clay53/cos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: clay53:6fcb438f6753e23500eb767454485107efa7fa60
Branches Tags
clay53:master
..
compare: clay53:1f1851078c182bdcc703825e3301e9a7f416e994
Branches Tags
clay53:master

8 commits
6fcb438f67 ... 1f1851078c

Author SHA1 Message Date
Clayton Hickey
1f1851078c enable nginx error log on nixnas 2026-02-08 15:39:12 -05:00
Clayton Hickey
6bd18dcc86 mastodon 2026-02-08 15:39:12 -05:00
Clayton Hickey
235582604f move languini to nixnas 2026-02-08 15:39:12 -05:00
Clayton Hickey
ea6a36a5be wireguard refactor 2026-02-08 15:39:12 -05:00
Clayton Hickey
e4963ba7de reenable Nextcloud tasks 2026-02-08 15:39:12 -05:00
Clayton Hickey
adca9a7de0 ssh keys? 2026-02-08 15:39:12 -05:00
Clayton Hickey
c377d2ebef update bikeability less often 2026-02-08 15:39:12 -05:00
Clayton Hickey
6291633247 add minecraft 2026-02-08 15:39:12 -05:00
6 changed files with 348 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

55
cos.nix
View file

@ -9,7 +9,10 @@
./gnupg.nix ./gnupg.nix
./bikeability.nix ./bikeability.nix
./emacs.nix ./emacs.nix
./minecraft/minecraft-servers.nix
./mastodon.nix
"${inputs.home-manager}/nixos" "${inputs.home-manager}/nixos"
inputs.nix-minecraft.nixosModules.minecraft-servers
]; ];
options.cos = { options.cos = {
@ -33,30 +36,36 @@
}; };
}; };
config.cos = { config = {
knownPublicIPs = { nixpkgs.overlays = [
loadedskypotato = "50.116.49.95"; inputs.nix-minecraft.overlay
}; ];
wireguard.clientPubOptionsMap = {
"loadedskypotato" = { cos = {
clientNumber = 1; knownPublicIPs = {
publicKey = "raOzdkhoag+sN2/KXz18F9ncmeTWhdmPJxQJkqsJ7FI="; loadedskypotato = "50.116.49.95";
}; };
"clhickey-nixos" = { wireguard.clientPubOptionsMap = {
clientNumber = 3; "loadedskypotato" = {
publicKey = "7Hi/p1DEnAejX5vf46ul1ZWAeGM9nuWWGXXr9f6sUWA="; clientNumber = 1;
}; publicKey = "raOzdkhoag+sN2/KXz18F9ncmeTWhdmPJxQJkqsJ7FI=";
"nixnas" = { };
clientNumber = 2; "clhickey-nixos" = {
publicKey = "TnuODb+I5wfF6z5wlwOFiRr4CKImY557OIXyZCXPSio="; clientNumber = 3;
}; publicKey = "7Hi/p1DEnAejX5vf46ul1ZWAeGM9nuWWGXXr9f6sUWA=";
"phone" = { };
clientNumber = 4; "nixnas" = {
publicKey = "UAP8/k1zWInrksQQAf0NuDUD1b0K0djDVUcYl+DNMEE="; clientNumber = 2;
}; publicKey = "TnuODb+I5wfF6z5wlwOFiRr4CKImY557OIXyZCXPSio=";
"desktop" = { };
clientNumber = 5; "phone" = {
publicKey = "w054mlSBBq4u0ilTYfwc2xbb5Z+7kEigikSZ3R0u73w="; clientNumber = 4;
publicKey = "UAP8/k1zWInrksQQAf0NuDUD1b0K0djDVUcYl+DNMEE=";
};
"desktop" = {
clientNumber = 5;
publicKey = "w054mlSBBq4u0ilTYfwc2xbb5Z+7kEigikSZ3R0u73w=";
};
}; };
}; };
}; };

151
flake.lock generated
View file

@ -21,6 +21,22 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
@ -79,6 +95,24 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_3": {
"inputs": {
"systems": "systems_4"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -129,6 +163,25 @@
"type": "github" "type": "github"
} }
}, },
"languini": {
"inputs": {
"nixpkgs": "nixpkgs",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1767569345,
"narHash": "sha256-ixEb89DxtqHDFlMZ/35UVd/1fqgPbhQmMor0MKepzk0=",
"ref": "refs/heads/master",
"rev": "614b49910876415d29a86eceb09831bb15c12246",
"revCount": 81,
"type": "git",
"url": "ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git"
},
"original": {
"type": "git",
"url": "ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git"
}
},
"mapnix": { "mapnix": {
"inputs": { "inputs": {
"oldNixpkgs": "oldNixpkgs" "oldNixpkgs": "oldNixpkgs"
@ -147,7 +200,59 @@
"type": "github" "type": "github"
} }
}, },
"nix-minecraft": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1766628630,
"narHash": "sha256-ULKQFi7/TohrfOsLP/ESfwvd1DjAuwwshLkgj5lqijM=",
"owner": "Infinidoge",
"repo": "nix-minecraft",
"rev": "649604ce765f36edee9abbb44f65d88575811c41",
"type": "github"
},
"original": {
"owner": "Infinidoge",
"repo": "nix-minecraft",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": {
"lastModified": 1763464769,
"narHash": "sha256-AJHrsT7VoeQzErpBRlLJM1SODcaayp0joAoEA35yiwM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6f374686605df381de8541c072038472a5ea2e2d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1748929857,
"narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1764950072, "lastModified": 1764950072,
"narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=",
@ -163,7 +268,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1742422364, "lastModified": 1742422364,
"narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=", "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=",
@ -261,8 +366,8 @@
}, },
"penn-nix": { "penn-nix": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_4"
}, },
"locked": { "locked": {
"lastModified": 1742609439, "lastModified": 1742609439,
@ -282,12 +387,35 @@
"inputs": { "inputs": {
"cnvim": "cnvim", "cnvim": "cnvim",
"home-manager": "home-manager", "home-manager": "home-manager",
"languini": "languini",
"mapnix": "mapnix", "mapnix": "mapnix",
"nixpkgs": "nixpkgs", "nix-minecraft": "nix-minecraft",
"nixpkgs": "nixpkgs_3",
"osm-bikeability": "osm-bikeability", "osm-bikeability": "osm-bikeability",
"penn-nix": "penn-nix" "penn-nix": "penn-nix"
} }
}, },
"rust-overlay": {
"inputs": {
"nixpkgs": [
"languini",
"nixpkgs"
]
},
"locked": {
"lastModified": 1763606317,
"narHash": "sha256-lsq4Urmb9Iyg2zyg2yG6oMQk9yuaoIgy+jgvYM4guxA=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "a5615abaf30cfaef2e32f1ff9bd5ca94e2911371",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
@ -332,6 +460,21 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

5
flake.nix
View file

@ -17,6 +17,10 @@
url = "github:clay53/osm-bikeability"; url = "github:clay53/osm-bikeability";
flake = false; flake = false;
}; };
languini = {
url = "git+ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git";
};
nix-minecraft.url = "github:Infinidoge/nix-minecraft";
}; };
outputs = { self, nixpkgs, ... }@inputs: { outputs = { self, nixpkgs, ... }@inputs: {
nixosConfigurations.clhickey-nixos = nixpkgs.lib.nixosSystem { nixosConfigurations.clhickey-nixos = nixpkgs.lib.nixosSystem {
@ -29,6 +33,7 @@
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = [ modules = [
./nixnas/nixnas.nix ./nixnas/nixnas.nix
inputs.languini.nixosModules.default
]; ];
}; };
}; };

62
mastodon.nix Normal file
View file

@ -0,0 +1,62 @@
{ config, lib, ... }:
let
mastodonPort = 5328;
in
{
config = lib.mkMerge [
(lib.mkIf (config.networking.hostName == "nixnas") {
services.mastodon = {
enable = true;
localDomain = "claytonhickey.me";
smtp.fromAddress = "mastodon@claytonhickey.me";
streamingProcesses = 3;
extraConfig.SINGLE_USER_MODE = "true";
extraConfig.WEB_DOMAIN = "mastodon.claytonhickey.me";
#webPort = mastodonPort;
#enableUnixSocket = false;
trustedProxy = "127.0.0.1,10.100.0.1";
configureNginx = true;
};
networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [
mastodonPort
];
services.nginx.virtualHosts."${config.services.mastodon.localDomain}" = {
forceSSL = false;
enableACME = false;
serverName = "mastodon.claytonhickey.me";
listen = [{
addr = "10.100.0.2";
port = mastodonPort;
} {
addr = "127.0.0.1";
port = mastodonPort;
}];
#locations."/" = {
# proxyPass = "http://unix:/run/mastodon-web/web.socket";
# tryFiles = lib.mkForce null;
#};
locations."@proxy" = {
recommendedProxySettings = false;
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass_header Server;
proxy_buffering on;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
tcp_nodelay on;
'';
};
};
})
];
}

77
minecraft/minecraft-servers.nix Normal file
View file

@ -0,0 +1,77 @@
{ config, lib, pkgs, ... }:
let
survivalPort = 25565;
creativePort = 25566;
users = {
clay53_clayton = "bc2653cd-6cb1-4d15-9d24-cce0d1e8811c";
fire_chase = "c2b1a7ff-abff-41cb-af2a-4a89e942d288";
piggywhipster = "6b4419bf-2a5f-4932-b779-33dcdbbf4c06";
};
defaultWhitelist = {
inherit (users)
clay53_clayton
fire_chase
piggywhipster
;
};
defaultOperators = {
inherit (users)
clay53_clayton
fire_chase;
};
minRam = "512M";
maxRam = "1G";
in
{
config = lib.mkMerge [
(lib.mkIf (config.networking.hostName == "nixnas") {
services.minecraft-servers = {
enable = true;
eula = true;
openFirewall = false;
dataDir = "/Block/minecraft-servers";
};
services.minecraft-servers.servers.survival = {
enable = true;
autoStart = true;
restart = "always";
enableReload = false;
whitelist = defaultWhitelist;
operators = defaultOperators;
serverProperties = {
server-port = survivalPort;
difficulty = 3;
gamemode = 0;
motd = "Clayton Hickey's Survival";
white-list = true;
};
package = pkgs.minecraftServers.vanilla-1_21_11;
jvmOpts = "-Xms${minRam} -Xmx${maxRam}";
};
services.minecraft-servers.servers.creative = {
enable = true;
autoStart = true;
restart = "always";
enableReload = false;
whitelist = defaultWhitelist;
operators = defaultOperators;
serverProperties = {
server-port = creativePort;
difficulty = 3;
gamemode = 1;
motd = "Clayton Hickey's Creative";
white-list = true;
};
package = pkgs.minecraftServers.vanilla-1_21_11;
jvmOpts = "-Xms${minRam} -Xmx${maxRam}";
};
networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [
survivalPort
creativePort
];
})
];
}

26
nixnas/nixnas.nix
View file

@ -33,6 +33,10 @@ in
clientPort = 8001; clientPort = 8001;
openFirewall = true; openFirewall = true;
firewallInterface = wireguardInterface; firewallInterface = wireguardInterface;
fetchAndRenderTimerConfig = {
OnCalendar = "weekly";
Persistent = true;
};
}; };
networking = { networking = {
@ -46,6 +50,7 @@ in
jellyfinPort jellyfinPort
hydraPort hydraPort
nextcloudPort nextcloudPort
config.services.languini.port
]; ];
allowedUDPPorts = [ allowedUDPPorts = [
config.networking.wireguard.interfaces.${wireguardInterface}.listenPort config.networking.wireguard.interfaces.${wireguardInterface}.listenPort
@ -132,7 +137,7 @@ in
extraApps = let apps = config.services.nextcloud.package.packages.apps; in { extraApps = let apps = config.services.nextcloud.package.packages.apps; in {
contacts = apps.contacts; contacts = apps.contacts;
calendar = apps.calendar; calendar = apps.calendar;
#tasks = apps.tasks; tasks = apps.tasks;
news = apps.news; news = apps.news;
notes = apps.notes; notes = apps.notes;
forms = apps.forms; forms = apps.forms;
@ -161,6 +166,7 @@ in
}; };
}; };
services.nginx.logError = "/var/log/nginx/error.log";
services.nginx.recommendedProxySettings = true; services.nginx.recommendedProxySettings = true;
services.nginx.virtualHosts."hydra.claytonhickey.me" = { services.nginx.virtualHosts."hydra.claytonhickey.me" = {
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString hydraPort}"; locations."/".proxyPass = "http://127.0.0.1:${builtins.toString hydraPort}";
@ -176,6 +182,13 @@ in
jwtSecretFile = "/Block/onlyoffice.jwt.secret"; jwtSecretFile = "/Block/onlyoffice.jwt.secret";
}; };
services.languini = {
enable = true;
stateDir = "/Block/languini";
host = wireguardIP;
port = 5267;
};
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -211,7 +224,18 @@ in
description = "Clayton Lopez Hickey"; description = "Clayton Lopez Hickey";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; []; packages = with pkgs; [];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz"
];
}; };
users.users.languini.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz"
];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz"
];
services.getty.autologinUser = "clhickey"; services.getty.autologinUser = "clhickey";