Compare commits

..

No commits in common. "49d48dc8d4d55c8b2fd46dcabe2471f10c5eda72" and "85f8932908ed50122922409739fd1169efba7811" have entirely different histories.

5 changed files with 16 additions and 67 deletions

View file

@ -143,11 +143,11 @@
]
},
"locked": {
"lastModified": 1721531260,
"narHash": "sha256-O72uxk4gYFQDwNkoBioyrR3GK9EReZmexCStBaORMW8=",
"lastModified": 1720926593,
"narHash": "sha256-fW6e27L6qY6s+TxInwrS2EXZZfhMAlaNqT0sWS49qMA=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "b6db9fd8dc59bb2ccb403f76d16ba8bbc1d5263d",
"rev": "5fe5b0cdf1268112dc96319388819b46dc051ef4",
"type": "github"
},
"original": {
@ -174,11 +174,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1721524707,
"narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=",
"lastModified": 1720915306,
"narHash": "sha256-6vuViC56+KSr+945bCV8akHK+7J5k6n/epYg/W3I5eQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "556533a23879fc7e5f98dd2e0b31a6911a213171",
"rev": "74348da2f3a312ee25cea09b98cdba4cb9fa5d5d",
"type": "github"
},
"original": {
@ -188,29 +188,13 @@
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1721379653,
"narHash": "sha256-8MUgifkJ7lkZs3u99UDZMB4kbOxvMEXQZ31FO3SopZ0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1d9c2c9b3e71b9ee663d11c5d298727dace8d374",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1721548954,
"narHash": "sha256-7cCC8+Tdq1+3OPyc3+gVo9dzUNkNIQfwSDJ2HSi2u3o=",
"lastModified": 1721226092,
"narHash": "sha256-UBvzVpo5sXSi2S/Av+t+Q+C2mhMIw/LBEZR+d6NMjws=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "63d37ccd2d178d54e7fb691d7ec76000740ea24a",
"rev": "c716603a63aca44f39bef1986c13402167450e0a",
"type": "github"
},
"original": {
@ -286,7 +270,6 @@
"kpp": "kpp",
"nix-index-database": "nix-index-database",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"print-interface": "print-interface",
"sops-nix": "sops-nix",
"vscode-server": "vscode-server"
@ -300,11 +283,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1721531171,
"narHash": "sha256-AsvPw7T0tBLb53xZGcUC3YPqlIpdxoSx56u8vPCr6gU=",
"lastModified": 1720926522,
"narHash": "sha256-eTpnrT6yu1vp8C0B5fxHXhgKxHoYMoYTEikQx///jxY=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "909e8cfb60d83321d85c8d17209d733658a21c95",
"rev": "0703ba03fd9c1665f8ab68cc3487302475164617",
"type": "github"
},
"original": {

View file

@ -1,7 +1,6 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
nix-index-database.url = "github:nix-community/nix-index-database";
@ -24,7 +23,6 @@
outputs =
{ self
, nixpkgs
, nixpkgs-unstable
, sops-nix
, nix-index-database
, kpp
@ -38,7 +36,6 @@
supportedSystems = [ "x86_64-linux" ];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
pkgs = forAllSystems (system: nixpkgs.legacyPackages.${system});
in
{
packages = forAllSystems (system: rec {

View file

@ -23,4 +23,4 @@
#docker-compose # start group of containers for dev
#podman-compose # start group of containers for dev
];
}
}

View file

@ -5,7 +5,7 @@ let
in
{
sops.secrets."kanboard_env" = { };
virtualisation.oci-containers = {
containers.kanboard = {
image = "ghcr.io/kanboard/kanboard:v1.2.36";

View file

@ -1,44 +1,13 @@
{config, pkgs, lib, nixpkgs-unstable, ... }:
{ ... }:
{
services.minecraft-server = {
enable = true;
# hack to enable unstable unfree package
package = nixpkgs-unstable.legacyPackages.x86_64-linux.minecraft-server.overrideAttrs (_old: { meta.license = [ lib.licenses.mit ]; });
eula = true;
};
services.bluemap = {
enable = true;
host = "map.mc.ifsr.de";
eula = true;
defaultWorld = "${config.services.minecraft-server.dataDir}/world";
};
services.nginx.virtualHosts."map.mc.ifsr.de".extraConfig = ''
allow 141.30.0.0/16;
allow 141.76.0.0/16;
deny all;
'';
networking.firewall = {
extraInputRules = ''
ip saddr { 141.30.0.0/16, 141.76.0.0/16} tcp dport 25565 accept comment "Allow minecraft access from office nets and podman"
ip saddr { 141.30.0.0/16, 141.76.0.0/16} tcp dport 25565 accept comment "Allow ldaps access from office nets and podman"
'';
};
users.users.minecraft = {
isNormalUser = true;
isSystemUser = lib.mkForce false;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILkxTuzjS3EswMfj+wSKu9ciRyStvjDlDUXzkqEUGDaP rouven@thinkpad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOhdjiPvtAo/ZV36RjBBPSlixzeP3VN6cqa4YAmM5uXM ff00005@ff00005-laptop" # malte
];
};
security.sudo.extraRules = [
{
users = [ "minecraft" ];
commands = [
{ command = "/run/current-system/sw/bin/systemctl restart minecraft-server"; options = [ "NOPASSWD" ]; }
{ command = "/run/current-system/sw/bin/systemctl start minecraft-server"; options = [ "NOPASSWD" ]; }
{ command = "/run/current-system/sw/bin/systemctl stop minecraft-server"; options = [ "NOPASSWD" ]; }
];
}
];
}