···
pkgs = nixpkgs.legacyPackages.${system};
did-plc-server = pkgs.callPackage ./packages/did-method-plc.nix { };
did-plc-server = did-plc-server;
# Script to generate certificates on host
generate-certs = pkgs.writeShellScriptBin "generate-certs" ''
···
echo "Certificates generated in ./certs/"
-
caddy-proxy = pkgs.writeShellScriptBin "caddy-proxy" ''
-
CADDYFILE="./Caddyfile"
-
while [[ $# -gt 0 ]]; do
-
echo "Usage: $0 [--cert-dir <directory>] [--caddyfile <file>]"
-
echo " --cert-dir <dir> Directory containing certificates (default: ./certs)"
-
echo " --caddyfile <file> Path to Caddyfile (default: ./Caddyfile)"
-
echo " --help, -h Show this help message"
-
echo "The certificate directory should contain:"
-
echo " - cert.pem (certificate file)"
-
echo " - key.pem (private key file)"
-
echo " $0 # Use ./certs and ./Caddyfile"
-
echo " $0 --cert-dir ~/my-certs # Custom cert directory"
-
echo " $0 --caddyfile ~/my-caddy/Caddyfile # Custom Caddyfile"
-
echo " $0 --cert-dir ~/certs --caddyfile ./conf/Caddyfile"
-
echo "Unknown option: $1"
-
# Convert to absolute paths
-
CERT_DIR=$(realpath "$CERT_DIR")
-
CADDYFILE=$(realpath "$CADDYFILE")
-
# Check if Caddyfile exists
-
if [ ! -f "$CADDYFILE" ]; then
-
echo "ERROR: Caddyfile not found: $CADDYFILE"
-
echo "Create a Caddyfile or use: nix run .#generate-caddyfile"
-
# Check if certificate directory exists
-
if [ ! -d "$CERT_DIR" ]; then
-
echo "ERROR: Certificate directory does not exist: $CERT_DIR"
-
echo "Please create the directory and add your certificates."
-
# Check for required certificates
-
if [ ! -f "$CERT_DIR/cert.pem" ]; then
-
echo "ERROR: Missing cert.pem in $CERT_DIR"
-
if [ ! -f "$CERT_DIR/key.pem" ]; then
-
echo "ERROR: Missing key.pem in $CERT_DIR"
-
echo "Starting Caddy..."
-
echo "Caddyfile: $CADDYFILE"
-
echo "Certificates: $CERT_DIR"
-
echo "Press Ctrl+C to stop"
-
# Set environment variables that can be used in Caddyfile
-
export CERT_FILE="$CERT_DIR/cert.pem"
-
export KEY_FILE="$CERT_DIR/key.pem"
-
# Run Caddy with the specified Caddyfile
-
${pkgs.caddy}/bin/caddy run --config "$CADDYFILE"
-
# Script to start bluesky-pds
-
pds = pkgs.writeShellScriptBin "pds" ''
-
# Default port for bluesky-pds
-
PORT=''${BLUESKY_PDS_PORT:-3000}
-
# Create data directories
-
mkdir -p ./data/pds/blocks
-
echo "Starting Bluesky PDS on port $PORT..."
-
echo "Data directory: ./data/pds"
-
# Configure for local disk storage
-
export PDS_DATA_DIRECTORY="./data/pds"
-
export PDS_BLOBSTORE_DISK_LOCATION="./data/pds/blocks"
-
export PDS_DB_SQLITE_LOCATION="./data/pds/db/pds.sqlite"
-
export PDS_PORT="$PORT"
-
# Generate or use existing PLC rotation key
-
if [ ! -f "./data/pds/plc-rotation-key.txt" ]; then
-
echo "Generating PLC rotation key..."
-
openssl rand -hex 32 > ./data/pds/plc-rotation-key.txt
-
export PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="$(cat ./data/pds/plc-rotation-key.txt)"
-
# Generate or use existing JWT secret
-
if [ ! -f "./data/pds/jwt-secret.txt" ]; then
-
echo "Generating JWT secret..."
-
openssl rand -hex 32 > ./data/pds/jwt-secret.txt
-
export PDS_JWT_SECRET="$(cat ./data/pds/jwt-secret.txt)"
-
export PDS_ADMIN_PASSWORD="admin"
-
# Set hostname and URL scheme (using example.org domain)
-
export PDS_HOSTNAME="pds.example.org:8443"
-
export PDS_SERVICE_URL="https://pds.example.org:8443"
-
# Enable development mode
-
export PDS_DEV_MODE="true"
-
${pkgs.bluesky-pds}/bin/pds
edouard.paris