enable nginx error log on nixnas

mastodon
move languini to nixnas
2026-02-08 15:39:12 -05:00 · 2026-02-08 15:39:12 -05:00 · 2026-02-08 15:39:12 -05:00 · 2026-02-08 15:39:12 -05:00 · 2026-02-08 15:39:12 -05:00 · 2026-02-08 15:39:12 -05:00
6 changed files with 348 additions and 28 deletions
--- a/cos.nix
+++ b/cos.nix
@ -9,7 +9,10 @@
    ./gnupg.nix
    ./bikeability.nix
    ./emacs.nix
+    ./minecraft/minecraft-servers.nix
+    ./mastodon.nix
    "${inputs.home-manager}/nixos"
+    inputs.nix-minecraft.nixosModules.minecraft-servers
  ];

  options.cos = {
@ -33,30 +36,36 @@
    };
  };

-  config.cos = {
-    knownPublicIPs = {
-      loadedskypotato = "50.116.49.95";
-    };
-    wireguard.clientPubOptionsMap = {
-      "loadedskypotato" = {
-        clientNumber = 1;
-        publicKey = "raOzdkhoag+sN2/KXz18F9ncmeTWhdmPJxQJkqsJ7FI=";
+  config = {
+    nixpkgs.overlays = [
+      inputs.nix-minecraft.overlay
+    ];
+
+    cos = {
+      knownPublicIPs = {
+        loadedskypotato = "50.116.49.95";
      };
-      "clhickey-nixos" = {
-        clientNumber = 3;
-        publicKey = "7Hi/p1DEnAejX5vf46ul1ZWAeGM9nuWWGXXr9f6sUWA=";
-      };
-      "nixnas" = {
-        clientNumber = 2;
-        publicKey = "TnuODb+I5wfF6z5wlwOFiRr4CKImY557OIXyZCXPSio=";
-      };
-      "phone" = {
-        clientNumber = 4;
-        publicKey = "UAP8/k1zWInrksQQAf0NuDUD1b0K0djDVUcYl+DNMEE=";
-      };
-      "desktop" = {
-        clientNumber = 5;
-        publicKey = "w054mlSBBq4u0ilTYfwc2xbb5Z+7kEigikSZ3R0u73w=";
+      wireguard.clientPubOptionsMap = {
+        "loadedskypotato" = {
+          clientNumber = 1;
+          publicKey = "raOzdkhoag+sN2/KXz18F9ncmeTWhdmPJxQJkqsJ7FI=";
+        };
+        "clhickey-nixos" = {
+          clientNumber = 3;
+          publicKey = "7Hi/p1DEnAejX5vf46ul1ZWAeGM9nuWWGXXr9f6sUWA=";
+        };
+        "nixnas" = {
+          clientNumber = 2;
+          publicKey = "TnuODb+I5wfF6z5wlwOFiRr4CKImY557OIXyZCXPSio=";
+        };
+        "phone" = {
+          clientNumber = 4;
+          publicKey = "UAP8/k1zWInrksQQAf0NuDUD1b0K0djDVUcYl+DNMEE=";
+        };
+        "desktop" = {
+          clientNumber = 5;
+          publicKey = "w054mlSBBq4u0ilTYfwc2xbb5Z+7kEigikSZ3R0u73w=";
+        };
      };
    };
  };
--- a/flake.lock
+++ b/flake.lock
@ -21,6 +21,22 @@
        "type": "github"
      }
    },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1747046372,
+        "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
    "flake-parts": {
      "inputs": {
        "nixpkgs-lib": [
@ -79,6 +95,24 @@
        "type": "github"
      }
    },
+    "flake-utils_3": {
+      "inputs": {
+        "systems": "systems_4"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
@ -129,6 +163,25 @@
        "type": "github"
      }
    },
+    "languini": {
+      "inputs": {
+        "nixpkgs": "nixpkgs",
+        "rust-overlay": "rust-overlay"
+      },
+      "locked": {
+        "lastModified": 1767569345,
+        "narHash": "sha256-ixEb89DxtqHDFlMZ/35UVd/1fqgPbhQmMor0MKepzk0=",
+        "ref": "refs/heads/master",
+        "rev": "614b49910876415d29a86eceb09831bb15c12246",
+        "revCount": 81,
+        "type": "git",
+        "url": "ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git"
+      }
+    },
    "mapnix": {
      "inputs": {
        "oldNixpkgs": "oldNixpkgs"
@ -147,7 +200,59 @@
        "type": "github"
      }
    },
+    "nix-minecraft": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "flake-utils": "flake-utils_2",
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "lastModified": 1766628630,
+        "narHash": "sha256-ULKQFi7/TohrfOsLP/ESfwvd1DjAuwwshLkgj5lqijM=",
+        "owner": "Infinidoge",
+        "repo": "nix-minecraft",
+        "rev": "649604ce765f36edee9abbb44f65d88575811c41",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Infinidoge",
+        "repo": "nix-minecraft",
+        "type": "github"
+      }
+    },
    "nixpkgs": {
+      "locked": {
+        "lastModified": 1763464769,
+        "narHash": "sha256-AJHrsT7VoeQzErpBRlLJM1SODcaayp0joAoEA35yiwM=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "6f374686605df381de8541c072038472a5ea2e2d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1748929857,
+        "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_3": {
      "locked": {
        "lastModified": 1764950072,
        "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=",
@ -163,7 +268,7 @@
        "type": "github"
      }
    },
-    "nixpkgs_2": {
+    "nixpkgs_4": {
      "locked": {
        "lastModified": 1742422364,
        "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=",
@ -261,8 +366,8 @@
    },
    "penn-nix": {
      "inputs": {
-        "flake-utils": "flake-utils_2",
-        "nixpkgs": "nixpkgs_2"
+        "flake-utils": "flake-utils_3",
+        "nixpkgs": "nixpkgs_4"
      },
      "locked": {
        "lastModified": 1742609439,
@ -282,12 +387,35 @@
      "inputs": {
        "cnvim": "cnvim",
        "home-manager": "home-manager",
+        "languini": "languini",
        "mapnix": "mapnix",
-        "nixpkgs": "nixpkgs",
+        "nix-minecraft": "nix-minecraft",
+        "nixpkgs": "nixpkgs_3",
        "osm-bikeability": "osm-bikeability",
        "penn-nix": "penn-nix"
      }
    },
+    "rust-overlay": {
+      "inputs": {
+        "nixpkgs": [
+          "languini",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1763606317,
+        "narHash": "sha256-lsq4Urmb9Iyg2zyg2yG6oMQk9yuaoIgy+jgvYM4guxA=",
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "rev": "a5615abaf30cfaef2e32f1ff9bd5ca94e2911371",
+        "type": "github"
+      },
+      "original": {
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "type": "github"
+      }
+    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
@ -332,6 +460,21 @@
        "repo": "default",
        "type": "github"
      }
+    },
+    "systems_4": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -17,6 +17,10 @@
      url = "github:clay53/osm-bikeability";
      flake = false;
    };
+    languini = {
+      url = "git+ssh://forgejo@10.100.0.1/TutorEngine/leptos_client.git";
+    };
+    nix-minecraft.url = "github:Infinidoge/nix-minecraft";
  };
  outputs = { self, nixpkgs, ... }@inputs: {
    nixosConfigurations.clhickey-nixos = nixpkgs.lib.nixosSystem {
@ -29,6 +33,7 @@
      specialArgs = { inherit inputs; };
      modules = [
        ./nixnas/nixnas.nix
+        inputs.languini.nixosModules.default
      ];
    };
  };
--- a/mastodon.nix
+++ b/mastodon.nix
@ -0,0 +1,62 @@
+{ config, lib, ... }:
+let
+  mastodonPort = 5328;
+in
+{
+  config = lib.mkMerge [
+    (lib.mkIf (config.networking.hostName == "nixnas") {
+      services.mastodon = {
+        enable = true;
+        localDomain = "claytonhickey.me";
+        smtp.fromAddress = "mastodon@claytonhickey.me";
+        streamingProcesses = 3;
+        extraConfig.SINGLE_USER_MODE = "true";
+        extraConfig.WEB_DOMAIN = "mastodon.claytonhickey.me";
+        #webPort = mastodonPort;
+        #enableUnixSocket = false;
+        trustedProxy = "127.0.0.1,10.100.0.1";
+        configureNginx = true;
+      };
+      networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [
+        mastodonPort
+      ];
+      services.nginx.virtualHosts."${config.services.mastodon.localDomain}" = {
+        forceSSL = false;
+        enableACME = false;
+
+        serverName = "mastodon.claytonhickey.me";
+
+        listen = [{
+          addr = "10.100.0.2";
+          port = mastodonPort;
+        } {
+          addr = "127.0.0.1";
+          port = mastodonPort;
+        }];
+
+        #locations."/" = {
+        #  proxyPass = "http://unix:/run/mastodon-web/web.socket";
+        #  tryFiles = lib.mkForce null;
+        #};
+        locations."@proxy" = {
+          recommendedProxySettings = false;
+          extraConfig = ''
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto https;
+            proxy_set_header Proxy "";
+            proxy_pass_header Server;
+
+            proxy_buffering on;
+            proxy_redirect off;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection $connection_upgrade;
+
+            tcp_nodelay on;
+          '';
+        };
+      };
+    })
+  ];
+}
--- a/minecraft/minecraft-servers.nix
+++ b/minecraft/minecraft-servers.nix
@ -0,0 +1,77 @@
+{ config, lib, pkgs, ... }:
+let
+  survivalPort = 25565;
+  creativePort = 25566;
+  users = {
+    clay53_clayton = "bc2653cd-6cb1-4d15-9d24-cce0d1e8811c";
+    fire_chase = "c2b1a7ff-abff-41cb-af2a-4a89e942d288";
+    piggywhipster = "6b4419bf-2a5f-4932-b779-33dcdbbf4c06";
+  };
+  defaultWhitelist = {
+    inherit (users)
+      clay53_clayton
+      fire_chase
+      piggywhipster
+      ;
+  };
+  defaultOperators = {
+    inherit (users)
+      clay53_clayton
+      fire_chase;
+  };
+  minRam = "512M";
+  maxRam = "1G";
+in
+{
+  config = lib.mkMerge [
+    (lib.mkIf (config.networking.hostName == "nixnas") {
+      services.minecraft-servers = {
+        enable = true;
+        eula = true;
+        openFirewall = false;
+        dataDir = "/Block/minecraft-servers";
+      };
+
+      services.minecraft-servers.servers.survival = {
+        enable = true;
+        autoStart = true;
+        restart = "always";
+        enableReload = false;
+        whitelist = defaultWhitelist;
+        operators = defaultOperators;
+        serverProperties = {
+          server-port = survivalPort;
+          difficulty = 3;
+          gamemode = 0;
+          motd = "Clayton Hickey's Survival";
+          white-list = true;
+        };
+        package = pkgs.minecraftServers.vanilla-1_21_11;
+        jvmOpts = "-Xms${minRam} -Xmx${maxRam}";
+      };
+
+      services.minecraft-servers.servers.creative = {
+        enable = true;
+        autoStart = true;
+        restart = "always";
+        enableReload = false;
+        whitelist = defaultWhitelist;
+        operators = defaultOperators;
+        serverProperties = {
+          server-port = creativePort;
+          difficulty = 3;
+          gamemode = 1;
+          motd = "Clayton Hickey's Creative";
+          white-list = true;
+        };
+        package = pkgs.minecraftServers.vanilla-1_21_11;
+        jvmOpts = "-Xms${minRam} -Xmx${maxRam}";
+      };
+
+      networking.firewall.interfaces.${config.cos.wireguard.interface}.allowedTCPPorts = [
+        survivalPort
+        creativePort
+      ];
+    })
+  ];
+}
--- a/nixnas/nixnas.nix
+++ b/nixnas/nixnas.nix
@ -33,6 +33,10 @@ in
    clientPort = 8001;
    openFirewall = true;
    firewallInterface = wireguardInterface;
+    fetchAndRenderTimerConfig = {
+      OnCalendar = "weekly";
+      Persistent = true;
+    };
  };

  networking = {
@ -46,6 +50,7 @@ in
            jellyfinPort
            hydraPort
            nextcloudPort
+            config.services.languini.port
          ];
          allowedUDPPorts = [
            config.networking.wireguard.interfaces.${wireguardInterface}.listenPort
@ -132,7 +137,7 @@ in
    extraApps = let apps = config.services.nextcloud.package.packages.apps; in {
      contacts = apps.contacts;
      calendar = apps.calendar;
-      #tasks = apps.tasks;
+      tasks = apps.tasks;
      news = apps.news;
      notes = apps.notes;
      forms = apps.forms;
@ -161,6 +166,7 @@ in
    };
  };

+  services.nginx.logError = "/var/log/nginx/error.log";
  services.nginx.recommendedProxySettings = true;
  services.nginx.virtualHosts."hydra.claytonhickey.me" = {
    locations."/".proxyPass = "http://127.0.0.1:${builtins.toString hydraPort}";
@ -176,6 +182,13 @@ in
    jwtSecretFile = "/Block/onlyoffice.jwt.secret";
  };

+  services.languini = {
+    enable = true;
+    stateDir = "/Block/languini";
+    host = wireguardIP;
+    port = 5267;
+  };
+
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

@ -211,7 +224,18 @@ in
    description = "Clayton Lopez Hickey";
    extraGroups = [ "networkmanager" "wheel" ];
    packages = with pkgs; [];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz"
+    ];
  };
+  
+  users.users.languini.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz"
+  ];
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfAsdqom/OjlYc5+XBVQwSh3AW5o5tZriwDgD9JvYz/ clayton@claytondoesthings.xyz"
+  ];

  services.getty.autologinUser = "clhickey";
Author	SHA1	Message	Date
Clayton Hickey	1f1851078c	enable nginx error log on nixnas	2026-02-08 15:39:12 -05:00
Clayton Hickey	6bd18dcc86	mastodon	2026-02-08 15:39:12 -05:00
Clayton Hickey	235582604f	move languini to nixnas	2026-02-08 15:39:12 -05:00
Clayton Hickey	ea6a36a5be	wireguard refactor	2026-02-08 15:39:12 -05:00
Clayton Hickey	e4963ba7de	reenable Nextcloud tasks	2026-02-08 15:39:12 -05:00
Clayton Hickey	adca9a7de0	ssh keys?	2026-02-08 15:39:12 -05:00
Clayton Hickey	c377d2ebef	update bikeability less often	2026-02-08 15:39:12 -05:00
Clayton Hickey	6291633247	add minecraft	2026-02-08 15:39:12 -05:00