diff --git a/config/hosts/gameserver-node-1/configuration.nix b/config/hosts/gameserver-node-1/configuration.nix new file mode 100644 index 0000000..fcdeeae --- /dev/null +++ b/config/hosts/gameserver-node-1/configuration.nix @@ -0,0 +1,26 @@ +{ pterodactyl, ... }: +{ + boot.loader.grub = { + enable = true; + device = "/dev/vda"; + }; + + networking = { + hostName = "gameserver-node-1"; + }; + + #environment.systemPackages = [ + # pterodactyl.packages."x86_64-linux".pterodactyl-wings + #]; + + imports = [ + pterodactyl.nixosModules.pterodactyl-wings + ]; + + services.wings = { + enable = false; + configuration = ""; + }; + + system.stateVersion = "24.05"; +} diff --git a/config/hosts/gameserver-node-1/default.nix b/config/hosts/gameserver-node-1/default.nix new file mode 100644 index 0000000..0167962 --- /dev/null +++ b/config/hosts/gameserver-node-1/default.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + imports = [ + ./configuration.nix + ]; +} diff --git a/config/hosts/matrix/default.nix b/config/hosts/matrix/default.nix index 27528b7..9b4da42 100644 --- a/config/hosts/matrix/default.nix +++ b/config/hosts/matrix/default.nix @@ -3,6 +3,7 @@ imports = [ ./configuration.nix ./hardware-configuration.nix + ./mas.nix ./postgresql.nix ./matrix-synapse.nix ./nginx.nix diff --git a/config/hosts/matrix/mas.nix b/config/hosts/matrix/mas.nix new file mode 100644 index 0000000..4750b5f --- /dev/null +++ b/config/hosts/matrix/mas.nix @@ -0,0 +1,6 @@ +{ pkgs, ... }: +{ + environment.systemPackages = with pkgs; [ + matrix-authentication-service + ]; +} diff --git a/config/hosts/matrix/matrix-synapse.nix b/config/hosts/matrix/matrix-synapse.nix index e719484..7f339bf 100644 --- a/config/hosts/matrix/matrix-synapse.nix +++ b/config/hosts/matrix/matrix-synapse.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ ... }: { services.matrix-synapse = { enable = true; @@ -55,12 +55,4 @@ "/secrets/matrix-keycloak-client-secret.secret" ]; }; - - services.matrix-sliding-sync = { - enable = true; - settings = { - SYNCV3_SERVER = config.services.matrix-synapse.settings.public_baseurl; - }; - environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret"; - }; } diff --git a/config/hosts/matrix/postgresql.nix b/config/hosts/matrix/postgresql.nix index 03b753a..06d10e2 100644 --- a/config/hosts/matrix/postgresql.nix +++ b/config/hosts/matrix/postgresql.nix @@ -8,6 +8,11 @@ TEMPLATE template0 LC_COLLATE = "C" LC_CTYPE = "C"; + CREATE ROLE "mas_user" WITH LOGIN PASSWORD 'mas'; + CREATE DATABASE "mas" WITH OWNER "mas_user" + TEMPLATE template0 + LC_COLLATE = "C" + LC_CTYPE = "C"; ''; }; } diff --git a/config/hosts/matrix/secrets.nix b/config/hosts/matrix/secrets.nix index 68e4771..a95309e 100644 --- a/config/hosts/matrix/secrets.nix +++ b/config/hosts/matrix/secrets.nix @@ -33,14 +33,6 @@ permissions = "0640"; uploadAt = "pre-activation"; }; - "matrix-SYNCV3_SECRET.secret" = { - keyCommand = keyCommandEnv ++ [ "pass" "matrix/SYNCV3_SECRET" ]; - destDir = "/secrets"; - user = "matrix-synapse"; - group = "matrix-synapse"; - permissions = "0640"; - uploadAt = "pre-activation"; - }; "matrix-keycloak-client-secret.secret" = { keyCommand = keyCommandEnv ++ [ "pass" "matrix/keycloak-client-secret" ]; destDir = "/secrets"; diff --git a/config/hosts/paperless/configuration.nix b/config/hosts/paperless/configuration.nix index 494f08c..a48164e 100644 --- a/config/hosts/paperless/configuration.nix +++ b/config/hosts/paperless/configuration.nix @@ -13,5 +13,5 @@ }; }; - system.stateVersion = "23.05"; + system.stateVersion = "24.05"; } diff --git a/config/hosts/web-public-2/virtualHosts/nekover.se.nix b/config/hosts/web-public-2/virtualHosts/nekover.se.nix index 08a61ea..19a7766 100644 --- a/config/hosts/web-public-2/virtualHosts/nekover.se.nix +++ b/config/hosts/web-public-2/virtualHosts/nekover.se.nix @@ -16,7 +16,22 @@ ''; }; locations."/.well-known/matrix/client" = { - return = "200 '{\"m.homeserver\": {\"base_url\": \"https://matrix.nekover.se\"}, \"m.identity_server\": {\"base_url\": \"https://vector.im\"}, \"org.matrix.msc3575.proxy\": {\"url\": \"https://matrix.nekover.se\"}, \"org.matrix.msc2965.authentication\": {\"issuer\": \"https://id.nekover.se/realms/nekoverse\", \"account\": \"https://id.nekover.se/realms/nekoverse/account/\"}}'"; + return = "200 ' + { + \"m.homeserver\": { + \"base_url\": \"https://matrix.nekover.se\" + }, + \"m.identity_server\": { + \"base_url\": \"https://vector.im\" + }, + \"org.matrix.msc3575.proxy\": { + \"url\": \"https://matrix.nekover.se\" + }, + \"org.matrix.msc2965.authentication\": { + \"issuer\": \"https://nekover.se/\", + \"account\": \"https://matrix-auth.nekover.se/account\" + } + }'"; extraConfig = '' default_type application/json; add_header Access-Control-Allow-Origin *; diff --git a/flake.lock b/flake.lock index 4534930..3a30919 100644 --- a/flake.lock +++ b/flake.lock @@ -70,11 +70,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730142757, - "narHash": "sha256-O2/v/ocUL0KsACqEIK5eD5XeX46duRIgKdOu6uCKarw=", + "lastModified": 1730963269, + "narHash": "sha256-rz30HrFYCHiWEBCKHMffHbMdWJ35hEkcRVU0h7ms3x0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dd6d18bf8d291daca03a444973bd4f9aa5c1f681", + "rev": "83fb6c028368e465cd19bb127b86f971a5e41ebc", "type": "github" }, "original": { @@ -101,11 +101,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1730209337, - "narHash": "sha256-WPGVR8NW9ctqwLMtYV23b94ExQulTFoTKqD21WI3fbg=", + "lastModified": 1731015792, + "narHash": "sha256-u8U89hPPbGu627UNtd3H9/CPifDOrmsNGm2y83C9A0A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ec7caabec9679b1a9008e0cbcfa4b14a2b600774", + "rev": "f7516232a6bf821825c2bd114abcaec1bcd1e54d", "type": "github" }, "original": { @@ -117,11 +117,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1730157240, - "narHash": "sha256-P8wF4ag6Srmpb/gwskYpnIsnspbjZlRvu47iN527ABQ=", + "lastModified": 1730989260, + "narHash": "sha256-5R9m921OhgOUNHVIxTS8+jZJokkZRsH7UOecxlchqZ8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "75e28c029ef2605f9841e0baa335d70065fe7ae2", + "rev": "3aea494127aae5d08c4c501ea4ba27e6c185b822", "type": "github" }, "original": { @@ -132,6 +132,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1729265718, + "narHash": "sha256-4HQI+6LsO3kpWTYuVGIzhJs1cetFcwT7quWCk/6rqeo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ccc0c2126893dd20963580b6478d1a10a4512185", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1717602782, "narHash": "sha256-pL9jeus5QpX5R+9rsp3hhZ+uplVHscNJh8n8VpqscM0=", @@ -146,12 +162,31 @@ "type": "indirect" } }, + "pterodactyl": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1730915158, + "narHash": "sha256-qQvhHUbC5yKD6x/G0P2tvHoRf92Nd/QWB76CRnV5oyI=", + "ref": "refs/heads/main", + "rev": "1eff87119f6e48b6b1d1afef468ee4ff1aebe333", + "revCount": 3, + "type": "git", + "url": "https://git.nekover.se/fi/pterodactyl.git" + }, + "original": { + "type": "git", + "url": "https://git.nekover.se/fi/pterodactyl.git" + } + }, "root": { "inputs": { "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs", "nixpkgs-master": "nixpkgs-master", "nixpkgs-unstable": "nixpkgs-unstable", + "pterodactyl": "pterodactyl", "simple-nixos-mailserver": "simple-nixos-mailserver" } }, @@ -159,7 +194,7 @@ "inputs": { "blobs": "blobs", "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nixpkgs-24_05": "nixpkgs-24_05", "utils": "utils" }, diff --git a/flake.nix b/flake.nix index 5cf2232..3aae2d8 100644 --- a/flake.nix +++ b/flake.nix @@ -8,9 +8,12 @@ inputs.nixpkgs.follows = "nixpkgs"; }; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05"; + pterodactyl = { + url = "git+https://git.nekover.se/fi/pterodactyl.git"; + }; }; - outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, ... }@inputs: + outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, pterodactyl, ... }@inputs: let hosts = import ./hosts.nix inputs; helper = import ./helper.nix inputs; @@ -28,7 +31,7 @@ nodeNixpkgs = builtins.mapAttrs (name: host: host.pkgs) hosts; specialArgs = { - inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver; + inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver pterodactyl; # Provide environment for secret key command keyCommandEnv = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" ]; diff --git a/hosts.nix b/hosts.nix index 363f377..820e5cb 100644 --- a/hosts.nix +++ b/hosts.nix @@ -26,9 +26,10 @@ let }) hosts; in generateDefaults { - #fee = { - # site = "wg"; - #}; + gameserver-node-1 = { + site = "vs"; + environment = "proxmox"; + }; hydra = { site = "vs"; environment = "proxmox"; @@ -70,6 +71,7 @@ in environment = "proxmox"; }; matrix = { + hostNixpkgs = nixpkgs-unstable; site = "vs"; environment = "proxmox"; }; @@ -94,10 +96,6 @@ in site = "vs"; environment = "proxmox"; }; - paperless = { - site = "wg"; - environment = "proxmox"; - }; coturn = { site = "vs"; environment = "proxmox"; @@ -108,6 +106,7 @@ in environment = "proxmox"; }; torrent = { + hostNixpkgs = nixpkgs-unstable; site = "vs"; environment = "proxmox"; };