diff options
4 files changed, 106 insertions, 0 deletions
diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix index 05949d0..fedf330 100755 --- a/host/Rory-nginx/configuration.nix +++ b/host/Rory-nginx/configuration.nix @@ -74,5 +74,9 @@ conduit = conduit; }; + containers."draupnir-cme" = import ./services/containers/draupnir-cme/container.nix { + inherit pkgs lib; + }; + system.stateVersion = "22.11"; # DO NOT EDIT! } diff --git a/host/Rory-nginx/services/containers/draupnir-cme/container.nix b/host/Rory-nginx/services/containers/draupnir-cme/container.nix new file mode 100755 index 0000000..b88a963 --- /dev/null +++ b/host/Rory-nginx/services/containers/draupnir-cme/container.nix @@ -0,0 +1,26 @@ +{ + pkgs, + lib, + conduit, + ... +}: + +{ + privateNetwork = true; + autoStart = true; + specialArgs = { + }; + config = + { + lib, + pkgs, + ... + }: + { + imports = [ ./root.nix ]; + }; + hostAddress = "192.168.100.16"; + localAddress = "192.168.100.17"; + hostAddress6 = "fc00::3"; + localAddress6 = "fc00::4"; +} diff --git a/host/Rory-nginx/services/containers/draupnir-cme/root.nix b/host/Rory-nginx/services/containers/draupnir-cme/root.nix new file mode 100755 index 0000000..6725c3b --- /dev/null +++ b/host/Rory-nginx/services/containers/draupnir-cme/root.nix @@ -0,0 +1,44 @@ +{ + config, + pkgs, + lib, + ... +}: + +{ + imports = [ + ./services/draupnir.nix + ]; + + environment.systemPackages = with pkgs; [ + neofetch + lnav + zsh + lsd + htop + btop + duf + kitty.terminfo + neovim + jq + yq + pv + dig + ]; + + environment.etc."resolv.conf".text = '' + nameserver 8.8.8.8 + nameserver 8.4.4.8 + nameserver 1.1.1.1 + nameserver 1.0.0.1 + ''; + + environment.etc."hosts".text = '' + 192.168.100.16 matrix.rory.gay + 192.168.100.16 rory.gay + ''; + + networking.firewall = { + enable = true; + }; +} diff --git a/host/Rory-nginx/services/containers/draupnir-cme/services/draupnir.nix b/host/Rory-nginx/services/containers/draupnir-cme/services/draupnir.nix new file mode 100755 index 0000000..9a31278 --- /dev/null +++ b/host/Rory-nginx/services/containers/draupnir-cme/services/draupnir.nix @@ -0,0 +1,32 @@ +{ + config, + pkgs, + lib, + ... +}: + +{ + services.draupnir = { + enable = true; + + settings = { + managementRoom = "#draupnir-mgmt:rory.gay"; + recordIgnoredInvites = true; # Let's log ignored invites, just incase + autojoinOnlyIfManager = true; # Let's not open ourselves up to DoS attacks + automaticallyRedactForReasons = [ "*" ]; # Always autoredact + fasterMembershipChecks = true; + homeserverUrl = "https://matrix.rory.gay" + + backgroundDelayMS = 10; # delay isn't needed, I don't mind the performance hit + pollReports = false; + + admin.enableMakeRoomAdminCommand = false; + commands.ban.defaultReasons = [ + "spam" + "harassment" + "transphobia" + "scam" + ]; + }; + }; +} |