From 6291633247978f4bc377a893d0609fd01416751a Mon Sep 17 00:00:00 2001 From: Clayton Hickey Date: Sun, 8 Feb 2026 15:35:11 -0500 Subject: [PATCH 1/8] add minecraft --- cos.nix | 2 + flake.lock | 151 +++++++++++++++++++++++++++++++- flake.nix | 5 ++ minecraft/minecraft-servers.nix | 77 ++++++++++++++++ 4 files changed, 231 insertions(+), 4 deletions(-) create mode 100644 minecraft/minecraft-servers.nix diff --git a/cos.nix b/cos.nix index 3bc4720..0140ed0 100644 --- a/cos.nix +++ b/cos.nix @@ -9,7 +9,9 @@ ./gnupg.nix ./bikeability.nix ./emacs.nix + ./minecraft/minecraft-servers.nix "${inputs.home-manager}/nixos" + inputs.nix-minecraft.nixosModules.minecraft-servers ]; options.cos = { diff --git a/flake.lock b/flake.lock index 4040582..7d812f6 100644 --- a/flake.lock +++ b/flake.lock @@ -21,6 +21,22 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -79,6 +95,24 @@ "type": "github" } }, + "flake-utils_3": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -129,6 +163,25 @@ "type": "github" } }, + "languini": { + "inputs": { + "nixpkgs": "nixpkgs", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1767569345, + "narHash": "sha256-ixEb89DxtqHDFlMZ/35UVd/1fqgPbhQmMor0MKepzk0=", + "ref": "refs/heads/master", + "rev": "614b49910876415d29a86eceb09831bb15c12246", + "revCount": 81, + "type": "git", + "url": "ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git" + }, + "original": { + "type": "git", + "url": "ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git" + } + }, "mapnix": { "inputs": { "oldNixpkgs": "oldNixpkgs" @@ -147,7 +200,59 @@ "type": "github" } }, + "nix-minecraft": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1766628630, + "narHash": "sha256-ULKQFi7/TohrfOsLP/ESfwvd1DjAuwwshLkgj5lqijM=", + "owner": "Infinidoge", + "repo": "nix-minecraft", + "rev": "649604ce765f36edee9abbb44f65d88575811c41", + "type": "github" + }, + "original": { + "owner": "Infinidoge", + "repo": "nix-minecraft", + "type": "github" + } + }, "nixpkgs": { + "locked": { + "lastModified": 1763464769, + "narHash": "sha256-AJHrsT7VoeQzErpBRlLJM1SODcaayp0joAoEA35yiwM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "6f374686605df381de8541c072038472a5ea2e2d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1748929857, + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1764950072, "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", @@ -163,7 +268,7 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs_4": { "locked": { "lastModified": 1742422364, "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=", @@ -261,8 +366,8 @@ }, "penn-nix": { "inputs": { - "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_2" + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1742609439, @@ -282,12 +387,35 @@ "inputs": { "cnvim": "cnvim", "home-manager": "home-manager", + "languini": "languini", "mapnix": "mapnix", - "nixpkgs": "nixpkgs", + "nix-minecraft": "nix-minecraft", + "nixpkgs": "nixpkgs_3", "osm-bikeability": "osm-bikeability", "penn-nix": "penn-nix" } }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "languini", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1763606317, + "narHash": "sha256-lsq4Urmb9Iyg2zyg2yG6oMQk9yuaoIgy+jgvYM4guxA=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "a5615abaf30cfaef2e32f1ff9bd5ca94e2911371", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -332,6 +460,21 @@ "repo": "default", "type": "github" } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index f1fddf9..b7c2aa4 100644 --- a/flake.nix +++ b/flake.nix @@ -17,6 +17,10 @@ url = "github:clay53/osm-bikeability"; flake = false; }; + languini = { + url = "git+ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git"; + }; + nix-minecraft.url = "github:Infinidoge/nix-minecraft"; }; outputs = { self, nixpkgs, ... }@inputs: { nixosConfigurations.clhickey-nixos = nixpkgs.lib.nixosSystem { @@ -29,6 +33,7 @@ specialArgs = { inherit inputs; }; modules = [ ./nixnas/nixnas.nix + inputs.languini.nixosModules.default ]; }; }; diff --git a/minecraft/minecraft-servers.nix b/minecraft/minecraft-servers.nix new file mode 100644 index 0000000..923fac9 --- /dev/null +++ b/minecraft/minecraft-servers.nix @@ -0,0 +1,77 @@ +{ config, lib, pkgs, ... }: +let + survivalPort = 25565; + creativePort = 25566; + users = { + clay53_clayton = "bc2653cd-6cb1-4d15-9d24-cce0d1e8811c"; + fire_chase = "c2b1a7ff-abff-41cb-af2a-4a89e942d288"; + piggywhipster = "6b4419bf-2a5f-4932-b779-33dcdbbf4c06"; + }; + defaultWhitelist = { + inherit (users) + clay53_clayton + fire_chase + piggywhipster + ; + }; + defaultOperators = { + inherit (users) + clay53_clayton + fire_chase; + }; + minRam = "512M"; + maxRam = "1G"; +in +{ + config = lib.mkMerge [ + (lib.mkIf (config.networking.hostName == "nixnas") { + services.minecraft-servers = { + enable = true; + eula = true; + openFirewall = false; + dataDir = "/Block/minecraft-servers"; + }; + + services.minecraft-servers.servers.survival = { + enable = true; + autoStart = true; + restart = "always"; + enableReload = false; + whitelist = defaultWhitelist; + operators = defaultOperators; + serverProperties = { + server-port = survivalPort; + difficulty = 3; + gamemode = 0; + motd = "Clayton Hickey's Survival"; + white-list = true; + }; + package = pkgs.minecraftServers.vanilla-1_21_11; + jvmOpts = "-Xms${minRam} -Xmx${maxRam}"; + }; + + services.minecraft-servers.servers.creative = { + enable = true; + autoStart = true; + restart = "always"; + enableReload = false; + whitelist = defaultWhitelist; + operators = defaultOperators; + serverProperties = { + server-port = creativePort; + difficulty = 3; + gamemode = 1; + motd = "Clayton Hickey's Creative"; + white-list = true; + }; + package = pkgs.minecraftServers.vanilla-1_21_11; + jvmOpts = "-Xms${minRam} -Xmx${maxRam}"; + }; + + networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [ + survivalPort + creativePort + ]; + }) + ]; +} From c377d2ebefdda564707c4f372c3cc112231463c0 Mon Sep 17 00:00:00 2001 From: Clayton Hickey Date: Sun, 8 Feb 2026 15:35:45 -0500 Subject: [PATCH 2/8] update bikeability less often --- nixnas/nixnas.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nixnas/nixnas.nix b/nixnas/nixnas.nix index 012f91c..ce29003 100644 --- a/nixnas/nixnas.nix +++ b/nixnas/nixnas.nix @@ -33,6 +33,10 @@ in clientPort = 8001; openFirewall = true; firewallInterface = wireguardInterface; + fetchAndRenderTimerConfig = { + OnCalendar = "weekly"; + Persistent = true; + }; }; networking = { From adca9a7de0719e1dde79250af4c94a329f2df0a9 Mon Sep 17 00:00:00 2001 From: Clayton Hickey Date: Sun, 8 Feb 2026 15:36:52 -0500 Subject: [PATCH 3/8] ssh keys? --- nixnas/nixnas.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/nixnas/nixnas.nix b/nixnas/nixnas.nix index ce29003..8e3050f 100644 --- a/nixnas/nixnas.nix +++ b/nixnas/nixnas.nix @@ -215,7 +215,18 @@ in description = "Clayton Lopez Hickey"; extraGroups = [ "networkmanager" "wheel" ]; packages = with pkgs; []; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz" + ]; }; + + users.users.languini.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz" + ]; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz" + ]; services.getty.autologinUser = "clhickey"; From e4963ba7de027527e9362a7b06639c93f14a7d99 Mon Sep 17 00:00:00 2001 From: Clayton Hickey Date: Sun, 8 Feb 2026 15:37:07 -0500 Subject: [PATCH 4/8] reenable Nextcloud tasks --- nixnas/nixnas.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixnas/nixnas.nix b/nixnas/nixnas.nix index 8e3050f..d560d18 100644 --- a/nixnas/nixnas.nix +++ b/nixnas/nixnas.nix @@ -136,7 +136,7 @@ in extraApps = let apps = config.services.nextcloud.package.packages.apps; in { contacts = apps.contacts; calendar = apps.calendar; - #tasks = apps.tasks; + tasks = apps.tasks; news = apps.news; notes = apps.notes; forms = apps.forms; From ea6a36a5bee183a73211fa93a04829dbc405ef44 Mon Sep 17 00:00:00 2001 From: Clayton Hickey Date: Sun, 8 Feb 2026 15:38:01 -0500 Subject: [PATCH 5/8] wireguard refactor --- cos.nix | 52 +++++++++++++++++++++++++++++----------------------- 1 file changed, 29 insertions(+), 23 deletions(-) diff --git a/cos.nix b/cos.nix index 0140ed0..a876de2 100644 --- a/cos.nix +++ b/cos.nix @@ -35,30 +35,36 @@ }; }; - config.cos = { - knownPublicIPs = { - loadedskypotato = "50.116.49.95"; - }; - wireguard.clientPubOptionsMap = { - "loadedskypotato" = { - clientNumber = 1; - publicKey = "raOzdkhoag+sN2/KXz18F9ncmeTWhdmPJxQJkqsJ7FI="; + config = { + nixpkgs.overlays = [ + inputs.nix-minecraft.overlay + ]; + + cos = { + knownPublicIPs = { + loadedskypotato = "50.116.49.95"; }; - "clhickey-nixos" = { - clientNumber = 3; - publicKey = "7Hi/p1DEnAejX5vf46ul1ZWAeGM9nuWWGXXr9f6sUWA="; - }; - "nixnas" = { - clientNumber = 2; - publicKey = "TnuODb+I5wfF6z5wlwOFiRr4CKImY557OIXyZCXPSio="; - }; - "phone" = { - clientNumber = 4; - publicKey = "UAP8/k1zWInrksQQAf0NuDUD1b0K0djDVUcYl+DNMEE="; - }; - "desktop" = { - clientNumber = 5; - publicKey = "w054mlSBBq4u0ilTYfwc2xbb5Z+7kEigikSZ3R0u73w="; + wireguard.clientPubOptionsMap = { + "loadedskypotato" = { + clientNumber = 1; + publicKey = "raOzdkhoag+sN2/KXz18F9ncmeTWhdmPJxQJkqsJ7FI="; + }; + "clhickey-nixos" = { + clientNumber = 3; + publicKey = "7Hi/p1DEnAejX5vf46ul1ZWAeGM9nuWWGXXr9f6sUWA="; + }; + "nixnas" = { + clientNumber = 2; + publicKey = "TnuODb+I5wfF6z5wlwOFiRr4CKImY557OIXyZCXPSio="; + }; + "phone" = { + clientNumber = 4; + publicKey = "UAP8/k1zWInrksQQAf0NuDUD1b0K0djDVUcYl+DNMEE="; + }; + "desktop" = { + clientNumber = 5; + publicKey = "w054mlSBBq4u0ilTYfwc2xbb5Z+7kEigikSZ3R0u73w="; + }; }; }; }; From 235582604f1417d994ab8c288e92742de3d0cca6 Mon Sep 17 00:00:00 2001 From: Clayton Hickey Date: Sun, 8 Feb 2026 15:38:30 -0500 Subject: [PATCH 6/8] move languini to nixnas --- nixnas/nixnas.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/nixnas/nixnas.nix b/nixnas/nixnas.nix index d560d18..9d062c9 100644 --- a/nixnas/nixnas.nix +++ b/nixnas/nixnas.nix @@ -50,6 +50,7 @@ in jellyfinPort hydraPort nextcloudPort + config.services.languini.port ]; allowedUDPPorts = [ config.networking.wireguard.interfaces.${wireguardInterface}.listenPort @@ -180,6 +181,13 @@ in jwtSecretFile = "/Block/onlyoffice.jwt.secret"; }; + services.languini = { + enable = true; + stateDir = "/Block/languini"; + host = wireguardIP; + port = 5267; + }; + boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; From 6bd18dcc86c94ce4a7d3983f1f2c4be19726c175 Mon Sep 17 00:00:00 2001 From: Clayton Hickey Date: Sun, 8 Feb 2026 15:38:50 -0500 Subject: [PATCH 7/8] mastodon --- cos.nix | 1 + mastodon.nix | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 mastodon.nix diff --git a/cos.nix b/cos.nix index a876de2..6fac4f9 100644 --- a/cos.nix +++ b/cos.nix @@ -10,6 +10,7 @@ ./bikeability.nix ./emacs.nix ./minecraft/minecraft-servers.nix + ./mastodon.nix "${inputs.home-manager}/nixos" inputs.nix-minecraft.nixosModules.minecraft-servers ]; diff --git a/mastodon.nix b/mastodon.nix new file mode 100644 index 0000000..68cf112 --- /dev/null +++ b/mastodon.nix @@ -0,0 +1,62 @@ +{ config, lib, ... }: +let + mastodonPort = 5328; +in +{ + config = lib.mkMerge [ + (lib.mkIf (config.networking.hostName == "nixnas") { + services.mastodon = { + enable = true; + localDomain = "claytonhickey.me"; + smtp.fromAddress = "mastodon@claytonhickey.me"; + streamingProcesses = 3; + extraConfig.SINGLE_USER_MODE = "true"; + extraConfig.WEB_DOMAIN = "mastodon.claytonhickey.me"; + #webPort = mastodonPort; + #enableUnixSocket = false; + trustedProxy = "127.0.0.1,10.100.0.1"; + configureNginx = true; + }; + networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [ + mastodonPort + ]; + services.nginx.virtualHosts."${config.services.mastodon.localDomain}" = { + forceSSL = false; + enableACME = false; + + serverName = "mastodon.claytonhickey.me"; + + listen = [{ + addr = "10.100.0.2"; + port = mastodonPort; + } { + addr = "127.0.0.1"; + port = mastodonPort; + }]; + + #locations."/" = { + # proxyPass = "http://unix:/run/mastodon-web/web.socket"; + # tryFiles = lib.mkForce null; + #}; + locations."@proxy" = { + recommendedProxySettings = false; + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header Proxy ""; + proxy_pass_header Server; + + proxy_buffering on; + proxy_redirect off; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + tcp_nodelay on; + ''; + }; + }; + }) + ]; +} From 1f1851078c182bdcc703825e3301e9a7f416e994 Mon Sep 17 00:00:00 2001 From: Clayton Hickey Date: Sun, 8 Feb 2026 15:38:58 -0500 Subject: [PATCH 8/8] enable nginx error log on nixnas --- nixnas/nixnas.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixnas/nixnas.nix b/nixnas/nixnas.nix index 9d062c9..b822138 100644 --- a/nixnas/nixnas.nix +++ b/nixnas/nixnas.nix @@ -166,6 +166,7 @@ in }; }; + services.nginx.logError = "/var/log/nginx/error.log"; services.nginx.recommendedProxySettings = true; services.nginx.virtualHosts."hydra.claytonhickey.me" = { locations."/".proxyPass = "http://127.0.0.1:${builtins.toString hydraPort}";