summary refs log tree commit diff
diff options
context:
space:
mode:
-rwxr-xr-xhost/Rory-nginx/configuration.nix4
-rwxr-xr-xhost/Rory-nginx/services/containers/draupnir-cme/container.nix26
-rwxr-xr-xhost/Rory-nginx/services/containers/draupnir-cme/root.nix44
-rwxr-xr-xhost/Rory-nginx/services/containers/draupnir-cme/services/draupnir.nix32
4 files changed, 106 insertions, 0 deletions
diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix
index 05949d0..fedf330 100755
--- a/host/Rory-nginx/configuration.nix
+++ b/host/Rory-nginx/configuration.nix
@@ -74,5 +74,9 @@
     conduit = conduit;
   };
 
+  containers."draupnir-cme" = import ./services/containers/draupnir-cme/container.nix {
+    inherit pkgs lib;
+  };
+
   system.stateVersion = "22.11"; # DO NOT EDIT!
 }
diff --git a/host/Rory-nginx/services/containers/draupnir-cme/container.nix b/host/Rory-nginx/services/containers/draupnir-cme/container.nix
new file mode 100755
index 0000000..b88a963
--- /dev/null
+++ b/host/Rory-nginx/services/containers/draupnir-cme/container.nix
@@ -0,0 +1,26 @@
+{
+  pkgs,
+  lib,
+  conduit,
+  ...
+}:
+
+{
+  privateNetwork = true;
+  autoStart = true;
+  specialArgs = {
+  };
+  config =
+    {
+      lib,
+      pkgs,
+      ...
+    }:
+    {
+      imports = [ ./root.nix ];
+    };
+  hostAddress = "192.168.100.16";
+  localAddress = "192.168.100.17";
+  hostAddress6 = "fc00::3";
+  localAddress6 = "fc00::4";
+}
diff --git a/host/Rory-nginx/services/containers/draupnir-cme/root.nix b/host/Rory-nginx/services/containers/draupnir-cme/root.nix
new file mode 100755
index 0000000..6725c3b
--- /dev/null
+++ b/host/Rory-nginx/services/containers/draupnir-cme/root.nix
@@ -0,0 +1,44 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+
+{
+  imports = [
+    ./services/draupnir.nix
+  ];
+
+  environment.systemPackages = with pkgs; [
+    neofetch
+    lnav
+    zsh
+    lsd
+    htop
+    btop
+    duf
+    kitty.terminfo
+    neovim
+    jq
+    yq
+    pv
+    dig
+  ];
+
+  environment.etc."resolv.conf".text = ''
+    nameserver 8.8.8.8
+    nameserver 8.4.4.8
+    nameserver 1.1.1.1
+    nameserver 1.0.0.1
+  '';
+
+  environment.etc."hosts".text = ''
+    192.168.100.16 matrix.rory.gay
+    192.168.100.16 rory.gay
+  '';
+
+  networking.firewall = {
+    enable = true;
+  };
+}
diff --git a/host/Rory-nginx/services/containers/draupnir-cme/services/draupnir.nix b/host/Rory-nginx/services/containers/draupnir-cme/services/draupnir.nix
new file mode 100755
index 0000000..9a31278
--- /dev/null
+++ b/host/Rory-nginx/services/containers/draupnir-cme/services/draupnir.nix
@@ -0,0 +1,32 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+
+{
+  services.draupnir = {
+    enable = true;
+
+    settings = {
+      managementRoom = "#draupnir-mgmt:rory.gay";
+      recordIgnoredInvites = true; # Let's log ignored invites, just incase
+      autojoinOnlyIfManager = true; # Let's not open ourselves up to DoS attacks
+      automaticallyRedactForReasons = [ "*" ]; # Always autoredact
+      fasterMembershipChecks = true;
+      homeserverUrl = "https://matrix.rory.gay"
+
+      backgroundDelayMS = 10; # delay isn't needed, I don't mind the performance hit
+      pollReports = false;
+
+      admin.enableMakeRoomAdminCommand = false;
+      commands.ban.defaultReasons = [
+        "spam"
+        "harassment"
+        "transphobia"
+        "scam"
+      ];
+    };
+  };
+}