init

2026-04-11 16:37:25 +02:00 · 2026-04-06 15:12:34 +02:00
commit 4989225671
117 changed files with 11454 additions and 0 deletions
--- a/nix/backend.nix
+++ b/nix/backend.nix
@@ -0,0 +1,17 @@
+{pkgs, ...}:
+pkgs.buildGoModule {
+  pname = "iky";
+  version = "0.1.0";
+
+  src = ../back;
+
+  vendorHash = "sha256-gR7P7Wcd7wojNkUz71vb2vvbbbQJF2QNnSld7WZ6moc=";
+
+  env.CGO_ENABLED = "0";
+  ldflags = ["-s" "-w"];
+
+  meta = {
+    description = "Iknowyou OSINT platform: backend API server";
+    mainProgram = "server";
+  };
+}
--- a/nix/frontend.nix
+++ b/nix/frontend.nix
@@ -0,0 +1,38 @@
+{
+  pkgs,
+  bun2nix,
+  system,
+  ...
+}: let
+  bun2nixPkg = bun2nix.packages.${system}.default;
+
+  bunDeps = bun2nixPkg.fetchBunDeps {
+    bunNix = ../front/bun.nix;
+  };
+in
+  pkgs.stdenv.mkDerivation {
+    pname = "iky-frontend";
+    version = "0.1.0";
+
+    src = ../front;
+
+    nativeBuildInputs = [
+      bun2nixPkg.hook
+    ];
+
+    inherit bunDeps;
+
+    buildPhase = ''
+      runHook preBuild
+      bun run build
+      runHook postBuild
+    '';
+
+    installPhase = ''
+      runHook preInstall
+      cp -r dist $out
+      runHook postInstall
+    '';
+
+    meta.description = "Iknowyou OSINT platform: static Astro frontend";
+  }
--- a/nix/module.nix
+++ b/nix/module.nix
@@ -0,0 +1,88 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  cfg = config.services.iknowyou;
+in {
+  options.services.iknowyou = {
+    enable = lib.mkEnableOption "Iknowyou OSINT aggregation platform";
+
+    port = lib.mkOption {
+      type = lib.types.port;
+      default = 8080;
+      description = "TCP port the IKY server listens on.";
+    };
+
+    configFile = lib.mkOption {
+      type = lib.types.path;
+      default = "/etc/iky/config.yaml";
+      description = "Path to the IKY YAML configuration file (optional, server starts with empty config if absent).";
+    };
+
+    package = lib.mkOption {
+      type = lib.types.package;
+      description = "The IKY package (must expose bin/server and share/iky/frontend/).";
+    };
+
+    openFirewall = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Open the firewall for the IKY port.";
+    };
+
+    searchTTL = lib.mkOption {
+      type = lib.types.str;
+      default = "48h";
+      description = "How long a completed or cancelled search is kept in memory (Go duration string, e.g. \"24h\", \"168h\").";
+    };
+
+    cleanupInterval = lib.mkOption {
+      type = lib.types.str;
+      default = "1h";
+      description = "How often the search cleanup goroutine runs (Go duration string, e.g. \"30m\", \"2h\").";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    networking.firewall.allowedTCPPorts =
+      lib.mkIf cfg.openFirewall [cfg.port];
+
+    users.users.iknowyou = {
+      isSystemUser = true;
+      group = "iknowyou";
+      description = "Iknowyou service user";
+    };
+    users.groups.iknowyou = {};
+
+    systemd.tmpfiles.rules = [
+      "d /etc/iky 0700 iknowyou iknowyou -"
+    ];
+
+    systemd.services.iknowyou = {
+      description = "Iknowyou OSINT platform";
+      wantedBy = ["multi-user.target"];
+      after = ["network.target"];
+
+      path = [cfg.package];
+
+      environment = {
+        IKY_PORT = toString cfg.port;
+        IKY_CONFIG = cfg.configFile;
+        IKY_FRONT_DIR = "${cfg.package}/share/iky/frontend";
+        IKY_SEARCH_TTL = cfg.searchTTL;
+        IKY_CLEANUP_INTERVAL = cfg.cleanupInterval;
+      };
+
+      serviceConfig = {
+        ExecStart = "${cfg.package}/bin/server";
+        Restart = "on-failure";
+        RestartSec = "5s";
+        User = "iknowyou";
+        Group = "iknowyou";
+        StateDirectory = "iky";
+        WorkingDirectory = "%S/iky";
+      };
+    };
+  };
+}