diff --git a/configuration/default.nix b/configuration/default.nix
index e6a2523..333488b 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -23,7 +23,6 @@
./services/foundryvtt.nix
./services/gitea.nix
./services/metrics
- ./services/minecraft.nix
./services/nextcloud.nix
./services/webserver.nix
./services/wireguard.nix
@@ -74,6 +73,8 @@
8448
# starbound
21025
+ # Minecraft
+ 25565
config.services.coturn.listening-port
config.services.coturn.tls-listening-port
@@ -82,6 +83,9 @@
];
allowedUDPPorts = [
+ # More minecraft
+ 25565
+
config.services.coturn.listening-port
config.services.coturn.tls-listening-port
config.services.coturn.alt-listening-port
diff --git a/configuration/nginx.nix b/configuration/nginx.nix
index 7d4a0fc..b38118b 100644
--- a/configuration/nginx.nix
+++ b/configuration/nginx.nix
@@ -43,26 +43,15 @@
) config.services.nginx.virtualHosts;
security.acme = {
- defaults = {
- email = "tm@tlater.net";
- group = "nginx";
- };
+ defaults.email = "tm@tlater.net";
acceptTerms = true;
certs."tlater.net" = {
extraDomainNames = [ "*.tlater.net" ];
dnsProvider = "hetzner";
+ group = "nginx";
credentialFiles."HETZNER_API_KEY_FILE" = config.sops.secrets."hetzner-api".path;
};
-
- certs."tlater.com" = {
- extraDomainNames = [ "*.tlater.com" ];
- dnsProvider = "porkbun";
- credentialFiles = {
- "PORKBUN_API_KEY_FILE" = config.sops.secrets."porkbun/api".path;
- "PORKBUN_SECRET_API_KEY_FILE" = config.sops.secrets."porkbun/secret-api".path;
- };
- };
};
services.backups.acme = {
diff --git a/configuration/services/minecraft.nix b/configuration/services/minecraft.nix
deleted file mode 100644
index 0477f44..0000000
--- a/configuration/services/minecraft.nix
+++ /dev/null
@@ -1,83 +0,0 @@
-{
- pkgs,
- lib,
- config,
- ...
-}:
-{
- services.minecraft-server = {
- enable = true;
- eula = true;
- # jvmOpts are set using a file for forge
- # jvmOpts = "-Xmx8G -Xms8G";
- openFirewall = true;
-
- declarative = true;
-
- whitelist = {
- tlater = "140d177a-966f-41b8-a4c0-e305babd291b";
- romino25 = "59cd1648-14a4-4bcf-8f5a-2e1bde678f2c";
- lasi25 = "0ab6e3d1-544a-47e7-8538-2e6c248e49a4";
- };
-
- serverProperties = {
- allow-flight = true;
- difficulty = "hard";
- motd = "tlater.net";
- spawn-protection = 1;
- white-list = true;
- enable-query = true;
- enable-status = true;
-
- # Allows the server to write chunks without hogging the main
- # thread...
- sync-chunk-writes = false;
- # Disables chat reporting, because we don't need any of that
- # drama on a lil' friends-only server.
- enforce-secure-profile = false;
- };
-
- package = pkgs.writeShellApplication {
- name = "minecraft-server";
- runtimeInputs = with pkgs; [ jdk17_headless ];
-
- text = ''
- exec /var/lib/minecraft/run.sh $@
- '';
- };
- };
-
- systemd.services.minecraft-server = {
- path = with pkgs; [ jdk17_headless ];
-
- # Since we read from our own HTTP server, we need to wait for it
- # to be up
- after = [ "nginx.service" ];
-
- serviceConfig = {
- # Use packwiz to install mods
- ExecStartPre = [
- "${pkgs.jdk17_headless}/bin/java -jar ${config.services.minecraft-server.dataDir}/packwiz-installer-bootstrap.jar -g -s server 'https://minecraft.${config.services.nginx.domain}/cobblemon-pack/pack.toml'"
- ];
- # Forge requires some bonus JVM options, which they include in a
- # little `run.sh` script
- ExecStart = lib.mkForce "${config.services.minecraft-server.dataDir}/run.sh --nogui";
- };
- };
-
- systemd.tmpfiles.settings."10-minecraft" = {
- "/srv/minecraft".d = {
- user = "nginx";
- group = "minecraft";
- mode = "0775";
- };
- };
-
- services.nginx.virtualHosts."minecraft.${config.services.nginx.domain}" = {
- forceSSL = true;
- useACMEHost = "tlater.net";
- enableHSTS = true;
-
- root = "/srv/minecraft";
- };
-}
diff --git a/configuration/services/nextcloud.nix b/configuration/services/nextcloud.nix
index 205d702..63c7446 100644
--- a/configuration/services/nextcloud.nix
+++ b/configuration/services/nextcloud.nix
@@ -5,7 +5,10 @@
...
}:
let
- nextcloud = pkgs.nextcloud29;
+ # Update pending on rewrite of nextcloud news, though there is an
+ # alpha to switch to if it becomes necessary:
+ # https://github.com/nextcloud/news/issues/2610
+ nextcloud = pkgs.nextcloud28;
hostName = "nextcloud.${config.services.nginx.domain}";
in
{
diff --git a/configuration/sops.nix b/configuration/sops.nix
index 16ba93a..bc21834 100644
--- a/configuration/sops.nix
+++ b/configuration/sops.nix
@@ -38,14 +38,6 @@
owner = "acme";
};
- "porkbun/api" = {
- owner = "acme";
- };
-
- "porkbun/secret-api" = {
- owner = "acme";
- };
-
# Nextcloud
"nextcloud/tlater" = {
owner = "nextcloud";
diff --git a/flake.lock b/flake.lock
index 61d58f4..78327bf 100644
--- a/flake.lock
+++ b/flake.lock
@@ -7,11 +7,11 @@
"utils": "utils"
},
"locked": {
- "lastModified": 1727447169,
- "narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=",
+ "lastModified": 1718194053,
+ "narHash": "sha256-FaGrf7qwZ99ehPJCAwgvNY5sLCqQ3GDiE/6uLhxxwSY=",
"owner": "serokell",
"repo": "deploy-rs",
- "rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76",
+ "rev": "3867348fa92bc892eba5d9ddb2d7a97b9e127a8a",
"type": "github"
},
"original": {
@@ -27,11 +27,11 @@
]
},
"locked": {
- "lastModified": 1729712798,
- "narHash": "sha256-a+Aakkb+amHw4biOZ0iMo8xYl37uUL48YEXIC5PYJ/8=",
+ "lastModified": 1723685519,
+ "narHash": "sha256-GkXQIoZmW2zCPp1YFtAYGg/xHNyFH/Mgm79lcs81rq0=",
"owner": "nix-community",
"repo": "disko",
- "rev": "09a776702b004fdf9c41a024e1299d575ee18a7d",
+ "rev": "276a0d055a720691912c6a34abb724e395c8e38a",
"type": "github"
},
"original": {
@@ -157,11 +157,11 @@
]
},
"locked": {
- "lastModified": 1726638033,
- "narHash": "sha256-+hcgXKG5t/9wibv+8T9WASWItBAWb0tsmcZXH+VIYdw=",
+ "lastModified": 1722661736,
+ "narHash": "sha256-0lujsK40JV/2PlqCjhZMGpHKL4vDKzJcnkFJYnG1WZA=",
"owner": "reckenrode",
"repo": "nix-foundryvtt",
- "rev": "bf07f9dd916a97a091f8ab83358c2f295bea9ec9",
+ "rev": "699a175398410688214615a9d977354e9ef98d2d",
"type": "github"
},
"original": {
@@ -210,11 +210,11 @@
},
"nixpkgs-stable": {
"locked": {
- "lastModified": 1729357638,
- "narHash": "sha256-66RHecx+zohbZwJVEPF7uuwHeqf8rykZTMCTqIrOew4=",
+ "lastModified": 1721524707,
+ "narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "bb8c2cf7ea0dd2e18a52746b2c3a5b0c73b93c22",
+ "rev": "556533a23879fc7e5f98dd2e0b31a6911a213171",
"type": "github"
},
"original": {
@@ -226,11 +226,11 @@
},
"nixpkgs-unstable": {
"locked": {
- "lastModified": 1729766066,
- "narHash": "sha256-QLeNRaGsoIFfv2Kfd4rw2l1TTDb1i4gQzvClSmrk1l4=",
+ "lastModified": 1723957280,
+ "narHash": "sha256-J08Yqf2IJ73y7myI69qEKsQ048ibweG6FeJeCxbIdB4=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "8b052aac04356e25b6ec1058c86de8792440362d",
+ "rev": "abcef4da4ebb72240bddc370a27263627e64877f",
"type": "github"
},
"original": {
@@ -242,11 +242,11 @@
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1729762315,
- "narHash": "sha256-l0HyBdB2drPowQm044HDWqMLWwf818G38flxL0bhwqU=",
+ "lastModified": 1723920526,
+ "narHash": "sha256-USs6A60raDKZ/8BEpqja1XjZIsRzADX+NtWKH6wIxIw=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "00c24c17345ba867086a807a7869b12e05955c81",
+ "rev": "1cbd3d585263dc620c483e138d352a39b9f0e3ec",
"type": "github"
},
"original": {
@@ -442,11 +442,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
- "lastModified": 1729775275,
- "narHash": "sha256-J2vtHq9sw1wWm0aTMXpEEAzsVCUMZDTEe5kiBYccpLE=",
+ "lastModified": 1723501126,
+ "narHash": "sha256-N9IcHgj/p1+2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE=",
"owner": "Mic92",
"repo": "sops-nix",
- "rev": "78a0e634fc8981d6b564f08b6715c69a755c4c7d",
+ "rev": "be0eec2d27563590194a9206f551a6f73d52fa34",
"type": "github"
},
"original": {
diff --git a/keys/production.yaml b/keys/production.yaml
index b312390..da90860 100644
--- a/keys/production.yaml
+++ b/keys/production.yaml
@@ -1,7 +1,4 @@
hetzner-api: ENC[AES256_GCM,data:OsUfo86AzcBe/OELkfB5brEfsZ4gkbeehxwIVUBwQgE=,iv:Bt/cjlZ6oZEVUOQjWMDL7/mfL3HWLFAw1tEGeLMgeKg=,tag:TMU2XiHlMgP4aes10mIQYQ==,type:str]
-porkbun:
- api: ENC[AES256_GCM,data:lnspaxOUMMUh4IzWJQ4yizXob3YCMJeDKeqTf/pjPHdpiIDu/TZ+XUer6DPtLtJwUFz82528/HNtIE0RrxYw2lFiam8=,iv:nKp6eqFtHozioc5TvAXJFCqZbxI75kUIGbSrpfspSGE=,tag:+IRfb4xoowSCohw/08xKkw==,type:str]
- secret-api: ENC[AES256_GCM,data:nVQI/IH+DaTyOkogUoFs8J9ZzgJTsYAFSsx3KhhkVv4mQp3h+azktSKlth1oa0e71EEPMaYxDLNIhKkn4kUTnaM7iB4=,iv:pCm0YVdqTMDl/hUYyk65S1bwsBWcx0kepIopXwrPTfY=,tag:ScANzcC7qrzKDbFBzpXyiA==,type:str]
battery-manager:
email: ENC[AES256_GCM,data:rYLUACXR/n+bLBmZ,iv:sUBEkh2+7qGjHZ5R23e/hoCiyTA7GTL4bJvXmxjZ5Sw=,tag:fdPMllaQQfRgX0WZKIre4g==,type:str]
password: ENC[AES256_GCM,data:7cokZa6Q6ahSeiFPz+cV,iv:vz405P0IcG9FsAQXlY7mi78GuushQUKJm2irG6buGzc=,tag:JLHG2jTkJDGbinAq9dXRsQ==,type:str]
@@ -35,8 +32,8 @@ sops:
azure_kv: []
hc_vault: []
age: []
- lastmodified: "2024-11-17T18:21:07Z"
- mac: ENC[AES256_GCM,data:51FoQta3+opyqJKYR0xHuToLbJh3wQlByM78FgtsWjnQXME4+Fo8khfZzroqv9sAHZ62iarUXc8lCiR0u5YvqCgraE6qvDrHIy8nwh2/nwkpyPUSBEvkkDSakyLmvrIkRbV9XbI1qo3OunnZoFP4MqMblvlMclA2Y+LiIUgyxxE=,iv:vustCOMYyp06Xtylj1DoQ4370X1RCWppeu/mCoKQhmk=,tag:L4GujQF+O6KEQeyYA+LFOA==,type:str]
+ lastmodified: "2024-04-15T23:13:18Z"
+ mac: ENC[AES256_GCM,data:3/v+WgSWJ+VcBSBe1Wkis3z+tMmSjbKzLFqBB8xugc6DvgQG8J+1HRrPucLnpNNtEdmpyoTa72U6fPm6JnyUsuj5pLEghLprOJkqQNdRI06fllhw+9d3e3twx6D4oIIsVH6/io4ElXrGsGQTsfNbYhgn+987wa3WP5N25fBac3U=,iv:FL3tzPutOMN6IPkQfXIu/JOZT+OzUSqpMSQrUeXZQHE=,tag:jL1BTsYTA9XjrsjFszxZhA==,type:str]
pgp:
- created_at: "2024-03-18T04:02:00Z"
enc: |-
diff --git a/pkgs/_sources_nextcloud/generated.json b/pkgs/_sources_nextcloud/generated.json
index 1c553ce..4071726 100644
--- a/pkgs/_sources_nextcloud/generated.json
+++ b/pkgs/_sources_nextcloud/generated.json
@@ -7,11 +7,11 @@
"passthru": null,
"pinned": false,
"src": {
- "sha256": "sha256-7BTNFsNcqmDACpj5PMEiS71xtr50v7Sqo3qeCL+3J9s=",
+ "sha256": "sha256-V4zZsAwPn8QiCXEDqOgNFHaXqMOcHMpMbJ1Oz3Db0pc=",
"type": "tarball",
- "url": "https://github.com/nextcloud/bookmarks/releases/download/v14.2.6/bookmarks-14.2.6.tar.gz"
+ "url": "https://github.com/nextcloud/bookmarks/releases/download/v14.2.4/bookmarks-14.2.4.tar.gz"
},
- "version": "14.2.6"
+ "version": "14.2.4"
},
"calendar": {
"cargoLocks": null,
@@ -21,11 +21,11 @@
"passthru": null,
"pinned": false,
"src": {
- "sha256": "sha256-X2XcH7HpxgizCEJVrazGtzNQTBihFxvTq/ybK939cxo=",
+ "sha256": "sha256-sipXeyOL4OhENz7V2beFeSYBAoFZdCWtqftIy0lsqEY=",
"type": "tarball",
- "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.7.16/calendar-v4.7.16.tar.gz"
+ "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.7.15/calendar-v4.7.15.tar.gz"
},
- "version": "v4.7.16"
+ "version": "v4.7.15"
},
"contacts": {
"cargoLocks": null,
@@ -49,11 +49,11 @@
"passthru": null,
"pinned": false,
"src": {
- "sha256": "sha256-Pfa+Xbopg20os+pnGgg+wpEX1MI5fz5JMb0K4a8rBhs=",
+ "sha256": "sha256-a8ekMnEzudHGiqHF53jPtgsVTOTc2QLuPg6YtTw5h68=",
"type": "tarball",
- "url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/Cookbook-0.11.2.tar.gz"
+ "url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.1/Cookbook-0.11.1.tar.gz"
},
- "version": "0.11.2"
+ "version": "0.11.1"
},
"news": {
"cargoLocks": null,
@@ -63,11 +63,11 @@
"passthru": null,
"pinned": false,
"src": {
- "sha256": "sha256-pnvyMZQ+NYMgH0Unfh5S19HdZSjnghgoUDAoi2KIXNI=",
+ "sha256": "sha256-AhTZGQCLeNgsRBF5w3+Lf9JtNN4D1QncB5t+odU+XUc=",
"type": "tarball",
- "url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz"
+ "url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha8/news.tar.gz"
},
- "version": "25.0.0-alpha12"
+ "version": "25.0.0-alpha8"
},
"notes": {
"cargoLocks": null,
@@ -77,10 +77,10 @@
"passthru": null,
"pinned": false,
"src": {
- "sha256": "sha256-Cu73H0hJREbkskLbj56M8qUF1Tp4EazORlCF9rpPL90=",
+ "sha256": "sha256-A3QNWGWeC2OcZngMrh9NpYbU5qp5x9xiDcRfB9cRXBo=",
"type": "tarball",
- "url": "https://github.com/nextcloud-releases/notes/releases/download/v4.11.0/notes-v4.11.0.tar.gz"
+ "url": "https://github.com/nextcloud-releases/notes/releases/download/v4.10.1/notes-v4.10.1.tar.gz"
},
- "version": "v4.11.0"
+ "version": "v4.10.1"
}
}
\ No newline at end of file
diff --git a/pkgs/_sources_nextcloud/generated.nix b/pkgs/_sources_nextcloud/generated.nix
index da275cc..53e26d1 100644
--- a/pkgs/_sources_nextcloud/generated.nix
+++ b/pkgs/_sources_nextcloud/generated.nix
@@ -3,18 +3,18 @@
{
bookmarks = {
pname = "bookmarks";
- version = "14.2.6";
+ version = "14.2.4";
src = fetchTarball {
- url = "https://github.com/nextcloud/bookmarks/releases/download/v14.2.6/bookmarks-14.2.6.tar.gz";
- sha256 = "sha256-7BTNFsNcqmDACpj5PMEiS71xtr50v7Sqo3qeCL+3J9s=";
+ url = "https://github.com/nextcloud/bookmarks/releases/download/v14.2.4/bookmarks-14.2.4.tar.gz";
+ sha256 = "sha256-V4zZsAwPn8QiCXEDqOgNFHaXqMOcHMpMbJ1Oz3Db0pc=";
};
};
calendar = {
pname = "calendar";
- version = "v4.7.16";
+ version = "v4.7.15";
src = fetchTarball {
- url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.7.16/calendar-v4.7.16.tar.gz";
- sha256 = "sha256-X2XcH7HpxgizCEJVrazGtzNQTBihFxvTq/ybK939cxo=";
+ url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.7.15/calendar-v4.7.15.tar.gz";
+ sha256 = "sha256-sipXeyOL4OhENz7V2beFeSYBAoFZdCWtqftIy0lsqEY=";
};
};
contacts = {
@@ -27,26 +27,26 @@
};
cookbook = {
pname = "cookbook";
- version = "0.11.2";
+ version = "0.11.1";
src = fetchTarball {
- url = "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/Cookbook-0.11.2.tar.gz";
- sha256 = "sha256-Pfa+Xbopg20os+pnGgg+wpEX1MI5fz5JMb0K4a8rBhs=";
+ url = "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.1/Cookbook-0.11.1.tar.gz";
+ sha256 = "sha256-a8ekMnEzudHGiqHF53jPtgsVTOTc2QLuPg6YtTw5h68=";
};
};
news = {
pname = "news";
- version = "25.0.0-alpha12";
+ version = "25.0.0-alpha8";
src = fetchTarball {
- url = "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz";
- sha256 = "sha256-pnvyMZQ+NYMgH0Unfh5S19HdZSjnghgoUDAoi2KIXNI=";
+ url = "https://github.com/nextcloud/news/releases/download/25.0.0-alpha8/news.tar.gz";
+ sha256 = "sha256-AhTZGQCLeNgsRBF5w3+Lf9JtNN4D1QncB5t+odU+XUc=";
};
};
notes = {
pname = "notes";
- version = "v4.11.0";
+ version = "v4.10.1";
src = fetchTarball {
- url = "https://github.com/nextcloud-releases/notes/releases/download/v4.11.0/notes-v4.11.0.tar.gz";
- sha256 = "sha256-Cu73H0hJREbkskLbj56M8qUF1Tp4EazORlCF9rpPL90=";
+ url = "https://github.com/nextcloud-releases/notes/releases/download/v4.10.1/notes-v4.10.1.tar.gz";
+ sha256 = "sha256-A3QNWGWeC2OcZngMrh9NpYbU5qp5x9xiDcRfB9cRXBo=";
};
};
}
diff --git a/pkgs/nextcloud-apps.toml b/pkgs/nextcloud-apps.toml
index 4e6e0b2..89dccb4 100644
--- a/pkgs/nextcloud-apps.toml
+++ b/pkgs/nextcloud-apps.toml
@@ -1,12 +1,10 @@
[bookmarks]
-# src.github = "nextcloud/bookmarks"
-# src.prefix = "v"
-src.manual = "14.2.6"
+src.github = "nextcloud/bookmarks"
+src.prefix = "v"
fetch.tarball = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz"
[calendar]
-# src.github = "nextcloud-releases/calendar"
-src.manual = "v4.7.16"
+src.github = "nextcloud-releases/calendar"
fetch.tarball = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz"
[contacts]
@@ -22,7 +20,7 @@ fetch.tarball = "https://github.com/christianlupus-nextcloud/cookbook-releases/r
[news]
# Update manually until angular rewrite is done
# src.github = "nextcloud/news"
-src.manual = "25.0.0-alpha12"
+src.manual = "25.0.0-alpha8"
fetch.tarball = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz"
[notes]