nixos/profiles/kubo.nix

   1 {
   2   pkgs,
   3   lib,
   4   config,
   5   ...
   6 }:
   7 {
   8   services.kubo = {
   9     enable = true;
  10     defaultMode = "online";
  11     autoMount = true;
  12     enableGC = true;
  13     localDiscovery = false;
  14     settings = {
  15       Addresses.API = [ "/ip4/127.0.0.1/tcp/5001" ];
  16       Datastore.StorageMax = "10GB";
  17       Discovery.MDNS.Enabled = false;
  18       API.HTTPHeaders.Access-Control-Allow-Origin = [
  19         "http://localhost:3000"
  20         "http://127.0.0.1:5001"
  21         "https://webui.ipfs.io"
  22       ];
  23       API.HTTPHeaders.Access-Control-Allow-Methods = [
  24         "PUT"
  25         "POST"
  26       ];
  27       #Bootstrap = [
  28       #];
  29       #Swarm.AddrFilters = null;
  30     };
  31     startWhenNeeded = true;
  32   };
  33   networking.nftables.ruleset = ''
  34     table inet filter {
  35       chain input-net {
  36         meta l4proto { udp, tcp } th sport 4001 counter accept comment "kubo: IPFS libp2p swarm"
  37       }
  38       chain output-net {
  39         meta l4proto { udp, tcp } th dport 4001 skuid ${toString config.services.kubo.user} counter accept comment "kubo: IPFS libp2p swarm"
  40       }
  41     }
  42   '';
  43 }