gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore(minecraft): module cleanup

Browse source
This commit is contained in:
arcnmx 2024-09-20 13:41:26 -07:00
parent e07f689dec
commit 7a7057492c
9 changed files with 426 additions and 207 deletions
Download patch file Download diff file Expand all files Collapse all files

195
modules/nixos/minecraft-bedrock.nix → modules/nixos/minecraft/bedrock.nix
View file

@ -1,120 +1,3 @@
let
allowListModule = {
config,
name,
gensokyo-zone,
lib,
...
}: let
inherit (gensokyo-zone.Std) UInt;
inherit (lib.options) mkOption;
inherit (lib.modules) mkOptionDefault;
inherit (builtins) typeOf;
in {
options = with lib.types; {
name = mkOption {
type = str;
default = name;
};
xuid = mkOption {
type = oneOf [int str];
};
permission = mkOption {
type = enum ["visitor" "member" "operator"];
default = "member";
};
settings = mkOption {
type = attrsOf str;
};
permissionSettings = mkOption {
type = attrsOf str;
};
};
config = let
xuid =
{
string = toString (UInt.FromHex config.xuid);
int = toString config.xuid;
}
.${typeOf config.xuid};
in {
settings = {
name = mkOptionDefault config.name;
xuid = mkOptionDefault xuid;
# TODO: ignoresPlayerLimit = true/false
};
permissionSettings = {
xuid = mkOptionDefault xuid;
permission = mkOptionDefault config.permission;
};
};
};
packModule = {
config,
lib,
...
}: let
inherit (lib.options) mkOption mkEnableOption;
inherit (lib.modules) mkIf mkOptionDefault;
inherit (lib.strings) splitString;
inherit (builtins) typeOf;
in {
options = with lib.types; {
enable =
mkEnableOption "pack"
// {
default = true;
};
package = mkOption {
type = nullOr package;
default = null;
};
packDir = mkOption {
type = str;
};
packType = mkOption {
type = enum ["resource_packs" "behavior_packs"];
};
packId = mkOption {
type = str;
};
version = mkOption {
type = oneOf [str (listOf str)];
};
settings = mkOption {
type = attrsOf (oneOf [str (listOf str)]);
};
};
config = {
packId = mkIf (config.package != null && config.package ? minecraft-bedrock.pack.pack_id) (
mkOptionDefault
config.package.minecraft-bedrock.pack.pack_id
);
packType = mkIf (config.package != null && config.package ? minecraft-bedrock.pack.type) (
mkOptionDefault
config.package.minecraft-bedrock.pack.type
);
version = mkIf (config.package != null && config.package ? minecraft-bedrock.pack.version) (
mkOptionDefault
config.package.minecraft-bedrock.pack.version
);
packDir = mkIf (config.package != null && config.package ? minecraft-bedrock.pack.dir) (
mkOptionDefault
config.package.minecraft-bedrock.pack.dir
);
settings = {
pack_id = mkOptionDefault config.packId;
version =
mkOptionDefault
{
string = splitString "." config.version;
list = config.version;
}
.${typeOf config.version};
};
};
};
in
{ {
config, config,
gensokyo-zone, gensokyo-zone,
@ -128,23 +11,9 @@ in
inherit (lib.modules) mkIf mkMerge mkOptionDefault; inherit (lib.modules) mkIf mkMerge mkOptionDefault;
inherit (lib.attrsets) filterAttrs mapAttrsToList; inherit (lib.attrsets) filterAttrs mapAttrsToList;
inherit (lib.lists) optional; inherit (lib.lists) optional;
inherit (lib.strings) concatStringsSep;
inherit (lib.trivial) boolToString;
inherit (lib.meta) getExe; inherit (lib.meta) getExe;
inherit (builtins) toJSON; inherit (config.lib.minecraft) mkAllowPlayerType mkPackType writeServerProperties writeAllowList writePermissions writePacks;
cfg = config.services.minecraft-bedrock-server; cfg = config.services.minecraft-bedrock-server;
cfgToString = v:
if builtins.isBool v
then boolToString v
else toString v;
serverPropertiesFile = pkgs.writeText "server.properties" (''
# server.properties managed by NixOS configuration
''
+ concatStringsSep "\n" (mapAttrsToList
(n: v: "${n}=${cfgToString v}")
cfg.serverProperties));
in { in {
options.services.minecraft-bedrock-server = with lib.types; { options.services.minecraft-bedrock-server = with lib.types; {
enable = mkOption { enable = mkOption {
@ -221,13 +90,7 @@ in
}; };
allowPlayers = mkOption { allowPlayers = mkOption {
type = nullOr (attrsOf (submoduleWith { type = nullOr (attrsOf (mkAllowPlayerType {}));
modules = [allowListModule];
specialArgs = {
inherit gensokyo-zone;
nixosConfig = config;
};
}));
default = null; default = null;
}; };
@ -240,13 +103,7 @@ in
}; };
packs = mkOption { packs = mkOption {
type = attrsOf (submoduleWith { type = attrsOf (mkPackType {});
modules = [packModule];
specialArgs = {
inherit gensokyo-zone;
nixosConfig = config;
};
});
default = {}; default = {};
}; };
}; };
@ -279,28 +136,16 @@ in
player-movement-duration-threshold-in-ms = 500; player-movement-duration-threshold-in-ms = 500;
correct-player-movement = false; correct-player-movement = false;
}; };
allowList = let allowList = mkOptionDefault (
allowPlayers = mapAttrsToList (_: allow: allow.settings) cfg.allowPlayers; if cfg.allowPlayers != null
allowListJson = pkgs.writeText "minecraft-bedrock-server-allowlist.json" ( then writeAllowList cfg.allowPlayers
toJSON allowPlayers else null
); );
in permissions = mkOptionDefault (
mkOptionDefault ( if cfg.allowPlayers != null
if cfg.allowPlayers != null then writePermissions cfg.allowPlayers
then allowListJson else null
else null );
);
permissions = let
permissions = mapAttrsToList (_: allow: allow.permissionSettings) cfg.allowPlayers;
permissionsJson = pkgs.writeText "minecraft-bedrock-server-permissions.json" (
toJSON permissions
);
in
mkOptionDefault (
if cfg.allowPlayers != null
then permissionsJson
else null
);
}; };
conf.users.users.${cfg.user} = { conf.users.users.${cfg.user} = {
inherit (cfg) group; inherit (cfg) group;
@ -334,13 +179,11 @@ in
] ]
++ optional (cfg.permissions == null) "permissions.json"); ++ optional (cfg.permissions == null) "permissions.json");
mkWorldPacks = type: let mkWorldPacks = type: let
enabledPacks = filterAttrs (_: pack: pack.enable && pack.packType == "${type}_packs") cfg.packs; enabledPacks = filterAttrs (_: pack: pack.enable && pack.packType == type) cfg.packs;
jsonName = "world_${type}_packs.json"; packsJsonPath = writePacks { inherit type; } enabledPacks;
packsJson = mapAttrsToList (_: pack: pack.settings) enabledPacks;
packsJsonPath = pkgs.writeText jsonName (toJSON packsJson);
in in
mkIf (enabledPacks != {}) [ mkIf (enabledPacks != {}) [
"${packsJsonPath}:${cfg.dataDir}/worlds/${cfg.serverProperties.level-name}/${jsonName}" "${packsJsonPath}:${cfg.dataDir}/worlds/${cfg.serverProperties.level-name}/${packsJsonPath.name}"
]; ];
mapWorldPacks = packs: let mapWorldPacks = packs: let
enabledPacks = filterAttrs (_: pack: pack.enable && pack.package != null) packs; enabledPacks = filterAttrs (_: pack: pack.enable && pack.package != null) packs;
@ -350,8 +193,8 @@ in
in in
mapAttrsToList mapPackPath enabledPacks; mapAttrsToList mapPackPath enabledPacks;
packsPaths = mkMerge [ packsPaths = mkMerge [
(mkWorldPacks "behavior") (mkWorldPacks "behavior_packs")
(mkWorldPacks "resource") (mkWorldPacks "resource_packs")
(mapWorldPacks cfg.packs) (mapWorldPacks cfg.packs)
]; ];
in in
@ -376,7 +219,7 @@ in
preStart = '' preStart = ''
mkdir -p behavior_packs mkdir -p behavior_packs
ln -sf ${cfg.package}/var/lib/minecraft-bedrock/behavior_packs/* behavior_packs/ ln -sf ${cfg.package}/var/lib/minecraft-bedrock/behavior_packs/* behavior_packs/
cp -f ${serverPropertiesFile} server.properties cp -f ${writeServerProperties cfg.serverProperties} server.properties
chmod +w server.properties chmod +w server.properties
''; '';
}; };

221
modules/nixos/minecraft/common.nix Normal file
View file

@ -0,0 +1,221 @@
let
allowListModule = {
config,
name,
gensokyo-zone,
lib,
...
}: let
inherit (gensokyo-zone.Std) UInt;
inherit (gensokyo-zone.lib) json;
inherit (lib.options) mkOption;
inherit (lib.modules) mkOptionDefault;
inherit (builtins) typeOf;
in {
options = with lib.types; {
name = mkOption {
type = str;
default = name;
};
xuid = mkOption {
type = nullOr (oneOf [int str]);
};
uuid = mkOption {
type = nullOr str;
};
permission = mkOption {
type = enum ["visitor" "member" "operator"];
default = "member";
};
permissionLevel = mkOption {
type = ints.between 0 4;
description = "1=mod, 2=gm, 3=admin, 4=owner";
default = 0;
};
settings = mkOption {
type = json.types.attrs;
};
whitelistSettings = mkOption {
type = json.types.attrs;
};
permissionSettings = mkOption {
type = json.types.attrs;
};
opsSettings = mkOption {
type = json.types.attrs;
};
};
config = let
xuid =
{
string = toString (UInt.FromHex config.xuid);
int = toString config.xuid;
}
.${typeOf config.xuid};
in {
settings = {
name = mkOptionDefault config.name;
xuid = mkOptionDefault xuid;
# TODO: ignoresPlayerLimit = true/false
};
whitelistSettings = {
name = mkOptionDefault config.name;
uuid = mkOptionDefault config.uuid;
};
permissionSettings = {
xuid = mkOptionDefault xuid;
permission = mkOptionDefault config.permission;
};
opsSettings = {
name = mkOptionDefault config.name;
uuid = mkOptionDefault config.uuid;
level = mkOptionDefault config.permissionLevel;
bypassesPlayerLimit = mkOptionDefault true;
};
};
};
packModule = {
config,
lib,
...
}: let
inherit (lib.options) mkOption mkEnableOption;
inherit (lib.modules) mkIf mkOptionDefault;
inherit (lib.strings) splitString;
inherit (builtins) typeOf;
in {
options = with lib.types; {
enable =
mkEnableOption "pack"
// {
default = true;
};
package = mkOption {
type = nullOr package;
default = null;
};
packDir = mkOption {
type = str;
};
packType = mkOption {
type = enum ["resource_packs" "behavior_packs"];
};
packId = mkOption {
type = str;
};
version = mkOption {
type = oneOf [str (listOf str)];
};
settings = mkOption {
type = attrsOf (oneOf [str (listOf str)]);
};
};
config = {
packId = mkIf (config.package != null && config.package ? minecraft-bedrock.pack.pack_id) (
mkOptionDefault
config.package.minecraft-bedrock.pack.pack_id
);
packType = mkIf (config.package != null && config.package ? minecraft-bedrock.pack.type) (
mkOptionDefault
config.package.minecraft-bedrock.pack.type
);
version = mkIf (config.package != null && config.package ? minecraft-bedrock.pack.version) (
mkOptionDefault
config.package.minecraft-bedrock.pack.version
);
packDir = mkIf (config.package != null && config.package ? minecraft-bedrock.pack.dir) (
mkOptionDefault
config.package.minecraft-bedrock.pack.dir
);
settings = {
pack_id = mkOptionDefault config.packId;
version =
mkOptionDefault
{
string = splitString "." config.version;
list = config.version;
}
.${typeOf config.version};
};
};
};
in
{
config,
gensokyo-zone,
lib,
pkgs,
...
}: let
inherit (lib.attrsets) mapAttrsToList filterAttrs;
inherit (lib.strings) concatStringsSep;
inherit (lib.trivial) boolToString;
inherit (builtins) toJSON;
inherit (config.lib) minecraft;
in {
config.lib.minecraft = {
inherit allowListModule packModule;
mkAllowPlayerType = {
modules ? [],
specialArgs ? {},
}:
lib.types.submoduleWith {
modules = modules ++ [minecraft.allowListModule];
specialArgs =
{
inherit gensokyo-zone;
nixosConfig = config;
}
// specialArgs;
};
writeAllowList = allowPlayers: let
allowList = mapAttrsToList (_: allow: allow.settings) allowPlayers;
in
pkgs.writeText "allowlist.json" (toJSON allowList);
writeWhiteList = allowPlayers: let
allowList = mapAttrsToList (_: allow: allow.whitelistSettings) allowPlayers;
in
pkgs.writeText "whitelist.json" (toJSON allowList);
writePermissions = allowPlayers: let
permissions = mapAttrsToList (_: allow: allow.permissionSettings) allowPlayers;
in
pkgs.writeText "permissions.json" (toJSON permissions);
writeOps = allowPlayers: let
ops = filterAttrs (_: player: player.permissionLevel > 0) allowPlayers;
permissions = mapAttrsToList (_: allow: allow.opsSettings) ops;
in
pkgs.writeText "ops.json" (toJSON permissions);
mkPackType = {
modules ? [],
specialArgs ? {},
}:
lib.types.submoduleWith {
modules = modules ++ [minecraft.packModule];
specialArgs =
{
inherit gensokyo-zone;
nixosConfig = config;
}
// specialArgs;
};
writePacks = {type}: packs: let
packsSettings = mapAttrsToList (_: pack: pack.settings) packs;
in
pkgs.writeText "world_${type}.json" (toJSON packsSettings);
writeServerProperty = let
cfgToString = v:
if builtins.isBool v
then boolToString v
else toString v;
in
n: v: "${n}=${cfgToString v}";
writeServerProperties = serverProperties: let
inherit (config.lib.minecraft) writeServerProperty;
lines = mapAttrsToList writeServerProperty serverProperties;
in
pkgs.writeText "server.properties" ''
# server.properties managed by NixOS configuration
${concatStringsSep "\n" lines}
'';
};
}

56
modules/nixos/minecraft-katsink.nix → modules/nixos/minecraft/katsink.nix
View file

@ -1,15 +1,17 @@
{ {
config, config,
gensokyo-zone,
lib, lib,
pkgs, pkgs,
... ...
}: let }: let
inherit (gensokyo-zone.lib) mapOptionDefaults;
inherit (lib.options) mkOption mkEnableOption mkPackageOption; inherit (lib.options) mkOption mkEnableOption mkPackageOption;
inherit (lib.modules) mkIf mkMerge mkOptionDefault; inherit (lib.modules) mkIf mkMerge mkAfter mkOptionDefault;
inherit (lib.strings) concatStringsSep; inherit (lib.strings) escapeShellArgs;
inherit (lib.meta) getExe; inherit (lib.meta) getExe;
inherit (config.lib.minecraft) mkAllowPlayerType writeWhiteList writeOps;
cfg = config.services.minecraft-katsink-server; cfg = config.services.minecraft-katsink-server;
in { in {
options.services.minecraft-katsink-server = with lib.types; { options.services.minecraft-katsink-server = with lib.types; {
enable = mkEnableOption "kat-kitchen-sink"; enable = mkEnableOption "kat-kitchen-sink";
@ -35,7 +37,7 @@ in {
argsFiles = mkOption { argsFiles = mkOption {
type = listOf str; type = listOf str;
default = [ "user_jvm_args.txt" ]; default = ["user_jvm_args.txt"];
}; };
jvmOpts = mkOption { jvmOpts = mkOption {
@ -52,10 +54,21 @@ in {
type = str; type = str;
default = cfg.user; default = cfg.user;
}; };
serverProperties = mkOption {
type = attrsOf (oneOf [bool int str float]);
};
allowPlayers = mkOption {
type = nullOr (attrsOf (mkAllowPlayerType {}));
default = null;
};
}; };
config = let config = let
confService.services.minecraft-katsink-server = { confService.services.minecraft-katsink-server = {
serverProperties = mapOptionDefaults {
};
}; };
conf.users = mkIf (cfg.user == "minecraft-bedrock") { conf.users = mkIf (cfg.user == "minecraft-bedrock") {
users.${cfg.user} = { users.${cfg.user} = {
@ -69,10 +82,9 @@ in {
}; };
conf.systemd.services.minecraft-katsink-server = let conf.systemd.services.minecraft-katsink-server = let
execStart = concatStringsSep " " ([ execStartArgs =
"${getExe cfg.jre.package}" map (argsFile: "@${argsFile}") cfg.argsFiles
] ++ map (argsFile: "@${argsFile}") cfg.argsFiles ++ cfg.jvmOpts;
++ cfg.jvmOpts);
execStop = pkgs.writeShellScriptBin "minecraft-katsink-stop" '' execStop = pkgs.writeShellScriptBin "minecraft-katsink-stop" ''
echo /stop > ${config.systemd.sockets.minecraft-katsink-server.socketConfig.ListenFIFO} echo /stop > ${config.systemd.sockets.minecraft-katsink-server.socketConfig.ListenFIFO}
@ -82,7 +94,6 @@ in {
sleep 1s sleep 1s
done done
''; '';
in { in {
description = "Minecraft Kat Kitchen Server"; description = "Minecraft Kat Kitchen Server";
wantedBy = ["multi-user.target"]; wantedBy = ["multi-user.target"];
@ -95,24 +106,29 @@ in {
cfg.argsFiles cfg.argsFiles
]; ];
path = [cfg.jre.package];
script = mkAfter ''
exec java ${escapeShellArgs execStartArgs}
'';
serviceConfig = { serviceConfig = {
ExecStart = [execStart]; BindReadOnlyPaths = mkIf (cfg.allowPlayers != null) [
"${writeWhiteList cfg.allowPlayers}:${cfg.dataDir}/whitelist.json"
"${writeOps cfg.allowPlayers}:${cfg.dataDir}/ops.json"
];
ExecStop = "${getExe execStop} $MAINPID"; ExecStop = "${getExe execStop} $MAINPID";
Restart = "on-failure"; Restart = "always";
User = cfg.user; User = cfg.user;
WorkingDirectory = cfg.dataDir; WorkingDirectory = cfg.dataDir;
/*LogFilterPatterns = [ RuntimeDirectory = "minecraft-katsink";
"~.*minecraft:trial_chambers/chamber/end"
"~Running AutoCompaction"
];*/
StandardInput = "socket"; StandardInput = "socket";
StandardOutput = "journal"; StandardOutput = "journal";
StandardError = "journal"; StandardError = "journal";
# Hardening # Hardening
CapabilityBoundingSet = [ "" ]; CapabilityBoundingSet = [""];
DeviceAllow = [ "" ]; DeviceAllow = [""];
LockPersonality = true; LockPersonality = true;
PrivateDevices = true; PrivateDevices = true;
PrivateTmp = true; PrivateTmp = true;
@ -125,7 +141,7 @@ in {
ProtectKernelModules = true; ProtectKernelModules = true;
ProtectKernelTunables = true; ProtectKernelTunables = true;
ProtectProc = "invisible"; ProtectProc = "invisible";
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictAddressFamilies = ["AF_INET" "AF_INET6" "AF_UNIX"];
RestrictNamespaces = true; RestrictNamespaces = true;
RestrictRealtime = true; RestrictRealtime = true;
RestrictSUIDSGID = true; RestrictSUIDSGID = true;
@ -134,9 +150,9 @@ in {
}; };
}; };
conf.systemd.sockets.minecraft-katsink-server = { conf.systemd.sockets.minecraft-katsink-server = {
bindsTo = [ "minecraft-katsink-server.service" ]; bindsTo = ["minecraft-katsink-server.service"];
socketConfig = { socketConfig = {
ListenFIFO = "/run/minecraft-katsink.stdin"; ListenFIFO = "/run/minecraft-katsink/stdin";
SocketMode = "0660"; SocketMode = "0660";
SocketUser = mkOptionDefault cfg.user; SocketUser = mkOptionDefault cfg.user;
SocketGroup = mkOptionDefault cfg.group; SocketGroup = mkOptionDefault cfg.group;

51
modules/nixos/monitoring/source/promtail.nix
View file

@ -59,6 +59,57 @@ in {
target_label = "priority"; target_label = "priority";
} }
]; ];
pipeline_stages = let
minecraftServer = [
{
match = {
selector = ''{unit="minecraft-katsink-server.service"}'';
pipeline_name = "minecraft-log4j";
stages = [
{
decolorize = {};
}
{
multiline = {
firstline = ''^(\[[^\]]+\]|[0-9A-Z]+:)'';
max_wait_time = "2s";
max_lines = 512;
};
}
{
regex.expression = concatStringsSep " " [
''^\[(?P<time>[0-9:.]+)\]''
''\[(?P<thread>[^\/]+)\/(?P<level>[^\]]+)\]''
''\[(?P<component>[^\/]+)\/((?P<category>[^\]]+)|)\]:''
''(?P<message><(?P<chat_user>[^> ]+)> (?P<chat_message>.*)|.*)$''
];
}
{
labels = {
time = null;
thread = null;
level = null;
component = null;
category = null;
message = null;
chat_user = null;
chat_message = null;
};
}
{
timestamp = {
source = "time";
format = "15:04:05";
};
}
];
};
}
];
in
mkMerge [
(mkIf config.services.minecraft-katsink-server.enable minecraftServer)
];
} }
(mkIf nginx.enable { (mkIf nginx.enable {
job_name = "${systemConfig.name}-nginx-access"; job_name = "${systemConfig.name}-nginx-access";

61
modules/system/exports/minecraft-java.nix Normal file
View file

@ -0,0 +1,61 @@
{
lib,
gensokyo-zone,
...
}: let
inherit (gensokyo-zone.lib) mapAlmostOptionDefaults mkAlmostOptionDefault;
inherit (lib.modules) mkIf;
inherit (lib.attrsets) mapAttrs;
in {
config.exports.services.minecraft = {config, ...}: let
mkAssertion = f: nixosConfig: let
cfg = nixosConfig.services.${config.nixos.serviceAttr};
in
f nixosConfig cfg;
in {
displayName = "Minecraft";
nixos = {
serviceAttr = "minecraft-katsink-server";
assertions = mkIf config.enable [
(mkAssertion (nixosConfig: cfg: {
assertion = config.ports.default.port == cfg.port;
message = "server-port mismatch";
}))
(mkAssertion (nixosConfig: cfg: {
assertion = config.ports.rcon.enable == cfg.serverProperties.enable-rcon or false;
message = "enable-rcon mismatch";
}))
(mkAssertion (nixosConfig: cfg: {
assertion = (! cfg.serverProperties.enable-rcon or false) || config.ports.rcon.port == cfg.serverProperties."rcon.port" or 25575;
message = "rcon.port mismatch";
}))
(mkAssertion (nixosConfig: cfg: {
assertion = config.ports.query.enable == cfg.serverProperties.enable-query or false;
message = "enable-query mismatch";
}))
(mkAssertion (nixosConfig: cfg: {
assertion = (! cfg.serverProperties.enable-query or false) || config.ports.query.port == cfg.serverProperties."query.port" or 25565;
message = "query.port mismatch";
}))
];
};
defaults.port.listen = mkAlmostOptionDefault "local";
ports = {
default = {
port = mkAlmostOptionDefault 25565;
transport = "tcp";
};
rcon = {
enable = mkAlmostOptionDefault false;
port = mkAlmostOptionDefault 25575;
transport = "tcp";
listen = mkAlmostOptionDefault "int";
};
query = {
enable = mkAlmostOptionDefault false;
port = mkAlmostOptionDefault config.ports.default.port;
transport = "udp";
};
};
};
}

10
nixos/kyuuto/mount.nix
View file

@ -106,10 +106,12 @@ in {
${cfg.libraryDir + "/movies"} = leaf; ${cfg.libraryDir + "/movies"} = leaf;
${cfg.libraryDir + "/software"} = leaf; ${cfg.libraryDir + "/software"} = leaf;
${cfg.libraryDir + "/books"} = leaf; ${cfg.libraryDir + "/books"} = leaf;
${cfg.dataDir + "/minecraft/simplebackups"} = leaf // { ${cfg.dataDir + "/minecraft/simplebackups"} =
owner = toString (mapId 913); # minecraft-bedrock uid leaf
group = "admin"; // {
}; owner = toString (mapId 913); # minecraft-bedrock uid
group = "admin";
};
${cfg.gameLibraryDir} = shared; ${cfg.gameLibraryDir} = shared;
} }
(listToAttrs ( (listToAttrs (

34
nixos/minecraft/katsink.nix
View file

@ -1,4 +1,5 @@
{ {
pkgs,
config, config,
lib, lib,
... ...
@ -10,12 +11,29 @@ in {
enable = mkDefault true; enable = mkDefault true;
argsFiles = [ argsFiles = [
"user_jvm_args.txt" "user_jvm_args.txt"
"libraries/net/neoforged/neoforge/21.1.54/unix_args.txt" "/run/minecraft-katsink/unix_args.txt"
]; ];
allowPlayers = {
katrynn = {
uuid = "356d8cf2-246a-4c07-b547-422aea06c0ab";
permissionLevel = 4;
};
arcnmx = {
uuid = "e9244315-848c-424a-b004-ae5305449fee";
permissionLevel = 4;
};
Matricariac = {
uuid = "e6204250-05dc-4f4a-890a-71619170a321";
permissionLevel = 1; # 2?
};
};
}; };
users = mkIf cfg.enable { users = mkIf cfg.enable {
users.${cfg.user}.uid = 913; users.${cfg.user}.uid = 913;
groups.${cfg.group}.gid = config.users.users.${cfg.user}.uid; groups.${cfg.group} = {
gid = config.users.users.${cfg.user}.uid;
inherit (config.users.groups.admin) members;
};
}; };
systemd = mkIf cfg.enable { systemd = mkIf cfg.enable {
@ -25,13 +43,15 @@ in {
root = config.rootDir + "/minecraft/katsink"; root = config.rootDir + "/minecraft/katsink";
path = mkDefault cfg.dataDir; path = mkDefault cfg.dataDir;
}; };
# TODO: serviceConfig.ExecStart = mkForce [ "${pkgs.runtimeShell} ${cfg.dataDir}/run.sh" ]; for imperative updates ? preStart = ''
}; ${pkgs.coreutils}/bin/ln -sf $PWD/libraries/net/neoforged/neoforge/*/unix_args.txt $RUNTIME_DIRECTORY/unix_args.txt
sockets.minecraft-katsink-server = { '';
socketConfig.SocketGroup = "admin";
}; };
}; };
networking.firewall = mkIf cfg.enable { networking.firewall = mkIf cfg.enable {
interfaces.local.allowedTCPPorts = [cfg.port]; interfaces.local = {
allowedTCPPorts = [cfg.port];
allowedUDPPorts = mkIf cfg.serverProperties.enable-query or false [cfg.serverProperties."query.port"];
};
}; };
} }

4
systems/minecraft/default.nix
View file

@ -10,6 +10,10 @@ _: {
exports = { exports = {
services = { services = {
tailscale.enable = true; tailscale.enable = true;
minecraft = {
enable = true;
id = "katsink";
};
}; };
}; };
} }

1
tree.nix
View file

@ -56,6 +56,7 @@
}; };
"modules/nixos/access".functor.enable = true; "modules/nixos/access".functor.enable = true;
"modules/nixos/ldap".functor.enable = true; "modules/nixos/ldap".functor.enable = true;
"modules/nixos/minecraft".functor.enable = true;
"modules/nixos/monitoring".functor.enable = true; "modules/nixos/monitoring".functor.enable = true;
"modules/nixos/monitoring/ingest".functor.enable = true; "modules/nixos/monitoring/ingest".functor.enable = true;
"modules/nixos/monitoring/source".functor.enable = true; "modules/nixos/monitoring/source".functor.enable = true;