Upgrade NixNG and add Minecraft module

Signed-off-by: Magic_RB <magic_rb@redalder.org>
This commit is contained in:
Magic_RB 2021-12-12 22:31:33 +01:00
parent 16c0fb9796
commit 700ed7317b
No known key found for this signature in database
GPG key ID: 08D5287CC5DDCA0E
12 changed files with 224 additions and 35 deletions

View file

@ -1,7 +1,8 @@
nglib: camptules: { nglib, camptules, nixpkgs }:
(nglib "x86_64-linux").makeSystem { nglib.makeSystem {
system = "x86_64-linux"; system = "x86_64-linux";
name = "nixng-camptules"; name = "nixng-camptules";
inherit nixpkgs;
config = ({ pkgs, config, nglib, lib, ... }: config = ({ pkgs, config, nglib, lib, ... }:
{ {
imports = [ imports = [
@ -16,7 +17,18 @@ nglib: camptules:
services.camptules = { services.camptules = {
enable = true; enable = true;
package = camptules.defaultPackage."x86_64-linux"; package =
let
youtube-dlc = pkgs.writeShellScriptBin "youtube-dlc"
''
${pkgs.youtube-dl}/bin/youtube-dl "$@"
'';
in
pkgs.writeShellScriptBin "camptules"
''
export PATH=$PATH:${youtube-dlc}/bin:${pkgs.ffmpeg}/bin
${lib.trace camptules.defaultPackage."x86_64-linux".outPath camptules.defaultPackage."x86_64-linux"}/bin/camptules
'';
}; };
}; };
}); });

View file

@ -16,10 +16,11 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
nglib: { nglib, nixpkgs }:
((nglib "x86_64-linux").makeSystem { nglib.makeSystem {
system = "x86_64-linux"; system = "x86_64-linux";
name = "nixng-gitea"; name = "nixng-gitea";
inherit nixpkgs;
config = ({ pkgs, ... }: config = ({ pkgs, ... }:
{ {
dumb-init = { dumb-init = {
@ -148,4 +149,4 @@ nglib:
}; };
} }
); );
}) }

View file

@ -1,11 +1,9 @@
nglib: { nglib, nixpkgs }:
let
inherit (nglib "x86_64-linux") makeSystem;
in
{ {
postgresql = makeSystem { postgresql = nglib.makeSystem {
system = "x86_64-linux"; system = "x86_64-linux";
name = "nixng-hydra-postgresql"; name = "nixng-hydra-postgresql";
inherit nixpkgs;
config = { pkgs, config, ... }: config = { pkgs, config, ... }:
{ {
config = { config = {
@ -37,7 +35,7 @@ in
}; };
}; };
hydra = makeSystem { hydra = nglib.makeSystem {
system = "x86_64-linux"; system = "x86_64-linux";
name = "nixng-hydra"; name = "nixng-hydra";
config = { pkgs, config, lib, nglib, ... }: config = { pkgs, config, lib, nglib, ... }:
@ -104,7 +102,7 @@ in
let let
machines = pkgs.writeText "machines" machines = pkgs.writeText "machines"
'' ''
eu.nixbuild.net x86_64-linux 100 5 benchmark,big-parallel eu.nixbuild.net x86_64-linux - 100 5 benchmark,big-parallel
''; '';
in in
nglib.dag.dagEntryAnywhere nglib.dag.dagEntryAnywhere
@ -135,6 +133,15 @@ in
ln -s ${ssh_config} /etc/ssh/ssh_config ln -s ${ssh_config} /etc/ssh/ssh_config
ln -s ${ssh_known_hosts} /etc/ssh/ssh_known_hosts ln -s ${ssh_known_hosts} /etc/ssh/ssh_known_hosts
''; '';
ssh-key =
nglib.dag.dagEntryAfter ["users"]
''
export PATH=${pkgs.busybox}/bin
cp /secrets/ssh-key /ssh-key
chmod 600 /ssh-key
chown hydra-queue-runner:root /ssh-key
'';
}; };
}; };
}; };

View file

@ -1,7 +1,8 @@
nglib: { nglib, nixpkgs }:
(nglib "x86_64-linux").makeSystem { nglib.makeSystem {
system = "x86_64-linux"; system = "x86_64-linux";
name = "nixng-ingress"; name = "nixng-ingress";
inherit nixpkgs;
config = ({ pkgs, config, nglib, ... }: config = ({ pkgs, config, nglib, ... }:
let let
ids = config.ids; ids = config.ids;
@ -79,6 +80,12 @@ nglib:
pid = "/nginx.pid"; pid = "/nginx.pid";
stream."" = {
include = [
[ "/local/streams.conf" ]
];
};
http."" = { http."" = {
server_tokens = "off"; server_tokens = "off";
include = [ include = [

View file

@ -1,7 +1,8 @@
nglib: { nglib, nixpkgs }:
(nglib "x86_64-linux").makeSystem { nglib.makeSystem {
system = "x86_64-linux"; system = "x86_64-linux";
name = "nixng-jmusicbot"; name = "nixng-jmusicbot";
inherit nixpkgs;
config = ({ pkgs, config, nglib, ... }: config = ({ pkgs, config, nglib, ... }:
{ {
dumb-init = { dumb-init = {

32
containers/minecraft.nix Normal file
View file

@ -0,0 +1,32 @@
{ nglib, nixpkgs }:
nglib.makeSystem {
system = "x86_64-linux";
name = "nixng-minecraft";
inherit nixpkgs;
config = ({ pkgs, config, nglib, ... }:
with pkgs.lib;
{
config = {
dumb-init = {
enable = true;
type.services = { };
};
init.services.minecraft = {
shutdownOnExit = true;
};
services.minecraft = {
enable = true;
eulaAccept = true;
forgeZipFile = builtins.fetchurl {
url = "https://media.forgecdn.net/files/3551/162/SIMPLE-SERVER-FILES-1.8.12.zip";
sha256 = "sha256:16w4874vbc8zab6czixmx62i5hxfv1zkjcbfz9djmhwwa8inw02l";
};
forgeFetchedHash = "sha256-58HAjgrbtVb62vJKdfzXTIJRSycP1cDnp4h5/mnIwtY=";
forgeConfigOverrides = {};
};
};
});
}

View file

@ -1,7 +1,8 @@
website: nglib: { nglib, website, nixpkgs }:
(nglib "x86_64-linux").makeSystem { nglib.makeSystem {
system = "x86_64-linux"; system = "x86_64-linux";
name = "nixng-website"; name = "nixng-website";
inherit nixpkgs;
config = ({ pkgs, options, ... }: { config = ({ pkgs, options, ... }: {
dumb-init = { dumb-init = {
enable = true; enable = true;

View file

@ -75,24 +75,23 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1634508638, "lastModified": 1638796503,
"narHash": "sha256-WwuEo0JObE1f2YgXv0vmEXAiwQ/xFkDrHSN4It5tiic=", "narHash": "sha256-J5UjPK7kv41N79yku/gg3u7/vy5VN5W8DsH6AVcUuf0=",
"owner": "MagicRB", "owner": "MagicRB",
"repo": "NixNG", "repo": "NixNG",
"rev": "2ba0bacb76c9e63265e2fb45c813a6661568c63f", "rev": "990c82400885077b96491bb6f5d574e26daba917",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "MagicRB", "owner": "MagicRB",
"ref": "rework",
"repo": "NixNG", "repo": "NixNG",
"type": "github" "type": "github"
} }
}, },
"nixng_2": { "nixng_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": "nixpkgs_2"
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1619975252, "lastModified": 1619975252,
@ -123,6 +122,19 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": {
"locked": {
"lastModified": 1617271991,
"narHash": "sha256-VdzjIQaT1FtycNid0iPSVr44Jrstoox6QRLrwCY1uG0=",
"path": "/nix/store/p86a44r69akjvyg0nid33kh9mg15h9lq-source",
"rev": "da7f4c4842520167f65c20ad75ecdbd14e27ae91",
"type": "path"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"org-thtml": { "org-thtml": {
"flake": false, "flake": false,
"locked": { "locked": {

View file

@ -3,7 +3,7 @@
nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-unstable";
nixng = { nixng = {
url = "github:MagicRB/NixNG"; url = "github:MagicRB/NixNG?ref=rework";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
website = { website = {
@ -23,14 +23,19 @@
forAllSystems' = systems: fun: nixpkgs.lib.genAttrs systems fun; forAllSystems' = systems: fun: nixpkgs.lib.genAttrs systems fun;
forAllSystems = forAllSystems' supportedSystems; forAllSystems = forAllSystems' supportedSystems;
containers = { containers =
hydra = (import ./containers/hydra.nix nixng.lib).hydra; let base = { nglib = nixng.nglib nixpkgs.lib; inherit nixpkgs; };
hydraPostgresql = (import ./containers/hydra.nix nixng.lib).postgresql; in
ingress = (import ./containers/ingress.nix nixng.lib); {
website = (import ./containers/website.nix inputs.website.website nixng.lib); hydra = (import ./containers/hydra.nix base).hydra;
jmusicbot = (import ./containers/jmusicbot.nix nixng.lib); hydraPostgresql = (import ./containers/hydra.nix base).postgresql;
camptules = (import ./containers/camptules.nix nixng.lib inputs.camptules); ingress = import ./containers/ingress.nix base;
}; website = import ./containers/website.nix (base // { inherit (inputs.website) website; });
jmusicbot = import ./containers/jmusicbot.nix base;
camptules = (import ./containers/camptules.nix (base // { inherit (inputs) camptules; }));
gitea = import ./containers/gitea.nix base;
minecraft = import ./containers/minecraft.nix base;
};
in in
{ {
ociImages = mapAttrs (n: v: v.config.system.build.ociImage) containers; ociImages = mapAttrs (n: v: v.config.system.build.ociImage) containers;

View file

@ -32,6 +32,12 @@ job "ingress" {
to = 443 to = 443
host_network = "public" host_network = "public"
} }
port "minecraft" {
static = 25565
to = 25565
host_network = "public"
}
} }
service { service {
@ -80,6 +86,16 @@ job "ingress" {
mode = "local" mode = "local"
} }
} }
upstreams {
destination_name = "minecraft"
local_bind_port = 2666
datacenter = "homelab-1"
mesh_gateway {
mode = "local"
}
}
} }
} }
} }
@ -102,7 +118,8 @@ job "ingress" {
# load = "nixng-ingress.tar.gz" # load = "nixng-ingress.tar.gz"
image = "nixng-ingress:local" image = "nixng-ingress:local"
ports = ["http", "https"] ports = ["http", "https", "minecraft"]
memory_hard_limit = 128
} }
resources { resources {
@ -151,6 +168,23 @@ EOF
change_signal = "SIGHUP" change_signal = "SIGHUP"
} }
template {
data = <<EOF
upstream minecraft {
server {{ env "NOMAD_UPSTREAM_ADDR_minecraft" }};
}
server {
listen 25565;
proxy_pass minecraft;
}
EOF
destination = "local/streams.conf"
change_mode = "signal"
change_signal = "SIGHUP"
}
template { template {
data = <<EOF data = <<EOF
upstream gitea { upstream gitea {

View file

@ -0,0 +1,19 @@
type = "csi"
id = "minecraft"
name = "minecraft"
plugin_id = "nfs"
capability {
access_mode = "single-node-writer"
attachment_mode = "file-system"
}
context {
server = "10.64.1.201"
share = "/var/nfs/minecraft/atm6"
}
mount_options {
fs_type = "nfs"
mount_flags = [ "nolock" ]
}

View file

@ -0,0 +1,58 @@
job "minecraft" {
datacenters = [ "homelab-1" ]
type = "service"
group "minecraft" {
count = 1
volume "minecraft" {
type = "csi"
source = "minecraft"
read_only = false
attachment_mode = "file-system"
access_mode = "single-node-writer"
}
network {
mode = "bridge"
}
service {
name = "minecraft"
port = "25565"
connect {
sidecar_service {}
}
}
task "minecraft" {
driver = "docker"
volume_mount {
volume = "minecraft"
destination = "/run/cfg/minecraft"
read_only = false
}
config {
image = "nixng-minecraft:local"
memory_hard_limit = 8192
cap_add = ["sys_admin"]
devices = [
{
host_path = "/dev/fuse"
container_path = "/dev/fuse"
}
]
}
resources {
cpu = 4096
memory = 4096
}
}
}
}