Begin modularization!

11 files changed, 343 insertions, 0 deletions

diff --git a/roles/default.nix b/roles/default.nix
new file mode 100644
index 0000000..420eaeb
--- /dev/null
+++ b/roles/default.nix
@@ -0,0 +1,9 @@
+{ ... }:
+
+{
+  imports = [
+    ./desktop
+    ./minecraft
+    ./web
+  ];
+}
diff --git a/roles/desktop/default.nix b/roles/desktop/default.nix
new file mode 100644
index 0000000..c2fae92
--- /dev/null
+++ b/roles/desktop/default.nix
@@ -0,0 +1,61 @@
+{ config, pkgs, lib, ... }:
+with lib;
+
+let cfg = config.roles.desktop; in {
+  imports = [
+    ./input.nix
+    ./xserver.nix
+  ];
+
+  options.roles.desktop = {
+    enable = mkEnableOption "desktop";
+  };
+
+  config = mkIf cfg.enable {
+    security.rtkit.enable = true;
+
+    i18n.inputMethod.enable = true;
+
+    services = {
+      displayManager.enable = true;
+
+      xserver = {
+        enable = true;
+        displayManager.lightdm.enable = true;
+        windowManager.i3.enable = true;
+      };
+      
+      keyd.enable = true;
+
+      pipewire = {
+        enable = true;
+
+        pulse.enable = true;
+        alsa.enable = true;
+        alsa.support32Bit = true;
+        #jack.enable = true;
+      };
+    };
+
+    fonts = {
+      packages = with pkgs; [
+        nerdfonts
+        noto-fonts
+        noto-fonts-cjk
+        noto-fonts-cjk-sans
+        noto-fonts-cjk-serif
+        noto-fonts-emoji
+
+        minecraftia
+      ];
+
+      fontconfig = {
+        defaultFonts = {
+          monospace = [ "CaskaydiaMono Nerd Font" ];
+          sansSerif = [ "DejaVu Sans" "Noto Sans CJK JP" "Noto Sans" ];
+          serif = [ "DejaVu Serif" "Noto Serif CJK JP" "Noto Serif" ];
+        };
+      };
+    };
+  };
+}
diff --git a/roles/desktop/input.nix b/roles/desktop/input.nix
new file mode 100644
index 0000000..20e9da8
--- /dev/null
+++ b/roles/desktop/input.nix
@@ -0,0 +1,31 @@
+{ pkgs, ... }:
+
+{
+  services.keyd = {
+    keyboards."*".settings = {
+      main = {
+        # Swap alt and meta keys.
+        # I prefer (physical) alt as my WM modifier key because it
+        #   is easier to reach. This can collide with some programs
+        #   shortcuts if they inlcude alt. Swapping alt and meta fixes
+        #   this by making my WM mod key (software) meta, freeing up alt.
+
+        leftalt = "leftmeta";
+        leftmeta = "leftalt";
+
+        rightalt = "rightmeta";
+        rightmeta = "rightalt";
+      };
+    };
+  };
+
+  i18n.inputMethod = {
+    type = "fcitx5";
+    fcitx5.addons = with pkgs; [ fcitx5-mozc ];
+  };
+
+  environment.variables = {
+    # Required for fcitx5 support in kitty
+    GLFW_IM_MODULE = "ibus";
+  };
+}
diff --git a/roles/desktop/xserver.nix b/roles/desktop/xserver.nix
new file mode 100644
index 0000000..461de83
--- /dev/null
+++ b/roles/desktop/xserver.nix
@@ -0,0 +1,28 @@
+{ pkgs, ... }:
+
+{
+  services.displayManager = {
+    defaultSession = "none+i3";
+  };
+
+  services.xserver = {
+    videoDrivers = [ "amdgpu" ];
+
+    displayManager = {
+      setupCommands = ''
+        if ${pkgs.xorg.xrandr}/bin/xrandr --query | grep 2560x1080; then
+          ${pkgs.xorg.xrandr}/bin/xrandr --output DVI-D-0 --mode 1920x1080  --rate 60  --pos 0x0
+          ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-2 --mode 2560x1080  --rate 60  --pos 1920x0 --primary
+          ${pkgs.xorg.xrandr}/bin/xrandr --output HDMI-A-0 --mode 1920x1080  --rate 75  --pos 4480x0
+        elif ${pkgs.xorg.xrandr}/bin/xrandr --query | grep 2560x1440; then
+          ${pkgs.xorg.xrandr}/bin/xrandr --output DVI-D-0 --mode 1920x1080 --rate 60 --pos 0x360
+          ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-2 --mode 2560x1440 --rate 165 --pos 1920x0 --primary
+          ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-1 --mode 1920x1200 --rate 60 --pos 4480x0
+        fi
+      '';
+    };
+
+    xkb.layout = "us";
+#    xkb.options = "eurosign:e,caps:escape";
+  };
+}
diff --git a/roles/minecraft/default.nix b/roles/minecraft/default.nix
new file mode 100644
index 0000000..1af96d8
--- /dev/null
+++ b/roles/minecraft/default.nix
@@ -0,0 +1,29 @@
+{ config, pkgs, lib, inputs, ... }:
+with lib;
+
+let cfg = config.roles.minecraft; in {
+  imports = [
+    ./servers
+  ];
+
+  options.roles.minecraft = {
+    enable = mkEnableOption "minecraft server role";
+  };
+
+  config = mkIf cfg.enable {
+    nixpkgs = {
+      overlays = [ inputs.nix-minecraft.overlay ];
+      config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+        "minecraft-server"
+      ];
+    };
+
+    programs.tmux.enable = true;
+
+    services.minecraft-servers = {
+      enable = true;
+      eula = true;
+      openFirewall = true;
+    };
+  };
+}
diff --git a/roles/minecraft/servers/default.nix b/roles/minecraft/servers/default.nix
new file mode 100644
index 0000000..33ad532
--- /dev/null
+++ b/roles/minecraft/servers/default.nix
@@ -0,0 +1,7 @@
+{ ... }:
+
+{
+  imports = [
+    ./test.nix
+  ];
+}
diff --git a/roles/minecraft/servers/test.nix b/roles/minecraft/servers/test.nix
new file mode 100644
index 0000000..cba264d
--- /dev/null
+++ b/roles/minecraft/servers/test.nix
@@ -0,0 +1,67 @@
+{ config, pkgs, lib, ... }:
+with lib;
+
+let cfg = config.roles.minecraft.servers.test; in {
+  options.roles.minecraft.servers.test = {
+    enable = mkEnableOption "test server role";
+
+    port = mkOption {
+      type = types.port;
+      default = 25565;
+      description = "server port";
+    };
+
+    start = mkOption {
+      type = types.bool;
+      default = false;
+      description = "autostart";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    services.minecraft-servers.servers.test = {
+      enable = true;
+      openFirewall = true;
+      autoStart = cfg.start;
+
+      package = pkgs.fabricServers.fabric-1_21;
+
+      whitelist = {
+        "Townscaper" = "57697615-5b5b-4730-bdaf-5f74ff3ab20d";
+        "grippysockjail" = "9448c89d-34eb-4e2c-a231-8112eb1a9e4a";
+      };
+
+      operators = {
+        "Townscaper" = {
+          uuid = "57697615-5b5b-4730-bdaf-5f74ff3ab20d";
+          level = 4;
+          bypassesPlayerLimit = true;
+        };
+        "grippysockjail" = "9448c89d-34eb-4e2c-a231-8112eb1a9e4a";
+      };
+
+      serverProperties = {
+        gamemode = 1;
+        max-players = 1;
+        motd = ":3";
+        port = cfg.port;
+      };
+
+      symlinks.mods = pkgs.linkFarmFromDrvs "mods" (builtins.attrValues {
+        fabric = pkgs.fetchurl {
+          url = "https://cdn.modrinth.com/data/P7dR8mSH/versions/vMQdA5QJ/fabric-api-0.100.7%2B1.21.jar";
+          sha256 = "sha256-grNmYgSekBaTztR1SLbqZCOC6+QNUDLe4hp105qfibA=";
+        };
+        noChatReports = pkgs.fetchurl {
+          url = "https://cdn.modrinth.com/data/qQyHxfxd/versions/riMhCAII/NoChatReports-FABRIC-1.21-v2.8.0.jar";
+          sha256 = "sha256-jskscOeK3ri2dt3mvWLPVmzddwPqBHJ8Ps+VfZ6l9os=";
+        };
+      });
+    };
+  };
+}
+
+
+
+
+
diff --git a/roles/web/default.nix b/roles/web/default.nix
new file mode 100644
index 0000000..bbcc246
--- /dev/null
+++ b/roles/web/default.nix
@@ -0,0 +1,9 @@
+{ ... }:
+
+{
+  imports = [
+    ./proxy
+    ./stargazers
+    ./test
+  ];
+}
diff --git a/roles/web/proxy/default.nix b/roles/web/proxy/default.nix
new file mode 100644
index 0000000..879ef12
--- /dev/null
+++ b/roles/web/proxy/default.nix
@@ -0,0 +1,28 @@
+{ config, pkgs, lib, inputs, ... }:
+with lib;
+
+let cfg = config.roles.web.proxy; in {
+  options.roles.web.proxy = {
+    enable = mkEnableOption "nginx reverse proxy";
+  };
+
+  config = mkIf cfg.enable {
+    networking.firewall.allowedTCPPorts = [ 80 ];
+
+    services.nginx = {
+      enable = true;
+      virtualHosts = {
+        "localhost".locations = {
+          "/test" = {
+            recommendedProxySettings = true;
+            proxyPass = "http://192.168.0.2/";
+          };
+          "/stargazers" = {
+            recommendedProxySettings = true;
+            proxyPass = "http://192.168.0.3/";
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/roles/web/stargazers/default.nix b/roles/web/stargazers/default.nix
new file mode 100644
index 0000000..78b37d3
--- /dev/null
+++ b/roles/web/stargazers/default.nix
@@ -0,0 +1,37 @@
+{ config, pkgs, lib, inputs, ... }:
+with lib;
+
+let cfg = config.roles.web.stargazers; in {
+  options.roles.web.stargazers = {
+    enable = mkEnableOption "stargazers webserver";
+  };
+
+  config = mkIf cfg.enable {
+    containers.web-stargazers = {
+      autoStart = true;
+
+      privateNetwork = true;
+      hostAddress = "192.168.0.1";
+      localAddress = "192.168.0.3";
+
+      bindMounts = {
+        "/srv/web/stargazers" = {
+          hostPath = "/srv/web/stargazers";
+          isReadOnly = true;
+        };
+      };
+
+      config = { ... }: {
+        system.stateVersion = "23.11";
+        networking.firewall.allowedTCPPorts = [ 80 ];
+
+        services.nginx = {
+          enable = true;
+          virtualHosts = {
+            "192.168.0.3".root = "/srv/web/stargazers";
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/roles/web/test/default.nix b/roles/web/test/default.nix
new file mode 100644
index 0000000..04bc1a7
--- /dev/null
+++ b/roles/web/test/default.nix
@@ -0,0 +1,37 @@
+{ config, pkgs, lib, inputs, ... }:
+with lib;
+
+let cfg = config.roles.web.test; in {
+  options.roles.web.test = {
+    enable = mkEnableOption "test webserver";
+  };
+
+  config = mkIf cfg.enable {
+    containers.web-test = {
+      autoStart = true;
+
+      privateNetwork = true;
+      hostAddress = "192.168.0.1";
+      localAddress = "192.168.0.2";
+
+      bindMounts = {
+        "/srv/web/test" = {
+          hostPath = "/srv/web/test";
+          isReadOnly = true;
+        };
+      };
+
+      config = { ... }: {
+        system.stateVersion = "23.11";
+        networking.firewall.allowedTCPPorts = [ 80 ];
+
+        services.nginx = {
+          enable = true;
+          virtualHosts = {
+            "192.168.0.2".root = "/srv/web/test";
+          };
+        };
+      };
+    };
+  };
+}