dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Compare commits

base: dev:970af805e9b5e76be23f7e3d06e5fa19c1471bc9
Branches Tags
dev:master dev:fastback-ssh
dev:installer
...
compare: dev:71d1c3f9c295202b73f5ca2a1afb04c23b096a6e
Branches Tags
dev:master dev:fastback-ssh
dev:installer

2 Commits
970af805e9 ... 71d1c3f9c2

Author SHA1 Message Date
Jack O'Sullivan
71d1c3f9c2 Ensure borgbackup cache / config is persisted
All checks were successful
CI / Check, build and cache Nix flake (push) Successful in 32m28s
Details
2024-11-16 18:46:09 +00:00
Jack O'Sullivan
1453a755c3 Add (now unused) Enshrouded server 2024-11-16 18:08:10 +00:00
9 changed files with 79 additions and 0 deletions
Expand all files Collapse all files

11
lib/constants.nix
View File

@@ -228,6 +228,17 @@ rec {
proto = "udp"; proto = "udp";
} }
{
port = 15636;
dst = aa.enshrouded-oci.internal.ipv4.address;
proto = "udp";
}
{
port = 15637;
dst = aa.enshrouded-oci.internal.ipv4.address;
proto = "udp";
}
{ {
port = qclk.wgPort; port = qclk.wgPort;
dst = aa.qclk.internal.ipv4.address; dst = aa.qclk.internal.ipv4.address;

1
nixos/boxes/colony/vms/estuary/default.nix
View File

@@ -412,6 +412,7 @@ in
ip6 daddr ${aa.valheim-oci.internal.ipv6.address} udp dport { 2456-2457 } accept ip6 daddr ${aa.valheim-oci.internal.ipv6.address} udp dport { 2456-2457 } accept
ip6 daddr ${aa.waffletail.internal.ipv6.address} udp dport 41641 accept ip6 daddr ${aa.waffletail.internal.ipv6.address} udp dport 41641 accept
ip6 daddr ${aa.simpcraft-oci.internal.ipv6.address} udp dport 25565 accept ip6 daddr ${aa.simpcraft-oci.internal.ipv6.address} udp dport 25565 accept
ip6 daddr ${aa.enshrouded-oci.internal.ipv6.address} udp dport { 15636-15637 } accept
return return
} }
chain filter-routing { chain filter-routing {

1
nixos/boxes/colony/vms/estuary/dns.nix
View File

@@ -153,6 +153,7 @@ in
simpcraft IN AAAA ${allAssignments.simpcraft-oci.internal.ipv6.address} simpcraft IN AAAA ${allAssignments.simpcraft-oci.internal.ipv6.address}
simpcraft-staging IN A ${assignments.internal.ipv4.address} simpcraft-staging IN A ${assignments.internal.ipv4.address}
simpcraft-staging IN AAAA ${allAssignments.simpcraft-staging-oci.internal.ipv6.address} simpcraft-staging IN AAAA ${allAssignments.simpcraft-staging-oci.internal.ipv6.address}
enshrouded IN A ${assignments.internal.ipv4.address}
mail-vm IN A ${net.cidr.host 0 prefixes.mail.v4} mail-vm IN A ${net.cidr.host 0 prefixes.mail.v4}
mail-vm IN AAAA ${net.cidr.host 1 prefixes.mail.v6} mail-vm IN AAAA ${net.cidr.host 1 prefixes.mail.v6}

2
nixos/boxes/colony/vms/shill/containers/vaultwarden.nix
View File

@@ -99,6 +99,8 @@ in
}; };
borgbackup.jobs.vaultwarden = { borgbackup.jobs.vaultwarden = {
readWritePaths = [ "/var/lib/borgbackup" "/var/cache/borgbackup" ];
paths = [ vwData ]; paths = [ vwData ];
repo = "zh2855@zh2855.rsync.net:borg/vaultwarden2"; repo = "zh2855@zh2855.rsync.net:borg/vaultwarden2";
doInit = true; doInit = true;

2
nixos/boxes/colony/vms/whale2/default.nix
View File

@@ -52,6 +52,7 @@ in
valheim-oci = 2; valheim-oci = 2;
simpcraft-oci = 3; simpcraft-oci = 3;
simpcraft-staging-oci = 4; simpcraft-staging-oci = 4;
enshrouded-oci = 5;
}; };
configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }: configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }:
@@ -66,6 +67,7 @@ in
./valheim.nix ./valheim.nix
./minecraft ./minecraft
# ./enshrouded.nix
]; ];
config = mkMerge [ config = mkMerge [

35
nixos/boxes/colony/vms/whale2/enshrouded.nix Normal file
View File

@@ -0,0 +1,35 @@
{ lib, config, allAssignments, ... }:
let
inherit (lib) concatStringsSep;
inherit (lib.my) dockerNetAssignment;
in
{
config = {
virtualisation.oci-containers.containers = {
enshrouded = {
image = "sknnr/enshrouded-dedicated-server@sha256:f163e8ba9caa2115d8a0a7b16c3696968242fb6fba82706d9a77a882df083497";
environment = {
SERVER_NAME = "UWUshrouded";
# SERVER_IP = "::"; # no IPv6?? :(
TZ = "Europe/Dublin";
};
environmentFiles = [ config.age.secrets."whale2/enshrouded.env".path ];
volumes = [
"enshrouded:/home/steam/enshrouded/savegame"
];
extraOptions = [
''--network=colony:${dockerNetAssignment allAssignments "enshrouded-oci"}''
];
};
};
my = {
secrets.files = {
"whale2/enshrouded.env" = {};
};
};
};
}

1
nixos/boxes/colony/vms/whale2/minecraft/default.nix
View File

@@ -123,6 +123,7 @@ in
within = "12H"; within = "12H";
hourly = 48; hourly = 48;
}; };
readWritePaths = [ "/var/lib/borgbackup" "/var/cache/borgbackup" ];
# Avoid Minecraft poking the files while we back up # Avoid Minecraft poking the files while we back up
preHook = rconCommand "save-off"; preHook = rconCommand "save-off";

14
nixos/modules/tmproot.nix
View File

@@ -540,6 +540,20 @@ in
]; ];
}) })
(persistSimpleSvc "octoprint") (persistSimpleSvc "octoprint")
(mkIf (config.services.borgbackup.jobs != { }) {
my.tmproot.persistence.config.directories = [
"/var/lib/borgbackup"
"/var/cache/borgbackup"
];
services.borgbackup.package = pkgs.borgbackup.overrideAttrs (o: {
makeWrapperArgs = o.makeWrapperArgs ++ [
"--set-default BORG_BASE_DIR /var/lib/borgbackup"
"--set-default BORG_CONFIG_DIR /var/lib/borgbackup/config"
"--set-default BORG_CACHE_DIR /var/cache/borgbackup"
];
});
})
])) ]))
]); ]);

12
secrets/whale2/enshrouded.env.age Normal file
View File

@@ -0,0 +1,12 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IC9FSlh2ZyBQc3dL
bkttTXJPWnZzYVJ6OUc2cjJvZWJLWHk2QXYvRU9TL3RBTmFmQ1dNClRtaUwvcDJa
c3h6eXpPR3dKSVZDVHJzNjR4b0Y5K3Zadk5vTkZiZS9RYkEKLT4gWDI1NTE5IE9R
Y0g2bEJsNmdLaVJteDJaakFMZEdxRU55N2pNbzhkakxuRVFmdVN0ajQKZXZrRHdu
WFFwMUFkUmJQbm9ONlFRWGdMWmtsWHlOaWVjMGtMdVM1YmdoUQotPiAwIm5PWS1n
cmVhc2UgUUosbyl4CkFIWDA4L3YwOFBYVUFMZnB6U3VkNFJQVFlEMThVeTV4bHlu
QmF2TFBobmtJS1hERUtSZld2UEZyb29nNEdGdWEKenliMmhQL1VrY2dFS3VzSEZB
dm1jT2xOQkxnbCtBV21WT3ZMVjl0WEpPWQotLS0gckNCZEp3VU56eTFFR1ZzbTc3
WTRIcVZGY0Z1YlNUS3l0cWJ1TW5YUjF6SQoqTDq/up9Q3tQnNJdsnfiwYqA5LW6G
nKJXGbpnt3dpXxv/1+KRgF6pVKVQtyNFncQW7SC6K4uFw7iv6A==
-----END AGE ENCRYPTED FILE-----