diff --git a/cos.nix b/cos.nix index 3bc4720..6fac4f9 100644 --- a/cos.nix +++ b/cos.nix @@ -9,7 +9,10 @@ ./gnupg.nix ./bikeability.nix ./emacs.nix + ./minecraft/minecraft-servers.nix + ./mastodon.nix "${inputs.home-manager}/nixos" + inputs.nix-minecraft.nixosModules.minecraft-servers ]; options.cos = { @@ -33,30 +36,36 @@ }; }; - config.cos = { - knownPublicIPs = { - loadedskypotato = "50.116.49.95"; - }; - wireguard.clientPubOptionsMap = { - "loadedskypotato" = { - clientNumber = 1; - publicKey = "raOzdkhoag+sN2/KXz18F9ncmeTWhdmPJxQJkqsJ7FI="; + config = { + nixpkgs.overlays = [ + inputs.nix-minecraft.overlay + ]; + + cos = { + knownPublicIPs = { + loadedskypotato = "50.116.49.95"; }; - "clhickey-nixos" = { - clientNumber = 3; - publicKey = "7Hi/p1DEnAejX5vf46ul1ZWAeGM9nuWWGXXr9f6sUWA="; - }; - "nixnas" = { - clientNumber = 2; - publicKey = "TnuODb+I5wfF6z5wlwOFiRr4CKImY557OIXyZCXPSio="; - }; - "phone" = { - clientNumber = 4; - publicKey = "UAP8/k1zWInrksQQAf0NuDUD1b0K0djDVUcYl+DNMEE="; - }; - "desktop" = { - clientNumber = 5; - publicKey = "w054mlSBBq4u0ilTYfwc2xbb5Z+7kEigikSZ3R0u73w="; + wireguard.clientPubOptionsMap = { + "loadedskypotato" = { + clientNumber = 1; + publicKey = "raOzdkhoag+sN2/KXz18F9ncmeTWhdmPJxQJkqsJ7FI="; + }; + "clhickey-nixos" = { + clientNumber = 3; + publicKey = "7Hi/p1DEnAejX5vf46ul1ZWAeGM9nuWWGXXr9f6sUWA="; + }; + "nixnas" = { + clientNumber = 2; + publicKey = "TnuODb+I5wfF6z5wlwOFiRr4CKImY557OIXyZCXPSio="; + }; + "phone" = { + clientNumber = 4; + publicKey = "UAP8/k1zWInrksQQAf0NuDUD1b0K0djDVUcYl+DNMEE="; + }; + "desktop" = { + clientNumber = 5; + publicKey = "w054mlSBBq4u0ilTYfwc2xbb5Z+7kEigikSZ3R0u73w="; + }; }; }; }; diff --git a/flake.lock b/flake.lock index 4040582..7d812f6 100644 --- a/flake.lock +++ b/flake.lock @@ -21,6 +21,22 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -79,6 +95,24 @@ "type": "github" } }, + "flake-utils_3": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -129,6 +163,25 @@ "type": "github" } }, + "languini": { + "inputs": { + "nixpkgs": "nixpkgs", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1767569345, + "narHash": "sha256-ixEb89DxtqHDFlMZ/35UVd/1fqgPbhQmMor0MKepzk0=", + "ref": "refs/heads/master", + "rev": "614b49910876415d29a86eceb09831bb15c12246", + "revCount": 81, + "type": "git", + "url": "ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git" + }, + "original": { + "type": "git", + "url": "ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git" + } + }, "mapnix": { "inputs": { "oldNixpkgs": "oldNixpkgs" @@ -147,7 +200,59 @@ "type": "github" } }, + "nix-minecraft": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1766628630, + "narHash": "sha256-ULKQFi7/TohrfOsLP/ESfwvd1DjAuwwshLkgj5lqijM=", + "owner": "Infinidoge", + "repo": "nix-minecraft", + "rev": "649604ce765f36edee9abbb44f65d88575811c41", + "type": "github" + }, + "original": { + "owner": "Infinidoge", + "repo": "nix-minecraft", + "type": "github" + } + }, "nixpkgs": { + "locked": { + "lastModified": 1763464769, + "narHash": "sha256-AJHrsT7VoeQzErpBRlLJM1SODcaayp0joAoEA35yiwM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "6f374686605df381de8541c072038472a5ea2e2d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1748929857, + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1764950072, "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", @@ -163,7 +268,7 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs_4": { "locked": { "lastModified": 1742422364, "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=", @@ -261,8 +366,8 @@ }, "penn-nix": { "inputs": { - "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_2" + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1742609439, @@ -282,12 +387,35 @@ "inputs": { "cnvim": "cnvim", "home-manager": "home-manager", + "languini": "languini", "mapnix": "mapnix", - "nixpkgs": "nixpkgs", + "nix-minecraft": "nix-minecraft", + "nixpkgs": "nixpkgs_3", "osm-bikeability": "osm-bikeability", "penn-nix": "penn-nix" } }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "languini", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1763606317, + "narHash": "sha256-lsq4Urmb9Iyg2zyg2yG6oMQk9yuaoIgy+jgvYM4guxA=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "a5615abaf30cfaef2e32f1ff9bd5ca94e2911371", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -332,6 +460,21 @@ "repo": "default", "type": "github" } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index f1fddf9..b7c2aa4 100644 --- a/flake.nix +++ b/flake.nix @@ -17,6 +17,10 @@ url = "github:clay53/osm-bikeability"; flake = false; }; + languini = { + url = "git+ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git"; + }; + nix-minecraft.url = "github:Infinidoge/nix-minecraft"; }; outputs = { self, nixpkgs, ... }@inputs: { nixosConfigurations.clhickey-nixos = nixpkgs.lib.nixosSystem { @@ -29,6 +33,7 @@ specialArgs = { inherit inputs; }; modules = [ ./nixnas/nixnas.nix + inputs.languini.nixosModules.default ]; }; }; diff --git a/mastodon.nix b/mastodon.nix new file mode 100644 index 0000000..68cf112 --- /dev/null +++ b/mastodon.nix @@ -0,0 +1,62 @@ +{ config, lib, ... }: +let + mastodonPort = 5328; +in +{ + config = lib.mkMerge [ + (lib.mkIf (config.networking.hostName == "nixnas") { + services.mastodon = { + enable = true; + localDomain = "claytonhickey.me"; + smtp.fromAddress = "mastodon@claytonhickey.me"; + streamingProcesses = 3; + extraConfig.SINGLE_USER_MODE = "true"; + extraConfig.WEB_DOMAIN = "mastodon.claytonhickey.me"; + #webPort = mastodonPort; + #enableUnixSocket = false; + trustedProxy = "127.0.0.1,10.100.0.1"; + configureNginx = true; + }; + networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [ + mastodonPort + ]; + services.nginx.virtualHosts."${config.services.mastodon.localDomain}" = { + forceSSL = false; + enableACME = false; + + serverName = "mastodon.claytonhickey.me"; + + listen = [{ + addr = "10.100.0.2"; + port = mastodonPort; + } { + addr = "127.0.0.1"; + port = mastodonPort; + }]; + + #locations."/" = { + # proxyPass = "http://unix:/run/mastodon-web/web.socket"; + # tryFiles = lib.mkForce null; + #}; + locations."@proxy" = { + recommendedProxySettings = false; + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header Proxy ""; + proxy_pass_header Server; + + proxy_buffering on; + proxy_redirect off; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + tcp_nodelay on; + ''; + }; + }; + }) + ]; +} diff --git a/minecraft/minecraft-servers.nix b/minecraft/minecraft-servers.nix new file mode 100644 index 0000000..923fac9 --- /dev/null +++ b/minecraft/minecraft-servers.nix @@ -0,0 +1,77 @@ +{ config, lib, pkgs, ... }: +let + survivalPort = 25565; + creativePort = 25566; + users = { + clay53_clayton = "bc2653cd-6cb1-4d15-9d24-cce0d1e8811c"; + fire_chase = "c2b1a7ff-abff-41cb-af2a-4a89e942d288"; + piggywhipster = "6b4419bf-2a5f-4932-b779-33dcdbbf4c06"; + }; + defaultWhitelist = { + inherit (users) + clay53_clayton + fire_chase + piggywhipster + ; + }; + defaultOperators = { + inherit (users) + clay53_clayton + fire_chase; + }; + minRam = "512M"; + maxRam = "1G"; +in +{ + config = lib.mkMerge [ + (lib.mkIf (config.networking.hostName == "nixnas") { + services.minecraft-servers = { + enable = true; + eula = true; + openFirewall = false; + dataDir = "/Block/minecraft-servers"; + }; + + services.minecraft-servers.servers.survival = { + enable = true; + autoStart = true; + restart = "always"; + enableReload = false; + whitelist = defaultWhitelist; + operators = defaultOperators; + serverProperties = { + server-port = survivalPort; + difficulty = 3; + gamemode = 0; + motd = "Clayton Hickey's Survival"; + white-list = true; + }; + package = pkgs.minecraftServers.vanilla-1_21_11; + jvmOpts = "-Xms${minRam} -Xmx${maxRam}"; + }; + + services.minecraft-servers.servers.creative = { + enable = true; + autoStart = true; + restart = "always"; + enableReload = false; + whitelist = defaultWhitelist; + operators = defaultOperators; + serverProperties = { + server-port = creativePort; + difficulty = 3; + gamemode = 1; + motd = "Clayton Hickey's Creative"; + white-list = true; + }; + package = pkgs.minecraftServers.vanilla-1_21_11; + jvmOpts = "-Xms${minRam} -Xmx${maxRam}"; + }; + + networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [ + survivalPort + creativePort + ]; + }) + ]; +} diff --git a/nixnas/nixnas.nix b/nixnas/nixnas.nix index 012f91c..b822138 100644 --- a/nixnas/nixnas.nix +++ b/nixnas/nixnas.nix @@ -33,6 +33,10 @@ in clientPort = 8001; openFirewall = true; firewallInterface = wireguardInterface; + fetchAndRenderTimerConfig = { + OnCalendar = "weekly"; + Persistent = true; + }; }; networking = { @@ -46,6 +50,7 @@ in jellyfinPort hydraPort nextcloudPort + config.services.languini.port ]; allowedUDPPorts = [ config.networking.wireguard.interfaces.${wireguardInterface}.listenPort @@ -132,7 +137,7 @@ in extraApps = let apps = config.services.nextcloud.package.packages.apps; in { contacts = apps.contacts; calendar = apps.calendar; - #tasks = apps.tasks; + tasks = apps.tasks; news = apps.news; notes = apps.notes; forms = apps.forms; @@ -161,6 +166,7 @@ in }; }; + services.nginx.logError = "/var/log/nginx/error.log"; services.nginx.recommendedProxySettings = true; services.nginx.virtualHosts."hydra.claytonhickey.me" = { locations."/".proxyPass = "http://127.0.0.1:${builtins.toString hydraPort}"; @@ -176,6 +182,13 @@ in jwtSecretFile = "/Block/onlyoffice.jwt.secret"; }; + services.languini = { + enable = true; + stateDir = "/Block/languini"; + host = wireguardIP; + port = 5267; + }; + boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -211,7 +224,18 @@ in description = "Clayton Lopez Hickey"; extraGroups = [ "networkmanager" "wheel" ]; packages = with pkgs; []; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz" + ]; }; + + users.users.languini.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz" + ]; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz" + ]; services.getty.autologinUser = "clhickey";