diff --git a/machines/kat-mail-test/default.nix b/machines/kat-mail-test/default.nix index ca676e9..2c3dde1 100644 --- a/machines/kat-mail-test/default.nix +++ b/machines/kat-mail-test/default.nix @@ -98,7 +98,11 @@ in domains = [ host ]; loginAccounts = { - "user1@${host}" = { + "root@${host}" = { + catchAll = [ + host + ]; + aliases = builtins.genList (id: "user${toString id}@${host}") 10 ++ [ "moderators@${host}" ]; hashedPassword = "$2b$05$FoCVDECXYG0KXPigPuIZtuNFiviwSg8RuXx0FbnzC7ZRp.Mz8VWOe"; }; }; diff --git a/machines/kat-r86s/configuration.nix b/machines/kat-r86s/configuration.nix index 7083617..4fca8af 100644 --- a/machines/kat-r86s/configuration.nix +++ b/machines/kat-r86s/configuration.nix @@ -126,6 +126,10 @@ vm = "192.168.122.4"; sshport = 22001; }; + "test.traque.katvayor.net" = { + vm = "192.168.122.4"; + sshport = null; + }; }; in { @@ -141,6 +145,13 @@ locations."/" = { recommendedProxySettings = true; proxyPass = "https://${vm}/"; + extraConfig = '' + proxy_set_header Connection '''; + proxy_http_version 1.1; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + ''; }; } ) vhosts; @@ -149,7 +160,7 @@ lib.mapAttrsToList ( vhost: { vm, sshport }: - '' + lib.optionalString (!isNull sshport) '' server { listen ${toString sshport}; proxy_pass ${vm}:22; diff --git a/machines/kat-traque/configuration.nix b/machines/kat-traque/configuration.nix index 84b7f5b..81446a7 100644 --- a/machines/kat-traque/configuration.nix +++ b/machines/kat-traque/configuration.nix @@ -6,7 +6,9 @@ pkgs, ... }: - +let + traque-pkg = pkgs.callPackage ./traque-pkg.nix {}; +in { imports = [ ./hardware-configuration.nix @@ -80,5 +82,105 @@ networking.firewall.enable = false; + security.acme = { + acceptTerms = true; + defaults.email = "root@katvayor.net"; + }; + services.nginx = { + enable = true; + virtualHosts = { + "traque.katvayor.net" = { + enableACME = true; + addSSL = true; + locations = { + "/" = { + root = "${traque-pkg}/share/traque-webroot"; + tryFiles = "$uri $uri.html @backend"; + }; + "@backend" = { + recommendedProxySettings = true; + proxyPass = "http://localhost:8080"; + extraConfig = '' + error_page 502 =503 "/errors/503.html"; + proxy_set_header Connection '''; + proxy_http_version 1.1; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + ''; + }; + }; + }; + "test.traque.katvayor.net" = { + enableACME = true; + addSSL = true; + locations = { + "/" = { + root = "/traque/static"; + tryFiles = "$uri $uri.html @backend"; + }; + "@backend" = { + recommendedProxySettings = true; + proxyPass = "http://localhost:8000"; + extraConfig = '' + error_page 502 =503 "/errors/503.html"; + proxy_set_header Connection '''; + proxy_http_version 1.1; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + ''; + }; + }; + }; + }; + }; + systemd.services = { + traque = { + preStart = '' + cat < /var/lib/traque/Rocket.toml + [release] + port = 8080 + ident = "Traque backend" + template_dir = "${traque-pkg}/share/traque-templates" + + blurred_move = [0.0005, 0.0005] + bonus_timeout = 5000 + event_timeout = 100 + admin_token = "root" + serve_static = false + teams = [ + { id = "team00", name = "Équipe 00", vieux = false}, + { id = "team01", name = "Équipe 01", vieux = false}, + { id = "npc0", name = "PNJ 0", vieux = true}, + { id = "npc1", name = "PNJ 1", vieux = true}, + ] + EOF + ''; + serviceConfig = { + WorkingDirectory = "/var/lib/traque"; + ExecStart = "${traque-pkg}/bin/traque"; + ExecReload = [ + "${pkgs.coreutils}/bin/kill -HUP $MAINPID" + ]; + User = "traque"; + Group = "traque"; + DynamicUser = true; + Restart = "on-failure"; + RestartSec = 2; + LogsDirectory = "traque"; + StateDirectory = "traque"; + RuntimeDirectory = "traque"; + }; + }; + }; + users = { + users.traque = { + group = "traque"; + isSystemUser = true; + }; + groups.traque = { }; + }; + system.stateVersion = "23.11"; # Did you read the comment? } diff --git a/machines/kat-traque/traque-pkg.nix b/machines/kat-traque/traque-pkg.nix new file mode 100644 index 0000000..8242e0a --- /dev/null +++ b/machines/kat-traque/traque-pkg.nix @@ -0,0 +1,19 @@ +{ lib +, rustPlatform +}: + +rustPlatform.buildRustPackage rec { + pname = "traque"; + version = "0.2.4"; + + src = fetchTarball "https://git.dgnum.eu/lbailly/traque/archive/master.tar.gz"; + cargoLock = { + lockFile = "${src}/Cargo.lock"; + }; + + postInstall = '' + mkdir -p $out/share + cp -r static $out/share/traque-webroot + cp -r templates $out/share/traque-templates + ''; +} diff --git a/machines/kat-watcher/default.nix b/machines/kat-watcher/default.nix index 4999ef0..51b25c7 100644 --- a/machines/kat-watcher/default.nix +++ b/machines/kat-watcher/default.nix @@ -65,6 +65,7 @@ "degette.katvayor.net" = 22000; "traque.katvayor.net" = 22001; "betamail.katvayor.net" = 22002; + "test.traque.katvayor.net" = null; }; in { @@ -77,11 +78,18 @@ locations."/" = { recommendedProxySettings = true; proxyPass = "https://${kat-r86s}/"; + extraConfig = '' + proxy_set_header Connection '''; + proxy_http_version 1.1; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + ''; }; }) vhosts; streamConfig = builtins.concatStringsSep "\n" ( - lib.mapAttrsToList (vhost: sshport: '' + lib.mapAttrsToList (vhost: sshport: lib.optionalString (!isNull sshport) '' server { listen ${toString sshport}; proxy_pass ${kat-r86s}:${toString sshport};