diff --git a/modules/core/logging.nix b/modules/core/logging.nix index cc966c4..75f482f 100644 --- a/modules/core/logging.nix +++ b/modules/core/logging.nix @@ -5,6 +5,7 @@ defaultConfig = '' $FileCreateMode 0640 :programname, isequal, "postfix" /var/log/postfix.log + :programname, isequal, "portunus" /var/log/portunus.log auth.* -/var/log/auth.log ''; diff --git a/modules/minecraft/default.nix b/modules/minecraft/default.nix index aed370b..a51b5d5 100644 --- a/modules/minecraft/default.nix +++ b/modules/minecraft/default.nix @@ -12,13 +12,6 @@ jvmOpts = "-Xmx8192M -Xms8192M"; }; }; - services.nginx.virtualHosts."map.mc.ifsr.de".extraConfig = '' - allow 141.30.0.0/16; - allow 141.76.0.0/16; - allow 217.160.244.15/32; # jonas uptime kuma - deny all; - ''; - networking.firewall = { extraInputRules = '' ip saddr { 141.30.0.0/16, 141.76.0.0/16, 217.160.244.15/32 } tcp dport 25565 accept comment "Allow minecraft access from TU network and jonas monitoring" diff --git a/overlays/default.nix b/overlays/default.nix index 5169a10..e529245 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -24,4 +24,5 @@ in ]; keycloak_ifsr_theme = callPackage ../modules/keycloak/theme.nix { }; + portunus = callPackage ./portunus.nix { }; } diff --git a/overlays/portunus.nix b/overlays/portunus.nix new file mode 100644 index 0000000..ac09a9b --- /dev/null +++ b/overlays/portunus.nix @@ -0,0 +1,32 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, libxcrypt-legacy +, nixosTests +}: + +buildGoModule rec { + pname = "portunus"; + version = "2.1.1"; + + src = fetchFromGitHub { + owner = "majewsky"; + repo = "portunus"; + rev = "v${version}"; + sha256 = "sha256-+pMMIutj+OWKZmOYH5NuA4a7aS5CD+33vAEC9bJmyfM="; + }; + + buildInputs = [ libxcrypt-legacy ]; + + vendorHash = null; + + passthru.tests = { inherit (nixosTests) portunus; }; + + meta = with lib; { + description = "Self-contained user/group management and authentication service"; + homepage = "https://github.com/majewsky/portunus"; + license = licenses.gpl3Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ majewsky ] ++ teams.c3d2.members; + }; +}