config-perso/machines/kat-traque/default.nix

254 lines
6.1 KiB
Nix
Raw Normal View History

2024-06-01 16:26:08 +02:00
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
...
}:
2024-06-23 15:57:17 +02:00
let
2024-06-25 18:31:43 +02:00
traque-pkg = pkgs.callPackage ./traque-pkg.nix { };
2024-06-23 15:57:17 +02:00
in
2024-06-01 16:26:08 +02:00
{
imports = [
./hardware-configuration.nix
./disks.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
time.timeZone = "Europe/Paris";
networking = {
interfaces."enp1s0" = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.122.4";
prefixLength = 24;
}
];
ipv6.addresses = [
{
address = "fe80::4";
prefixLength = 64;
}
];
};
defaultGateway = "192.168.122.1";
defaultGateway6 = {
address = "fe80::1";
interface = "enp1s0";
};
nameservers = [
"192.168.122.1"
"fe80::1%enp1s0"
];
};
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
services.dbus.packages = with pkgs; [ dconf ];
nixpkgs.config.allowUnfree = true;
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
wget
nix-search-cli
git
btop
ranger
screen
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
services.openssh.enable = true;
networking.firewall.enable = false;
2024-06-23 15:57:17 +02:00
security.acme = {
acceptTerms = true;
defaults.email = "root@katvayor.net";
};
services.nginx = {
enable = true;
virtualHosts = {
"traque.katvayor.net" = {
2024-07-11 11:53:14 +02:00
enableACME = true;
addSSL = true;
locations."/".extraConfig = ''
return 301 https://traque.dgnum.eu$request_uri;
'';
};
"traque.dgnum.eu" = {
2024-06-23 15:57:17 +02:00
enableACME = true;
addSSL = true;
locations = {
2024-09-08 21:17:46 +02:00
"= /" = {
alias = "${traque-pkg}/share/traque-webroot/";
};
2024-06-23 15:57:17 +02:00
"/" = {
root = "${traque-pkg}/share/traque-webroot";
tryFiles = "$uri $uri.html @backend";
};
"@backend" = {
recommendedProxySettings = true;
proxyPass = "http://localhost:8080";
extraConfig = ''
error_page 502 =503 "/errors/503.html";
proxy_set_header Connection ''';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
'';
};
};
};
"test.traque.katvayor.net" = {
enableACME = true;
addSSL = true;
locations = {
2024-09-08 21:17:46 +02:00
"= /" = {
alias = "/traque/static/";
};
2024-06-23 15:57:17 +02:00
"/" = {
root = "/traque/static";
tryFiles = "$uri $uri.html @backend";
};
"@backend" = {
recommendedProxySettings = true;
proxyPass = "http://localhost:8000";
extraConfig = ''
error_page 502 =503 "/errors/503.html";
proxy_set_header Connection ''';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
'';
};
};
};
};
};
systemd.services = {
traque = {
2024-09-08 22:04:05 +02:00
path = [ pkgs.outils ];
preStart =
let
token-file = "/var/lib/traque/token";
NPCs = [
2024-09-11 18:14:24 +02:00
"Foxtrot"
"Filou"
"Flagada"
"Festivité"
"Fruitbat"
"Fissure"
"Luxembourg"
"Italie"
"Contrescarpe"
"Sèvres-babylone"
"Roseraie"
"Observatoire"
"Montparnasse"
2024-09-08 22:04:05 +02:00
];
Players = [
2024-09-11 18:14:24 +02:00
"Alpha"
"Aarakocra"
"Anguille"
"Abricot"
"Antilope"
"Aigle Royal"
"Bravo"
"Béluga"
"Bétléhem"
"Belzébuth"
"Baltimore"
"Basilic"
"Cachalot"
"Colegram"
"Calcutta"
"Capybara"
"Crotale"
"Charlie"
"Delta"
"Delhi"
"Dandélion"
"Drone"
"Doryphore"
"Doliprane"
"Ellipse"
"Echo"
"Elfe"
"Éléphant"
"Epsilon"
"Épine"
2024-09-08 22:04:05 +02:00
];
id-gen = name: ''sha1 <<< "$(cat ${token-file})${name}" | cut -c 1-10'';
in
''
cat <<EOF > /var/lib/traque/Rocket.toml
[release]
port = 8080
ident = "Traque backend"
template_dir = "${traque-pkg}/share/traque-templates"
2024-06-23 15:57:17 +02:00
2024-09-08 22:04:05 +02:00
blurred_move = [0.0005, 0.0005]
bonus_timeout = 120000
event_timeout = 100
fairness_timeout = 30000
admin_token = "$(cat ${token-file})"
serve_static = false
teams = [
${
lib.concatStringsSep ",\n " (
map (npc: ''{ id = "$(${id-gen npc})", name = "${npc}", vieux = true }'') NPCs
++ map (player: ''{ id = "$(${id-gen player})", name = "${player}", vieux = false}'') Players
)
}
]
EOF
'';
2024-06-23 15:57:17 +02:00
serviceConfig = {
WorkingDirectory = "/var/lib/traque";
ExecStart = "${traque-pkg}/bin/traque";
2024-06-25 18:31:43 +02:00
ExecReload = [ "${pkgs.coreutils}/bin/kill -HUP $MAINPID" ];
2024-06-23 15:57:17 +02:00
User = "traque";
Group = "traque";
DynamicUser = true;
Restart = "on-failure";
RestartSec = 2;
LogsDirectory = "traque";
StateDirectory = "traque";
RuntimeDirectory = "traque";
};
};
};
users = {
users.traque = {
group = "traque";
isSystemUser = true;
};
groups.traque = { };
};
2024-06-01 16:26:08 +02:00
system.stateVersion = "23.11"; # Did you read the comment?
}