Create mas database in postgres initialScript

Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/c128e44a249d6180740d0a979b6480d5b795c013?narHash=sha256-i85DPrhDuvzgvIWCpJlbfM2UFtNYbapo20MtQXsvay4%3D' (2024-11-06)
  → 'github:NixOS/nixpkgs/83fb6c028368e465cd19bb127b86f971a5e41ebc?narHash=sha256-rz30HrFYCHiWEBCKHMffHbMdWJ35hEkcRVU0h7ms3x0%3D' (2024-11-07)
• Updated input 'nixpkgs-master':
    'github:NixOS/nixpkgs/7cf19f381114cfbd5f1347848efcbf34aec73066?narHash=sha256-kOAok3imaFaor4jCFcpM16h/epnhsMp1TbzGfRF2xfk%3D' (2024-11-06)
  → 'github:NixOS/nixpkgs/f7516232a6bf821825c2bd114abcaec1bcd1e54d?narHash=sha256-u8U89hPPbGu627UNtd3H9/CPifDOrmsNGm2y83C9A0A%3D' (2024-11-07)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/1c07b97d2d4302baca8c61fa2d0d4632427972a7?narHash=sha256-OrCMJZ8qZftRplhoB%2BBksvoPLBOZQpH8mnACgPKNuMc%3D' (2024-11-06)
  → 'github:NixOS/nixpkgs/3aea494127aae5d08c4c501ea4ba27e6c185b822?narHash=sha256-5R9m921OhgOUNHVIxTS8%2BjZJokkZRsH7UOecxlchqZ8%3D' (2024-11-07)

config/hosts/gameserver-node-1/configuration.nix

@@ -0,0 +1,26 @@
+{ pterodactyl, ... }:
+{
+  boot.loader.grub = {
+    enable = true;
+    device = "/dev/vda";
+  };
+
+  networking = {
+    hostName = "gameserver-node-1";
+  };
+
+  #environment.systemPackages = [
+  #  pterodactyl.packages."x86_64-linux".pterodactyl-wings
+  #];
+
+  imports = [
+    pterodactyl.nixosModules.pterodactyl-wings
+  ];
+  
+  services.wings = {
+    enable = false;
+    configuration = "";
+  };
+
+  system.stateVersion = "24.05";
+}

config/hosts/gameserver-node-1/default.nix

@@ -0,0 +1,6 @@
+{ ... }:
+{
+  imports = [
+    ./configuration.nix
+  ];
+}

config/hosts/matrix/default.nix

@@ -3,6 +3,7 @@
   imports = [
     ./configuration.nix
     ./hardware-configuration.nix
+    ./mas.nix
     ./postgresql.nix
     ./matrix-synapse.nix
     ./nginx.nix

config/hosts/matrix/mas.nix

@@ -0,0 +1,6 @@
+{ pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    matrix-authentication-service
+  ];
+}

config/hosts/matrix/matrix-synapse.nix

@@ -1,4 +1,4 @@
-{ config, ... }:
+{ ... }:
 {
   services.matrix-synapse = {
     enable = true;
@@ -55,12 +55,4 @@
       "/secrets/matrix-keycloak-client-secret.secret"
     ];
   };
-
-  services.matrix-sliding-sync = {
-      enable = true;
-      settings = {
-        SYNCV3_SERVER = config.services.matrix-synapse.settings.public_baseurl;
-      };
-      environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret";
-  };
 }

config/hosts/matrix/postgresql.nix

@@ -8,6 +8,11 @@
         TEMPLATE template0
         LC_COLLATE = "C"
         LC_CTYPE = "C";
+      CREATE ROLE "mas_user" WITH LOGIN PASSWORD 'mas';
+      CREATE DATABASE "mas" WITH OWNER "mas_user"
+        TEMPLATE template0
+        LC_COLLATE = "C"
+        LC_CTYPE = "C";
     '';
   };
 }

config/hosts/matrix/secrets.nix

@@ -33,14 +33,6 @@
       permissions = "0640";
       uploadAt = "pre-activation";
     };
-    "matrix-SYNCV3_SECRET.secret" = {
-      keyCommand = keyCommandEnv ++ [ "pass" "matrix/SYNCV3_SECRET" ];
-      destDir = "/secrets";
-      user = "matrix-synapse";
-      group = "matrix-synapse";
-      permissions = "0640";
-      uploadAt = "pre-activation";
-    };
     "matrix-keycloak-client-secret.secret" = {
       keyCommand = keyCommandEnv ++ [ "pass" "matrix/keycloak-client-secret" ];
       destDir = "/secrets";

config/hosts/paperless/configuration.nix

@@ -13,5 +13,5 @@
     };
   };
 
-  system.stateVersion = "23.05";
+  system.stateVersion = "24.05";
 }

config/hosts/web-public-2/virtualHosts/nekover.se.nix

@@ -16,7 +16,22 @@
       '';
     };
     locations."/.well-known/matrix/client" = {
-      return = "200 '{\"m.homeserver\": {\"base_url\": \"https://matrix.nekover.se\"}, \"m.identity_server\": {\"base_url\": \"https://vector.im\"}, \"org.matrix.msc3575.proxy\": {\"url\": \"https://matrix.nekover.se\"}, \"org.matrix.msc2965.authentication\": {\"issuer\": \"https://id.nekover.se/realms/nekoverse\", \"account\": \"https://id.nekover.se/realms/nekoverse/account/\"}}'";
+      return = "200 '
+        {
+          \"m.homeserver\": {
+            \"base_url\": \"https://matrix.nekover.se\"
+          },
+          \"m.identity_server\": {
+            \"base_url\": \"https://vector.im\"
+          },
+          \"org.matrix.msc3575.proxy\": {
+            \"url\": \"https://matrix.nekover.se\"
+          },
+          \"org.matrix.msc2965.authentication\": {
+            \"issuer\": \"https://nekover.se/\",
+            \"account\": \"https://matrix-auth.nekover.se/account\"
+          }
+        }'";
       extraConfig = ''
         default_type application/json;
         add_header Access-Control-Allow-Origin *;

flake.lock

@@ -70,11 +70,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1730142757,
+        "lastModified": 1730963269,
-        "narHash": "sha256-O2/v/ocUL0KsACqEIK5eD5XeX46duRIgKdOu6uCKarw=",
+        "narHash": "sha256-rz30HrFYCHiWEBCKHMffHbMdWJ35hEkcRVU0h7ms3x0=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "dd6d18bf8d291daca03a444973bd4f9aa5c1f681",
+        "rev": "83fb6c028368e465cd19bb127b86f971a5e41ebc",
         "type": "github"
       },
       "original": {
@@ -101,11 +101,11 @@
     },
     "nixpkgs-master": {
       "locked": {
-        "lastModified": 1730209337,
+        "lastModified": 1731015792,
-        "narHash": "sha256-WPGVR8NW9ctqwLMtYV23b94ExQulTFoTKqD21WI3fbg=",
+        "narHash": "sha256-u8U89hPPbGu627UNtd3H9/CPifDOrmsNGm2y83C9A0A=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "ec7caabec9679b1a9008e0cbcfa4b14a2b600774",
+        "rev": "f7516232a6bf821825c2bd114abcaec1bcd1e54d",
         "type": "github"
       },
       "original": {
@@ -117,11 +117,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1730157240,
+        "lastModified": 1730989260,
-        "narHash": "sha256-P8wF4ag6Srmpb/gwskYpnIsnspbjZlRvu47iN527ABQ=",
+        "narHash": "sha256-5R9m921OhgOUNHVIxTS8+jZJokkZRsH7UOecxlchqZ8=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "75e28c029ef2605f9841e0baa335d70065fe7ae2",
+        "rev": "3aea494127aae5d08c4c501ea4ba27e6c185b822",
         "type": "github"
       },
       "original": {
@@ -132,6 +132,22 @@
       }
     },
     "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1729265718,
+        "narHash": "sha256-4HQI+6LsO3kpWTYuVGIzhJs1cetFcwT7quWCk/6rqeo=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "ccc0c2126893dd20963580b6478d1a10a4512185",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_3": {
       "locked": {
         "lastModified": 1717602782,
         "narHash": "sha256-pL9jeus5QpX5R+9rsp3hhZ+uplVHscNJh8n8VpqscM0=",
@@ -146,12 +162,31 @@
         "type": "indirect"
       }
     },
+    "pterodactyl": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "lastModified": 1730915158,
+        "narHash": "sha256-qQvhHUbC5yKD6x/G0P2tvHoRf92Nd/QWB76CRnV5oyI=",
+        "ref": "refs/heads/main",
+        "rev": "1eff87119f6e48b6b1d1afef468ee4ff1aebe333",
+        "revCount": 3,
+        "type": "git",
+        "url": "https://git.nekover.se/fi/pterodactyl.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://git.nekover.se/fi/pterodactyl.git"
+      }
+    },
     "root": {
       "inputs": {
         "nixos-generators": "nixos-generators",
         "nixpkgs": "nixpkgs",
         "nixpkgs-master": "nixpkgs-master",
         "nixpkgs-unstable": "nixpkgs-unstable",
+        "pterodactyl": "pterodactyl",
         "simple-nixos-mailserver": "simple-nixos-mailserver"
       }
     },
@@ -159,7 +194,7 @@
       "inputs": {
         "blobs": "blobs",
         "flake-compat": "flake-compat",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": "nixpkgs_3",
         "nixpkgs-24_05": "nixpkgs-24_05",
         "utils": "utils"
       },

flake.nix

@@ -8,9 +8,12 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
     simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05";
+    pterodactyl = {
+      url = "git+https://git.nekover.se/fi/pterodactyl.git";
+    };
   };
 
-  outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, ... }@inputs:
+  outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, pterodactyl, ... }@inputs:
   let
     hosts = import ./hosts.nix inputs;
     helper = import ./helper.nix inputs;
@@ -28,7 +31,7 @@
         nodeNixpkgs = builtins.mapAttrs (name: host: host.pkgs) hosts;
 
         specialArgs = {
-          inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver;
+          inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver pterodactyl;
 
           # Provide environment for secret key command
           keyCommandEnv = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" ];

hosts.nix

@@ -26,9 +26,10 @@ let
   }) hosts;
 in
   generateDefaults {
-    #fee = {
+    gameserver-node-1 = {
-    #  site = "wg";
+      site = "vs";
-    #};
+      environment = "proxmox";
+    };
     hydra = {
       site = "vs";
       environment = "proxmox";
@@ -70,6 +71,7 @@ in
       environment = "proxmox";
     };
     matrix = {
+      hostNixpkgs = nixpkgs-unstable;
       site = "vs";
       environment = "proxmox";
     };
@@ -94,10 +96,6 @@ in
       site = "vs";
       environment = "proxmox";
     };
-    paperless = {
-      site = "wg";
-      environment = "proxmox";
-    };
     coturn = {
       site = "vs";
       environment = "proxmox";
@@ -108,6 +106,7 @@ in
       environment = "proxmox";
     };
     torrent = {
+      hostNixpkgs = nixpkgs-unstable;
       site = "vs";
       environment = "proxmox";
     };