lytedev/nix
1
0
Fork 1
Code Issues Pull requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: lytedev:pinephone
Branches Tags
lytedev:main
lytedev:pinephone
lytedev:beefcake-revival
lytedev:wezterm
lytedev:fix-api-lyte-dev
lytedev:tear-it-up
lytedev:wip-no-special-args
lytedev:kde
lytedev:reorg
lytedev:reduce-common
lytedev:template
...
pull from: lytedev:main
Branches Tags
lytedev:main
lytedev:pinephone
lytedev:beefcake-revival
lytedev:wezterm
lytedev:fix-api-lyte-dev
lytedev:tear-it-up
lytedev:wip-no-special-args
lytedev:kde
lytedev:reorg
lytedev:reduce-common
lytedev:template

7 commits
pinephone ... main

Author SHA1 Message Date
Daniel Flanagan 5ad3a220a7 Fix soju account by updating password
Some checks failed
/ check (push) Failing after 3m20s
Details
2024-10-15 10:43:21 -05:00
Daniel Flanagan 06427b694c Building jovian
Some checks failed
/ check (push) Failing after 3m48s
Details
2024-10-15 10:10:28 -05:00
Daniel Flanagan 66c0f17e46 fix: game-password -> game_password
Some checks failed
/ check (push) Failing after 2m57s
Details
2024-10-14 09:58:40 -05:00
Daniel Flanagan c8bf3ae618 clean up since online works with lan=true
Some checks failed
/ check (push) Has been cancelled
Details
2024-10-14 09:58:00 -05:00
Daniel Flanagan 8afad6f40c Add factorio server in preparation for 2.0 release
Some checks failed
/ check (push) Has been cancelled
Details
2024-10-14 09:54:39 -05:00
Daniel Flanagan 0cfb985723 Merge remote-tracking branch 'origin/main'
Some checks failed
/ check (push) Failing after 2m59s
Details
2024-10-10 11:46:27 -05:00
Daniel Flanagan e8dd91e345 Add radio tools module
Some checks failed
/ check (push) Failing after 3m4s
Details
2024-10-09 13:44:02 -05:00
7 changed files with 177 additions and 6 deletions
Show stats Expand all files Collapse all files

45
flake.lock
View file

@ -505,6 +505,28 @@
"type": "github"
}
},
"jovian": {
"inputs": {
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1728974938,
"narHash": "sha256-pTPEx6WlM+nJVGrRUGx7Di4ljZMwE9HfvlZ6f3NzNfo=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "23170582b0658e6afd913149a58863af3a57b376",
"type": "github"
},
"original": {
"owner": "Jovian-Experiments",
"ref": "development",
"repo": "Jovian-NixOS",
"type": "github"
}
},
"libpng": {
"flake": false,
"locked": {
@ -538,6 +560,28 @@
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"jovian",
"nixpkgs"
]
},
"locked": {
"lastModified": 1690328911,
"narHash": "sha256-fxtExYk+aGf2YbjeWQ8JY9/n9dwuEt+ma1eUFzF8Jeo=",
"owner": "zhaofengli",
"repo": "nix-github-actions",
"rev": "96df4a39c52f53cb7098b923224d8ce941b64747",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"ref": "matrix-name",
"repo": "nix-github-actions",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1709479366,
@ -643,6 +687,7 @@
"home-manager": "home-manager",
"home-manager-unstable": "home-manager-unstable",
"hyprland": "hyprland",
"jovian": "jovian",
"mobile-nixos": "mobile-nixos",
"nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable",

35
flake.nix
View file

@ -31,6 +31,9 @@
slippi.inputs.nixpkgs.follows = "nixpkgs-unstable";
slippi.inputs.home-manager.follows = "home-manager-unstable";
jovian.url = "github:Jovian-Experiments/Jovian-NixOS/development";
jovian.inputs.nixpkgs.follows = "nixpkgs-unstable";
# nnf.url = "github:thelegy/nixos-nftables-firewall?rev=71fc2b79358d0dbacde83c806a0f008ece567b7b";
mobile-nixos = {
@ -71,6 +74,7 @@
home-manager-unstable,
helix,
hardware,
jovian,
mobile-nixos,
# nnf,
# hyprland,
@ -391,6 +395,37 @@
];
};
steamdeck1 = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-unstable-defaults
outputs.diskoConfigurations.standard
hardware.nixosModules.common-pc-ssd
common
gaming
graphical-workstation
plasma6
jovian.outputs.nixosModules.jovian
{
networking.hostName = "steamdeck1";
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
hardware.bluetooth.enable = true;
networking.networkmanager.enable = true;
home-manager.users.daniel = {
imports = with homeManagerModules; [
firefox-no-tabs
linux-desktop-environment-config
];
};
}
];
};
foxtrot = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [

13
modules/nixos/default.nix
View file

@ -352,7 +352,7 @@
};
cross-compiler = {config, ...}: {
boot.binfmt.emulatedSystems = ["aarch64-linux"];
boot.binfmt.emulatedSystems = ["aarch64-linux" "i686-linux"];
};
default-nix-configuration-and-overlays = {
@ -377,7 +377,7 @@
trusted-users = ["root" "daniel"];
experimental-features = lib.mkDefault ["nix-command" "flakes"];
extra-platforms = ["aarch64-linux"];
extra-platforms = ["i686-linux" "aarch64-linux"];
substituters = [
# TODO: dedupe with flake's config? is that even necessary?
@ -598,6 +598,7 @@
printing
music-consumption
video-tools
radio-tools
];
xdg.portal.enable = true;
@ -637,6 +638,14 @@
# gnome = {};
# intel = {};
radio-tools = {pkgs, ...}: {
environment = {
systemPackages = with pkgs; [
chirp
];
};
};
kde-connect = {
programs.kdeconnect.enable = true;

25
nixos/beefcake.nix
View file

@ -220,8 +220,6 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
networking.firewall.allowedUDPPorts = lib.mkIf config.services.headscale.enable [3478];
}
{
# TODO: I think I need to setup my account? wondering if this can be done in nix as well
services.restic.commonPaths = ["/var/lib/soju" "/var/lib/private/soju"];
services.soju = {
enable = true;
@ -1804,6 +1802,29 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
extraConfig = ''reverse_proxy :5006'';
};
}
{
services.factorio = {
enable = true;
package = pkgs.factorio-headless.override {
versionsJson = ./factorio-versions.json;
};
admins = ["lytedev"];
autosave-interval = 5;
game-name = "Flanwheel Online";
description = "Space Age 2.0";
openFirewall = true;
lan = true;
# public = true; # NOTE: cannot be true if requireUserVerification is false
port = 34197;
requireUserVerification = false; # critical for DRM-free users
# contains the game password and account password for "public" servers
extraSettingsFile = config.sops.secrets.factorio-server-settings.path;
};
sops.secrets = {
factorio-server-settings = {mode = "0777";};
};
}
];
/*

58
nixos/factorio-versions.json Normal file
View file

@ -0,0 +1,58 @@
{
"x86_64-linux": {
"alpha": {
"experimental": {
"name": "factorio_alpha_x64-1.1.110.tar.xz",
"needsAuth": true,
"sha256": "0ndhb94lh47n09a7wshm2inv52fd6rjfa7fk7nk9b7zzh84i7f4x",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.110/alpha/linux64",
"version": "1.1.110"
},
"stable": {
"name": "factorio_alpha_x64-1.1.110.tar.xz",
"needsAuth": true,
"sha256": "0ndhb94lh47n09a7wshm2inv52fd6rjfa7fk7nk9b7zzh84i7f4x",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.110/alpha/linux64",
"version": "1.1.110"
}
},
"demo": {
"experimental": {
"name": "factorio_demo_x64-1.1.110.tar.xz",
"needsAuth": false,
"sha256": "0dasxgrybl00vrabgrlarsvg0hdg5rvn3y4hsljhqc4zpbf93nxx",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.110/demo/linux64",
"version": "1.1.110"
},
"stable": {
"name": "factorio_demo_x64-1.1.110.tar.xz",
"needsAuth": false,
"sha256": "0dasxgrybl00vrabgrlarsvg0hdg5rvn3y4hsljhqc4zpbf93nxx",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.110/demo/linux64",
"version": "1.1.110"
}
},
"headless": {
"experimental": {
"name": "factorio_headless_x64-1.1.110.tar.xz",
"needsAuth": false,
"sha256": "0sk4g9y051xjhiwdhj1yz808308zwsbpq3nps1ywvpp56vdycps8",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.110/headless/linux64",
"version": "1.1.110"
},
"stable": {
"name": "factorio_headless_x64-1.1.110.tar.xz",
"needsAuth": false,
"sha256": "0sk4g9y051xjhiwdhj1yz808308zwsbpq3nps1ywvpp56vdycps8",
"tarDirectory": "x64",
"url": "https://factorio.com/get-download/1.1.110/headless/linux64",
"version": "1.1.110"
}
}
}
}

2
nixos/router.nix
View file

@ -214,6 +214,7 @@ in {
udp dport { 80, 443 } accept comment "Allow QUIC to server (see nat prerouting)"
tcp dport { 22 } accept comment "Allow SSH to server (see nat prerouting)"
tcp dport { 25565 } accept comment "Allow Minecraft server connections (see nat prerouting)"
udp dport { 34197 } accept comment "Allow Factorio server connections (see nat prerouting)"
iifname "${lan}" accept comment "Allow local network to access the router"
iifname "tailscale0" accept comment "Allow local network to access the router"
@ -256,6 +257,7 @@ in {
iifname ${wan} tcp dport {26966} dnat to ${hosts.beefcake.ip}
iifname ${wan} tcp dport {25565} dnat to ${hosts.bald.ip}
iifname ${wan} udp dport {25565} dnat to ${hosts.bald.ip}
iifname ${wan} udp dport {34197} dnat to ${hosts.beefcake.ip}
}
chain postrouting {

5
secrets/beefcake/secrets.yml
View file

@ -27,6 +27,7 @@ restic-rascal-passphrase: ENC[AES256_GCM,data:yonKbBh4riGwxc/qcj8F/qrgAtA1sWhYej
restic-rascal-ssh-private-key: ENC[AES256_GCM,data:ddsOs0XsayyQI9qc6LzwQpdDnfwNpbj8PbBJ5fyuqtlVNYndeLxaYcbZI2ULSUhgR1tN0FS+ggGTHQhVvjwksNvpskUGHNKkSLKH3D/mn5N9tsoeAblN4gZsloZdqXBVzEehumcQMdhh6iy6NkNbuinKrVKDhLV25PrFKuSBEYw9VHU7HAMW5Tfop3RzBXjZWETCDAR2OQa7d1dXsJ0Kw6b9RFmRe5MGQ0J7YhjdTg26JGMMVSeHvr5UbiUJkGA5RvOLEDM2Dfai7Lf8yRPZVxUl+rdRsNvNYEoYGu5rGLUFcuqIbQ+s40dP2uXwWauwkIvHUjEahkbP0httj4Kg3qIJBRPg7OuS+MOwAnLEAs3hl5zeBV396yA9qjWW8nhnbml58/uFFbfXbJWTM3r8cMpFbHKD+Ojo/99fm5Vy3pAMzNzEsHOaT+iyDYyNkV5OH1GyKK9n7kIRLdqmWe7GmaKXlwVvNUPi3RvLX9VXq83a4BuupFyTmaNfPGMs/17830aleV674+QVgKh3VyFtuJy6KBpMXDv16wFo,iv:S2I3h6pmKLxEc29E0zn2b8lscqA//5/ZMTV9q+/tdvs=,tag:ALeCT+nrVPDfS21xC555sA==,type:str]
restic-ssh-priv-key-benland: ENC[AES256_GCM,data:G+uiYZTvqXhpJb66j6Q6S+otlXeRX0CdYeMHzSMjIbvbI0AVm0yCU7COO5/O8i47NpvrKKS1kVxVEK8ixLRUowkl3hgRXhxsBIPFnpkMD0ENmJttm4HOpi0qIWMwzPYTjkz/slY4HcTFnCfYy1ZpURQdWwZsr1EdAA05bUMTtM22R3uOMzjO8uf72PCWX7yffo8MxsLmWvNVAOhVlrb2H5KQNR/IquFK3TFoZitq5nVDG9tcEFkX+lgA3zsmCHU/2DvvodgeRoltaAFvgjVznNGf4e5p8owHUtSzX52HwGZRiUlMuhpre2gm1r73n8AyZe41II+LX/85fMfZDdyayIGv3AAMBib8H0/AoChexRcdLQEmzOgRrXsgucDJrWSWP6WMBVyamUm79m5ep0fvL1lJftuJqN0uuq9dBrispdso4x+6jk/pDf5pEM/FE6s1rY832BEb7q0PnjyvVogOez+cIihmMpDdnS0A/8TFzg29i3C+93x5vrt3k7atNzR/jN+/GqX2FKLzxWrrIw2d,iv:IP+N8JQu+XRvwTtBnxu54ujzU5UliltXG3mk9HfJaN8=,tag:4oinE9QMaSh8IfUd/ttM3Q==,type:str]
paperless-superuser-password: ENC[AES256_GCM,data:lypWK73mOYI2hyQAW/4T3cDiVtsts3kKb7LZb9ES3n97Kn5l,iv:jBHUBFbb4GqQ3gnK0h5VCaGj3/kd3/eGa1QFiE7+B9I=,tag:UoQar+x1xVnCV2k+9hYjWA==,type:str]
factorio-server-settings: ENC[AES256_GCM,data:ItK+/eONdAqNAiQxCrCipUmTdIKt274qwVyNnSdOdxxd67XGozs/xr/cCYwwDiUyKQ7mD8oBLL6EVaHbXpObLwGe0Nsnz5jE9GtI0k5184/jsQ==,iv:Qre+BKhdqNDNuOz0PGZJJpTmQxJdNoTbd5FxRy0lrVs=,tag:G4dFdVclUdagyA84Yh653w==,type:str]
sops:
kms: []
gcp_kms: []
@ -51,8 +52,8 @@ sops:
bGpacHFRSkJYUUMwOEh4cVBXZ1NESmsKa5EhZ7148ojCqZldukLcPLr93HqnpNgq
rMI0Nyz4Z4lkTVMRpA94zyNTkNwJ02/CYcKi8EJi6jGZnNPUTcnTwg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-09-13T05:09:18Z"
mac: ENC[AES256_GCM,data:rS12xfQ6FQwVa19rdfk6i1DThUOfsrw+IdKGYOMrX8a7sOKPkNxyxyZASfaKopg3BaM8qmoOFUW4B9VWwTh4d+MhruH3DhJO3UuZpOtDv7H8JFmzqg8rlYx0nm+8/+dB0zjgK7m2FP8wn0jfXraaaQ7/HobgLgGtl+NAsXQkrwQ=,iv:+JO3Yq6Kp2CHu20dSRDOJf0ivq5ASHYrKvlCgg1vGxQ=,tag:y6nIISSZFQwRoFNvqaQWbg==,type:str]
lastmodified: "2024-10-14T14:58:39Z"
mac: ENC[AES256_GCM,data:cNVTWA2S9SMEqoDz7jHuN/9hO20kDyoR03vKw8D72VJiqDEVvAkYeRu6KmGI7DWcfV/2OIrwVjyt+zry92ksYPmF1Xx8s4hu6Z0ooi7mvNrtSMnOLJ68mfpERbdBBcnvX5YivS50mbPhif/kvb5IgUxIQvo2NGFC9Sj7ZnXLa+U=,iv:kKkHVNJ0JE4CRvQdLAfFHKeL4h3o7Z6HJ57HzsqKTJY=,tag:k9K7NS2TZ0uk9u0yd9IAOg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0