From fe40518a2d2d30f29b8b668c42ce2afa059d95a8 Mon Sep 17 00:00:00 2001 From: DanConwayDev Date: Sat, 10 Jan 2026 21:57:37 +0000 Subject: feat: support multiple ngit-grasp instances in NixOS module - Convert module from single service to attrsOf instances - Each instance gets separate systemd service: ngit-grasp- - Each instance gets separate user: ngit-grasp- (customizable) - Default dataDir per instance: /var/lib/ngit-grasp- - Update example to show single and multiple instance configs - Add notes on systemd service management per instance --- nix/example-configuration.nix | 111 +++++++++++++++++++++++++++++++++++------- 1 file changed, 93 insertions(+), 18 deletions(-) (limited to 'nix/example-configuration.nix') diff --git a/nix/example-configuration.nix b/nix/example-configuration.nix index a00d970..34615be 100644 --- a/nix/example-configuration.nix +++ b/nix/example-configuration.nix @@ -1,4 +1,4 @@ -# Example NixOS configuration using ngit-grasp module +# Example NixOS configurations using ngit-grasp module # # Usage: # 1. Add to your server's flake.nix inputs: @@ -7,48 +7,54 @@ # 2. Import the module in your configuration: # imports = [ inputs.ngit-grasp.nixosModules.default ]; # -# 3. Configure the service (example below) +# 3. Configure one or more instances (examples below) { inputs, ... }: { imports = [ inputs.ngit-grasp.nixosModules.default ]; - services.ngit-grasp = { + # ============================================================================ + # EXAMPLE 1: Single Instance Configuration + # ============================================================================ + + services.ngit-grasp.production = { enable = true; domain = "ngit.danconwaydev.com"; - + # Network bindAddress = "127.0.0.1"; - port = 8082; # Same port as current ngit-relay for Caddy compatibility - - # Storage (reuse existing persistent path pattern) + port = 8082; + + # Storage dataDir = "/persistent/ngit-danconwaydev-com-ngit-grasp"; - + # Identity relayName = "DanConwayDev's ngit-grasp"; - relayDescription = "personal instance of ngit-grasp, a Rust GRASP implementation with proactive sync"; - + relayDescription = + "personal instance of ngit-grasp, a Rust GRASP implementation with proactive sync"; + # Option 1: Use nsec file (recommended - more secure) - relayOwnerNsecFile = "/persistent/ngit-danconwaydev-com-ngit-grasp/relay-owner.nsec"; - + relayOwnerNsecFile = + "/persistent/ngit-danconwaydev-com-ngit-grasp/relay-owner.nsec"; + # Option 2: Inline nsec (less secure, ends up in nix store) # relayOwnerNsec = "nsec1..."; - + # Option 3: Auto-generate (default if neither above is set) # ngit-grasp will create .relay-owner.nsec in dataDir automatically - + # Sync syncBootstrapRelayUrl = "wss://relay.ngit.dev"; - + # Metrics metricsEnabled = true; - + # Logging - logLevel = "info"; # Options: trace, debug, info, warn, error + logLevel = "info"; # Options: trace, debug, info, warn, error }; - # Caddy reverse proxy (unchanged from current setup) + # Caddy reverse proxy for production instance services.caddy.virtualHosts."ngit.danconwaydev.com" = { extraConfig = '' reverse_proxy 127.0.0.1:8082 { @@ -57,4 +63,73 @@ } ''; }; + + # ============================================================================ + # EXAMPLE 2: Multiple Instances on Same Server + # ============================================================================ + + # Uncomment to run multiple instances: + + # # Production instance + # services.ngit-grasp.prod = { + # enable = true; + # domain = "ngit.example.com"; + # port = 8082; + # dataDir = "/persistent/ngit-production"; + # relayName = "Production GRASP Relay"; + # syncBootstrapRelayUrl = "wss://relay.ngit.dev"; + # logLevel = "info"; + # }; + # + # # Testing/staging instance + # services.ngit-grasp.staging = { + # enable = true; + # domain = "ngit-staging.example.com"; + # port = 8083; + # dataDir = "/persistent/ngit-staging"; + # relayName = "Staging GRASP Relay"; + # syncBootstrapRelayUrl = "wss://relay.ngit.dev"; + # logLevel = "debug"; # More verbose logging for testing + # }; + # + # # Development instance with in-memory database + # services.ngit-grasp.dev = { + # enable = true; + # domain = "localhost"; + # bindAddress = "127.0.0.1"; + # port = 8084; + # dataDir = "/tmp/ngit-dev"; + # databaseBackend = "memory"; # No persistence + # relayName = "Development GRASP Relay"; + # metricsEnabled = false; + # logLevel = "trace"; # Maximum verbosity for debugging + # }; + # + # # Caddy configuration for multiple instances + # services.caddy.virtualHosts = { + # "ngit.example.com" = { + # extraConfig = "reverse_proxy 127.0.0.1:8082"; + # }; + # "ngit-staging.example.com" = { + # extraConfig = "reverse_proxy 127.0.0.1:8083"; + # }; + # }; + + # ============================================================================ + # NOTES + # ============================================================================ + + # Instance names (e.g., "production", "prod", "staging") can be anything. + # They are used for: + # - systemd service names: ngit-grasp- + # - default user names: ngit-grasp- + # - default data directories: /var/lib/ngit-grasp- + + # Systemd service management: + # systemctl status ngit-grasp-production + # systemctl restart ngit-grasp-staging + # journalctl -u ngit-grasp-prod -f + + # Each instance runs as a separate user but shares the same group by default. + # You can customize user/group per instance if needed. } -- cgit v1.2.3