From 34d1e3501e6eff1bd6e2f78da1956cb8b1bf33da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kjetil=20=C3=98rbekk?= <kj@orbekk.com>
Date: Mon, 15 Jun 2020 18:05:11 -0400
Subject: minecraft on dragon

---
 config/minecraft.nix | 18 ++++++++++++++++++
 config/users.nix     |  5 +++++
 machines/dragon.nix  |  1 +
 3 files changed, 24 insertions(+)
 create mode 100644 config/minecraft.nix

diff --git a/config/minecraft.nix b/config/minecraft.nix
new file mode 100644
index 0000000..0708ade
--- /dev/null
+++ b/config/minecraft.nix
@@ -0,0 +1,18 @@
+{ config, lib, pkgs, ... }:
+let
+  minecraft-port = 25565;
+  allowedAddresses = [ "108.30.16.212" ];
+in
+{
+  networking.firewall.extraCommands = lib.concatMapStrings (addr: ''
+    iptables -A nixos-fw -p tcp \
+      --dport ${toString minecraft-port} \
+      -s ${addr} \
+      -j nixos-fw-accept
+  '') allowedAddresses;
+  services.minecraft-server = {
+    eula = true;
+    enable = true;
+    dataDir = "/storage/srv/minecraft/annie";
+  };
+}
diff --git a/config/users.nix b/config/users.nix
index e54f959..c1c6cbe 100644
--- a/config/users.nix
+++ b/config/users.nix
@@ -41,6 +41,11 @@ in {
         uid = 503;
         home = "/var/lib/linoquotes";
       };
+      minecraft = {
+        name = "minecraft";
+        uid = config.ids.uids.minecraft;
+        extraGroups = ["readonly"];
+      };
       stats = {
         name = "stats";
         group = "stats";
diff --git a/machines/dragon.nix b/machines/dragon.nix
index d0c060c..039a947 100644
--- a/machines/dragon.nix
+++ b/machines/dragon.nix
@@ -4,6 +4,7 @@ let
 in
 {
   imports = [
+    ../config/minecraft.nix
     ../config/acme-sh.nix
     ../config/mpd.nix
     ../config/borg-backup.nix
-- 
cgit v1.2.3