Commit graph

72 commits

Author SHA1 Message Date
Tristan Daniël Maat f2916b84d8
WIP: podman: Configure auto-updates 2021-05-15 23:20:45 +01:00
Tristan Daniël Maat 2d61711e07
flake.lock: Update
Flake input changes:

* Updated 'flake-utils': 'github:numtide/flake-utils/2ebf2558e5bf978c7fb8ea927dfaed8fefab2e28' -> 'github:numtide/flake-utils/b543720b25df6ffdfcf9227afafc5b8c1fabfae8'
* Updated 'nixos-hardware': 'github:nixos/nixos-hardware/f7540d6c27704ec0fe56ecc8b2a9b663181850b0' -> 'github:nixos/nixos-hardware/c4399b921fa7ff5f93ee10b3521b56b722ed74d8'
* Updated 'nixpkgs': 'github:nixos/nixpkgs/d4e7af972158a14ebdd9c828b1c2e07e2ce7ef1c' -> 'github:nixos/nixpkgs/17d3dab8647a31a00d8a11433a56cc12d84b5ab4'
2021-05-15 20:57:59 +01:00
Tristan Daniël Maat 2ccaadd557
minecraft: Add supplementaries mod 2021-05-11 22:13:31 +01:00
Tristan Daniël Maat 9e06fcf917
gitea: Use a defined service UID
The default of 1000 mapped to my admin user, which was both a bit
concerning and a bit of an annoyance.
2021-04-28 23:18:30 +01:00
Tristan Daniël Maat 0a20fc3cd5
README: Document deployment procedure 2021-04-28 00:53:05 +01:00
Tristan Daniël Maat 939c768280
nix: Add the wheel group to trusted users to allow remote builds 2021-04-28 00:22:21 +01:00
Tristan Daniël Maat 486a68078f
flake.lock: Update
Flake input changes:

* Updated 'flake-utils': 'github:numtide/flake-utils/b2c27d1a81b0dc266270fa8aeecebbd1807fc610' -> 'github:numtide/flake-utils/2ebf2558e5bf978c7fb8ea927dfaed8fefab2e28'
* Updated 'nixos-hardware': 'github:nixos/nixos-hardware/7c00c8b5cab5dedb6519eabba7ca6d069e2dfdae' -> 'github:nixos/nixos-hardware/f7540d6c27704ec0fe56ecc8b2a9b663181850b0'
* Updated 'nixpkgs': 'github:nixos/nixpkgs/a7ff7a57c96588fd89370568b72751dd15d24e72' -> 'github:nixos/nixpkgs/d4e7af972158a14ebdd9c828b1c2e07e2ce7ef1c'
2021-04-28 00:05:23 +01:00
Tristan Daniël Maat 322ce9759d
flake: Fix remote install 2021-04-28 00:04:30 +01:00
Tristan Daniël Maat d6a7df08fb
forge-server: Fix installation dir not being writeable
Not sure how I could miss this before pushing; I presume my nix store
wasn't cleaned thoroughly and this was some odd side-effect?
2021-04-25 22:38:51 +01:00
Tristan Daniël Maat c3aea6e305
forge-server: Fix issues caused by the installer's reproducibility
This seems to mostly be due to mcpatcher patches being not quite
bit-for-bit reproducible. Oh well, at least this derivation should
work now.
2021-04-25 22:17:05 +01:00
Tristan Daniël Maat 71d783ec11
forge-server: Fix potential duplicate definition of config 2021-04-25 21:05:47 +01:00
Tristan Daniël Maat 70e5b6206e
Tweak voor-kia modpack config
In a nutshell:

- Apotheosis
  - Don't clutter the world with super tall reed
  - Don't ruin spawners - it's nice to build buildings in more
    locations
- Ice and fire
  - *Really* tone down the griefing and amount of spawns
- Iron furnaces
  - *Hopefully* disable the annoying update chat messages
- Quark
  - Disable matrix enchanting so that apotheosis works
2021-04-25 06:23:17 +01:00
Tristan Daniël Maat 7ad729f2ca
Add voor-kia modpack with default configuration 2021-04-25 06:23:15 +01:00
Tristan Daniël Maat ad110fbbea
Add voor-kia minecraft modpack 2021-04-25 06:23:10 +01:00
Tristan Daniël Maat a9e3610744
Add support for building minecraft modpacks 2021-04-25 06:23:08 +01:00
Tristan Daniël Maat b474f7e97c
Add forge minecraft service 2021-04-25 04:44:07 +01:00
Tristan Daniël Maat 1d95c40075
Boot VM in text mode 2021-04-25 02:41:38 +01:00
Tristan Daniël Maat a3b72d11bd
Set limited permissions for the webserver container 2021-04-19 02:03:18 +01:00
Tristan Daniël Maat 04c00b9877
Fix NixOS profile imports 2021-04-18 02:58:49 +01:00
Tristan Daniël Maat df76dcbf11
Rename the postgres named volumes 2021-04-17 22:14:21 +01:00
Tristan Daniël Maat 40002ac76e
Add webserver service 2021-04-12 01:58:11 +01:00
Tristan Daniël Maat 98cf95a922
Add nextcloud service 2021-04-12 01:58:09 +01:00
Tristan Daniël Maat 4689a153b9
Add gitea service 2021-04-12 01:58:07 +01:00
Tristan Daniël Maat 2df8a6892c
Implement podman pods option 2021-04-12 01:58:05 +01:00
Tristan Daniël Maat 5e87a5ec0c
Start reworking the server for nix flakes
This removes all existing services as well, in preparation of moving
them to `podman`. These are easier to update to
virtualisation.oci-containers while retaining the "networks" through
pods.
2021-04-12 01:58:03 +01:00
Tristan Daniël Maat ce1a3fc3c1
Set new nextcloud/gitea database volumes
This changed because of a migration from postgresql 12 -> 13. Future
versions should probably be named with the database version appended,
rather than "new", but for now this is how the system is set up.
2021-01-19 01:00:31 +00:00
Tristan Daniël Maat d8b479ddf7
Add access to the nextcloud network to the nextcloud cron service
This is apparently required for certain update operations, should not
have been missing originally.
2020-09-29 15:19:43 +01:00
Tristan Daniël Maat 7d15e4c60b
Add the nextcloud cron service
This is necessary for some apps to work, in this instance it is being
enabled for the news app.
2020-09-29 12:57:04 +01:00
Tristan Daniël Maat 8e9b6169b1
minecraft: Run with a non-headless java to include awt
Quark requires awt on the server side to draw some things.
2020-08-16 21:24:27 +01:00
Tristan Daniël Maat 92131a0ec0
Correctly name the server.properties file in the minecraft container
Previously this would add a checksum to the name because it would use
the name provided by nixos, which of course would make minecraft not
read the server properties file.
2020-07-27 21:23:12 +01:00
Tristan Daniël Maat af04f7433a
Specify ${pkgs.buxybox} for cp in the minecraft entrypoint
The binary was previously not included in the image, causing the
server properties to be misdefined.
2020-07-27 21:10:46 +01:00
Tristan Daniël Maat b5ea90a258
Add a volume to contain the minecraft world files 2020-07-27 20:56:17 +01:00
Tristan Daniël Maat 1d6ba77c7c
Fix nextcloud device authorization
This previously didn't work because nextcloud believed we were running
http, when in reality we were running https.

Overwrite the protocol, so that nextcloud can authorize devices.
2020-07-27 18:11:30 +01:00
Tristan Daniël Maat c434f513cd
Use a full entrypoint instead of a runAsRoot script for minecraft
This needs to be done because the server does not support qemu, and
NixOS requires qemu to use the runAsRoot feature for docker images.

Instead, create the required files as part of the entrypoint.

Fixes #6
2020-07-27 18:06:32 +01:00
Tristan Daniël Maat 240bad3a6f
Fix broken tlaternet-templates location
I missed the .nix suffix, and due to lacking CI, I didn't catch the
error before merging.

Whoops!
2020-07-20 21:09:21 +01:00
Tristan Daniël Maat dd1335cb36
Update the templates 2020-07-20 21:03:01 +01:00
Tristan Daniël Maat a57565678a
Update the rust webserver 2020-07-20 20:57:00 +01:00
Tristan Daniël Maat da2a3c00de
Add linode hardware configuration 2020-07-20 20:33:11 +01:00
Tristan Daniël Maat 1f0c70f1c2
Add minecraft service
This is an initial configuration to restore old services.

Obviously, vendoring everything in a tarball is pretty awful, and if I
ever wanted to open source this, that would be a problem.

I intend to create a proper derivation in time, but including mods is
difficult from some initial experimentation.
2020-07-19 21:14:21 +01:00
Tristan Daniël Maat 74a19ed164
Make tlater part of the wheel group again
Trying to go sudo-less immediately was probably a bit too
ambitious. Once we have a working continuous deployment setup this may
be applied again.
2020-07-13 21:46:02 +01:00
Tristan Daniël Maat 5a5fad7c82
Set usePredictableinterfacenames
We do this to allow eth0 to be set up for dhcp automagically. Linode
recommends this, and it makes our configuration simpler.
2020-07-13 21:46:00 +01:00
Tristan Daniël Maat d59a8b8fc6
Add client_max_body_size configuration to nginx-proxy
Technically I could use a per-host configuration here and forego the
whole nextcloud nginx container, but for the time being it's simpler
to set the global upload limit to 16G as well.
2020-07-13 21:45:57 +01:00
Tristan Daniël Maat 9b5c8eea37
Use a better nginx configuration for nextcloud
This was taken from
https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf

This should be relatively well-optimized for nextcloud, much better
than what I had previously.
2020-07-13 21:45:54 +01:00
Tristan Daniël Maat 9f0e3082bc
Don't name dependsOn services docker-*.service
Apparently NixOS will handle this for us, automagically, but it isn't
quite smart enough to figure out when the user added that manually.
2020-07-13 21:45:51 +01:00
Tristan Daniël Maat cfee748967
Remove tlater from the wheel group
Currently there is no password anyway, so there's no reason to have
wheel permissions.
2020-07-13 21:45:49 +01:00
Tristan Daniël Maat 3c01b94156
Prefix docker volumes with application names
This is important so that `docker volume ls` gives useful information.
2020-07-13 21:45:47 +01:00
Tristan Daniël Maat 367579f5cd
Use Gitea over GitLab
Gitea simply offers better performance. I wasn't using all of GitLab's
features anyway, and while the missing CI is annoying, I hadn't
previously managed to set this up anyway, and it can be easily
replaced by something a bit more dedicated than GitLab's
implementation.

This should hopefully allow me to host git repositories without
compromising on memory/CPU time available to other services.
2020-07-13 21:45:44 +01:00
Tristan Daniël Maat 9010db4f75
Add website service 2020-07-12 00:01:10 +01:00
Tristan Daniël Maat 8fe36b187b
Change the hostname to "tlaternet"
Apparently nixos doesn't support "." in host names anymore.
2020-07-08 19:00:47 +01:00
Tristan Daniël Maat fe3f72d581
Remove lauren's user
No longer hosting services from this server, so it's not really
useful.
2020-02-08 22:08:44 +09:00