""

     

       72
       +
                     echo "Examples:"

     

       73
       +
                     echo "  $0                                        # Use ./certs and ./Caddyfile"

     

       74
       +
                     echo "  $0 --cert-dir ~/my-certs                 # Custom cert directory"

     

       75
       +
                     echo "  $0 --caddyfile ~/my-caddy/Caddyfile      # Custom Caddyfile"

     

       76
       +
                     echo "  $0 --cert-dir ~/certs --caddyfile ./conf/Caddyfile"

     

       77
       +
                     exit 0

     

       78
       +
                     ;;

     

       79
       +
                   *)

     

       80
       +
                     echo "Unknown option: $1"

     

       81
       +
                     exit 1

     

       82
       +
                     ;;

     

       83
       +
                 esac

     

       84
       +
               done

     

       85
       +
       

     

       86
       +
               # Convert to absolute paths

     

       87
       +
               CERT_DIR=$(realpath "$CERT_DIR")

     

       88
       +
               CADDYFILE=$(realpath "$CADDYFILE")

     

       89
       +
       

     

       90
       +
               # Check if Caddyfile exists

     

       91
       +
               if [ ! -f "$CADDYFILE" ]; then

     

       92
       +
                 echo "ERROR: Caddyfile not found: $CADDYFILE"

     

       93
       +
                 echo "Create a Caddyfile or use: nix run .#generate-caddyfile"

     

       94
       +
                 exit 1

     

       95
       +
               fi

     

       96
       +
       

     

       97
       +
               # Check if certificate directory exists

     

       98
       +
               if [ ! -d "$CERT_DIR" ]; then

     

       99
       +
                 echo "ERROR: Certificate directory does not exist: $CERT_DIR"

     

       100
       +
                 echo "Please create the directory and add your certificates."

     

       101
       +
                 exit 1

     

       102
       +
               fi

     

       103
       +
       

     

       104
       +
               # Check for required certificates

     

       105
       +
               if [ ! -f "$CERT_DIR/cert.pem" ]; then

     

       106
       +
                 echo "ERROR: Missing cert.pem in $CERT_DIR"

     

       107
       +
                 exit 1

     

       108
       +
               fi

     

       109
       +
       

     

       110
       +
               if [ ! -f "$CERT_DIR/key.pem" ]; then

     

       111
       +
                 echo "ERROR: Missing key.pem in $CERT_DIR"

     

       112
       +
                 exit 1

     

       113
       +
               fi

     

       114
       +
       

     

       115
       +
               echo "Starting Caddy..."

     

       116
       +
               echo "Caddyfile: $CADDYFILE"

     

       117
       +
               echo "Certificates: $CERT_DIR"

     

       118
       +
               echo "Press Ctrl+C to stop"

     

       119
       +
               echo ""

     

       120
       +
       

     

       121
       +
               # Set environment variables that can be used in Caddyfile

     

       122
       +
               export CERT_DIR

     

       123
       +
               export CERT_FILE="$CERT_DIR/cert.pem"

     

       124
       +
               export KEY_FILE="$CERT_DIR/key.pem"

     

       125
       +
       

     

       126
       +
               # Run Caddy with the specified Caddyfile

     

       127
       +
               ${pkgs.caddy}/bin/caddy run --config "$CADDYFILE"

     

       128
       +
             '';

     

       129
       +
           };

     

       130
       +
       

     

       131
       +
           # Development shell

     

       132
       +
           devShells.${system}.default = pkgs.mkShell {

     

       133
       +
             buildInputs = with pkgs; [

     

       134
       +
               caddy

     

       135
       +
               mkcert

     

       136
       +
               curl

     

       137
       +
             ];

     

       138
       +
       

     

       139
       +
             shellHook = ''

     

       140
       +
               echo "Caddy development environment"

     

       141
       +
               echo "Available commands:"

     

       142
       +
               echo "  nix run .#generate-certs  - Generate test certificates"

     

       143
       +
               echo "  nix run .#caddy-proxy     - Start Caddy with full config"

     

       144
       +
               echo "  nix run .#caddy-oneliner  - Start Caddy with minimal config"

     

       145
       +
             '';

     

       146
       +
           };

     

       147
       +
         };

     

       148
       +
       }

+65

packages/did-method-plc.nix

···

       1
       +
       {

     

       2
       +
         stdenv,

     

       3
       +
         makeBinaryWrapper,

     

       4
       +
         pnpm_9,

     

       5
       +
         fetchgit,

     

       6
       +
         nodejs,

     

       7
       +
         lib,

     

       8
       +
       }:

     

       9
       +
       

     

       10
       +
       stdenv.mkDerivation (finalAttrs: {

     

       11
       +
         pname = "did-method-plc";

     

       12
       +
         version = "0.1.0";

     

       13
       +
       

     

       14
       +
         src = fetchgit {

     

       15
       +
           url = "https://tangled.org/@edouard.paris/did-method-plc";

     

       16
       +
           # rev = "migrate-to-pnpm";

     

       17
       +
           hash = "sha256-KewRzr0DwCdB4lqpAC5A82Vd7Y9fmRyXwoc2i23Cr+g=";

     

       18
       +
         };

     

       19
       +
       

     

       20
       +
         sourceRoot = "${finalAttrs.src.name}";

     

       21
       +
       

     

       22
       +
         nativeBuildInputs = [

     

       23
       +
           makeBinaryWrapper

     

       24
       +
           nodejs

     

       25
       +
           pnpm_9.configHook

     

       26
       +
         ];

     

       27
       +
       

     

       28
       +
         pnpmDeps = pnpm_9.fetchDeps {

     

       29
       +
           inherit (finalAttrs) pname version src sourceRoot;

     

       30
       +
           fetcherVersion = 1;

     

       31
       +
           hash = "sha256-cGS8adYh70urpxQEq3ipl7cgSGNlu5MDdXz/qefakNE=";

     

       32
       +
         };

     

       33
       +
       

     

       34
       +
         buildPhase = ''

     

       35
       +
           runHook preBuild

     

       36
       +
           # Build if needed

     

       37
       +
           pnpm --filter @did-plc/server build || true

     

       38
       +
           runHook postBuild

     

       39
       +
         '';

     

       40
       +
       

     

       41
       +
         installPhase = ''

     

       42
       +
           runHook preInstall

     

       43
       +
       

     

       44
       +
           mkdir -p $out/{bin,share/did-plc-server}

     

       45
       +
       

     

       46
       +
           # Copy the source and dependencies

     

       47
       +
           cp -r . $out/share/did-plc-server/

     

       48
       +
       

     

       49
       +
           # Create the executable wrapper

     

       50
       +
           makeWrapper "${lib.getExe pnpm_9}" "$out/bin/did-plc-server" \

     

       51
       +
             --chdir "$out/share/did-plc-server" \

     

       52
       +
             --set-default LOG_ENABLED "true" \

     

       53
       +
             --set-default LOG_LEVEL "debug" \

     

       54
       +
             --add-flags "--filter" \

     

       55
       +
             --add-flags "@did-plc/server" \

     

       56
       +
             --add-flags "start"

     

       57
       +
       

     

       58
       +
           runHook postInstall

     

       59
       +
         '';

     

       60
       +
       

     

       61
       +
         meta = {

     

       62
       +
           description = "DID PLC Server from monorepo";

     

       63
       +
           mainProgram = "did-plc-server";

     

       64
       +
         };

     

       65
       +
       })