nixos/whale2: Add Valheim server 😳

nixos/boxes/colony/vms/estuary/default.nix

@@ -192,6 +192,17 @@
                       port = 8448;
                       dst = allAssignments.middleman.internal.ipv4.address + ":8448";
                     }
+
+                    {
+                      port = 2456;
+                      dst = allAssignments.valheim-oci.internal.ipv4.address + ":2456";
+                      proto = "udp";
+                    }
+                    {
+                      port = 2457;
+                      dst = allAssignments.valheim-oci.internal.ipv4.address + ":2457";
+                      proto = "udp";
+                    }
                   ];
                 };
                 extraRules =
@@ -209,6 +220,7 @@
                       tcp dport ssh accept
 
                       ${matchInet "tcp dport { http, https, 8448 } accept" "middleman"}
+                      ${matchInet "udp dport { 2456-2457 } accept" "valheim-oci"}
 
                       return
                     }

nixos/boxes/colony/vms/estuary/dns.nix

@@ -203,9 +203,13 @@ in
             ns IN ALIAS ${config.networking.fqdn}.
 
             @ IN ALIAS ${config.networking.fqdn}.
+
             http IN A ${assignments.internal.ipv4.address}
             http IN AAAA ${allAssignments.middleman.internal.ipv6.address}
 
+            valheim IN A ${assignments.internal.ipv4.address}
+            valheim IN AAAA ${allAssignments.valheim-oci.internal.ipv6.address}
+
             $TTL 3
             _acme-challenge IN LUA TXT @@FILE@@
 

nixos/boxes/colony/vms/whale2/default.nix

@@ -1,4 +1,8 @@
-{ lib, ... }: {
+{ lib, ... }:
+let
+  inherit (builtins) mapAttrs;
+in
+{
   nixos.systems.whale2 = {
     system = "x86_64-linux";
     nixpkgs = "mine";
@@ -25,9 +29,20 @@
       };
     };
 
+    extraAssignments = mapAttrs (n: i: {
+      internal = {
+        name = n;
+        domain = lib.my.colony.domain;
+        ipv4.address = "${lib.my.colony.start.oci.v4}${toString i}";
+        ipv6.address = "${lib.my.colony.start.oci.v6}${toString i}";
+      };
+    }) {
+      valheim-oci = 2;
+    };
+
     configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }:
       let
-        inherit (builtins) mapAttrs toJSON;
+        inherit (builtins) toJSON;
         inherit (lib) mkIf mkMerge mkForce;
         inherit (lib.my) networkdAssignment;
       in
@@ -35,7 +50,7 @@
         imports = [
           "${modulesPath}/profiles/qemu-guest.nix"
 
-
+          ./valheim.nix
         ];
 
         config = mkMerge [
@@ -75,6 +90,9 @@
               podman = {
                 enable = true;
               };
+              oci-containers = {
+                backend = "podman";
+              };
             };
 
             environment = {

nixos/boxes/colony/vms/whale2/valheim.nix

@@ -0,0 +1,38 @@
+{ lib, config, allAssignments, ... }:
+let
+  inherit (lib.my) dockerNetAssignment;
+in
+{
+  config = {
+    virtualisation.oci-containers.containers = {
+      valheim = {
+        image = "lloesche/valheim-server@sha256:8d910b15e3ab645a31c85799338d3dc043cabe891a34b43cbd574a1453837205";
+
+        environment = {
+          SERVER_NAME = "amogus sus";
+          SERVER_PUBLIC = "true";
+          WORLD_NAME = "simpland2";
+          ADMINLIST_IDS = "76561198049818986";
+          TZ = "Europe/Dublin";
+        };
+        environmentFiles = [ config.age.secrets."whale2/valheim.env".path ];
+
+        volumes = [
+          "data:/config"
+          "server:/opt/valheim"
+        ];
+
+        extraOptions = [
+          ''--network=colony:${dockerNetAssignment allAssignments "valheim-oci"}''
+          "--cap-add=SYS_NICE"
+        ];
+      };
+    };
+
+    my = {
+      secrets.files = {
+        "whale2/valheim.env" = {};
+      };
+    };
+  };
+}