diff --git a/applications/games.nix b/applications/games.nix index 47601e3..071a3e7 100644 --- a/applications/games.nix +++ b/applications/games.nix @@ -1,5 +1,70 @@ -{ ... }: { +{ config, pkgs, lib, ... }: + with lib; + let + cfg = config.services.skynet_games; + in { imports = [ + ./dns.nix + ./games/minecraft.nix ]; + + + options.services.skynet_games = { + enable = mkEnableOption "Skynet Games"; + + host = { + ip = mkOption { + type = types.str; + }; + + name = mkOption { + type = types.str; + }; + }; + + domain = { + tld = mkOption { + type = types.str; + default = "ie"; + }; + + base = mkOption { + type = types.str; + default = "skynet"; + }; + + sub = mkOption { + type = types.str; + default = "games"; + }; + }; + + }; + + + config = mkIf cfg.enable { + skynet_dns.records = { + cname = [ + # need a base domain + "${cfg.domain.sub} CNAME ${cfg.host.name}" + ]; + }; + + # the minecraft servers + services.skynet_games_minecraft = { + enable = true; + + host = { + ip = cfg.host.ip; + name = cfg.domain.sub; + }; + + domain = { + sub = "minecraft.${cfg.domain.sub}"; + }; + }; + + + }; } \ No newline at end of file diff --git a/applications/games/minecraft.nix b/applications/games/minecraft.nix index 62cad96..2e19fdf 100644 --- a/applications/games/minecraft.nix +++ b/applications/games/minecraft.nix @@ -1,57 +1,118 @@ -{ +{ config, pkgs, lib, ... }: + with lib; + let + cfg = config.services.skynet_games_minecraft; + in { + imports = [ - ../acme.nix - ../nginx.nix - ]; + ../firewall.nix + ../dns.nix - - skynet_dns.records = { - external = []; - cname = [ - # create a sub-subdomain for each game - "compsoc_classic.minecraft.games CNAME games" - "compsoc.minecraft.games CNAME games" - - "map.compsoc_classic.minecraft.games CNAME games" - #"compsoc.minecraft.games CNAME games" - ]; - }; - - networking.firewall.allowedTCPPorts = [ - # for the proxy - 25565 - - # the servers - 20000 - - 20001 + ../acme.nix + ../nginx.nix ]; - services.nginx.virtualHosts."compsoc_classic.minecraft.games.skynet.ie" = { - forceSSL = true; - useACMEHost = "skynet"; - locations."/map/".alias = "/etc/games/minecraft/compsoc/classic/config/plugins/dynmap/web/"; - }; + options.services.skynet_games_minecraft = { + enable = mkEnableOption "Skynet Games Minecraft"; - # arion is one way to use docker on nixos - # see https://gitlab.com/c2842/computer_society/nixos/-/blob/733b867f4782afa795848135a83e97a5cafaf16a/applications/games/minecraft.nix - # for an example of a single compose file with multiple services - virtualisation.arion = { - backend = "docker"; - projects = { - - minecraft_proxy.settings.services.mc_proxy.service = { - image = "itzg/mc-router:1.18.0"; - ports = [ "25565:25565/tcp" ]; - expose = [ "25565" ]; - command = [ - "--mapping=compsoc_classic.minecraft.games.skynet.ie=172.17.0.1:20000,compsoc.minecraft.games.skynet.ie=172.17.0.1:20001" - ]; + host = { + ip = mkOption { + type = types.str; }; - minecraft_compsoc_classic.settings.services.compsoc_classic.service = { - image = "nimmis/spigot:latest"; - # setting these here as they arent special + name = mkOption { + type = types.str; + }; + }; + + domain = { + tld = mkOption { + type = types.str; + default = "ie"; + }; + + base = mkOption { + type = types.str; + default = "skynet"; + }; + + sub = mkOption { + type = types.str; + default = "minecraft.games"; + }; + }; + }; + + config = mkIf cfg.enable { + skynet_firewall.forward = [ + "ip daddr ${cfg.host.ip} tcp dport 80 counter packets 0 bytes 0 accept" + "ip daddr ${cfg.host.ip} tcp dport 443 counter packets 0 bytes 0 accept" + "ip daddr ${cfg.host.ip} tcp dport 25565 counter packets 0 bytes 0 accept" + ]; + + skynet_dns.records = { + external = []; + cname = [ + # create a sub-subdomain for each game + "compsoc_classic.${cfg.domain.sub} CNAME ${cfg.host.name}" + "compsoc.${cfg.domain.sub} CNAME ${cfg.host.name}" + + "map.compsoc_classic.${cfg.domain.sub} CNAME ${cfg.host.name}" + #"compsoc.minecraft.games CNAME games" + ]; + }; + + networking.firewall.allowedTCPPorts = [ + # for the proxy + 25565 + + # the servers + 20000 + + 20001 + ]; + + services.nginx.virtualHosts."compsoc_classic.${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = { + forceSSL = true; + useACMEHost = "skynet"; + locations."/map/".alias = "/etc/games/minecraft/compsoc/classic/config/plugins/dynmap/web/"; + }; + + # arion is one way to use docker on nixos + # see https://gitlab.com/c2842/computer_society/nixos/-/blob/733b867f4782afa795848135a83e97a5cafaf16a/applications/games/minecraft.nix + # for an example of a single compose file with multiple services + virtualisation.arion = { + backend = "docker"; + projects = { + + minecraft_proxy.settings.services.mc_proxy.service = { + image = "itzg/mc-router:1.18.0"; + ports = [ "25565:25565/tcp" ]; + expose = [ "25565" ]; + command = [ + "--mapping=compsoc_classic.minecraft.games.skynet.ie=172.17.0.1:20000,compsoc.minecraft.games.skynet.ie=172.17.0.1:20001" + ]; + }; + + minecraft_compsoc_classic.settings.services.compsoc_classic.service = { + image = "nimmis/spigot:latest"; + # setting these here as they arent special + environment = { + # this is what it last ran on + SPIGOT_VER="1.18.2"; + EULA="true"; + }; + + # where the config files are stored + volumes = [ "/etc/games/minecraft/compsoc/classic/config:/minecraft" ]; + + ports = [ + "20000:25565/tcp" + ]; + }; + + minecraft_compsoc.settings.services.compsoc_test.service = { + image = "nimmis/spigot:latest"; environment = { # this is what it last ran on SPIGOT_VER="1.18.2"; @@ -59,27 +120,12 @@ }; # where the config files are stored - volumes = [ "/etc/games/minecraft/compsoc/classic/config:/minecraft" ]; + volumes = [ "/etc/games/minecraft/compsoc/current/config:/minecraft" ]; ports = [ - "20000:25565/tcp" + "20001:25565/tcp" ]; - }; - - minecraft_compsoc.settings.services.compsoc_test.service = { - image = "nimmis/spigot:latest"; - environment = { - # this is what it last ran on - SPIGOT_VER="1.18.2"; - EULA="true"; }; - - # where the config files are stored - volumes = [ "/etc/games/minecraft/compsoc/current/config:/minecraft" ]; - - ports = [ - "20001:25565/tcp" - ]; }; }; }; diff --git a/machines/optimus.nix b/machines/optimus.nix index 21c875c..ee18dfd 100644 --- a/machines/optimus.nix +++ b/machines/optimus.nix @@ -21,7 +21,6 @@ let in { imports = [ # applications for this particular server - ../applications/firewall.nix ../applications/dns.nix ../applications/games.nix @@ -38,27 +37,28 @@ in { targetUser = "root"; }; - # these two are to be able to add the rules for firewall and dns - # open the firewall for this - skynet_firewall.forward = [ - "ip daddr ${ip_pub} tcp dport 80 counter packets 0 bytes 0 accept" - "ip daddr ${ip_pub} tcp dport 443 counter packets 0 bytes 0 accept" - "ip daddr ${ip_pub} tcp dport 25565 counter packets 0 bytes 0 accept" - ]; skynet_dns.records = { external = [ "${name} A ${ip_pub}" ]; - cname = [ - # the games are each going to have a subdomain on this - "games CNAME ${name}" - ]; reverse = [ "${builtins.substring 9 3 ip_pub} IN PTR ${name}" ]; }; + services.skynet_games = { + enable = true; + + host = { + # pass in teh ip (used for firewall) + ip = ip_pub; + + # the name is used for dns + name = name; + }; + }; + # we use this to pass in teh relevent infomation to the services.skynet_ldap = { enable = true;