From 40bfa51153bb38e0471ab05937b018d0ba255f0d Mon Sep 17 00:00:00 2001 From: TheArcaneBrony Date: Wed, 6 Sep 2023 23:30:26 +0200 Subject: Add container --- host/Rory-nginx/configuration.nix | 4 +++ .../containers/pluralcontactbotpoc/conduit.nix | 33 ++++++++++++++++++++++ .../containers/pluralcontactbotpoc/container.nix | 28 ++++++++++++++++++ .../containers/pluralcontactbotpoc/root.nix | 11 ++++++++ host/Rory-nginx/services/nginx/rory.gay/root.nix | 3 +- 5 files changed, 77 insertions(+), 2 deletions(-) create mode 100755 host/Rory-nginx/services/containers/pluralcontactbotpoc/conduit.nix create mode 100755 host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix create mode 100755 host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix (limited to 'host') diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix index 7e32da0..3a62626 100755 --- a/host/Rory-nginx/configuration.nix +++ b/host/Rory-nginx/configuration.nix @@ -25,5 +25,9 @@ } ]; }; + containers."pluralcontactbotpoc" = import ./services/containers/pluralcontactbotpoc.nix { + inherit pkgs lib; + }; + system.stateVersion = "22.11"; # DO NOT EDIT! } diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/conduit.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/conduit.nix new file mode 100755 index 0000000..f2fdad6 --- /dev/null +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/conduit.nix @@ -0,0 +1,33 @@ +{ config, pkgs, lib, conduit, ... }: + +{ + services.matrix-conduit = { + package = conduit.packages.${pkgs.system}.default; + enable = true; + settings.global = { + address = "127.0.0.1"; + server_name = "pcpoc.rory.gay"; + database_backend = "rocksdb"; + enable_lightning_bolt = true; + max_concurrent_requests = 1000; + allow_check_for_updates = false; + allow_registration = false; + }; + }; + systemd.services.matrix-conduit-reg-token = { + description = "Random registration token for Conduit."; + before = ["conduit.service"]; # So the registration can be used by Conduit. + after = ["matrix-synapse-reg-token.service"]; + + script = '' + mkdir -p /run/systemd/system/conduit.service.d + echo Environment=\"CONDUIT_REGISTRATION_TOKEN=$(cat /var/lib/matrix-synapse/registration_shared_secret.txt)\" > /run/systemd/system/conduit.service.d/override.conf + systemctl daemon-reload''; + serviceConfig = { + User = "root"; + Group = "root"; + }; + }; + system.stateVersion = "22.11"; # DO NOT EDIT! +} + diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix new file mode 100755 index 0000000..39f593e --- /dev/null +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix @@ -0,0 +1,28 @@ +{ pkgs, lib, ... }: + +{ +# imports = +# [ +# ./root.nix +# ]; + + privateNetwork = true; + autoStart = true; + + + # config is root.nix with networking overridden + config = import ./root.nix { + inherit config; + etc."resolv.conf".text = '' + nameserver 8.8.8.8 + nameserver 8.4.4.8 + nameserver 1.1.1.1 + nameserver 1.0.0.1 + ''; + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + }; + +} \ No newline at end of file diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix new file mode 100755 index 0000000..3dbf243 --- /dev/null +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix @@ -0,0 +1,11 @@ +{ config, pkgs, lib, botcore-v4, ... }: + +{ + imports = + [ + ./nginx.nix + ./conduit.nix + ]; + + system.stateVersion = "22.11"; # DO NOT EDIT! +} \ No newline at end of file diff --git a/host/Rory-nginx/services/nginx/rory.gay/root.nix b/host/Rory-nginx/services/nginx/rory.gay/root.nix index be4b415..9e96a4f 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/root.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/root.nix @@ -45,6 +45,5 @@ ]; } }'; - ''; - + ''; } -- cgit 1.4.1