More configuration for docker containers

Fix gtk config
2024-06-22 20:12:23 -05:00 · 2024-06-22 20:11:29 -05:00
8 changed files with 84 additions and 11 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -2,8 +2,8 @@
  "nodes": {
    "currentSystem": {
      "locked": {
-        "lastModified": 1717721450,
+        "lastModified": 1718580560,
-        "narHash": "sha256-V2OISNdFOCaFrUjA6fLVe3HsZC9nn7vMjGfhKSHTRIk=",
+        "narHash": "sha256-M69Hx8goDX65ZC/F7ENITsGr3XYBCSsa4B+vDOnOGXs=",
        "path": "/etc/nixos/hostname",
        "type": "path"
      },
--- a/flake.nix
+++ b/flake.nix
@@ -147,20 +147,15 @@
            };
        };
-        configs.diphda = {
+        configs."diphda" = {
            system = "x86_64-linux";
            common.nixpkgs = "stable";
            openssh.enable = true;
            gui = {
                enable = false;
                sway.enable = false;
            };
            networking = {
                firewall = {
-                    allowedTCPPorts = [ 80 443 25565 24454 8089 ];
+                    allowedTCPPorts = [ 80 443 4533 7878 8096 8089 8902 8989 9000 9696 11112 24454 25565 25600 ];
                };
            };
        };
--- a/hosts/diphda/hardware-configuration.nix
+++ b/hosts/diphda/hardware-configuration.nix
@@ -37,6 +37,11 @@
      options = [ "fmask=0022" "dmask=0022" ];
    };
  fileSystems."/media" = 
  { device = "192.168.1.100:/volume1/Media";
    fsType = "nfs";
  };
  swapDevices = [ ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
--- a/hosts/diphda/mc-arcadia-backup.yaml
+++ b/hosts/diphda/mc-arcadia-backup.yaml
@@ -0,0 +1,19 @@
 source_directories:
    - /home/eesim/configs/mc-arcadia
 repositories:
    - path: ssh://fbv1440u@fbv1440u.repo.borgbase.com/./repo
      label: "Minecraft-Arcadia borgbase"
 exclude_if_present:
    - .nobackup
 compression: auto,zstd
 archive_name_format: '{hostname}-{now:%Y-%m-%d-%H%M%S}'
 encryption_passcommand: 'cat /run/secrets/mc-arcadia/repo_password'
 keep_hourly: 24
 keep_daily: 7
 keep_weekly: 4
 keep_monthly: 2
 keep_yearly: 1
--- a/hosts/diphda/system.nix
+++ b/hosts/diphda/system.nix
@@ -16,6 +16,60 @@
        };
    };
    sops = {
        defaultSopsFile = ../../secrets/diphda/secrets.yaml;
        age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
        secrets."mc-arcadia/repo_password" = {};
    };
    systemd.timers."mc-arcadia-backup" = {
        wantedBy = [ "timers.target" ];
        timerConfig = {
            OnCalendar = "*-*-* *:00:00";
            Persistent = true;
        };
    };
    systemd.services."mc-arcadia-backup" = {
        enable = true;
        preStart = ''
            ${pkgs.docker}/bin/docker exec mc-arcadia-mc-1 mc-send-to-console say Server backup starting in 5 minutes
            sleep 5m
        '';
        postStart = ''
            ${pkgs.docker}/bin/docker exec mc-arcadia-mc-1 mc-send-to-console say Server backup starting
        '';
        serviceConfig = {
            Type = "oneshot"; 
            User = "root";
            ExecStart = ''
                systemd-inhibit --who="borgmatic" \
                --why="Prevent interrupting scheduled backup" \
                ${pkgs.borgmatic}/bin/borgmatic -c /etc/nixos/hosts/diphda/mc-arcadia-backup.yaml --verbosity 1 --syslog-verbosity 1
                '';
        };
    };
    systemd.services."dl-manager" = {
        enable = true;
        after = [ "network.target" ];
        wantedBy = [ "multi-user.target" ];
        path = [ pkgs.bash pkgs.lftp ];
        serviceConfig = {
            Type = "simple";
            User = "eesim";
            WorkingDirectory = "/home/eesim/scripts";
            ExecStart = ''
                /home/eesim/scripts/dl_manager_tokio -vv \
                    -c /home/eesim/scripts/certs/fullchain.cer \
                    -k /home/eesim/scripts/certs/download.simmer505.com.key \
                    --script-dir /home/eesim/scripts/ \
                    0.0.0.0:11112
            '';
        };
    };
    # Use the systemd-boot EFI boot loader.
    boot.loader.systemd-boot.enable = true;
    boot.loader.efi.canTouchEfiVariables = true;
--- a/modules/home/gtk.nix
+++ b/modules/home/gtk.nix
@@ -6,7 +6,7 @@
 }:
 with lib; let
-    gui = systemConfig.gui;
+    gui = config.simmer.gui;
 in
 {
    config = {
--- a/modules/nix/gui.nix
+++ b/modules/nix/gui.nix
@@ -49,7 +49,7 @@ in
             fontconfig = {
                defaultFonts = {
-                    serif = [  "Noto Serif" "Noto Serif CJK JP" ];
+                    serif = [ "Noto Serif" "Noto Serif CJK JP" ];
                    sansSerif = [ "Noto Sans" "Noto Sans CJK JP" ];
                    monospace = [ "Ubuntu Mono" "Noto Sans Mono CJK JP" ];
                };
--- a/secrets/diphda/secrets.yaml
+++ b/secrets/diphda/secrets.yaml
Author	SHA1	Message	Date
Ethan Simmons	16fa1884e9	More configuration for docker containers	2024-06-22 20:12:23 -05:00
Ethan Simmons	55a9a835b9	Fix gtk config	2024-06-22 20:11:29 -05:00