update

author Patrick <patrick.schoenberger@posteo.de>

Wed, 26 Nov 2025 09:39:24 +0000 (10:39 +0100)

committer Patrick <patrick.schoenberger@posteo.de>

Wed, 26 Nov 2025 09:39:24 +0000 (10:39 +0100)
author Patrick <patrick.schoenberger@posteo.de>
Wed, 26 Nov 2025 09:39:24 +0000 (10:39 +0100)
committer Patrick <patrick.schoenberger@posteo.de>
Wed, 26 Nov 2025 09:39:24 +0000 (10:39 +0100)
diff --git a/configuration.nix b/configuration.nix

index 01186454723e1c4a1c378933f45ac2c95ec98ff0..bc6863573229f2131c049bacb9092f1f98282811 100644 (file)
--- a/configuration.nix
+++ b/configuration.nix
@@ -31,11 +31,16 @@
      allowReboot = true;
    };
  
      allowReboot = true;
    };
  
-  networking.hostName = "pschdev"; # Define your hostname.
+  networking.hostName = "netcup"; # Define your hostname.
  
    networking.firewall = {
      enable = true;
  
    networking.firewall = {
      enable = true;
-    allowedTCPPorts = [ 80 443 7777 9418 ];
+    allowedTCPPorts = [
+      80 443 # http(s)
+      7777   # terraria
+      9418   # syncthing (?)
+      25565  # minecraft
+    ];
    };
  
    # Set your time zone.
    };
  
    # Set your time zone.
@@ -78,13 +83,16 @@
    nixpkgs.config.allowUnfree = true;
  
    nixpkgs.overlays = [
    nixpkgs.config.allowUnfree = true;
  
    nixpkgs.overlays = [
-    (inputs.psch-flakes.overlays.cgit)
+    (inputs.ps-flakes.overlays.cgit)
+    (inputs.ps-flakes.overlays.gitweb)
+    (inputs.nix-minecraft.overlay)
    ];
  
    # List packages installed in system profile. To search, run:
    # $ nix search wget
    environment.systemPackages = with pkgs; [
      vim wget file git fzf bat
    ];
  
    # List packages installed in system profile. To search, run:
    # $ nix search wget
    environment.systemPackages = with pkgs; [
      vim wget file git fzf bat
+    openssh
      helix
      gitui
      bintools
      helix
      gitui
      bintools
@@ -167,79 +175,126 @@
    # virtualisation.qemu.guestAgent.enable = true;
    programs.mosh.enable = true;
  
    # virtualisation.qemu.guestAgent.enable = true;
    programs.mosh.enable = true;
  
+  services.minecraft-servers = {
+    enable = true;
+    eula = true;
+    servers.fabric = {
+      enable = true;
+
+      serverProperties = {
+        difficulty = 2;
+        motd = "A Place on Earth";
+        white-list = true;
+      };
+      
+      package = pkgs.fabricServers.fabric-1_20_1;
+      # .override {
+      #   loaderVersion = "";
+      # }
+      symlinks = {
+        mods = pkgs.linkFarmFromDrvs "mods" (
+          builtins.attrValues {
+            Fabric-API = pkgs.fetchurl {
+              url = "https://cdn.modrinth.com/data/P7dR8mSH/versions/UapVHwiP/fabric-api-0.92.6%2B1.20.1.jar";
+              sha256 = "sha256-Ds5QR22jaSERqwS3WUXFRY5w2YzQae78BEqz5Xl33us=";
+            };
+            GlitchCore = pkgs.fetchurl {
+              url = "https://cdn.modrinth.com/data/s3dmwKy5/versions/25HLOiOl/GlitchCore-fabric-1.20.1-0.0.1.1.jar";
+              sha256 = "sha256-+359QjXKv4OVR4vEKu9rv9u++JUd3x9w9zcZ4LJMmcw=";
+            };
+            TerraBlender = pkgs.fetchurl {
+              url = "https://cdn.modrinth.com/data/kkmrDlKT/versions/J1S3aA8i/TerraBlender-fabric-1.20.1-3.0.1.10.jar";
+              sha256 = "sha256-0C2aoszwkSZLD87wdkQSi4I7NCGgK/xAORoBqhzNCiQ=";
+            };
+            BiomesOPlenty = pkgs.fetchurl {
+              url = "https://cdn.modrinth.com/data/HXF82T3G/versions/eZaag2ca/BiomesOPlenty-fabric-1.20.1-19.0.0.96.jar";
+              sha256 = "sha256-A4Kp4TNMtzbE8Nhs8NACEG1qmEU6cJlQ678Ok5gx6nI=";
+            };
+          }
+        );
+      };
+    };
+  };
+
    services.caddy = {
      enable = true;
  
    services.caddy = {
      enable = true;
  
-    virtualHosts."tnx.sh".extraConfig = ''
-      respond "The Website is under Construction."
-    '';
-    virtualHosts."psch.dev".extraConfig = ''
+    extraConfig = ''
+    psch.dev ps.run pasch.cc {
+      rewrite /git /git/
+      handle_path /git/* {
+        encode gzip zstd
+
+        @assets path /cgit.css /cgit.png /favicon.ico /robots.txt
+        handle /cgithub/* {
+          file_server {
+            root /srv/cgithub
+          }
+        }
+        handle @assets {
+          file_server {
+            root ${pkgs.cgit}/cgit
+          }
+        }
+        handle {
+          reverse_proxy unix//run/fcgiwrap-git.sock {
+            transport fastcgi {
+              env CGIT_CONFIG ${pkgs.writeText "cgitrc" ''
+                snapshots=tar tar.gz zip
+                enable-git-config=1
+                enable-index-owner=0
+                enable-log-filecount=1
+                enable-log-linecount=1
+                section-from-path=1
+                virtual-root=/git
+                css=/git/cgit.css
+                logo=/git/cgit.png
+                favicon=/git/favicon.ico
+                module-link=/%s/commit/?id=%s
+                clone-url=https://$HTTP_HOST/git/$CGIT_REPO_URL git://$HTTP_HOST/$CGIT_REPO_URL git@$HTTP_HOST:$CGIT_REPO_URL
+                noplainemail=1
+                repository-sort=age
+                about-filter=${pkgs.writeShellScript "markdown-filter" ''
+                  echo '<div class="markdown-body">'
+                  ${pkgs.md4c}/bin/md2html --github --ftables
+                  echo '</div>'
+                ''}
+                # source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py
+                head-include=/srv/cgithub/head-include.html
+                footer=/srv/cgithub/footer.html
+                readme=:readme.md
+                readme=:Readme.md
+                readme=:ReadMe.md
+                readme=:README.md
+                scan-path=/srv/git
+              ''}
+              env SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi
+            }
+          }
+        }
+      }
+
        basic_auth /julius_cam/* { test $2a$14$iKv0GlwavCunG0zQbaf2fOl4r4/8k8gDKUVUouu9Q3o.MfSDkp6Te }
        root * /srv/www
        file_server
        basic_auth /julius_cam/* { test $2a$14$iKv0GlwavCunG0zQbaf2fOl4r4/8k8gDKUVUouu9Q3o.MfSDkp6Te }
        root * /srv/www
        file_server
-    '';
-    virtualHosts."chirp.psch.dev".extraConfig = ''
+    }
+    tnx.sh {
+      respond "The Website is under Construction."
+    }
+    chirp.ps.run {
        reverse_proxy http://localhost:8080 {
          request_buffers 8192
        }
        reverse_proxy http://localhost:8080 {
          request_buffers 8192
        }
-    '';
-    virtualHosts."mail.psch.dev".extraConfig = ''
+    }
+    mail.psch.dev {
        respond mail
        respond mail
+    }
      '';
    };
      '';
    };
-  services.caddy.virtualHosts."git.psch.dev".extraConfig = ''
-    encode gzip zstd
-
-    @assets path /cgit.css /cgit.png /favicon.ico /robots.txt
-    handle /cgithub/* {
-      file_server {
-        root /srv/cgithub
-      }
-    }
-    handle @assets {
-      file_server {
-        root ${pkgs.cgit}/cgit
-      }
-    }
-    handle {
-      reverse_proxy unix//run/fcgiwrap-git.sock {
-        transport fastcgi {
-          env CGIT_CONFIG ${pkgs.writeText "cgitrc" ''
-            snapshots=tar tar.gz zip
-            enable-git-config=1
-            enable-index-owner=0
-            enable-log-filecount=1
-            enable-log-linecount=1
-            section-from-path=1
-            virtual-root=/
-            module-link=/%s/commit/?id=%s
-            clone-url=https://git.psch.dev/$CGIT_REPO_URL git://psch.dev/$CGIT_REPO_URL ssh://git@psch.dev/~/$CGIT_REPO_URL
-            noplainemail=1
-            side-by-side-diffs=1
-            repository-sort=age
-            about-filter=${pkgs.writeShellScript "markdown-filter" ''
-              echo '<div class="markdown-body">'
-              ${pkgs.md4c}/bin/md2html --github --ftables
-              echo '</div>'
-            ''}
-            # source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py
-            head-include=/srv/cgithub/head-include.html
-            footer=/srv/cgithub/footer.html
-            readme=:readme.md
-            readme=:Readme.md
-            readme=:ReadMe.md
-            readme=:README.md
-            scan-path=/srv/git
-          ''}
-          env SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi
-        }
-      }
-    }
-  '';
    # virtualHosts."git.psch.dev".extraConfig = ''
    #   reverse_proxy unix//run/anubis/anubis-cgit.sock
    # '';
    # virtualHosts."git.psch.dev".extraConfig = ''
    #   reverse_proxy unix//run/anubis/anubis-cgit.sock
    # '';
-  services.caddy.virtualHosts."gitweb.psch.dev".extraConfig = ''
+  services.caddy.virtualHosts."gitweb.ps.run".extraConfig = ''
      handle /static/* {
        file_server {
          root ${pkgs.gitweb}
      handle /static/* {
        file_server {
          root ${pkgs.gitweb}
@@ -289,6 +344,79 @@
      createHome = true;
    };
    users.groups.chirp = {};
      createHome = true;
    };
    users.groups.chirp = {};
+
+  systemd.services.poster-splitter =
+    let
+      poster-splitter-src = "/var/lib/postersplitter/repo";
+    in
+    {
+      description = "Poster Splitter";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" ];
+
+      serviceConfig = {
+        Type = "simple";
+        User = "poster";
+        Group = "poster";
+        WorkingDirectory = "${poster-splitter-src}";
+      
+        ExecStart = "${pkgs.bash}/bin/bash -c 'PATH=$PATH:${lib.makeBinPath [ pkgs.bash pkgs.python3 ]} LD_LIBRARY_PATH=${pkgs.stdenv.cc.cc.lib}/lib/ /var/lib/postersplitter/run.sh'";
+        Restart = "on-failure";
+      };
+    };
+  services.webhook = {
+    enable = true;
+    port = 8102;
+    user = "root";
+    group = "root";
+    hooks = {
+      "deploy-poster-splitter" = {
+        id = "deploy-poster-splitter";
+        response-message = "Deployed Poster Splitter";
+        execute-command = "/var/lib/postersplitter/deploy.sh";
+        command-working-directory = "/var/lib/postersplitter";
+        pass-environment-to-command = [
+          { source = "string"; envname = "PATH"; name = "${lib.makeBinPath [ pkgs.coreutils pkgs.sudo pkgs.systemd pkgs.openssh pkgs.git pkgs.bash pkgs.python3 pkgs.git ]}"; }
+        ];
+        trigger-rule = {
+          match = {
+            type = "payload-hmac-sha1";
+            secret = "mysecret";
+            parameter = {
+              source = "header";
+              name = "X-Hub-Signature";
+            };
+          };
+        };
+      };
+    };
+  };
+  services.caddy.virtualHosts."postersplitter.de".extraConfig = ''
+    # Route 1: Der Webhook
+    # Leitet Anfragen an /hooks/ an den Webhook-Dienst
+    @webhook path /hooks/*
+    handle @webhook {
+      reverse_proxy 127.0.0.1:8102
+    }
+
+    # Route 2: Die Flask App (alles andere)
+    # Muss NACH der Webhook-Route kommen
+    @all not path /hooks/*
+    handle @all {
+      reverse_proxy 127.0.0.1:8101
+    }
+  '';
+  users.users.poster = {
+    isSystemUser = true;
+    group = "poster";
+    home = "/var/lib/postersplitter";
+    createHome = true;
+    useDefaultShell = true;
+    packages = with pkgs; [
+      python314
+    ];
+  };
+  users.groups.poster = {};
    
    systemd.services.chirp = {
      description = "Chirp SystemD Service";
    
    systemd.services.chirp = {
      description = "Chirp SystemD Service";
diff --git a/flake.lock b/flake.lock

index 155582282a888417fd64110b0ec2c7a2c85d9b70..d5289a79e27156c441fe4569357c59b9d05542af 100644 (file)
--- a/flake.lock
+++ b/flake.lock
@@ -54,6 +54,22 @@
          "type": "github"
        }
      },
          "type": "github"
        }
      },
+    "flake-compat_2": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1747046372,
+        "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
      "flake-utils": {
        "inputs": {
          "systems": "systems"
      "flake-utils": {
        "inputs": {
          "systems": "systems"
@@ -108,6 +124,24 @@
          "type": "github"
        }
      },
          "type": "github"
        }
      },
+    "flake-utils_4": {
+      "inputs": {
+        "systems": "systems_4"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
      "git-hooks": {
        "inputs": {
          "flake-compat": [
      "git-hooks": {
        "inputs": {
          "flake-compat": [
@@ -156,13 +190,35 @@
          "type": "github"
        }
      },
          "type": "github"
        }
      },
+    "nix-minecraft": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "flake-utils": "flake-utils_3",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1764122622,
+        "narHash": "sha256-TcBFscZxMn9ZRe/bxDVG/pmvqdJGP/aXUUANDikU4NA=",
+        "owner": "Infinidoge",
+        "repo": "nix-minecraft",
+        "rev": "e6cfda9f65cb9bd38fa10efb4c43b09c9fe659eb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Infinidoge",
+        "repo": "nix-minecraft",
+        "type": "github"
+      }
+    },
      "nixpkgs": {
        "locked": {
      "nixpkgs": {
        "locked": {
-        "lastModified": 1751211869,
-        "narHash": "sha256-1Cu92i1KSPbhPCKxoiVG5qnoRiKTgR5CcGSRyLpOd7Y=",
+        "lastModified": 1763948260,
+        "narHash": "sha256-dY9qLD0H0zOUgU3vWacPY6Qc421BeQAfm8kBuBtPVE0=",
          "owner": "NixOS",
          "repo": "nixpkgs",
          "owner": "NixOS",
          "repo": "nixpkgs",
-        "rev": "b43c397f6c213918d6cfe6e3550abfe79b5d1c51",
+        "rev": "1c8ba8d3f7634acac4a2094eef7c32ad9106532c",
          "type": "github"
        },
        "original": {
          "type": "github"
        },
        "original": {
@@ -190,17 +246,17 @@
      },
      "psch-flakes": {
        "inputs": {
      },
      "psch-flakes": {
        "inputs": {
-        "flake-utils": "flake-utils_3",
+        "flake-utils": "flake-utils_4",
          "nixpkgs": [
            "nixpkgs"
          ]
        },
        "locked": {
          "nixpkgs": [
            "nixpkgs"
          ]
        },
        "locked": {
-        "lastModified": 1751534912,
-        "narHash": "sha256-UceGTTox8E1y4QNmsm7nlFXLncIBhPhONTsi6GZfdNA=",
+        "lastModified": 1764149497,
+        "narHash": "sha256-JJhhMJEd86fsAAUzAKKHsyW5Hz1DWne8BZ9ffd/jI3U=",
          "ref": "refs/heads/main",
          "ref": "refs/heads/main",
-        "rev": "2f75d496563e6b4053f21bd9a66bc4b06b09360c",
-        "revCount": 15,
+        "rev": "9a1d0c514456752694e317bfef7b500fa7caeee2",
+        "revCount": 18,
          "type": "git",
          "url": "git://psch.dev/flakes"
        },
          "type": "git",
          "url": "git://psch.dev/flakes"
        },
@@ -213,6 +269,7 @@
        "inputs": {
          "chirp": "chirp",
          "flake-utils": "flake-utils_2",
        "inputs": {
          "chirp": "chirp",
          "flake-utils": "flake-utils_2",
+        "nix-minecraft": "nix-minecraft",
          "nixpkgs": "nixpkgs",
          "psch-flakes": "psch-flakes",
          "simple-nixos-mailserver": "simple-nixos-mailserver"
          "nixpkgs": "nixpkgs",
          "psch-flakes": "psch-flakes",
          "simple-nixos-mailserver": "simple-nixos-mailserver"
@@ -221,7 +278,7 @@
      "simple-nixos-mailserver": {
        "inputs": {
          "blobs": "blobs",
      "simple-nixos-mailserver": {
        "inputs": {
          "blobs": "blobs",
-        "flake-compat": "flake-compat",
+        "flake-compat": "flake-compat_2",
          "git-hooks": "git-hooks",
          "nixpkgs": [
            "nixpkgs"
          "git-hooks": "git-hooks",
          "nixpkgs": [
            "nixpkgs"
@@ -229,11 +286,11 @@
          "nixpkgs-25_05": "nixpkgs-25_05"
        },
        "locked": {
          "nixpkgs-25_05": "nixpkgs-25_05"
        },
        "locked": {
-        "lastModified": 1747965231,
-        "narHash": "sha256-BW3ktviEhfCN/z3+kEyzpDKAI8qFTwO7+S0NVA0C90o=",
+        "lastModified": 1763302796,
+        "narHash": "sha256-mEc3SBjRYfMcbNFLxmCc5tRtlu3j+1q7zRz+nRraSFE=",
          "owner": "simple-nixos-mailserver",
          "repo": "nixos-mailserver",
          "owner": "simple-nixos-mailserver",
          "repo": "nixos-mailserver",
-        "rev": "53007af63fade28853408370c4c600a63dd97f41",
+        "rev": "5b38fb599f50e9d78325d1d2706e36303c166047",
          "type": "gitlab"
        },
        "original": {
          "type": "gitlab"
        },
        "original": {
@@ -287,6 +344,21 @@
          "repo": "default",
          "type": "github"
        }
          "repo": "default",
          "type": "github"
        }
+    },
+    "systems_4": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
      }
    },
    "root": "root",
      }
    },
    "root": "root",
diff --git a/flake.nix b/flake.nix

index 439c3e81342270bfcc2aa9b871cb2be24cea24e3..67209f6f5ad4516b71ec1cfbbd63c447a2555158 100644 (file)
--- a/flake.nix
+++ b/flake.nix
@@ -11,13 +11,18 @@
        inputs.nixpkgs.follows = "nixpkgs";
      };
  
        inputs.nixpkgs.follows = "nixpkgs";
      };
  
+    nix-minecraft = {
+      url = "github:Infinidoge/nix-minecraft";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
      chirp = {
        url = "git://psch.dev/chirp";
        inputs.nixpkgs.follows = "nixpkgs";
      };
  
      chirp = {
        url = "git://psch.dev/chirp";
        inputs.nixpkgs.follows = "nixpkgs";
      };
  
-    psch-flakes = {
-      url = "git://psch.dev/flakes";
+    ps-flakes = {
+      url = "git://ps.run/flakes";
        inputs.nixpkgs.follows = "nixpkgs";
      };
    };
        inputs.nixpkgs.follows = "nixpkgs";
      };
    };
@@ -30,6 +35,7 @@
          modules = [
            ./configuration.nix
            inputs.simple-nixos-mailserver.nixosModule
          modules = [
            ./configuration.nix
            inputs.simple-nixos-mailserver.nixosModule
+          inputs.nix-minecraft.nixosModules.minecraft-servers
          ];
        };
      };
          ];
        };
      };
author	Patrick <patrick.schoenberger@posteo.de>
	Wed, 26 Nov 2025 09:39:24 +0000 (10:39 +0100)
committer	Patrick <patrick.schoenberger@posteo.de>
	Wed, 26 Nov 2025 09:39:24 +0000 (10:39 +0100)
configuration.nix		patch \| blob \| history
flake.lock		patch \| blob \| history
flake.nix		patch \| blob \| history