diff options
author | Kjetil Orbekk <kj@orbekk.com> | 2023-12-09 13:49:23 -0500 |
---|---|---|
committer | Kjetil Orbekk <kj@orbekk.com> | 2023-12-09 13:58:57 -0500 |
commit | 0f7e06553348894ca6f2004d3dc57dd737c35e50 (patch) | |
tree | 26d3b953c3e4b9faed8933240a2c91843c727074 /modules | |
parent | 5b006b278e8ebbcd08a089c28e754c8618d67f50 (diff) |
update
Diffstat (limited to 'modules')
-rw-r--r-- | modules/bridge.nix | 71 | ||||
-rw-r--r-- | modules/common.nix | 1 | ||||
-rw-r--r-- | modules/desktop.nix | 6 | ||||
-rw-r--r-- | modules/gaming.nix | 192 | ||||
-rw-r--r-- | modules/nextcloud.nix | 3 | ||||
-rw-r--r-- | modules/users.nix | 12 |
6 files changed, 10 insertions, 275 deletions
diff --git a/modules/bridge.nix b/modules/bridge.nix deleted file mode 100644 index eb2a0c0..0000000 --- a/modules/bridge.nix +++ /dev/null @@ -1,71 +0,0 @@ -{ config, lib, pkgs, ... }: -let cfg = config.orbekk.bridge; -in with lib; { - options = { - orbekk.bridge = { - enable = mkEnableOption "Enable bridge service"; - - port = lib.mkOption { - type = lib.types.port; - default = (import ../data/aliases.nix).services.bridge_nightly.port; - description = "bridge local port"; - }; - }; - }; - - config = mkIf cfg.enable { - age.secrets.bridge-nightly.file = ./. + "/../secrets/bridge-nightly.age"; - - systemd.services.bridge-nightly = { - description = "Bridge Nightly backend"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - - environment = { - BIND_ADDRESS = "[::]:${toString cfg.port}"; - RUST_BACKTRACE = "1"; - AUTHENTICATOR = "oauth"; - OPENID_ISSUER_URL = "https://auth.orbekk.com/realms/test"; - OPENID_CLIENT_ID = "test-client"; - OPENID_CLIENT_SECRET = "secret"; - APP_URL = "https://bridge.orbekk.com"; - DATABASE_URL = "postgres:///bridge_nightly"; - RUST_LOG = "info"; - }; - - serviceConfig = { - User = "bridge_nightly"; - Group = "bridge_nightly"; - EnvironmentFile = config.age.secrets.bridge-nightly.path; - ExecStart = "/opt/bridge-nightly/profile/bin/server"; - }; - }; - - services.nginx.virtualHosts."bridge.orbekk.com" = { - enableACME = true; - forceSSL = true; - root = "/opt/bridge-nightly/profile"; - locations."/api".proxyPass = "http://localhost:${toString cfg.port}"; - extraConfig = '' - # Single-page application setup. - # First attempt to serve request as file, then - # as directory, then fall back to redirecting to index.html - try_files $uri $uri/ $uri.html /index.html; - ''; - }; - - services.postgresql = { - enable = true; - enableTCPIP = true; - authentication = '' - host all all 2001:470:8e2e:1000::/64 md5 - host all all 2001:470:8e2e:100::/64 md5 - ''; - ensureDatabases = [ "bridge_nightly" ]; - ensureUsers = [{ - name = "bridge_nightly"; - ensurePermissions."DATABASE bridge_nightly" = "ALL PRIVILEGES"; - }]; - }; - }; -} diff --git a/modules/common.nix b/modules/common.nix index 8ae3b06..cca04b3 100644 --- a/modules/common.nix +++ b/modules/common.nix @@ -62,7 +62,6 @@ #emacs emacs-pgtk #pkgs.unstable.emacsNativeComp - exa fd fzf git diff --git a/modules/desktop.nix b/modules/desktop.nix index a6f54b7..83d6476 100644 --- a/modules/desktop.nix +++ b/modules/desktop.nix @@ -71,8 +71,8 @@ in { }; fonts = { - enableDefaultFonts = true; - fonts = with pkgs; [ + enableDefaultPackages = true; + packages = with pkgs; [ fira-code dejavu_fonts jetbrains-mono @@ -89,7 +89,7 @@ in { }; programs.firefox.enable = true; - programs.firefox.nativeMessagingHosts.tridactyl = true; + programs.firefox.nativeMessagingHosts.packages = [ pkgs.tridactyl-native ]; environment.systemPackages = with pkgs; [ # Wayland packages diff --git a/modules/gaming.nix b/modules/gaming.nix index dc881d7..4ec92f0 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -13,190 +13,6 @@ in { }; config = lib.mkIf cfg.enable { - nixpkgs.overlays = [ - # (final: prev: { - # steamPackages = pkgs'.steamPackages; - # steam = pkgs'.steam.override { - # # nativeOnly = true; - # withJava = true; - # extraPkgs = p: - # with pkgs'; - # let - # xorgdeps = with xorg; [ - # libX11 - # libXrender - # libXrandr - # libxcb - # libXmu - # libpthreadstubs - # libXext - # libXdmcp - # libXxf86vm - # libXinerama - # libSM - # libXv - # libXaw - # libXi - # libXcursor - # libXcomposite - # ]; - # qt5Deps = with pkgs.qt5; [ qtbase qtmultimedia ]; - # gnome3Deps = with pkgs; [ - # gnome3.zenity - # gtksourceview - # gnome3.gnome-desktop - # gnome3.libgnome-keyring - # webkitgtk - # ]; - # in [ - # samba - # tdb - # glib-networking - # libxkbcommon - # fluidsynth - # hidapi - # mesa - # libdrm - # perl - # which - # p7zip - # gnused - # gnugrep - # psmisc - # opencl-headers - # cups - # lcms2 - # mpg123 - # cairo - # unixODBC - # samba4 - # sane-backends - # openldap - # ocl-icd - # utillinux - # fribidi - # libnghttp2 - # openssl - # openldap - # xorg.xrandr - # xorg.xinput - # gnome3.gtk - # zlib - # dbus - # freetype - # glib - # atk - # cairo - # gdk_pixbuf - # pango - # fontconfig - # xorg.libxcb - - # # libkrb5 - # nss - # qt4 - # qt514.full - # libjack2 - # jack2 - # jack2Full - # jack_capture - # libidn2 - # rtmpdump - # libpsl - - # # Common - # libsndfile - # libtheora - # libogg - # libvorbis - # libopus - # libGLU - # libpcap - # libpulseaudio - # libao - # libevdev - # udev - # libgcrypt - # libxml2 - # libusb-compat-0_1 - # libpng - # libmpeg2 - # libv4l - # libjpeg - # libxkbcommon - # libass - # libcdio - # libjack2 - # libsamplerate - # libzip - # libmad - # libaio - # libcap - # libtiff - # libva - # libgphoto2 - # libxslt - # libsndfile - # giflib - # zlib - # glib - # alsaLib - # zziplib - # bash - # dbus - # keyutils - # zip - # cabextract - # freetype - # unzip - # coreutils - # readline - # gcc - # SDL - # SDL2 - # curl - # graphite2 - # gtk2 - # gtk3 - # udev - # ncurses - # wayland - # libglvnd - # vulkan-loader - # xdg-utils - # sqlite - # gnutls - # p11-kit - # libbsd - # harfbuzz - - # # PCSX15 // TODO: "libgobject12.15.so.16: wrong ELF class: ELFCLASS81" - - # # WINE - # cups - # lcms2 - # mpg123 - # cairo - # unixODBC - # samba4 - # sane-backends - # openldap - # ocl-icd - # util-linux - # libkrb5 - - # # Proton - # libselinux - - # # Winetricks - # fribidi - # ] ++ xorgdeps ++ qt5Deps ++ gnome3Deps; - - # }; - # }) - ]; - - # nixpkgs.config.allowBroken = true; nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "steam" @@ -207,8 +23,12 @@ in { ]; services.flatpak.enable = true; - - programs.steam.enable = true; + programs.steam = { + enable = true; + remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play + dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server + }; + hardware.opengl.driSupport32Bit = true; # Enables support for 32bit libs that steam uses hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; hardware.steam-hardware.enable = true; diff --git a/modules/nextcloud.nix b/modules/nextcloud.nix index 50e2e4e..c927490 100644 --- a/modules/nextcloud.nix +++ b/modules/nextcloud.nix @@ -15,7 +15,6 @@ in package = pkgs.nextcloud27; hostName = "nextcloud.orbekk.com"; home = "/storage/nextcloud"; - enableBrokenCiphersForSSE = false; config = { dbtype = "pgsql"; dbuser = "nextcloud"; @@ -34,7 +33,7 @@ in ensureDatabases = [ "nextcloud" ]; ensureUsers = [ { name = "nextcloud"; - ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES"; + ensureDBOwnership = true; } ]; }; diff --git a/modules/users.nix b/modules/users.nix index 07bfcf8..df0e567 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -116,16 +116,6 @@ in { home = "/var/lib/hledger-web"; group = "hledger"; }; - bridge = { - group = "bridge"; - createHome = false; - isNormalUser = true; - }; - bridge_nightly = { - group = "bridge_nightly"; - createHome = false; - isSystemUser = true; - }; }; extraGroups = { fcgi = { @@ -153,8 +143,6 @@ in { gid = 505; }; readonly = { gid = 506; }; - bridge = {}; - bridge_nightly = {}; hledger = lib.mkIf config.orbekk.hledger-web.enable { }; minecraft = { }; builder = { }; |