From 1053dc93d2206e9a07bac9ecf6d6571d21bfc5e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 01:59:35 +0000 Subject: [PATCH 1/5] flake.nix: Build the VM using `nix build` --- flake.nix | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/flake.nix b/flake.nix index 7a5daf9..2ad37de 100644 --- a/flake.nix +++ b/flake.nix @@ -73,15 +73,14 @@ ################### packages.${system} = let inherit (nixpkgs.legacyPackages.${system}) writeShellScript; + vm = self.lib.makeNixosSystem { + inherit system; + extraModules = [(import ./configuration/hardware-specific/vm.nix)]; + }; in { - default = self.packages.${system}.run-vm; + default = vm.config.system.build.vm; run-vm = let - vm = self.lib.makeNixosSystem { - inherit system; - extraModules = [(import ./configuration/hardware-specific/vm.nix)]; - }; - qemuNetOpts = self.lib.makeQemuNetOpts { "2222" = "2222"; "3080" = "80"; @@ -105,9 +104,7 @@ ''; }; - apps.${system} = let - inherit (nixpkgs.legacyPackages.${system}) writeShellScript; - in { + apps.${system} = { default = { type = "app"; program = builtins.toString self.packages.${system}.run-vm; From 4905a492aff33630c4074b3c5324a8590be524f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 01:59:54 +0000 Subject: [PATCH 2/5] gitea: Update configuration for 22.11 --- configuration/services/gitea.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/configuration/services/gitea.nix b/configuration/services/gitea.nix index f346097..1d3308a 100644 --- a/configuration/services/gitea.nix +++ b/configuration/services/gitea.nix @@ -8,12 +8,15 @@ in { httpAddress = "127.0.0.1"; database.type = "postgres"; - ssh.clonePort = 2222; rootUrl = "https://${domain}/"; - cookieSecure = true; appName = "Gitea: Git with a cup of tea"; - disableRegistration = true; + + settings = { + server.SSH_PORT = 2222; + service.DISABLE_REGISTRATION = true; + session.COOKIE_SECURE = true; + }; }; # Set up SSL From 64444a106d6ddc2399bb4afc5ea0d170f070c1fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 02:00:13 +0000 Subject: [PATCH 3/5] firewall: Open Minecraft ports for port forwarding --- configuration/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/configuration/default.nix b/configuration/default.nix index 34a7868..b84937e 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -63,6 +63,8 @@ 8448 # starbound 21025 + # Minecraft + 25565 config.services.coturn.listening-port config.services.coturn.tls-listening-port @@ -71,6 +73,9 @@ ]; allowedUDPPorts = [ + # More minecraft + 25565 + config.services.coturn.listening-port config.services.coturn.tls-listening-port config.services.coturn.alt-listening-port From c355b1746e39d4c5e291fa833b390ba71e1e9e06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 02:00:33 +0000 Subject: [PATCH 4/5] config: Make changes suggested post 22.11 update --- configuration/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configuration/default.nix b/configuration/default.nix index b84937e..d090cef 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -35,11 +35,11 @@ ''; # Enable remote builds from tlater - trustedUsers = ["@wheel"]; + settings.trusted-users = ["@wheel"]; }; nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steamcmd"]; + builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steam-run" "steamcmd"]; # Optimization for minecraft servers, see: # https://bugs.mojang.com/browse/MC-183518 From 7230de5aa9963f6df25c98e32ff1f6d0e917ae92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 02:09:58 +0000 Subject: [PATCH 5/5] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:nixos/nixpkgs/a9eedea7232f5d00f0aca7267efb69a54da1b8a1' (2023-01-03) → 'github:nixos/nixpkgs/0874168639713f547c05947c76124f78441ea46c' (2023-01-01) • Updated input 'nvfetcher': 'github:berberman/nvfetcher/294826951113dcd3aa9abbcacfb1aa5b95a19116' (2022-11-05) → 'github:berberman/nvfetcher/0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9' (2023-01-06) • Updated input 'nvfetcher/flake-compat': 'github:edolstra/flake-compat/b4a34015c698c7793d592d66adbab377907a2be8' (2022-04-19) → 'github:edolstra/flake-compat/009399224d5e398d03b22badca40a37ac85412a1' (2022-11-17) • Updated input 'nvfetcher/flake-utils': 'github:numtide/flake-utils/6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817' (2022-10-29) → 'github:numtide/flake-utils/5aed5285a952e0b949eb3ba02c12fa4fcfef535f' (2022-11-02) • Updated input 'sops-nix': 'github:Mic92/sops-nix/b35586cc5abacd4eba9ead138b53e2a60920f781' (2023-01-01) → 'github:Mic92/sops-nix/2253120d2a6147e57bafb5c689e086221df8032f' (2023-01-08) • Updated input 'sops-nix/nixpkgs-stable': 'github:NixOS/nixpkgs/feda52be1d59f13b9aa02f064b4f14784b9a06c8' (2022-12-31) → 'github:NixOS/nixpkgs/9f11a2df77cb945c115ae2a65f53f38121597d73' (2023-01-07) --- flake.lock | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index 5d8372c..95aace1 100644 --- a/flake.lock +++ b/flake.lock @@ -188,11 +188,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -221,11 +221,11 @@ }, "flake-utils": { "locked": { - "lastModified": 1667077288, - "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -364,11 +364,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1672500394, - "narHash": "sha256-yzwBzCoeRBoRzm7ySHhm72kBG0QjgFalLz2FY48iLI4=", + "lastModified": 1673100377, + "narHash": "sha256-mT76pTd0YFxT6CwtPhDgHJhuIgLY+ZLSMiQpBufwMG4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "feda52be1d59f13b9aa02f064b4f14784b9a06c8", + "rev": "9f11a2df77cb945c115ae2a65f53f38121597d73", "type": "github" }, "original": { @@ -380,16 +380,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1672781980, - "narHash": "sha256-L+yqt2szcp+BFiWoMJCisDsNA5OrpYVW1QSbbS5U8RU=", + "lastModified": 1672580127, + "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a9eedea7232f5d00f0aca7267efb69a54da1b8a1", + "rev": "0874168639713f547c05947c76124f78441ea46c", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-22.11", + "ref": "nixos-22.05", "repo": "nixpkgs", "type": "github" } @@ -418,11 +418,11 @@ ] }, "locked": { - "lastModified": 1667620329, - "narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=", + "lastModified": 1672979485, + "narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=", "owner": "berberman", "repo": "nvfetcher", - "rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116", + "rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9", "type": "github" }, "original": { @@ -526,11 +526,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1672543202, - "narHash": "sha256-nlCUtcIZxaBqUBG1GyaXhZmfyG5WK4e6LqypP8llX9E=", + "lastModified": 1673147300, + "narHash": "sha256-gR9OEfTzWfL6vG0qkbn1TlBAOlg4LuW8xK/u0V41Ihc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "b35586cc5abacd4eba9ead138b53e2a60920f781", + "rev": "2253120d2a6147e57bafb5c689e086221df8032f", "type": "github" }, "original": {