diff --git a/configuration/default.nix b/configuration/default.nix index 239f9f6..f874733 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -22,6 +22,7 @@ ./services/foundryvtt.nix ./services/gitea.nix ./services/metrics + ./services/minecraft.nix ./services/nextcloud.nix ./services/webserver.nix ./services/wireguard.nix @@ -70,8 +71,6 @@ 8448 # starbound 21025 - # Minecraft - 25565 config.services.coturn.listening-port config.services.coturn.tls-listening-port @@ -80,9 +79,6 @@ ]; allowedUDPPorts = [ - # More minecraft - 25565 - config.services.coturn.listening-port config.services.coturn.tls-listening-port config.services.coturn.alt-listening-port diff --git a/configuration/services/conduit/default.nix b/configuration/services/conduit/default.nix index 5a2b8ac..94d401a 100644 --- a/configuration/services/conduit/default.nix +++ b/configuration/services/conduit/default.nix @@ -20,7 +20,7 @@ in services.matrix-conduit = { enable = true; - package = flake-inputs.conduwuit.packages.${pkgs.system}.default; + package = flake-inputs.continuwuity.packages.${pkgs.system}.default; settings.global = { address = "127.0.0.1"; server_name = domain; diff --git a/configuration/services/metrics/exporters.nix b/configuration/services/metrics/exporters.nix index 78ba684..80a3480 100644 --- a/configuration/services/metrics/exporters.nix +++ b/configuration/services/metrics/exporters.nix @@ -97,4 +97,6 @@ in # - postgres (?) # - ssl_exporter (?) }; + + services.dbus.implementation = "broker"; } diff --git a/configuration/services/minecraft.nix b/configuration/services/minecraft.nix new file mode 100644 index 0000000..0477f44 --- /dev/null +++ b/configuration/services/minecraft.nix @@ -0,0 +1,83 @@ +{ + pkgs, + lib, + config, + ... +}: +{ + services.minecraft-server = { + enable = true; + eula = true; + # jvmOpts are set using a file for forge + # jvmOpts = "-Xmx8G -Xms8G"; + openFirewall = true; + + declarative = true; + + whitelist = { + tlater = "140d177a-966f-41b8-a4c0-e305babd291b"; + romino25 = "59cd1648-14a4-4bcf-8f5a-2e1bde678f2c"; + lasi25 = "0ab6e3d1-544a-47e7-8538-2e6c248e49a4"; + }; + + serverProperties = { + allow-flight = true; + difficulty = "hard"; + motd = "tlater.net"; + spawn-protection = 1; + white-list = true; + enable-query = true; + enable-status = true; + + # Allows the server to write chunks without hogging the main + # thread... + sync-chunk-writes = false; + # Disables chat reporting, because we don't need any of that + # drama on a lil' friends-only server. + enforce-secure-profile = false; + }; + + package = pkgs.writeShellApplication { + name = "minecraft-server"; + runtimeInputs = with pkgs; [ jdk17_headless ]; + + text = '' + exec /var/lib/minecraft/run.sh $@ + ''; + }; + }; + + systemd.services.minecraft-server = { + path = with pkgs; [ jdk17_headless ]; + + # Since we read from our own HTTP server, we need to wait for it + # to be up + after = [ "nginx.service" ]; + + serviceConfig = { + # Use packwiz to install mods + ExecStartPre = [ + "${pkgs.jdk17_headless}/bin/java -jar ${config.services.minecraft-server.dataDir}/packwiz-installer-bootstrap.jar -g -s server 'https://minecraft.${config.services.nginx.domain}/cobblemon-pack/pack.toml'" + ]; + # Forge requires some bonus JVM options, which they include in a + # little `run.sh` script + ExecStart = lib.mkForce "${config.services.minecraft-server.dataDir}/run.sh --nogui"; + }; + }; + + systemd.tmpfiles.settings."10-minecraft" = { + "/srv/minecraft".d = { + user = "nginx"; + group = "minecraft"; + mode = "0775"; + }; + }; + + services.nginx.virtualHosts."minecraft.${config.services.nginx.domain}" = { + forceSSL = true; + useACMEHost = "tlater.net"; + enableHSTS = true; + + root = "/srv/minecraft"; + }; +} diff --git a/flake.lock b/flake.lock index 83911d7..c17c613 100644 --- a/flake.lock +++ b/flake.lock @@ -49,17 +49,17 @@ "cachix_2": { "inputs": { "devenv": [ - "conduwuit", + "continuwuity", "cachix", "devenv" ], "flake-compat": [ - "conduwuit", + "continuwuity", "cachix", "devenv" ], "git-hooks": [ - "conduwuit", + "continuwuity", "cachix", "devenv" ], @@ -199,7 +199,7 @@ "type": "github" } }, - "conduwuit": { + "continuwuity": { "inputs": { "attic": "attic", "cachix": "cachix", @@ -216,23 +216,24 @@ "rocksdb": "rocksdb" }, "locked": { - "lastModified": 1743735594, - "narHash": "sha256-aaP8OjY4fkpxk2JdSggx9S3Rk+P+VhuivT6aRpLxoj0=", - "owner": "girlbossceo", - "repo": "conduwuit", - "rev": "00f7745ec4ebcea5f892376c5de5db1299f71696", - "type": "github" + "lastModified": 1745186840, + "narHash": "sha256-Oq2scBu3Ewao828BT1QGffqIqF5WoH9HMXEXKg1YU0o=", + "ref": "refs/tags/v0.5.0-rc.5", + "rev": "0a0f327ae034f5c44b12a3154cc1143aff10291c", + "revCount": 5147, + "type": "git", + "url": "https://forgejo.ellis.link/continuwuation/continuwuity.git" }, "original": { - "owner": "girlbossceo", - "repo": "conduwuit", - "type": "github" + "ref": "refs/tags/v0.5.0-rc.5", + "type": "git", + "url": "https://forgejo.ellis.link/continuwuation/continuwuity.git" } }, "crane": { "inputs": { "nixpkgs": [ - "conduwuit", + "continuwuity", "attic", "nixpkgs" ] @@ -390,18 +391,18 @@ "inputs": { "cachix": "cachix_2", "flake-compat": [ - "conduwuit", + "continuwuity", "cachix", "flake-compat" ], "git-hooks": [ - "conduwuit", + "continuwuity", "cachix", "git-hooks" ], "nix": "nix", "nixpkgs": [ - "conduwuit", + "continuwuity", "cachix", "nixpkgs" ] @@ -499,11 +500,11 @@ ] }, "locked": { - "lastModified": 1743598667, - "narHash": "sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY=", + "lastModified": 1747274630, + "narHash": "sha256-87RJwXbfOHyzTB9LYagAQ6vOZhszCvd8Gvudu+gf3qo=", "owner": "nix-community", "repo": "disko", - "rev": "329d3d7e8bc63dd30c39e14e6076db590a6eabe6", + "rev": "ec7c109a4f794fce09aad87239eab7f66540b888", "type": "github" }, "original": { @@ -535,7 +536,7 @@ "fenix": { "inputs": { "nixpkgs": [ - "conduwuit", + "continuwuity", "nixpkgs" ], "rust-analyzer-src": "rust-analyzer-src" @@ -703,7 +704,7 @@ "flake-parts": { "inputs": { "nixpkgs-lib": [ - "conduwuit", + "continuwuity", "attic", "nixpkgs" ] @@ -725,7 +726,7 @@ "flake-parts_2": { "inputs": { "nixpkgs-lib": [ - "conduwuit", + "continuwuity", "cachix", "devenv", "nix", @@ -931,11 +932,11 @@ ] }, "locked": { - "lastModified": 1739712626, - "narHash": "sha256-u3m+awbdL+0BKk8IWidsWMr+R0ian3GZMUlH7623kd8=", + "lastModified": 1746877938, + "narHash": "sha256-N9J96pSPg4vbozV+ZZ++dwLnMIf2Le6ONNMO0kZCj1M=", "owner": "reckenrode", "repo": "nix-foundryvtt", - "rev": "a7fa493ba2c623cf90e83756b62285b3b58f18d2", + "rev": "f1b401831d796dd94cf5a11b65fd169a199d4ff0", "type": "github" }, "original": { @@ -947,13 +948,13 @@ "git-hooks": { "inputs": { "flake-compat": [ - "conduwuit", + "continuwuity", "cachix", "flake-compat" ], "gitignore": "gitignore", "nixpkgs": [ - "conduwuit", + "continuwuity", "cachix", "nixpkgs" ], @@ -976,7 +977,7 @@ "gitignore": { "inputs": { "nixpkgs": [ - "conduwuit", + "continuwuity", "cachix", "git-hooks", "nixpkgs" @@ -1104,7 +1105,7 @@ "nix": { "inputs": { "flake-compat": [ - "conduwuit", + "continuwuity", "cachix", "devenv" ], @@ -1112,17 +1113,17 @@ "libgit2": "libgit2", "nixpkgs": "nixpkgs_3", "nixpkgs-23-11": [ - "conduwuit", + "continuwuity", "cachix", "devenv" ], "nixpkgs-regression": [ - "conduwuit", + "continuwuity", "cachix", "devenv" ], "pre-commit-hooks": [ - "conduwuit", + "continuwuity", "cachix", "devenv" ] @@ -1161,7 +1162,7 @@ "nix-github-actions": { "inputs": { "nixpkgs": [ - "conduwuit", + "continuwuity", "attic", "nixpkgs" ] @@ -1278,11 +1279,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1743732435, - "narHash": "sha256-RrWgOj3F1N6kDG0xatvZzP0p1Zq00yhcTMlaj4bWi5E=", + "lastModified": 1747413287, + "narHash": "sha256-hOnqJr0tZBERWa29JWf9B3/8qr82mlt/UlKPvS7iYzA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a462b946265ed006720d02153882780b12a8376d", + "rev": "b965e4c283060415956ccd39eee4ca34a6a56cf8", "type": "github" }, "original": { @@ -1400,11 +1401,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1743703532, - "narHash": "sha256-s1KLDALEeqy+ttrvqV3jx9mBZEvmthQErTVOAzbjHZs=", + "lastModified": 1747418223, + "narHash": "sha256-DkCYFm09AR2+FPKcT7lD8iIMNXqTdesVvwKpCnqKiYg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bdb91860de2f719b57eef819b5617762f7120c70", + "rev": "d6c9326e40bb557ebb8c040b4375590bc06413f8", "type": "github" }, "original": { @@ -1631,7 +1632,7 @@ }, "root": { "inputs": { - "conduwuit": "conduwuit", + "continuwuity": "continuwuity", "deploy-rs": "deploy-rs", "disko": "disko", "foundryvtt": "foundryvtt", @@ -1727,11 +1728,11 @@ ] }, "locked": { - "lastModified": 1743756170, - "narHash": "sha256-2b11EYa08oqDmF3zEBLkG1AoNn9rB1k39ew/T/mSvbU=", + "lastModified": 1746485181, + "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "cff8437c5fe8c68fc3a840a21bf1f4dc801da40d", + "rev": "e93ee1d900ad264d65e9701a5c6f895683433386", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 4f17def..bdb60ed 100644 --- a/flake.nix +++ b/flake.nix @@ -4,8 +4,8 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11-small"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small"; - conduwuit = { - url = "github:girlbossceo/conduwuit"; + continuwuity = { + url = "git+https://forgejo.ellis.link/continuwuation/continuwuity.git?ref=refs/tags/v0.5.0-rc.5"; inputs.nixpkgs.follows = "nixpkgs"; }; disko = { diff --git a/pkgs/crowdsec/_sources/generated.json b/pkgs/crowdsec/_sources/generated.json index 97c4e87..f3c8f01 100644 --- a/pkgs/crowdsec/_sources/generated.json +++ b/pkgs/crowdsec/_sources/generated.json @@ -21,7 +21,7 @@ }, "crowdsec-hub": { "cargoLocks": null, - "date": "2025-04-04", + "date": "2025-05-17", "extract": null, "name": "crowdsec-hub", "passthru": null, @@ -33,10 +33,10 @@ "name": null, "owner": "crowdsecurity", "repo": "hub", - "rev": "eebc5f71379ea8f4de4a26f6695e0340444c719c", - "sha256": "sha256-/jhsqumekdOHDbHjBP8KvAICsSNhCg5ejMT3jSRiROo=", + "rev": "850614b9fcd4298f559b422c5ac685a69aa2e5ff", + "sha256": "sha256-96MMwFN5KongQA3YJVSuk7Kanbr1gR94CCyiflmez2k=", "type": "github" }, - "version": "eebc5f71379ea8f4de4a26f6695e0340444c719c" + "version": "850614b9fcd4298f559b422c5ac685a69aa2e5ff" } } \ No newline at end of file diff --git a/pkgs/crowdsec/_sources/generated.nix b/pkgs/crowdsec/_sources/generated.nix index aca88b2..19a7f5a 100644 --- a/pkgs/crowdsec/_sources/generated.nix +++ b/pkgs/crowdsec/_sources/generated.nix @@ -14,14 +14,14 @@ }; crowdsec-hub = { pname = "crowdsec-hub"; - version = "eebc5f71379ea8f4de4a26f6695e0340444c719c"; + version = "850614b9fcd4298f559b422c5ac685a69aa2e5ff"; src = fetchFromGitHub { owner = "crowdsecurity"; repo = "hub"; - rev = "eebc5f71379ea8f4de4a26f6695e0340444c719c"; + rev = "850614b9fcd4298f559b422c5ac685a69aa2e5ff"; fetchSubmodules = false; - sha256 = "sha256-/jhsqumekdOHDbHjBP8KvAICsSNhCg5ejMT3jSRiROo="; + sha256 = "sha256-96MMwFN5KongQA3YJVSuk7Kanbr1gR94CCyiflmez2k="; }; - date = "2025-04-04"; + date = "2025-05-17"; }; }