nixos/profiles/kubo.nix

   1 {
   2   pkgs,
   3   lib,
   4   config,
   5   ...
   6 }:
   7 {
   8   services.kubo = {
   9     enable = true;
  10     defaultMode = "online";
  11     autoMount = true;
  12     enableGC = true;
  13     localDiscovery = false;
  14     settings = {
  15       Datastore.StorageMax = "10GB";
  16       Discovery.MDNS.Enabled = false;
  17       #Bootstrap = [
  18       #];
  19       #Swarm.AddrFilters = null;
  20     };
  21     startWhenNeeded = true;
  22   };
  23   networking.nftables.ruleset = ''
  24     table inet filter {
  25       chain input-net {
  26         meta l4proto { udp, tcp } th sport 4001 counter accept comment "kubo: IPFS libp2p swarm"
  27       }
  28       chain output-net {
  29         meta l4proto { udp, tcp } th dport 4001 skuid ${toString config.services.kubo.user} counter accept comment "kubo: IPFS libp2p swarm"
  30       }
  31     }
  32   '';
  33 }