2018-04-10 20:28:22 +02:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
let
|
2018-04-19 19:35:11 +02:00
|
|
|
domaine = "nyanlout.re";
|
2018-04-25 00:32:42 +02:00
|
|
|
|
2019-06-15 14:37:58 +02:00
|
|
|
sendMail = to: subject: message: pkgs.writeShellScriptBin "mail.sh" ''
|
|
|
|
${pkgs.system-sendmail}/bin/sendmail ${to} <<EOF
|
2019-06-07 11:57:12 +02:00
|
|
|
From: root@nyanlout.re
|
2019-06-15 14:37:58 +02:00
|
|
|
Subject: ${subject}
|
|
|
|
${message}
|
2019-06-07 11:57:12 +02:00
|
|
|
EOF
|
2019-06-15 14:37:58 +02:00
|
|
|
'';
|
|
|
|
|
|
|
|
login_mail_alert = pkgs.writeShellScriptBin "mail_alert.sh" ''
|
|
|
|
if [ "$PAM_TYPE" != "close_session" ]; then
|
2019-07-31 13:53:17 +02:00
|
|
|
${sendMail "paul@nyanlout.re" "SSH Login: $PAM_USER from $PAM_RHOST" "`env`"}/bin/mail.sh
|
2019-06-07 11:57:12 +02:00
|
|
|
fi
|
|
|
|
'';
|
2019-06-15 14:37:58 +02:00
|
|
|
|
|
|
|
backup_mail_alert = sendMail "paul@nyanlout.re" "ERREUR: Sauvegarde Borg" "Impossible de terminer la sauvegarde. Merci de voir les logs";
|
2018-04-10 20:28:22 +02:00
|
|
|
in
|
2018-04-01 15:04:49 +02:00
|
|
|
|
|
|
|
{
|
2018-04-11 22:09:44 +02:00
|
|
|
imports = [
|
2018-06-09 13:23:26 +02:00
|
|
|
../../services/mail-server.nix
|
2018-11-10 15:23:46 +01:00
|
|
|
../../services/python-ci.nix
|
2018-11-26 17:26:55 +01:00
|
|
|
../../services/sdtdserver.nix
|
2018-09-19 11:54:33 +02:00
|
|
|
../../containers/vsftpd.nix
|
2019-11-01 15:24:50 +01:00
|
|
|
# /mnt/secrets/factorio_secrets.nix
|
|
|
|
./monitoring.nix
|
|
|
|
./medias.nix
|
|
|
|
./web.nix
|
2018-04-11 22:09:44 +02:00
|
|
|
];
|
|
|
|
|
2018-09-04 14:05:06 +02:00
|
|
|
services = {
|
|
|
|
|
|
|
|
fail2ban.enable = true;
|
2018-04-03 21:13:18 +02:00
|
|
|
|
2018-09-04 14:05:06 +02:00
|
|
|
fstrim.enable = true;
|
|
|
|
|
|
|
|
mailserver = {
|
|
|
|
enable = true;
|
|
|
|
domaine = domaine;
|
|
|
|
};
|
2018-04-01 15:17:44 +02:00
|
|
|
|
2018-09-04 14:05:06 +02:00
|
|
|
syncthing = {
|
|
|
|
enable = true;
|
|
|
|
dataDir = "/var/lib/syncthing";
|
|
|
|
openDefaultPorts = true;
|
2018-04-19 20:17:48 +02:00
|
|
|
};
|
|
|
|
|
2018-09-04 14:05:06 +02:00
|
|
|
nfs.server = {
|
|
|
|
enable = true;
|
|
|
|
exports = ''
|
2019-05-01 23:06:17 +02:00
|
|
|
/mnt/medias 10.30.0.0/16(ro,no_root_squash)
|
2019-10-22 00:34:08 +02:00
|
|
|
/var/lib/minecraft 10.30.0.0/16(rw,no_root_squash)
|
2018-09-04 14:05:06 +02:00
|
|
|
'';
|
|
|
|
statdPort = 4000;
|
|
|
|
lockdPort = 4001;
|
|
|
|
mountdPort = 4002;
|
2018-04-22 00:01:25 +02:00
|
|
|
};
|
|
|
|
|
2018-09-04 14:05:06 +02:00
|
|
|
matrix-synapse = {
|
|
|
|
enable = true;
|
|
|
|
enable_registration = true;
|
|
|
|
server_name = "nyanlout.re";
|
|
|
|
listeners = [
|
|
|
|
{ # federation
|
|
|
|
bind_address = "";
|
|
|
|
port = 8448;
|
|
|
|
resources = [
|
|
|
|
{ compress = true; names = [ "client" "webclient" ]; }
|
|
|
|
{ compress = false; names = [ "federation" ]; }
|
|
|
|
];
|
|
|
|
tls = true;
|
|
|
|
type = "http";
|
|
|
|
x_forwarded = false;
|
|
|
|
}
|
|
|
|
{ # client
|
|
|
|
bind_address = "127.0.0.1";
|
|
|
|
port = 8008;
|
|
|
|
resources = [
|
|
|
|
{ compress = true; names = [ "client" "webclient" ]; }
|
|
|
|
];
|
|
|
|
tls = false;
|
|
|
|
type = "http";
|
|
|
|
x_forwarded = true;
|
|
|
|
}
|
|
|
|
];
|
2019-02-27 13:31:43 +01:00
|
|
|
max_upload_size = "100M";
|
2018-09-04 14:05:06 +02:00
|
|
|
database_type = "psycopg2";
|
|
|
|
database_args = {
|
|
|
|
database = "matrix-synapse";
|
2018-05-27 18:41:47 +02:00
|
|
|
};
|
2019-02-12 11:15:01 +01:00
|
|
|
tls_private_key_path = "/var/lib/acme/${domaine}/key.pem";
|
|
|
|
tls_certificate_path = "/var/lib/acme/${domaine}/fullchain.pem";
|
2019-02-27 13:31:43 +01:00
|
|
|
url_preview_enabled = true;
|
2018-09-04 14:05:06 +02:00
|
|
|
logConfig = ''
|
|
|
|
version: 1
|
|
|
|
|
|
|
|
formatters:
|
|
|
|
journal_fmt:
|
|
|
|
format: '%(name)s: [%(request)s] %(message)s'
|
|
|
|
|
|
|
|
filters:
|
|
|
|
context:
|
|
|
|
(): synapse.util.logcontext.LoggingContextFilter
|
|
|
|
request: ""
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
journal:
|
|
|
|
class: systemd.journal.JournalHandler
|
|
|
|
formatter: journal_fmt
|
|
|
|
filters: [context]
|
|
|
|
SYSLOG_IDENTIFIER: synapse
|
|
|
|
|
|
|
|
root:
|
|
|
|
level: WARNING
|
|
|
|
handlers: [journal]
|
|
|
|
|
|
|
|
disable_existing_loggers: False
|
2018-05-27 18:41:47 +02:00
|
|
|
'';
|
2019-10-04 22:32:59 +02:00
|
|
|
app_service_config_files = [
|
|
|
|
"/var/lib/matrix-synapse/mautrix-telegram-registration.yaml"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
mautrix-telegram = {
|
|
|
|
enable = true;
|
|
|
|
settings = {
|
|
|
|
homeserver = {
|
|
|
|
address = "https://matrix.nyanlout.re";
|
|
|
|
domain = "nyanlout.re";
|
|
|
|
};
|
|
|
|
appservice = {
|
|
|
|
bot_username = "loutrebot";
|
|
|
|
};
|
|
|
|
bridge = {
|
|
|
|
relaybot.authless_portals = false;
|
|
|
|
permissions = {
|
|
|
|
"@nyanloutre:nyanlout.re" = "admin";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
environmentFile = "/mnt/secrets/mautrix-telegram.env";
|
|
|
|
serviceDependencies = [ "matrix-synapse.service" ];
|
2018-05-27 18:41:47 +02:00
|
|
|
};
|
|
|
|
|
2018-09-04 14:05:06 +02:00
|
|
|
borgbackup.jobs = {
|
|
|
|
loutre = {
|
|
|
|
paths = [
|
|
|
|
"/var/certs"
|
|
|
|
"/var/dkim"
|
2019-06-15 14:36:14 +02:00
|
|
|
"/var/lib/jellyfin"
|
2018-09-04 14:05:06 +02:00
|
|
|
"/var/lib/gitea"
|
|
|
|
"/var/lib/grafana"
|
|
|
|
"/var/lib/jackett"
|
2019-02-27 13:32:25 +01:00
|
|
|
"/var/lib/matrix-synapse"
|
2018-09-04 14:05:06 +02:00
|
|
|
"/var/lib/postgresql/.zfs/snapshot/borgsnap"
|
|
|
|
"/var/lib/radarr"
|
|
|
|
"/var/lib/sonarr"
|
|
|
|
"/var/lib/syncthing"
|
|
|
|
"/var/lib/transmission"
|
|
|
|
"/mnt/medias/musique"
|
|
|
|
"/mnt/medias/torrent/lidarr"
|
|
|
|
"/mnt/medias/torrent/musique"
|
|
|
|
"/var/sieve"
|
|
|
|
"/var/vmail"
|
|
|
|
];
|
|
|
|
repo = "/mnt/backup/borg";
|
|
|
|
encryption = {
|
|
|
|
mode = "repokey-blake2";
|
|
|
|
passCommand = "cat /mnt/secrets/borgbackup_loutre_encryption_pass";
|
|
|
|
};
|
|
|
|
startAt = "weekly";
|
|
|
|
prune.keep = {
|
|
|
|
within = "1d";
|
|
|
|
weekly = 4;
|
|
|
|
monthly = 12;
|
|
|
|
};
|
|
|
|
preHook = "${pkgs.zfs}/bin/zfs snapshot loutrepool/var/postgresql@borgsnap";
|
|
|
|
postHook = ''
|
|
|
|
${pkgs.zfs}/bin/zfs destroy loutrepool/var/postgresql@borgsnap
|
|
|
|
if [[ $exitStatus == 0 ]]; then
|
2019-01-22 11:03:15 +01:00
|
|
|
${pkgs.rclone}/bin/rclone --config /mnt/secrets/rclone_loutre.conf sync -v $BORG_REPO BackupStorage:loutre
|
2019-06-15 14:37:58 +02:00
|
|
|
else
|
|
|
|
${backup_mail_alert}/bin/mail.sh
|
2018-09-04 14:05:06 +02:00
|
|
|
fi
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
2018-06-05 14:04:36 +02:00
|
|
|
|
2018-09-04 14:05:06 +02:00
|
|
|
borgbackup.repos = {
|
|
|
|
diskstation = {
|
|
|
|
authorizedKeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDllbxON66dBju7sMnhX8/E0VRo3+PDYvDsHP0/FK+h8JHol4+pouLmI7KIDKYOJmSuom283OqnyZOMqk+RShTwWIFm9hOd2R9aj45Zrd9jPW2APOCec/Epgogj0bwBnc0l2v6qxkxaBMgL5DnAQ+E00uvL1UQpK8c8j4GGiPlkWJD6Kf+pxmnfH1TIm+J2XCwl0oeCkSK/Frd8eM+wCraMSzoaGiEcfMz2jK8hxDWjDxX7epU0ELF22BVCuyN8cYRoFTnV88E38PlaqsOqD5ePkxk425gDh7j/C06f8QKgnasVH2diixo92kYSd7i/RmfeXDDwAD5xqUvODczEuIdt root@DiskStation" ];
|
|
|
|
path = "/mnt/backup_loutre/diskstation_borg";
|
|
|
|
user = "synology";
|
|
|
|
};
|
|
|
|
};
|
2018-06-26 14:13:45 +02:00
|
|
|
|
2019-01-22 11:03:32 +01:00
|
|
|
sdtdserver.enable = false;
|
2019-01-03 10:04:35 +01:00
|
|
|
|
|
|
|
factorio = {
|
2019-11-01 15:24:50 +01:00
|
|
|
enable = false;
|
2019-01-03 10:04:35 +01:00
|
|
|
autosave-interval = 10;
|
|
|
|
game-name = "Shame";
|
|
|
|
public = true;
|
|
|
|
username = "nyanloutre";
|
|
|
|
};
|
2019-01-24 09:53:21 +01:00
|
|
|
|
2019-10-04 22:31:43 +02:00
|
|
|
minecraft-server = {
|
2019-10-22 00:34:08 +02:00
|
|
|
enable = false;
|
2019-10-04 22:31:43 +02:00
|
|
|
jvmOpts = "-Xms512m -Xmx3072m";
|
|
|
|
eula = true;
|
|
|
|
declarative = true;
|
|
|
|
openFirewall = true;
|
|
|
|
whitelist = {
|
|
|
|
nyanloutre = "db0669ea-e332-4ca3-8d50-f5d1458f5822";
|
|
|
|
Hautension = "f05677f4-be5a-47df-ad77-21c739180aa2";
|
|
|
|
LordDarkKiwi = "79290cfc-0b00-484f-9c94-ab0786402de6";
|
|
|
|
Madahin = "f5f747e3-fac2-43e8-9b9b-a67dc2f368ff";
|
|
|
|
Hopegcx = "4497f759-2210-48db-8764-307d33011442";
|
|
|
|
wyrd68 = "127a3021-cdc1-419f-9010-4651df9ae3af";
|
|
|
|
sparsyateloutre = "d2ff63c1-4e9f-4b21-9bfc-decce5d987b3";
|
|
|
|
};
|
|
|
|
serverProperties = {
|
|
|
|
difficulty = 2;
|
|
|
|
gamemode = 0;
|
|
|
|
max-players = 50;
|
|
|
|
motd = "Hi Mark !";
|
|
|
|
white-list = true;
|
|
|
|
};
|
|
|
|
};
|
2020-08-30 21:15:31 +02:00
|
|
|
|
|
|
|
kresd = {
|
|
|
|
enable = true;
|
|
|
|
};
|
2020-08-30 21:16:41 +02:00
|
|
|
|
|
|
|
home-assistant = {
|
|
|
|
enable = true;
|
|
|
|
config = {
|
2020-09-11 02:02:36 +02:00
|
|
|
homeassistant = {
|
|
|
|
elevation = 143;
|
|
|
|
};
|
|
|
|
influxdb = null;
|
|
|
|
config = null;
|
2020-11-29 12:52:41 +01:00
|
|
|
frontend.themes = "!include ${pkgs.fetchurl {
|
|
|
|
url = "https://raw.githubusercontent.com/bbbenji/synthwave-hass/0.3.3.1/themes/synthwave.yaml";
|
|
|
|
sha256 = "1n2yhk98cf778z7fdl5bswljhj45nv6bld191rxw7q6ckp235q4h";
|
|
|
|
}}";
|
2020-09-11 02:02:36 +02:00
|
|
|
history = null;
|
|
|
|
logbook = null;
|
|
|
|
map = null;
|
|
|
|
mobile_app = null;
|
|
|
|
person = null;
|
|
|
|
script = null;
|
|
|
|
sun = null;
|
|
|
|
system_health = null;
|
2020-08-30 21:16:41 +02:00
|
|
|
yeelight.devices = {
|
|
|
|
"10.40.249.0".name = "Chambre";
|
|
|
|
"10.40.249.1".name = "Bureau";
|
|
|
|
"10.40.249.2".name = "Cuisine";
|
|
|
|
};
|
2020-09-11 02:02:36 +02:00
|
|
|
esphome = null;
|
2020-08-30 21:16:41 +02:00
|
|
|
light = [
|
|
|
|
{
|
|
|
|
platform = "group";
|
|
|
|
name = "Salon";
|
|
|
|
entities = [
|
|
|
|
"light.bureau"
|
|
|
|
"light.cuisine"
|
|
|
|
];
|
|
|
|
}
|
|
|
|
];
|
|
|
|
media_player = [
|
|
|
|
{
|
|
|
|
platform = "squeezebox";
|
|
|
|
host = "10.30.0.1";
|
|
|
|
}
|
|
|
|
];
|
2020-09-11 02:02:36 +02:00
|
|
|
tplink.switch = [
|
|
|
|
{ host = "10.30.50.7"; }
|
|
|
|
];
|
|
|
|
sensor = [
|
|
|
|
{
|
|
|
|
platform = "template";
|
|
|
|
sensors = {
|
|
|
|
serveur_amps = {
|
|
|
|
friendly_name_template = "{{ states.switch.serveur.name}} Current";
|
|
|
|
value_template = ''{{ states.switch.serveur.attributes["current_a"] | float }}'';
|
|
|
|
unit_of_measurement = "A";
|
|
|
|
};
|
|
|
|
serveur_watts = {
|
|
|
|
friendly_name_template = "{{ states.switch.serveur.name}} Current Consumption";
|
|
|
|
value_template = ''{{ states.switch.serveur.attributes["current_power_w"] | float }}'';
|
|
|
|
unit_of_measurement = "W";
|
|
|
|
};
|
|
|
|
serveur_total_kwh = {
|
|
|
|
friendly_name_template = "{{ states.switch.serveur.name}} Total Consumption";
|
|
|
|
value_template = ''{{ states.switch.serveur.attributes["total_energy_kwh"] | float }}'';
|
|
|
|
unit_of_measurement = "kWh";
|
|
|
|
};
|
|
|
|
serveur_volts = {
|
|
|
|
friendly_name_template = "{{ states.switch.serveur.name}} Voltage";
|
|
|
|
value_template = ''{{ states.switch.serveur.attributes["voltage"] | float }}'';
|
|
|
|
unit_of_measurement = "V";
|
|
|
|
};
|
|
|
|
serveur_today_kwh = {
|
|
|
|
friendly_name_template = "{{ states.switch.serveur.name}} Today's Consumption";
|
|
|
|
value_template = ''{{ states.switch.serveur.attributes["today_energy_kwh"] | float }}'';
|
|
|
|
unit_of_measurement = "kWh";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|
|
|
|
];
|
2020-08-30 21:16:41 +02:00
|
|
|
switch = [
|
|
|
|
{
|
|
|
|
platform = "wake_on_lan";
|
|
|
|
name = "PC Fixe";
|
|
|
|
mac = "b4:2e:99:ed:24:26";
|
|
|
|
host = "10.30.135.71";
|
|
|
|
broadcast_address = "10.30.255.255";
|
|
|
|
}
|
|
|
|
];
|
2020-11-29 12:52:41 +01:00
|
|
|
device_tracker = [
|
|
|
|
{
|
|
|
|
platform = "ping";
|
|
|
|
hosts = { telephone_paul = "10.30.50.2"; };
|
|
|
|
}
|
|
|
|
];
|
2020-09-11 02:02:36 +02:00
|
|
|
scene = [
|
|
|
|
{
|
|
|
|
name = "Movie";
|
|
|
|
icon = "mdi:movie-open";
|
|
|
|
entities = {
|
|
|
|
"light.salon" = {
|
|
|
|
state = "on";
|
|
|
|
xy_color = [0.299 0.115];
|
|
|
|
brightness = 50;
|
|
|
|
};
|
|
|
|
"light.bande_led_tv" = {
|
|
|
|
state = "on";
|
|
|
|
effect = "Movie";
|
|
|
|
brightness = 180;
|
|
|
|
};
|
|
|
|
"light.bande_led_bureau" = {
|
|
|
|
state = "on";
|
|
|
|
xy_color = [0.299 0.115];
|
|
|
|
brightness = 130;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|
|
|
|
{
|
|
|
|
name = "Home";
|
|
|
|
icon = "mdi:home";
|
|
|
|
entities = {
|
|
|
|
"light.salon" = {
|
|
|
|
state = "on";
|
|
|
|
kelvin = 2700;
|
|
|
|
brightness = 255;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|
|
|
|
{
|
|
|
|
name = "Night";
|
|
|
|
icon = "mdi:weather-night";
|
|
|
|
entities = {
|
|
|
|
"light.salon" = {
|
|
|
|
state = "off";
|
|
|
|
};
|
|
|
|
"light.bande_led_tv" = {
|
|
|
|
state = "off";
|
|
|
|
};
|
|
|
|
"light.bande_led_bureau" = {
|
|
|
|
state = "off";
|
|
|
|
};
|
|
|
|
"light.chambre" = {
|
|
|
|
state = "on";
|
|
|
|
kelvin = 1900;
|
|
|
|
brightness = 50;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|
|
|
|
];
|
|
|
|
automation = let
|
|
|
|
min_sun_elevation = 4;
|
|
|
|
in [
|
2020-08-30 21:16:41 +02:00
|
|
|
{
|
|
|
|
alias = "Aziz lumière";
|
|
|
|
trigger = [
|
|
|
|
{
|
2020-09-11 02:02:36 +02:00
|
|
|
platform = "numeric_state";
|
|
|
|
entity_id = "sun.sun";
|
|
|
|
value_template = "{{ state.attributes.elevation }}";
|
|
|
|
below = min_sun_elevation;
|
2020-08-30 21:16:41 +02:00
|
|
|
}
|
|
|
|
{
|
|
|
|
platform = "state";
|
|
|
|
entity_id = "person.paul";
|
|
|
|
to = "home";
|
|
|
|
}
|
|
|
|
];
|
|
|
|
condition = [
|
|
|
|
{
|
|
|
|
condition = "state";
|
|
|
|
entity_id = "person.paul";
|
|
|
|
state = "home";
|
|
|
|
}
|
2020-11-29 12:52:41 +01:00
|
|
|
# Sun below max elevation
|
2020-08-30 21:16:41 +02:00
|
|
|
{
|
2020-09-11 02:02:36 +02:00
|
|
|
condition = "template";
|
|
|
|
value_template = "{{ state_attr('sun.sun', 'elevation') < ${toString min_sun_elevation} }}";
|
2020-08-30 21:16:41 +02:00
|
|
|
}
|
2020-11-29 12:52:41 +01:00
|
|
|
# All lights off
|
|
|
|
{
|
|
|
|
condition = "template";
|
|
|
|
value_template = ''
|
|
|
|
{% set domain = 'light' %}
|
|
|
|
{% set state = 'off' %}
|
|
|
|
{{ states[domain] | count == states[domain] | selectattr('state','eq', state) | list | count }}
|
|
|
|
'';
|
|
|
|
}
|
2020-08-30 21:16:41 +02:00
|
|
|
];
|
|
|
|
action = {
|
2020-09-11 02:02:36 +02:00
|
|
|
scene = "scene.home";
|
2020-08-30 21:16:41 +02:00
|
|
|
};
|
|
|
|
}
|
|
|
|
{
|
|
|
|
alias = "Adios";
|
|
|
|
trigger = {
|
|
|
|
platform = "state";
|
|
|
|
entity_id = "person.paul";
|
|
|
|
to = "not_home";
|
|
|
|
};
|
|
|
|
action = [
|
|
|
|
{
|
|
|
|
service = "light.turn_off";
|
|
|
|
entity_id = "all";
|
|
|
|
}
|
|
|
|
{
|
2020-11-29 12:52:41 +01:00
|
|
|
service = "media_player.turn_off";
|
2020-08-30 21:16:41 +02:00
|
|
|
entity_id = "all";
|
|
|
|
}
|
|
|
|
];
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
2018-09-04 14:05:06 +02:00
|
|
|
};
|
2018-05-10 19:00:14 +02:00
|
|
|
|
2020-08-30 21:08:35 +02:00
|
|
|
systemd.services.dogetipbot-telegram = let
|
|
|
|
dogetipbot-telegram = pkgs.callPackage (pkgs.fetchgit {
|
|
|
|
url = "https://gitlab.com/nyanloutre/dogetipbot-telegram.git";
|
|
|
|
rev = "18c875a2e4b98221523818515a1eecb9c5aeb093";
|
|
|
|
sha256 = "0mhv00y1c2py425wxl13if6nlv97xk5k6flf772jj1yaxipjdmpn";
|
|
|
|
}) { inherit pkgs; };
|
|
|
|
in {
|
2018-06-28 20:52:31 +02:00
|
|
|
after = [ "network.target" ];
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
2020-08-30 21:08:35 +02:00
|
|
|
script = "${dogetipbot-telegram}/bin/dogetipbot-telegram --db-path $STATE_DIRECTORY/users.db";
|
2018-06-28 20:52:31 +02:00
|
|
|
enable = true;
|
|
|
|
serviceConfig = {
|
2018-08-28 15:30:39 +02:00
|
|
|
EnvironmentFile = "/mnt/secrets/dogetipbot-telegram_env";
|
2019-01-22 11:01:25 +01:00
|
|
|
DynamicUser = true;
|
2020-08-30 21:08:35 +02:00
|
|
|
StateDirectory = "dogetipbot";
|
2018-06-28 20:52:31 +02:00
|
|
|
};
|
|
|
|
};
|
2018-09-04 14:05:06 +02:00
|
|
|
|
2020-03-02 22:38:36 +01:00
|
|
|
# systemd.services.minecraft-overviewer =
|
|
|
|
# let
|
|
|
|
# clientJar = pkgs.fetchurl {
|
|
|
|
# url = "https://overviewer.org/textures/1.14";
|
|
|
|
# sha256 = "0fij9wac7vj6h0kd3mfhqpn0w9gl8pbs9vs9s085zajm0szpr44k";
|
|
|
|
# name = "client.jar";
|
|
|
|
# };
|
|
|
|
# configFile = pkgs.runCommand "overviewer-config" { CLIENT_JAR = clientJar; } ''
|
|
|
|
# substitute ${./config-overviewer.py} $out \
|
|
|
|
# --subst-var CLIENT_JAR
|
|
|
|
# '';
|
|
|
|
# in
|
|
|
|
# {
|
|
|
|
# script = ''
|
|
|
|
# ${pkgs.minecraft-overviewer}/bin/overviewer.py --config ${configFile}
|
|
|
|
# ${pkgs.minecraft-overviewer}/bin/overviewer.py --config ${configFile} --genpoi
|
|
|
|
# rm /var/www/minecraft-overviewer/progress.json
|
|
|
|
# '';
|
|
|
|
# serviceConfig = {
|
|
|
|
# User = "nginx";
|
|
|
|
# Group = "nginx";
|
|
|
|
# };
|
|
|
|
# };
|
|
|
|
|
|
|
|
# systemd.timers.minecraft-overviewer = {
|
|
|
|
# wantedBy = [ "multi-user.target" ];
|
|
|
|
# timerConfig = {
|
|
|
|
# OnCalendar = "*-*-* 04:00:00";
|
|
|
|
# };
|
|
|
|
# };
|
2018-06-28 20:52:31 +02:00
|
|
|
|
2020-03-02 22:40:01 +01:00
|
|
|
# systemd.packages = with pkgs; [
|
|
|
|
# tgt
|
|
|
|
# ];
|
|
|
|
|
|
|
|
# environment.etc."tgt/targets.conf".text = ''
|
|
|
|
# <target iqn.2019-11.nyanlout.re:steam>
|
|
|
|
# backing-store /dev/zvol/loutrepool/steam-lun
|
|
|
|
# initiator-address 10.30.50.3
|
|
|
|
# </target>
|
|
|
|
# '';
|
2019-11-21 02:11:59 +01:00
|
|
|
|
2020-04-16 08:56:01 +02:00
|
|
|
users.groups.nginx.members = [ "matrix-synapse" ];
|
2019-02-12 11:15:01 +01:00
|
|
|
|
2019-11-01 15:24:50 +01:00
|
|
|
security.pam.services.sshd.text = pkgs.lib.mkDefault( pkgs.lib.mkAfter "session optional ${pkgs.pam}/lib/security/pam_exec.so seteuid ${login_mail_alert}/bin/mail_alert.sh" );
|
2018-09-04 14:05:06 +02:00
|
|
|
|
2018-09-16 16:28:47 +02:00
|
|
|
networking = {
|
|
|
|
wireguard.interfaces = {
|
|
|
|
wg0 = {
|
|
|
|
ips = [ "192.168.20.1/24" ];
|
|
|
|
privateKeyFile = "/mnt/secrets/wireguard/wg0.privatekey";
|
|
|
|
listenPort = 51820;
|
2019-10-04 22:34:13 +02:00
|
|
|
allowedIPsAsRoutes = true;
|
2018-09-16 16:28:47 +02:00
|
|
|
peers = [
|
|
|
|
{
|
2019-10-04 22:34:13 +02:00
|
|
|
allowedIPs = [ "192.168.20.2/32" ];
|
2018-09-16 16:28:47 +02:00
|
|
|
publicKey = "b/SXiqo+GPdNOc54lyEVeUBc6B5AbVMKh+g5EZPGzlE=";
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2019-10-04 22:34:13 +02:00
|
|
|
nat.internalInterfaces = [ "wg0" ];
|
|
|
|
nat.internalIPs = [ "192.168.20.0/24" ];
|
|
|
|
|
2019-11-21 02:11:59 +01:00
|
|
|
firewall.interfaces.eno2.allowedTCPPorts = [
|
|
|
|
3260
|
|
|
|
];
|
|
|
|
|
2018-09-16 16:28:47 +02:00
|
|
|
firewall.allowedTCPPorts = [
|
|
|
|
8448 # Matrix federation
|
|
|
|
20 21 # FTP
|
|
|
|
];
|
|
|
|
|
|
|
|
firewall.allowedTCPPortRanges = [
|
|
|
|
{ from = 64000; to = 65535; } # FTP
|
|
|
|
];
|
|
|
|
|
|
|
|
firewall.allowedUDPPorts = [
|
2019-11-01 15:24:50 +01:00
|
|
|
config.networking.wireguard.interfaces.wg0.listenPort
|
2018-09-16 16:28:47 +02:00
|
|
|
];
|
|
|
|
};
|
2018-04-01 15:04:49 +02:00
|
|
|
}
|