diff --git a/flake.nix b/flake.nix index 8783b95..d53405d 100644 --- a/flake.nix +++ b/flake.nix @@ -12,6 +12,9 @@ ssbm.url = "github:lytedev/ssbm-nix/my-nixpkgs"; + # doesn't support the forge mod loader yet + # nix-minecraft.url = "github:Infinidoge/nix-minecraft"; + # need to bump ishiiruka upstream I think # slippi-desktop.url = "github:project-slippi/slippi-desktop-app"; # slippi-desktop.flake = false; diff --git a/nixos/beefcake/default.nix b/nixos/beefcake/default.nix index 9b4422b..5b31517 100644 --- a/nixos/beefcake/default.nix +++ b/nixos/beefcake/default.nix @@ -8,6 +8,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x01 0x00 sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00 */ { + # inputs, outputs, modulesPath, config, @@ -17,6 +18,11 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00 imports = [ (modulesPath + "/installer/scan/not-detected.nix") outputs.nixosModules.intel + # inputs.nix-minecraft.nixosModules.minecraft-servers + ]; + + nixpkgs.overlays = [ + # inputs.nix-minecraft.overlay ]; boot.initrd.availableKernelModules = ["ehci_pci" "megaraid_sas" "usbhid" "uas" "sd_mod"]; @@ -220,6 +226,14 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00 group = "plausible"; }; + users.groups.jland = {}; + users.users.jland = { + # used for running the jland minecraft server + isSystemUser = true; + createHome = false; + group = "jland"; + }; + users.users.nextcloud = { # used for anonymous samba access isSystemUser = true; @@ -504,25 +518,25 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00 ]; }; - services.lidarr = { - enable = true; - dataDir = "/storage/lidarr"; - }; + # services.lidarr = { + # enable = true; + # dataDir = "/storage/lidarr"; + # }; - services.radarr = { - enable = true; - dataDir = "/storage/radarr"; - }; + # services.radarr = { + # enable = true; + # dataDir = "/storage/radarr"; + # }; - services.sonarr = { - enable = true; - dataDir = "/storage/sonarr"; - }; + # services.sonarr = { + # enable = true; + # dataDir = "/storage/sonarr"; + # }; - services.bazarr = { - enable = true; - listenPort = 6767; - }; + # services.bazarr = { + # enable = true; + # listenPort = 6767; + # }; services.samba-wsdd.enable = true; @@ -653,6 +667,51 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00 }; }; + # services.minecraft-servers.servers.jland = { + # enable = true; + # package = pkgs.fabricServers.fabric-1_19_2.override {loaderVersion = "0.14.9";}; + # # Monumental Experience, modpack version 2.2.53, minecraft version 1.19.2 + # # https://www.curseforge.com/minecraft/modpacks/monumental-experience/files/4826863 + # # $ nix run nixpkgs#packwiz curseforge import Monumental+Experience-2.2.53.zip + # }; + + config.virtualisation.backend = "podman"; + config.virtualisation.oci-containers.containers = { + minecraft-jland = { + # sending commands: https://docker-minecraft-server.readthedocs.io/en/latest/commands/ + image = "docker.io/itzg/minecraft-server"; + user = "jland"; + extraOptions = [ + "--tty" + "--interactive" + ]; + environment = { + EULA = "true"; + UID = toString config.users.jland.uid; + GID = toString config.users.jland.gid; + STOP_SERVER_ANNOUNCE_DELAY = "20"; + TZ = "America/Chicago"; + TYPE = "AUTO_CURSEFORGE"; + VERSION = "1.19.2"; + MAX_MEMORY = "8G"; + CF_SLUG = "all-the-mods-8"; # monumental-experience + CF_FILE_ID = "4826863"; # 2.2.53 + + # ENABLE_AUTOPAUSE = "true"; # TODO: must increate or disable max-tick-time + # May also have mod/loader incompatibilities? + # https://docker-minecraft-server.readthedocs.io/en/latest/misc/autopause-autostop/autopause/ + }; + environmentFiles = [ + config.sops.secrets."jland.env".path + ]; + ports = ["127.0.0.1:25565:25565"]; + volumes = [ + "/storage/jland/data:/data" + "/storage/jland/worlds:/worlds" + ]; + }; + }; + networking.firewall.allowedTCPPorts = [ 80 # http (caddy) 443 # https (caddy) diff --git a/secrets/beefcake/secrets.yml b/secrets/beefcake/secrets.yml index 6f49877..1fa05f1 100644 --- a/secrets/beefcake/secrets.yml +++ b/secrets/beefcake/secrets.yml @@ -12,6 +12,7 @@ plausible-admin-password: ENC[AES256_GCM,data:dC9olypZgMLdPOsmjthOaa/fMLtbGBlF9A plausible-erlang-cookie: ENC[AES256_GCM,data:zhmC+D6EjIE8Rw91lIrMqY0QIazTX1e1jBzcZJP/76B9VvHWZ5bCkP1+KdfCY0lk3wIEq5vRfb8=,iv:RNNjlV3OFtXn1N0a5fEb/3FWzcHX19wtCLMdaVlKNJ0=,tag:8iU5oFVbzd0eMe5Mo1PiAw==,type:str] plausible-secret-key-base: ENC[AES256_GCM,data:ylakPGzY4S9640krl0fxYgm0Getf0+I7zthyTqTD/IpVhz5xgYBYx3Y2lSNa9Oi9yQ7+f9OdOBC6nc7n6MuUBg==,iv:YLPax/cRjMdIFti26gJd8COKr+3jXNZ7HCA5VvQVyAo=,tag:LHqYi590oEIp1IihLcFTtw==,type:str] nextcloud-admin-password: ENC[AES256_GCM,data:QaoSZyommeGED3nWNru92UVO2tjk24HE9fWX7ExYT101o4ZL411TmV1TXHSyfwjmE7yLIm1K/j4xpEbIY3zvFg==,iv:xC5EZVPHumVPOob5jiiXMFAmdFQcFSUPtZgioAgGDDs=,tag:Q/kY38XWkGsqcmCkd2lodg==,type:str] +jland.env: ENC[AES256_GCM,data:4gZX4M5SASJNp/EIrUBP2vNyEOogA9N7X3Th7UuOP9M7zuMG/K83a9epoLCXIoWbGZuRtSIXB8+nfAj1Cd0rxBGnoB+cH7Qdq4h+EbH8MzkUm90fUtNyMepa+026qPSzJaHpNAmvLqsoRA3/jhNYLUcxYJ0=,iv:1FqO7GDwr4d0gKFPstdnEAnq9KyFkbHQs6CrA2FhDYI=,tag:SrkrAtm9No0f93Ob81hVqw==,type:str] api.lyte.dev: ENC[AES256_GCM,data:14C5GQ41m/g7qHPzxlYoWjKWDOcm7MEDkuSofiuLfRNc/nji61t1eDbKX3d+SQL1UBchJFoBrWrUxnf0mUERhED1196z8vUq2jKEkcqKCAUS3soECInlb8zcxTcxaTFjYSjp1vUBdAn05AqLsF+hh9Bsm4fMQYjnHEZke9EmPZhuTlUdZa4eLv3+L3xAPHk2QIHQhdsjcTjGAZRMZOgTEcCvtGlb5pQuo11XmR2JzwzOXMC51WFDeOIWMAdO80yQBAdILso7rp1Nts/lwF0Bc9t7bNdHyoVTOA==,iv:jWGqUpXOTb/O972qXOqeX0EMFQLDKwaNHBqlpuGrZOk=,tag:uwB/jlAgESkLZ+vJ/OeV0A==,type:str] sops: kms: [] @@ -37,8 +38,8 @@ sops: b0lTRjVCMU9ELzdvbFBJZ0tHbGtsYkEKLEcXCEikC3T3hfVOYKtWcNSGmfg28y+f nGC4dQh9EciEbk1ZBbN3i6YSNULDoMSH172KBmRyt1ogr1ZPyCNqtg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-10-20T19:05:45Z" - mac: ENC[AES256_GCM,data:0liRgiLMiy/ISeHzL/rHjchgTDzjVjn1bzSyw7B4EmDu2YYsOhmRNmzbUH4f8I9vDwEkMyJx6VLBfrrnulpmPAlBqWxgYsqrS1eAMNWNeYGMAzZMgBChZbvMXj7cWJr0rNgU+Cnt+7/GXEXKUx1IQPSF9faVYKjBUWG8IuJ22XI=,iv:GoPu7xhQrXksUhE1NH32xFd3ykiBYlZp7RMUmXyDDck=,tag:uRLcc+2sg30SZTLXtIOTWQ==,type:str] + lastmodified: "2023-11-02T18:06:19Z" + mac: ENC[AES256_GCM,data:ewguEKlMJYJI41Ng80dFMNPKn8Lluu81LeSffK1ZUXmH21DJq0vVT/yHG9NAKb2WwWUzVEUMy8k3FLvtsrnxTUpnnFx1bl3PVvySnFiKowJV9TTqEFsJU3FriwuAAdDlfPV88O2vffn/ZGB4hjp7Xfo0E3AhQnMLXuWx9fY3xCw=,iv:UiGYOOIImoSf9eQw92TeI+ofhrvu9w1QMlGeh5g5Cpw=,tag:uC/f20UrH5W1NHt3YzBl2g==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1