Radish alpha
r
radicle-infra
rad:z254T5p17bdFPmzfDojsdjo4HjpoZ
Radicle Infrastructure as Code (NixOS, OpenTofu, …)
Radicle
Git
Commits 3d9db32
bootstrap: Generate zone
Lorenz Leutgeb committed 6 months ago
commit 3d9db3206032564bff7776634d1cf3beb0a34782
parent 42fcc69
4 files changed +84 -0
added os/host/seed/bootstrap/addresses.sql
@@ -0,0 +1,12 @@
+ 
select json_object(a1.node, json_group_array (a2.value))
+
+ 
from
+ 
	           addresses a1
+ 
	inner join addresses a2 using (node)
+
+ 
where
+ 
	a1.banned = false and
+ 
	a1.type != 'onion' and
+ 
	unixepoch() - (a1.last_success / 1000) < (60 * 60 * 24 * 7)
+
+ 
group by a1.node
added os/host/seed/bootstrap/default.nix
@@ -0,0 +1,48 @@
+ 
{
+ 
  pkgs,
+ 
  config,
+ 
  inputs,
+ 
  ...
+ 
}: {
+ 
  systemd = {
+ 
    services.radicle-bootstrap = {
+ 
      serviceConfig.Type = "oneshot";
+ 
      script = ''
+ 
        cat "${./addresses.sql}" | sqlite3 "/var/lib/radicle/node/node.db" | \
+ 
          jq --slurp add | \
+ 
          jq \
+ 
            --raw-output \
+ 
            --arg serviceName "_radicle-node.tcp" \
+ 
            --from-file "${./zone.jq}" \
+ 
            > "/etc/knot/dns-sd.zone"
+
+ 
        knotc -b zone-reload "bootstrap.radicle.xyz"
+ 
      '';
+ 
      wants = ["knot.service"];
+ 
      requires = ["knot.service"];
+ 
      path = with pkgs; [
+ 
        jq
+ 
        sqlite
+ 
        knot-dns
+ 
      ];
+ 
    };
+ 
    timers.radicle-bootstrap = {
+ 
      timerConfig = {
+ 
        OnCalendar = "*:0/5";
+ 
        RandomizedDelaySec = "1min";
+ 
        Unit = "radicle-bootstrap.service";
+ 
      };
+ 
      wantedBy = ["timers.target"];
+ 
    };
+ 
  };
+ 
  services.nginx.virtualHosts."bootstrap.radicle.xyz" = {
+ 
    addSSL = true;
+ 
    enableACME = true;
+ 
    serverName = "bootstrap.radicle.xyz";
+ 
    root = "/var/www/bootstrap.radicle.xyz";
+ 
    locations."/".extraConfig = ''
+ 
      add_header 'Access-Control-Allow-Origin' '*';
+ 
      autoindex on;
+ 
    '';
+ 
  };
+ 
}
added os/host/seed/bootstrap/zone.jq
@@ -0,0 +1,22 @@
+ 
to_entries
+ 
| .[]
+ 
| .key as $nid
+ 
| "_radicle-node._tcp" as $serviceName
+ 
| "\($nid).\($serviceName)" as $name
+ 
| [
+ 
    "\($serviceName) PTR \($name)",
+
+ 
    "\($name) TXT \"nid=\($nid)\"",
+ 
    "\($name) TXT \"version=1\"",
+ 
    "\($name) TXT \"network=main\"",
+
+ 
    (.value
+ 
     | unique
+ 
     | to_entries[]
+ 
     | .key as $weight
+ 
     | (.value | capture("(?<host>[^:]+):(?<port>[0-9]+)"))
+ 
     | "\($nid).\($serviceName) SRV 0 \($weight) \(.port) \(.host)."),
+
+ 
     ""
+ 
]
+ 
| .[]
modified os/host/seed/default.nix
@@ -24,6 +24,8 @@
    ./victorialogs.nix

    ./files.nix
+ 
    ./bootstrap
+ 


    (modulesPath + "/profiles/qemu-guest.nix")

  ];