···

       
10
       
10
       
 
       
    system = "x86_64-linux";

     

       
11
       
11
       
 
       
    pkgs = nixpkgs.legacyPackages.${system};

     

       
12
       
12
       
 
       
    did-plc-server = pkgs.callPackage ./packages/did-method-plc.nix { };

     

       
13
       
13
       
+
       
    caddy-proxy = pkgs.callPackage ./packages/caddy.nix { };

     

       
14
       
14
       
+
       
    pds = pkgs.callPackage ./packages/pds.nix { };

     

       
13
       
15
       
 
       
  in

     

       
14
       
16
       
 
       
  {

     

       
15
       
17
       
 
       
    packages.${system} = {

     

       
16
       
18
       
 
       


     

       
17
       
19
       
 
       
      did-plc-server = did-plc-server;

     

       
20
       
20
       
+
       


     

       
21
       
21
       
+
       
      caddy-proxy = caddy-proxy;

     

       
22
       
22
       
+
       


     

       
23
       
23
       
+
       
      pds = pds;

     

       
18
       
24
       
 
       


     

       
19
       
25
       
 
       
      # Script to generate certificates on host

     

       
20
       
26
       
 
       
      generate-certs = pkgs.writeShellScriptBin "generate-certs" ''

     
···

       
39
       
45
       
 
       
        echo "Certificates generated in ./certs/"

     

       
40
       
46
       
 
       
        echo "Files created:"

     

       
41
       
47
       
 
       
        ls -la .

     

       
42
       
42
       
-
       
      '';

     

       
43
       
43
       
-
       


     

       
44
       
44
       
-
       
      caddy-proxy = pkgs.writeShellScriptBin "caddy-proxy" ''

     

       
45
       
45
       
-
       
        set -e

     

       
46
       
46
       
-
       


     

       
47
       
47
       
-
       
        # Default values

     

       
48
       
48
       
-
       
        CERT_DIR="./certs"

     

       
49
       
49
       
-
       
        CADDYFILE="./Caddyfile"

     

       
50
       
50
       
-
       


     

       
51
       
51
       
-
       
        # Parse arguments

     

       
52
       
52
       
-
       
        while [[ $# -gt 0 ]]; do

     

       
53
       
53
       
-
       
          case $1 in

     

       
54
       
54
       
-
       
            --cert-dir)

     

       
55
       
55
       
-
       
              CERT_DIR="$2"

     

       
56
       
56
       
-
       
              shift 2

     

       
57
       
57
       
-
       
              ;;

     

       
58
       
58
       
-
       
            --caddyfile)

     

       
59
       
59
       
-
       
              CADDYFILE="$2"

     

       
60
       
60
       
-
       
              shift 2

     

       
61
       
61
       
-
       
              ;;

     

       
62
       
62
       
-
       
            --help|-h)

     

       
63
       
63
       
-
       
              echo "Usage: $0 [--cert-dir <directory>] [--caddyfile <file>]"

     

       
64
       
64
       
-
       
              echo ""

     

       
65
       
65
       
-
       
              echo "Options:"

     

       
66
       
66
       
-
       
              echo "  --cert-dir <dir>     Directory containing certificates (default: ./certs)"

     

       
67
       
67
       
-
       
              echo "  --caddyfile <file>   Path to Caddyfile (default: ./Caddyfile)"

     

       
68
       
68
       
-
       
              echo "  --help, -h           Show this help message"

     

       
69
       
69
       
-
       
              echo ""

     

       
70
       
70
       
-
       
              echo "The certificate directory should contain:"

     

       
71
       
71
       
-
       
              echo "  - cert.pem (certificate file)"

     

       
72
       
72
       
-
       
              echo "  - key.pem (private key file)"

     

       
73
       
73
       
-
       
              echo ""

     

       
74
       
74
       
-
       
              echo "Examples:"

     

       
75
       
75
       
-
       
              echo "  $0                                        # Use ./certs and ./Caddyfile"

     

       
76
       
76
       
-
       
              echo "  $0 --cert-dir ~/my-certs                 # Custom cert directory"

     

       
77
       
77
       
-
       
              echo "  $0 --caddyfile ~/my-caddy/Caddyfile      # Custom Caddyfile"

     

       
78
       
78
       
-
       
              echo "  $0 --cert-dir ~/certs --caddyfile ./conf/Caddyfile"

     

       
79
       
79
       
-
       
              exit 0

     

       
80
       
80
       
-
       
              ;;

     

       
81
       
81
       
-
       
            *)

     

       
82
       
82
       
-
       
              echo "Unknown option: $1"

     

       
83
       
83
       
-
       
              exit 1

     

       
84
       
84
       
-
       
              ;;

     

       
85
       
85
       
-
       
          esac

     

       
86
       
86
       
-
       
        done

     

       
87
       
87
       
-
       


     

       
88
       
88
       
-
       
        # Convert to absolute paths

     

       
89
       
89
       
-
       
        CERT_DIR=$(realpath "$CERT_DIR")

     

       
90
       
90
       
-
       
        CADDYFILE=$(realpath "$CADDYFILE")

     

       
91
       
91
       
-
       


     

       
92
       
92
       
-
       
        # Check if Caddyfile exists

     

       
93
       
93
       
-
       
        if [ ! -f "$CADDYFILE" ]; then

     

       
94
       
94
       
-
       
          echo "ERROR: Caddyfile not found: $CADDYFILE"

     

       
95
       
95
       
-
       
          echo "Create a Caddyfile or use: nix run .#generate-caddyfile"

     

       
96
       
96
       
-
       
          exit 1

     

       
97
       
97
       
-
       
        fi

     

       
98
       
98
       
-
       


     

       
99
       
99
       
-
       
        # Check if certificate directory exists

     

       
100
       
100
       
-
       
        if [ ! -d "$CERT_DIR" ]; then

     

       
101
       
101
       
-
       
          echo "ERROR: Certificate directory does not exist: $CERT_DIR"

     

       
102
       
102
       
-
       
          echo "Please create the directory and add your certificates."

     

       
103
       
103
       
-
       
          exit 1

     

       
104
       
104
       
-
       
        fi

     

       
105
       
105
       
-
       


     

       
106
       
106
       
-
       
        # Check for required certificates

     

       
107
       
107
       
-
       
        if [ ! -f "$CERT_DIR/cert.pem" ]; then

     

       
108
       
108
       
-
       
          echo "ERROR: Missing cert.pem in $CERT_DIR"

     

       
109
       
109
       
-
       
          exit 1

     

       
110
       
110
       
-
       
        fi

     

       
111
       
111
       
-
       


     

       
112
       
112
       
-
       
        if [ ! -f "$CERT_DIR/key.pem" ]; then

     

       
113
       
113
       
-
       
          echo "ERROR: Missing key.pem in $CERT_DIR"

     

       
114
       
114
       
-
       
          exit 1

     

       
115
       
115
       
-
       
        fi

     

       
116
       
116
       
-
       


     

       
117
       
117
       
-
       
        echo "Starting Caddy..."

     

       
118
       
118
       
-
       
        echo "Caddyfile: $CADDYFILE"

     

       
119
       
119
       
-
       
        echo "Certificates: $CERT_DIR"

     

       
120
       
120
       
-
       
        echo "Press Ctrl+C to stop"

     

       
121
       
121
       
-
       
        echo ""

     

       
122
       
122
       
-
       


     

       
123
       
123
       
-
       
        # Set environment variables that can be used in Caddyfile

     

       
124
       
124
       
-
       
        export CERT_DIR

     

       
125
       
125
       
-
       
        export CERT_FILE="$CERT_DIR/cert.pem"

     

       
126
       
126
       
-
       
        export KEY_FILE="$CERT_DIR/key.pem"

     

       
127
       
127
       
-
       


     

       
128
       
128
       
-
       
        # Run Caddy with the specified Caddyfile

     

       
129
       
129
       
-
       
        ${pkgs.caddy}/bin/caddy run --config "$CADDYFILE"

     

       
130
       
130
       
-
       
      '';

     

       
131
       
131
       
-
       


     

       
132
       
132
       
-
       
      # Script to start bluesky-pds

     

       
133
       
133
       
-
       
      pds = pkgs.writeShellScriptBin "pds" ''

     

       
134
       
134
       
-
       
        set -e

     

       
135
       
135
       
-
       
        

     

       
136
       
136
       
-
       
        # Default port for bluesky-pds

     

       
137
       
137
       
-
       
        PORT=''${BLUESKY_PDS_PORT:-3000}

     

       
138
       
138
       
-
       
        

     

       
139
       
139
       
-
       
        # Create data directories

     

       
140
       
140
       
-
       
        mkdir -p ./data/pds/blocks

     

       
141
       
141
       
-
       
        mkdir -p ./data/pds/db

     

       
142
       
142
       
-
       
        

     

       
143
       
143
       
-
       
        echo "Starting Bluesky PDS on port $PORT..."

     

       
144
       
144
       
-
       
        echo "Data directory: ./data/pds"

     

       
145
       
145
       
-
       
        

     

       
146
       
146
       
-
       
        # Configure for local disk storage

     

       
147
       
147
       
-
       
        export PDS_DATA_DIRECTORY="./data/pds"

     

       
148
       
148
       
-
       
        export PDS_BLOBSTORE_DISK_LOCATION="./data/pds/blocks"

     

       
149
       
149
       
-
       
        export PDS_DB_SQLITE_LOCATION="./data/pds/db/pds.sqlite"

     

       
150
       
150
       
-
       
        export PDS_PORT="$PORT"

     

       
151
       
151
       
-
       
        

     

       
152
       
152
       
-
       
        # Generate or use existing PLC rotation key

     

       
153
       
153
       
-
       
        if [ ! -f "./data/pds/plc-rotation-key.txt" ]; then

     

       
154
       
154
       
-
       
          echo "Generating PLC rotation key..."

     

       
155
       
155
       
-
       
          openssl rand -hex 32 > ./data/pds/plc-rotation-key.txt

     

       
156
       
156
       
-
       
        fi

     

       
157
       
157
       
-
       
        export PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="$(cat ./data/pds/plc-rotation-key.txt)"

     

       
158
       
158
       
-
       
        

     

       
159
       
159
       
-
       
        # Generate or use existing JWT secret

     

       
160
       
160
       
-
       
        if [ ! -f "./data/pds/jwt-secret.txt" ]; then

     

       
161
       
161
       
-
       
          echo "Generating JWT secret..."

     

       
162
       
162
       
-
       
          openssl rand -hex 32 > ./data/pds/jwt-secret.txt

     

       
163
       
163
       
-
       
        fi

     

       
164
       
164
       
-
       
        export PDS_JWT_SECRET="$(cat ./data/pds/jwt-secret.txt)"

     

       
165
       
165
       
-
       
        

     

       
166
       
166
       
-
       
        # Set admin password

     

       
167
       
167
       
-
       
        export PDS_ADMIN_PASSWORD="admin"

     

       
168
       
168
       
-
       
        

     

       
169
       
169
       
-
       
        # Set hostname and URL scheme (using example.org domain)

     

       
170
       
170
       
-
       
        export PDS_HOSTNAME="pds.example.org:8443"

     

       
171
       
171
       
-
       
        export PDS_SERVICE_URL="https://pds.example.org:8443"

     

       
172
       
172
       
-
       
        

     

       
173
       
173
       
-
       
        # Enable development mode

     

       
174
       
174
       
-
       
        export PDS_DEV_MODE="true"

     

       
175
       
175
       
-
       
        

     

       
176
       
176
       
-
       
        ${pkgs.bluesky-pds}/bin/pds

     

       
177
       
48
       
 
       
      '';

     

       
178
       
49
       
 
       
    };

     

       
179
       
50
       
 
       


     

···

       
1
       
1
       
+
       
{ pkgs }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
pkgs.writeShellScriptBin "caddy-proxy" ''

     

       
4
       
4
       
+
       
  set -e

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
  # Default values

     

       
7
       
7
       
+
       
  CERT_DIR="./certs"

     

       
8
       
8
       
+
       
  CADDYFILE="./Caddyfile"

     

       
9
       
9
       
+
       


     

       
10
       
10
       
+
       
  # Parse arguments

     

       
11
       
11
       
+
       
  while [[ $# -gt 0 ]]; do

     

       
12
       
12
       
+
       
    case $1 in

     

       
13
       
13
       
+
       
      --cert-dir)

     

       
14
       
14
       
+
       
        CERT_DIR="$2"

     

       
15
       
15
       
+
       
        shift 2

     

       
16
       
16
       
+
       
        ;;

     

       
17
       
17
       
+
       
      --caddyfile)

     

       
18
       
18
       
+
       
        CADDYFILE="$2"

     

       
19
       
19
       
+
       
        shift 2

     

       
20
       
20
       
+
       
        ;;

     

       
21
       
21
       
+
       
      --help|-h)

     

       
22
       
22
       
+
       
        echo "Usage: $0 [--cert-dir <directory>] [--caddyfile <file>]"

     

       
23
       
23
       
+
       
        echo ""

     

       
24
       
24
       
+
       
        echo "Options:"

     

       
25
       
25
       
+
       
        echo "  --cert-dir <dir>     Directory containing certificates (default: ./certs)"

     

       
26
       
26
       
+
       
        echo "  --caddyfile <file>   Path to Caddyfile (default: ./Caddyfile)"

     

       
27
       
27
       
+
       
        echo "  --help, -h           Show this help message"

     

       
28
       
28
       
+
       
        echo ""

     

       
29
       
29
       
+
       
        echo "The certificate directory should contain:"

     

       
30
       
30
       
+
       
        echo "  - cert.pem (certificate file)"

     

       
31
       
31
       
+
       
        echo "  - key.pem (private key file)"

     

       
32
       
32
       
+
       
        echo ""

     

       
33
       
33
       
+
       
        echo "Examples:"

     

       
34
       
34
       
+
       
        echo "  $0                                        # Use ./certs and ./Caddyfile"

     

       
35
       
35
       
+
       
        echo "  $0 --cert-dir ~/my-certs                 # Custom cert directory"

     

       
36
       
36
       
+
       
        echo "  $0 --caddyfile ~/my-caddy/Caddyfile      # Custom Caddyfile"

     

       
37
       
37
       
+
       
        echo "  $0 --cert-dir ~/certs --caddyfile ./conf/Caddyfile"

     

       
38
       
38
       
+
       
        exit 0

     

       
39
       
39
       
+
       
        ;;

     

       
40
       
40
       
+
       
      *)

     

       
41
       
41
       
+
       
        echo "Unknown option: $1"

     

       
42
       
42
       
+
       
        exit 1

     

       
43
       
43
       
+
       
        ;;

     

       
44
       
44
       
+
       
    esac

     

       
45
       
45
       
+
       
  done

     

       
46
       
46
       
+
       


     

       
47
       
47
       
+
       
  # Convert to absolute paths

     

       
48
       
48
       
+
       
  CERT_DIR=$(realpath "$CERT_DIR")

     

       
49
       
49
       
+
       
  CADDYFILE=$(realpath "$CADDYFILE")

     

       
50
       
50
       
+
       


     

       
51
       
51
       
+
       
  # Check if Caddyfile exists

     

       
52
       
52
       
+
       
  if [ ! -f "$CADDYFILE" ]; then

     

       
53
       
53
       
+
       
    echo "ERROR: Caddyfile not found: $CADDYFILE"

     

       
54
       
54
       
+
       
    echo "Create a Caddyfile or use: nix run .#generate-caddyfile"

     

       
55
       
55
       
+
       
    exit 1

     

       
56
       
56
       
+
       
  fi

     

       
57
       
57
       
+
       


     

       
58
       
58
       
+
       
  # Check if certificate directory exists

     

       
59
       
59
       
+
       
  if [ ! -d "$CERT_DIR" ]; then

     

       
60
       
60
       
+
       
    echo "ERROR: Certificate directory does not exist: $CERT_DIR"

     

       
61
       
61
       
+
       
    echo "Please create the directory and add your certificates."

     

       
62
       
62
       
+
       
    exit 1

     

       
63
       
63
       
+
       
  fi

     

       
64
       
64
       
+
       


     

       
65
       
65
       
+
       
  # Check for required certificates

     

       
66
       
66
       
+
       
  if [ ! -f "$CERT_DIR/cert.pem" ]; then

     

       
67
       
67
       
+
       
    echo "ERROR: Missing cert.pem in $CERT_DIR"

     

       
68
       
68
       
+
       
    exit 1

     

       
69
       
69
       
+
       
  fi

     

       
70
       
70
       
+
       


     

       
71
       
71
       
+
       
  if [ ! -f "$CERT_DIR/key.pem" ]; then

     

       
72
       
72
       
+
       
    echo "ERROR: Missing key.pem in $CERT_DIR"

     

       
73
       
73
       
+
       
    exit 1

     

       
74
       
74
       
+
       
  fi

     

       
75
       
75
       
+
       


     

       
76
       
76
       
+
       
  echo "Starting Caddy..."

     

       
77
       
77
       
+
       
  echo "Caddyfile: $CADDYFILE"

     

       
78
       
78
       
+
       
  echo "Certificates: $CERT_DIR"

     

       
79
       
79
       
+
       
  echo "Press Ctrl+C to stop"

     

       
80
       
80
       
+
       
  echo ""

     

       
81
       
81
       
+
       


     

       
82
       
82
       
+
       
  # Set environment variables that can be used in Caddyfile

     

       
83
       
83
       
+
       
  export CERT_DIR

     

       
84
       
84
       
+
       
  export CERT_FILE="$CERT_DIR/cert.pem"

     

       
85
       
85
       
+
       
  export KEY_FILE="$CERT_DIR/key.pem"

     

       
86
       
86
       
+
       


     

       
87
       
87
       
+
       
  # Run Caddy with the specified Caddyfile

     

       
88
       
88
       
+
       
  ${pkgs.caddy}/bin/caddy run --config "$CADDYFILE"

     

       
89
       
89
       
+
       
''
     

···

       
1
       
1
       
+
       
{ pkgs }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
pkgs.writeShellScriptBin "pds" ''

     

       
4
       
4
       
+
       
  set -e

     

       
5
       
5
       
+
       
  

     

       
6
       
6
       
+
       
  # Default port for bluesky-pds

     

       
7
       
7
       
+
       
  PORT=''${BLUESKY_PDS_PORT:-3000}

     

       
8
       
8
       
+
       
  

     

       
9
       
9
       
+
       
  # Create data directories

     

       
10
       
10
       
+
       
  mkdir -p ./data/pds/blocks

     

       
11
       
11
       
+
       
  mkdir -p ./data/pds/db

     

       
12
       
12
       
+
       
  

     

       
13
       
13
       
+
       
  echo "Starting Bluesky PDS on port $PORT..."

     

       
14
       
14
       
+
       
  echo "Data directory: ./data/pds"

     

       
15
       
15
       
+
       
  

     

       
16
       
16
       
+
       
  # Configure for local disk storage

     

       
17
       
17
       
+
       
  export PDS_DATA_DIRECTORY="./data/pds"

     

       
18
       
18
       
+
       
  export PDS_BLOBSTORE_DISK_LOCATION="./data/pds/blocks"

     

       
19
       
19
       
+
       
  export PDS_DB_SQLITE_LOCATION="./data/pds/db/pds.sqlite"

     

       
20
       
20
       
+
       
  export PDS_PORT="$PORT"

     

       
21
       
21
       
+
       
  

     

       
22
       
22
       
+
       
  # Generate or use existing PLC rotation key

     

       
23
       
23
       
+
       
  if [ ! -f "./data/pds/plc-rotation-key.txt" ]; then

     

       
24
       
24
       
+
       
    echo "Generating PLC rotation key..."

     

       
25
       
25
       
+
       
    ${pkgs.openssl}/bin/openssl rand -hex 32 > ./data/pds/plc-rotation-key.txt

     

       
26
       
26
       
+
       
  fi

     

       
27
       
27
       
+
       
  export PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="$(cat ./data/pds/plc-rotation-key.txt)"

     

       
28
       
28
       
+
       
  

     

       
29
       
29
       
+
       
  # Generate or use existing JWT secret

     

       
30
       
30
       
+
       
  if [ ! -f "./data/pds/jwt-secret.txt" ]; then

     

       
31
       
31
       
+
       
    echo "Generating JWT secret..."

     

       
32
       
32
       
+
       
    ${pkgs.openssl}/bin/openssl rand -hex 32 > ./data/pds/jwt-secret.txt

     

       
33
       
33
       
+
       
  fi

     

       
34
       
34
       
+
       
  export PDS_JWT_SECRET="$(cat ./data/pds/jwt-secret.txt)"

     

       
35
       
35
       
+
       
  

     

       
36
       
36
       
+
       
  # Set admin password

     

       
37
       
37
       
+
       
  export PDS_ADMIN_PASSWORD="admin"

     

       
38
       
38
       
+
       
  

     

       
39
       
39
       
+
       
  # Set hostname and URL scheme (using example.org domain)

     

       
40
       
40
       
+
       
  export PDS_HOSTNAME="pds.example.org:8443"

     

       
41
       
41
       
+
       
  export PDS_SERVICE_URL="https://pds.example.org:8443"

     

       
42
       
42
       
+
       
  

     

       
43
       
43
       
+
       
  # Enable development mode

     

       
44
       
44
       
+
       
  export PDS_DEV_MODE="true"

     

       
45
       
45
       
+
       
  

     

       
46
       
46
       
+
       
  ${pkgs.bluesky-pds}/bin/pds

     

       
47
       
47
       
+
       
''