Add Linux Mint Draupnir instance

4 files changed, 119 insertions, 0 deletions

diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix

index d7c9bcb..ce9c2ad 100755
--- a/host/Rory-nginx/configuration.nix
+++ b/host/Rory-nginx/configuration.nix
@@ -79,5 +79,9 @@
     inherit pkgs lib nixpkgs-Draupnir;
   };
 
+  containers."draupnir-linux-mint" = import ./services/containers/draupnir-linux-mint/container.nix {
+    inherit pkgs lib nixpkgs-Draupnir;
+  };
+
   system.stateVersion = "22.11"; # DO NOT EDIT!
 }
diff --git a/host/Rory-nginx/services/containers/draupnir-linux-mint/container.nix b/host/Rory-nginx/services/containers/draupnir-linux-mint/container.nix
new file mode 100755

index 0000000..8d2bc44
--- /dev/null
+++ b/host/Rory-nginx/services/containers/draupnir-linux-mint/container.nix
@@ -0,0 +1,41 @@
+{
+  pkgs,
+  lib,
+  nixpkgs-Draupnir,
+  ...
+}:
+
+{
+  privateNetwork = true;
+  autoStart = true;
+  specialArgs = {
+    inherit nixpkgs-Draupnir;
+  };
+  config =
+    {
+      lib,
+      pkgs,
+      ...
+    }:
+    {
+      imports = [ 
+        ./root.nix
+        "${nixpkgs-Draupnir}/nixos/modules/services/matrix/draupnir.nix"
+      ];
+      nixpkgs.overlays = [
+        (final: prev: {
+          draupnir = nixpkgs-Draupnir.legacyPackages.${pkgs.stdenv.hostPlatform.system}.draupnir;
+        })
+      ];
+    };
+  hostAddress = "192.168.100.16";
+  localAddress = "192.168.100.17";
+  #hostAddress6 = "fc00::3";
+  #localAddress6 = "fc00::4";
+
+  bindMounts."draupnir-access-token" = {
+    hostPath = "/etc/draupnir-linux-mint-access-token";
+    mountPoint = "/etc/draupnir-access-token";
+    isReadOnly = true;
+  };
+}
diff --git a/host/Rory-nginx/services/containers/draupnir-linux-mint/root.nix b/host/Rory-nginx/services/containers/draupnir-linux-mint/root.nix
new file mode 100755

index 0000000..cf6f8c0
--- /dev/null
+++ b/host/Rory-nginx/services/containers/draupnir-linux-mint/root.nix
@@ -0,0 +1,43 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+
+{
+  imports = [
+    ./services/draupnir.nix
+  ];
+
+  environment.systemPackages = with pkgs; [
+    neofetch
+    lnav
+    zsh
+    lsd
+    htop
+    btop
+    duf
+    kitty.terminfo
+    neovim
+    jq
+    yq
+    pv
+    dig
+  ];
+
+  environment.etc."resolv.conf".text = ''
+    nameserver 8.8.8.8
+    nameserver 8.4.4.8
+    nameserver 1.1.1.1
+    nameserver 1.0.0.1
+  '';
+
+  networking.hosts = {
+    "192.168.100.16" = [ "matrix.rory.gay" "rory.gay" ];
+  };
+  
+  networking.firewall = {
+    enable = true;
+  };
+}
diff --git a/host/Rory-nginx/services/containers/draupnir-linux-mint/services/draupnir.nix b/host/Rory-nginx/services/containers/draupnir-linux-mint/services/draupnir.nix
new file mode 100755

index 0000000..1eb159b
--- /dev/null
+++ b/host/Rory-nginx/services/containers/draupnir-linux-mint/services/draupnir.nix
@@ -0,0 +1,31 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+
+{
+  services.draupnir = {
+    enable = true;
+    accessTokenFile = "/etc/draupnir-access-token";
+
+    settings = {
+      managementRoom = "#draupnir-linux-mint:rory.gay";
+      recordIgnoredInvites = true; # We want to be aware of invites
+      autojoinOnlyIfManager = true; # ... but we don't want the bot to be invited to eg. Matrix HQ...
+      automaticallyRedactForReasons = [ "*" ]; # Always autoredact
+      fasterMembershipChecks = true;
+      homeserverUrl = "https://matrix.rory.gay";
+
+      backgroundDelayMS = 10; # delay isn't needed, I don't mind the performance hit
+      pollReports = false;
+
+      admin.enableMakeRoomAdminCommand = false;
+      commands.ban.defaultReasons = [
+        "spam"
+        "code of conduct violation"
+      ];
+    };
+  };
+}