From b380a09560f6746c5603ba16f7427f0f35b5786b Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Wed, 6 Nov 2024 16:33:10 +0100 Subject: [PATCH 01/15] Add gameserver-node-1 host --- config/hosts/gameserver-node-1/configuration.nix | 13 +++++++++++++ config/hosts/gameserver-node-1/default.nix | 6 ++++++ flake.nix | 3 ++- hosts.nix | 7 ++++--- 4 files changed, 25 insertions(+), 4 deletions(-) create mode 100644 config/hosts/gameserver-node-1/configuration.nix create mode 100644 config/hosts/gameserver-node-1/default.nix diff --git a/config/hosts/gameserver-node-1/configuration.nix b/config/hosts/gameserver-node-1/configuration.nix new file mode 100644 index 0000000..94a60e2 --- /dev/null +++ b/config/hosts/gameserver-node-1/configuration.nix @@ -0,0 +1,13 @@ +{ ... }: +{ + boot.loader.grub = { + enable = true; + device = "/dev/vda"; + }; + + networking = { + hostName = "gameserver-node-1"; + }; + + system.stateVersion = "24.05"; +} diff --git a/config/hosts/gameserver-node-1/default.nix b/config/hosts/gameserver-node-1/default.nix new file mode 100644 index 0000000..0167962 --- /dev/null +++ b/config/hosts/gameserver-node-1/default.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + imports = [ + ./configuration.nix + ]; +} diff --git a/flake.nix b/flake.nix index 5cf2232..326b07b 100644 --- a/flake.nix +++ b/flake.nix @@ -8,9 +8,10 @@ inputs.nixpkgs.follows = "nixpkgs"; }; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05"; + pterodactyl.url = "git+https://git.nekover.se/fi/pterodactyl.git"; }; - outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, ... }@inputs: + outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, pterodactyl, ... }@inputs: let hosts = import ./hosts.nix inputs; helper = import ./helper.nix inputs; diff --git a/hosts.nix b/hosts.nix index 363f377..61073ff 100644 --- a/hosts.nix +++ b/hosts.nix @@ -26,9 +26,10 @@ let }) hosts; in generateDefaults { - #fee = { - # site = "wg"; - #}; + gameserver-node-1 = { + site = "vs"; + environment = "proxmox"; + }; hydra = { site = "vs"; environment = "proxmox"; From fd6bf13e45a871bf00d3ceb45d3b6b58a83a32c1 Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Wed, 6 Nov 2024 16:39:40 +0100 Subject: [PATCH 02/15] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/dd6d18bf8d291daca03a444973bd4f9aa5c1f681?narHash=sha256-O2/v/ocUL0KsACqEIK5eD5XeX46duRIgKdOu6uCKarw%3D' (2024-10-28) → 'github:NixOS/nixpkgs/c128e44a249d6180740d0a979b6480d5b795c013?narHash=sha256-i85DPrhDuvzgvIWCpJlbfM2UFtNYbapo20MtQXsvay4%3D' (2024-11-06) • Updated input 'nixpkgs-master': 'github:NixOS/nixpkgs/ec7caabec9679b1a9008e0cbcfa4b14a2b600774?narHash=sha256-WPGVR8NW9ctqwLMtYV23b94ExQulTFoTKqD21WI3fbg%3D' (2024-10-29) → 'github:NixOS/nixpkgs/a40c3f1a5a8d3fa81fc4edc9dfa4719f8908b1d8?narHash=sha256-JTpBZcKpiz0/Fm5saVrTdPRsywNlBFz5pSdwMaVKwH8%3D' (2024-11-06) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/75e28c029ef2605f9841e0baa335d70065fe7ae2?narHash=sha256-P8wF4ag6Srmpb/gwskYpnIsnspbjZlRvu47iN527ABQ%3D' (2024-10-28) → 'github:NixOS/nixpkgs/1c07b97d2d4302baca8c61fa2d0d4632427972a7?narHash=sha256-OrCMJZ8qZftRplhoB%2BBksvoPLBOZQpH8mnACgPKNuMc%3D' (2024-11-06) • Added input 'pterodactyl': 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=67dbbc01133790a3a1e892cc4cb147413f5238ee' (2024-10-29) • Added input 'pterodactyl/nixpkgs': 'github:NixOS/nixpkgs/ccc0c2126893dd20963580b6478d1a10a4512185?narHash=sha256-4HQI%2B6LsO3kpWTYuVGIzhJs1cetFcwT7quWCk/6rqeo%3D' (2024-10-18) --- .../hosts/gameserver-node-1/configuration.nix | 15 ++++- flake.lock | 55 +++++++++++++++---- flake.nix | 6 +- 3 files changed, 63 insertions(+), 13 deletions(-) diff --git a/config/hosts/gameserver-node-1/configuration.nix b/config/hosts/gameserver-node-1/configuration.nix index 94a60e2..a16800f 100644 --- a/config/hosts/gameserver-node-1/configuration.nix +++ b/config/hosts/gameserver-node-1/configuration.nix @@ -1,4 +1,4 @@ -{ ... }: +{ pterodactyl, ... }: { boot.loader.grub = { enable = true; @@ -9,5 +9,18 @@ hostName = "gameserver-node-1"; }; + environment.systemPackages = [ + pterodactyl.packages."x86_64-linux".pterodactyl-wings + ]; + + imports = [ + pterodactyl.nixosModules.pterodactyl-wings + ]; + + services.wings = { + enable = true; + configuration = ""; + }; + system.stateVersion = "24.05"; } diff --git a/flake.lock b/flake.lock index 4534930..d6dfd27 100644 --- a/flake.lock +++ b/flake.lock @@ -70,11 +70,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730142757, - "narHash": "sha256-O2/v/ocUL0KsACqEIK5eD5XeX46duRIgKdOu6uCKarw=", + "lastModified": 1730891215, + "narHash": "sha256-i85DPrhDuvzgvIWCpJlbfM2UFtNYbapo20MtQXsvay4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dd6d18bf8d291daca03a444973bd4f9aa5c1f681", + "rev": "c128e44a249d6180740d0a979b6480d5b795c013", "type": "github" }, "original": { @@ -101,11 +101,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1730209337, - "narHash": "sha256-WPGVR8NW9ctqwLMtYV23b94ExQulTFoTKqD21WI3fbg=", + "lastModified": 1730906268, + "narHash": "sha256-JTpBZcKpiz0/Fm5saVrTdPRsywNlBFz5pSdwMaVKwH8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ec7caabec9679b1a9008e0cbcfa4b14a2b600774", + "rev": "a40c3f1a5a8d3fa81fc4edc9dfa4719f8908b1d8", "type": "github" }, "original": { @@ -117,11 +117,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1730157240, - "narHash": "sha256-P8wF4ag6Srmpb/gwskYpnIsnspbjZlRvu47iN527ABQ=", + "lastModified": 1730902633, + "narHash": "sha256-OrCMJZ8qZftRplhoB+BksvoPLBOZQpH8mnACgPKNuMc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "75e28c029ef2605f9841e0baa335d70065fe7ae2", + "rev": "1c07b97d2d4302baca8c61fa2d0d4632427972a7", "type": "github" }, "original": { @@ -132,6 +132,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1729265718, + "narHash": "sha256-4HQI+6LsO3kpWTYuVGIzhJs1cetFcwT7quWCk/6rqeo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ccc0c2126893dd20963580b6478d1a10a4512185", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1717602782, "narHash": "sha256-pL9jeus5QpX5R+9rsp3hhZ+uplVHscNJh8n8VpqscM0=", @@ -146,12 +162,31 @@ "type": "indirect" } }, + "pterodactyl": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1730231313, + "narHash": "sha256-8UdcF5PIHWB+wV/1lt4AgXz3KYk+VQIeDxC6lxLPWno=", + "ref": "refs/heads/main", + "rev": "67dbbc01133790a3a1e892cc4cb147413f5238ee", + "revCount": 3, + "type": "git", + "url": "https://git.nekover.se/fi/pterodactyl.git" + }, + "original": { + "type": "git", + "url": "https://git.nekover.se/fi/pterodactyl.git" + } + }, "root": { "inputs": { "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs", "nixpkgs-master": "nixpkgs-master", "nixpkgs-unstable": "nixpkgs-unstable", + "pterodactyl": "pterodactyl", "simple-nixos-mailserver": "simple-nixos-mailserver" } }, @@ -159,7 +194,7 @@ "inputs": { "blobs": "blobs", "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nixpkgs-24_05": "nixpkgs-24_05", "utils": "utils" }, diff --git a/flake.nix b/flake.nix index 326b07b..3aae2d8 100644 --- a/flake.nix +++ b/flake.nix @@ -8,7 +8,9 @@ inputs.nixpkgs.follows = "nixpkgs"; }; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05"; - pterodactyl.url = "git+https://git.nekover.se/fi/pterodactyl.git"; + pterodactyl = { + url = "git+https://git.nekover.se/fi/pterodactyl.git"; + }; }; outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, pterodactyl, ... }@inputs: @@ -29,7 +31,7 @@ nodeNixpkgs = builtins.mapAttrs (name: host: host.pkgs) hosts; specialArgs = { - inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver; + inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver pterodactyl; # Provide environment for secret key command keyCommandEnv = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" ]; From c2c21ecf45b296bed01677489080de079c741931 Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Wed, 6 Nov 2024 18:34:55 +0100 Subject: [PATCH 03/15] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-master': 'github:NixOS/nixpkgs/a40c3f1a5a8d3fa81fc4edc9dfa4719f8908b1d8?narHash=sha256-JTpBZcKpiz0/Fm5saVrTdPRsywNlBFz5pSdwMaVKwH8%3D' (2024-11-06) → 'github:NixOS/nixpkgs/d4d2ec47f6fd0eb521f1d14a34c811e1f514de89?narHash=sha256-MP5UtDIWS4KbtM90Ho33UF1RUjQTGbw/ub8JJZuToMg%3D' (2024-11-06) • Updated input 'pterodactyl': 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=67dbbc01133790a3a1e892cc4cb147413f5238ee' (2024-10-29) → 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=49d7a9adeb44a295f48cd84d8e7c638ef4be703d' (2024-11-06) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d6dfd27..d0db56d 100644 --- a/flake.lock +++ b/flake.lock @@ -101,11 +101,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1730906268, - "narHash": "sha256-JTpBZcKpiz0/Fm5saVrTdPRsywNlBFz5pSdwMaVKwH8=", + "lastModified": 1730913978, + "narHash": "sha256-MP5UtDIWS4KbtM90Ho33UF1RUjQTGbw/ub8JJZuToMg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a40c3f1a5a8d3fa81fc4edc9dfa4719f8908b1d8", + "rev": "d4d2ec47f6fd0eb521f1d14a34c811e1f514de89", "type": "github" }, "original": { @@ -167,10 +167,10 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1730231313, - "narHash": "sha256-8UdcF5PIHWB+wV/1lt4AgXz3KYk+VQIeDxC6lxLPWno=", + "lastModified": 1730914419, + "narHash": "sha256-S4st1khiOPeCZ0EduaTGKmBUdG97xRku25DUaZ/EIlY=", "ref": "refs/heads/main", - "rev": "67dbbc01133790a3a1e892cc4cb147413f5238ee", + "rev": "49d7a9adeb44a295f48cd84d8e7c638ef4be703d", "revCount": 3, "type": "git", "url": "https://git.nekover.se/fi/pterodactyl.git" From 9bd9ca6584d6c8168a3dcbe21272628856fa957f Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Wed, 6 Nov 2024 18:39:29 +0100 Subject: [PATCH 04/15] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'pterodactyl': 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=49d7a9adeb44a295f48cd84d8e7c638ef4be703d' (2024-11-06) → 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=c155ae111fb75532b6e8ac7dd7de538f23b51a95' (2024-11-06) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d0db56d..5fc24f6 100644 --- a/flake.lock +++ b/flake.lock @@ -167,10 +167,10 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1730914419, - "narHash": "sha256-S4st1khiOPeCZ0EduaTGKmBUdG97xRku25DUaZ/EIlY=", + "lastModified": 1730914761, + "narHash": "sha256-j2lruhf2JDagLMiwHAxagXXJUbK0pOHpEWIvLRkHU6A=", "ref": "refs/heads/main", - "rev": "49d7a9adeb44a295f48cd84d8e7c638ef4be703d", + "rev": "c155ae111fb75532b6e8ac7dd7de538f23b51a95", "revCount": 3, "type": "git", "url": "https://git.nekover.se/fi/pterodactyl.git" From 9c7e396a09484360c54a4e13320df97385c2df29 Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Wed, 6 Nov 2024 18:44:58 +0100 Subject: [PATCH 05/15] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-master': 'github:NixOS/nixpkgs/d4d2ec47f6fd0eb521f1d14a34c811e1f514de89?narHash=sha256-MP5UtDIWS4KbtM90Ho33UF1RUjQTGbw/ub8JJZuToMg%3D' (2024-11-06) → 'github:NixOS/nixpkgs/7cf19f381114cfbd5f1347848efcbf34aec73066?narHash=sha256-kOAok3imaFaor4jCFcpM16h/epnhsMp1TbzGfRF2xfk%3D' (2024-11-06) • Updated input 'pterodactyl': 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=c155ae111fb75532b6e8ac7dd7de538f23b51a95' (2024-11-06) → 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=ae698225308107d243f76dc45d1f6fab7ff95120' (2024-11-06) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 5fc24f6..0f13e21 100644 --- a/flake.lock +++ b/flake.lock @@ -101,11 +101,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1730913978, - "narHash": "sha256-MP5UtDIWS4KbtM90Ho33UF1RUjQTGbw/ub8JJZuToMg=", + "lastModified": 1730914863, + "narHash": "sha256-kOAok3imaFaor4jCFcpM16h/epnhsMp1TbzGfRF2xfk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d4d2ec47f6fd0eb521f1d14a34c811e1f514de89", + "rev": "7cf19f381114cfbd5f1347848efcbf34aec73066", "type": "github" }, "original": { @@ -167,10 +167,10 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1730914761, - "narHash": "sha256-j2lruhf2JDagLMiwHAxagXXJUbK0pOHpEWIvLRkHU6A=", + "lastModified": 1730915075, + "narHash": "sha256-RM/JJp1d5k1Hb4obydOUkqJpY4xSthBEGPcjh+upF0A=", "ref": "refs/heads/main", - "rev": "c155ae111fb75532b6e8ac7dd7de538f23b51a95", + "rev": "ae698225308107d243f76dc45d1f6fab7ff95120", "revCount": 3, "type": "git", "url": "https://git.nekover.se/fi/pterodactyl.git" From 137e263c9b5f061283897195acc68c7a0c4467e5 Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Wed, 6 Nov 2024 18:46:17 +0100 Subject: [PATCH 06/15] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'pterodactyl': 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=ae698225308107d243f76dc45d1f6fab7ff95120' (2024-11-06) → 'git+https://git.nekover.se/fi/pterodactyl.git?ref=refs/heads/main&rev=1eff87119f6e48b6b1d1afef468ee4ff1aebe333' (2024-11-06) --- config/hosts/gameserver-node-1/configuration.nix | 8 ++++---- flake.lock | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/config/hosts/gameserver-node-1/configuration.nix b/config/hosts/gameserver-node-1/configuration.nix index a16800f..fcdeeae 100644 --- a/config/hosts/gameserver-node-1/configuration.nix +++ b/config/hosts/gameserver-node-1/configuration.nix @@ -9,16 +9,16 @@ hostName = "gameserver-node-1"; }; - environment.systemPackages = [ - pterodactyl.packages."x86_64-linux".pterodactyl-wings - ]; + #environment.systemPackages = [ + # pterodactyl.packages."x86_64-linux".pterodactyl-wings + #]; imports = [ pterodactyl.nixosModules.pterodactyl-wings ]; services.wings = { - enable = true; + enable = false; configuration = ""; }; diff --git a/flake.lock b/flake.lock index 0f13e21..0da5a7b 100644 --- a/flake.lock +++ b/flake.lock @@ -167,10 +167,10 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1730915075, - "narHash": "sha256-RM/JJp1d5k1Hb4obydOUkqJpY4xSthBEGPcjh+upF0A=", + "lastModified": 1730915158, + "narHash": "sha256-qQvhHUbC5yKD6x/G0P2tvHoRf92Nd/QWB76CRnV5oyI=", "ref": "refs/heads/main", - "rev": "ae698225308107d243f76dc45d1f6fab7ff95120", + "rev": "1eff87119f6e48b6b1d1afef468ee4ff1aebe333", "revCount": 3, "type": "git", "url": "https://git.nekover.se/fi/pterodactyl.git" From 9a5345276b260064e621f42f52bef7449d72770b Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Thu, 7 Nov 2024 23:01:21 +0100 Subject: [PATCH 07/15] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/c128e44a249d6180740d0a979b6480d5b795c013?narHash=sha256-i85DPrhDuvzgvIWCpJlbfM2UFtNYbapo20MtQXsvay4%3D' (2024-11-06) → 'github:NixOS/nixpkgs/83fb6c028368e465cd19bb127b86f971a5e41ebc?narHash=sha256-rz30HrFYCHiWEBCKHMffHbMdWJ35hEkcRVU0h7ms3x0%3D' (2024-11-07) • Updated input 'nixpkgs-master': 'github:NixOS/nixpkgs/7cf19f381114cfbd5f1347848efcbf34aec73066?narHash=sha256-kOAok3imaFaor4jCFcpM16h/epnhsMp1TbzGfRF2xfk%3D' (2024-11-06) → 'github:NixOS/nixpkgs/f7516232a6bf821825c2bd114abcaec1bcd1e54d?narHash=sha256-u8U89hPPbGu627UNtd3H9/CPifDOrmsNGm2y83C9A0A%3D' (2024-11-07) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/1c07b97d2d4302baca8c61fa2d0d4632427972a7?narHash=sha256-OrCMJZ8qZftRplhoB%2BBksvoPLBOZQpH8mnACgPKNuMc%3D' (2024-11-06) → 'github:NixOS/nixpkgs/3aea494127aae5d08c4c501ea4ba27e6c185b822?narHash=sha256-5R9m921OhgOUNHVIxTS8%2BjZJokkZRsH7UOecxlchqZ8%3D' (2024-11-07) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 0da5a7b..3a30919 100644 --- a/flake.lock +++ b/flake.lock @@ -70,11 +70,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730891215, - "narHash": "sha256-i85DPrhDuvzgvIWCpJlbfM2UFtNYbapo20MtQXsvay4=", + "lastModified": 1730963269, + "narHash": "sha256-rz30HrFYCHiWEBCKHMffHbMdWJ35hEkcRVU0h7ms3x0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c128e44a249d6180740d0a979b6480d5b795c013", + "rev": "83fb6c028368e465cd19bb127b86f971a5e41ebc", "type": "github" }, "original": { @@ -101,11 +101,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1730914863, - "narHash": "sha256-kOAok3imaFaor4jCFcpM16h/epnhsMp1TbzGfRF2xfk=", + "lastModified": 1731015792, + "narHash": "sha256-u8U89hPPbGu627UNtd3H9/CPifDOrmsNGm2y83C9A0A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7cf19f381114cfbd5f1347848efcbf34aec73066", + "rev": "f7516232a6bf821825c2bd114abcaec1bcd1e54d", "type": "github" }, "original": { @@ -117,11 +117,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1730902633, - "narHash": "sha256-OrCMJZ8qZftRplhoB+BksvoPLBOZQpH8mnACgPKNuMc=", + "lastModified": 1730989260, + "narHash": "sha256-5R9m921OhgOUNHVIxTS8+jZJokkZRsH7UOecxlchqZ8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1c07b97d2d4302baca8c61fa2d0d4632427972a7", + "rev": "3aea494127aae5d08c4c501ea4ba27e6c185b822", "type": "github" }, "original": { From 154c98a25f45fdac840f0e7bbbec0045373d4b5e Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Thu, 7 Nov 2024 23:04:52 +0100 Subject: [PATCH 08/15] Set matrix host nixpkgs to unstable --- flake.nix | 2 +- hosts.nix | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 3aae2d8..1b59d82 100644 --- a/flake.nix +++ b/flake.nix @@ -34,7 +34,7 @@ inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver pterodactyl; # Provide environment for secret key command - keyCommandEnv = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" ]; + keyCommandEnv = [ "env" "GNUPGHOME=$HOME/.passinfra_gnupg" "PASSWORD_STORE_DIR=$HOME/pass/infra" ]; }; }; } // builtins.mapAttrs (helper.generateColmenaHost) hosts; diff --git a/hosts.nix b/hosts.nix index 61073ff..f954830 100644 --- a/hosts.nix +++ b/hosts.nix @@ -71,6 +71,7 @@ in environment = "proxmox"; }; matrix = { + hostNixpkgs = nixpkgs-unstable; site = "vs"; environment = "proxmox"; }; From ab301ab8e655b277c8b0f0ab3bc0ea17e713766a Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Thu, 7 Nov 2024 23:11:26 +0100 Subject: [PATCH 09/15] Remove matrix sliding sync options as it is now part of matrix-synapse --- config/hosts/matrix/matrix-synapse.nix | 10 +--------- config/hosts/matrix/secrets.nix | 8 -------- 2 files changed, 1 insertion(+), 17 deletions(-) diff --git a/config/hosts/matrix/matrix-synapse.nix b/config/hosts/matrix/matrix-synapse.nix index e719484..7f339bf 100644 --- a/config/hosts/matrix/matrix-synapse.nix +++ b/config/hosts/matrix/matrix-synapse.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ ... }: { services.matrix-synapse = { enable = true; @@ -55,12 +55,4 @@ "/secrets/matrix-keycloak-client-secret.secret" ]; }; - - services.matrix-sliding-sync = { - enable = true; - settings = { - SYNCV3_SERVER = config.services.matrix-synapse.settings.public_baseurl; - }; - environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret"; - }; } diff --git a/config/hosts/matrix/secrets.nix b/config/hosts/matrix/secrets.nix index 68e4771..a95309e 100644 --- a/config/hosts/matrix/secrets.nix +++ b/config/hosts/matrix/secrets.nix @@ -33,14 +33,6 @@ permissions = "0640"; uploadAt = "pre-activation"; }; - "matrix-SYNCV3_SECRET.secret" = { - keyCommand = keyCommandEnv ++ [ "pass" "matrix/SYNCV3_SECRET" ]; - destDir = "/secrets"; - user = "matrix-synapse"; - group = "matrix-synapse"; - permissions = "0640"; - uploadAt = "pre-activation"; - }; "matrix-keycloak-client-secret.secret" = { keyCommand = keyCommandEnv ++ [ "pass" "matrix/keycloak-client-secret" ]; destDir = "/secrets"; From a778d5ff640c1926e6f0487e55c91f8593e88956 Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Thu, 7 Nov 2024 23:17:34 +0100 Subject: [PATCH 10/15] Switch torrent host to nixpkgs unstable since qbittorrent-nox 4.6.4 is insecure --- hosts.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts.nix b/hosts.nix index f954830..2729070 100644 --- a/hosts.nix +++ b/hosts.nix @@ -110,6 +110,7 @@ in environment = "proxmox"; }; torrent = { + hostNixpkgs = nixpkgs-unstable; site = "vs"; environment = "proxmox"; }; From 88cdbcf49ed2e79bb71d868c84a47c87e1376c17 Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Thu, 7 Nov 2024 23:43:58 +0100 Subject: [PATCH 11/15] Update paperless host stateVersion to 24.05 --- config/hosts/paperless/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/hosts/paperless/configuration.nix b/config/hosts/paperless/configuration.nix index 494f08c..a48164e 100644 --- a/config/hosts/paperless/configuration.nix +++ b/config/hosts/paperless/configuration.nix @@ -13,5 +13,5 @@ }; }; - system.stateVersion = "23.05"; + system.stateVersion = "24.05"; } From 42b11fc05e95fbadc444d23ea4802d9adcd8372e Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Thu, 7 Nov 2024 23:49:07 +0100 Subject: [PATCH 12/15] Remove paperless from hosts as vm host is not online anymore --- hosts.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/hosts.nix b/hosts.nix index 2729070..820e5cb 100644 --- a/hosts.nix +++ b/hosts.nix @@ -96,10 +96,6 @@ in site = "vs"; environment = "proxmox"; }; - paperless = { - site = "wg"; - environment = "proxmox"; - }; coturn = { site = "vs"; environment = "proxmox"; From 35b9a0cedaf39b00267e2c40d41fcc446135e7f6 Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Fri, 8 Nov 2024 00:51:33 +0100 Subject: [PATCH 13/15] Format nginx matrix .well-known json --- .../web-public-2/virtualHosts/nekover.se.nix | 17 ++++++++++++++++- flake.nix | 2 +- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/config/hosts/web-public-2/virtualHosts/nekover.se.nix b/config/hosts/web-public-2/virtualHosts/nekover.se.nix index 08a61ea..19a7766 100644 --- a/config/hosts/web-public-2/virtualHosts/nekover.se.nix +++ b/config/hosts/web-public-2/virtualHosts/nekover.se.nix @@ -16,7 +16,22 @@ ''; }; locations."/.well-known/matrix/client" = { - return = "200 '{\"m.homeserver\": {\"base_url\": \"https://matrix.nekover.se\"}, \"m.identity_server\": {\"base_url\": \"https://vector.im\"}, \"org.matrix.msc3575.proxy\": {\"url\": \"https://matrix.nekover.se\"}, \"org.matrix.msc2965.authentication\": {\"issuer\": \"https://id.nekover.se/realms/nekoverse\", \"account\": \"https://id.nekover.se/realms/nekoverse/account/\"}}'"; + return = "200 ' + { + \"m.homeserver\": { + \"base_url\": \"https://matrix.nekover.se\" + }, + \"m.identity_server\": { + \"base_url\": \"https://vector.im\" + }, + \"org.matrix.msc3575.proxy\": { + \"url\": \"https://matrix.nekover.se\" + }, + \"org.matrix.msc2965.authentication\": { + \"issuer\": \"https://nekover.se/\", + \"account\": \"https://matrix-auth.nekover.se/account\" + } + }'"; extraConfig = '' default_type application/json; add_header Access-Control-Allow-Origin *; diff --git a/flake.nix b/flake.nix index 1b59d82..3aae2d8 100644 --- a/flake.nix +++ b/flake.nix @@ -34,7 +34,7 @@ inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver pterodactyl; # Provide environment for secret key command - keyCommandEnv = [ "env" "GNUPGHOME=$HOME/.passinfra_gnupg" "PASSWORD_STORE_DIR=$HOME/pass/infra" ]; + keyCommandEnv = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" ]; }; }; } // builtins.mapAttrs (helper.generateColmenaHost) hosts; From c6913d2be5efa54a773aeb5e178477db0eceb84d Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Fri, 8 Nov 2024 01:03:10 +0100 Subject: [PATCH 14/15] Install matrix-authentication-service package on matrix host --- config/hosts/matrix/default.nix | 1 + config/hosts/matrix/mas.nix | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 config/hosts/matrix/mas.nix diff --git a/config/hosts/matrix/default.nix b/config/hosts/matrix/default.nix index 27528b7..9b4da42 100644 --- a/config/hosts/matrix/default.nix +++ b/config/hosts/matrix/default.nix @@ -3,6 +3,7 @@ imports = [ ./configuration.nix ./hardware-configuration.nix + ./mas.nix ./postgresql.nix ./matrix-synapse.nix ./nginx.nix diff --git a/config/hosts/matrix/mas.nix b/config/hosts/matrix/mas.nix new file mode 100644 index 0000000..4750b5f --- /dev/null +++ b/config/hosts/matrix/mas.nix @@ -0,0 +1,6 @@ +{ pkgs, ... }: +{ + environment.systemPackages = with pkgs; [ + matrix-authentication-service + ]; +} From 94e279094a1b599b96b06903aea6929d5d0a9473 Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Fri, 8 Nov 2024 01:22:57 +0100 Subject: [PATCH 15/15] Create mas database in postgres initialScript --- config/hosts/matrix/postgresql.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/config/hosts/matrix/postgresql.nix b/config/hosts/matrix/postgresql.nix index 03b753a..06d10e2 100644 --- a/config/hosts/matrix/postgresql.nix +++ b/config/hosts/matrix/postgresql.nix @@ -8,6 +8,11 @@ TEMPLATE template0 LC_COLLATE = "C" LC_CTYPE = "C"; + CREATE ROLE "mas_user" WITH LOGIN PASSWORD 'mas'; + CREATE DATABASE "mas" WITH OWNER "mas_user" + TEMPLATE template0 + LC_COLLATE = "C" + LC_CTYPE = "C"; ''; }; }