diff --git a/.sops.yaml b/.sops.yaml index 9facbab..eb0f26b 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -3,6 +3,7 @@ keys: - &erwin_horus age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg - &loki age1m93jeyexus2uqvrk99r7hh0xp7qxk55tgmju4h422dfkf92jce2sxpntu5 - &ci age1tmlx45s4f6qp929839yd5y5vxkj2z4z8wmhqsnne9j8j5uwx6p8qssun8l + - &factorio age1vvxx738y8aq6sgvagz4rrjgnzuekdl20vltmp026qfnax7mdldrs3j4nrf - &frigate age1gtzlyyxdnt23xzyq6lq5ye645egxl7up25agxw23nuhjl6ax0dmqrlqvpf - &gitea age1mh39yv2j3ltl50tjnqqgjctxth3nxa74ggwn29dpvcv08qd0psnssajsmd - &gitea-runner age19jrte20w4e5u83m5s8m8c2ca6sha6e2l2k66g28jz4mpkfs0f3jq26rdp2 @@ -29,6 +30,12 @@ creation_rules: - *erwin - *erwin_horus - *ci + - path_regex: machines/factorio/[^/]+\.yaml$ + key_groups: + - age: + - *erwin + - *erwin_horus + - *factorio - path_regex: machines/frigate/[^/]+\.yaml$ key_groups: - age: diff --git a/machines/default.nix b/machines/default.nix index 14c87d8..c00f3a1 100644 --- a/machines/default.nix +++ b/machines/default.nix @@ -10,6 +10,15 @@ inputs: { # tags = [ "container" ]; # }; }; + factorio = { + config = import ./factorio/configuration.nix inputs; + deploy = { + host = "10.0.0.82"; + # host = "factorio.barn-beaver.ts.net"; + targetUser = "erwin"; + tags = [ "container" ]; + }; + }; frigate = { config = import ./frigate/configuration.nix inputs; deploy = { diff --git a/machines/factorio/configuration.nix b/machines/factorio/configuration.nix new file mode 100644 index 0000000..7d4b9f1 --- /dev/null +++ b/machines/factorio/configuration.nix @@ -0,0 +1,99 @@ +{ + self, + ... +}: +{ + modulesPath, + ... +}: +{ + imports = [ + (modulesPath + "/virtualisation/lxc-container.nix") + + ../../users/root + ../../users/erwin + + ./factorio.nix + ]; + + eboskma = { + users.erwin = { + enable = true; + server = true; + }; + nix-common = { + enable = true; + remote-builders = true; + }; + rust-motd.enable = true; + tailscale.enable = true; + }; + + boot = { + isContainer = true; + }; + + time.timeZone = "Europe/Amsterdam"; + + system.configurationRevision = self.inputs.nixpkgs.lib.mkIf (self ? rev) self.rev; + + networking = { + hostName = "factorio"; + useDHCP = false; + useHostResolvConf = false; + networkmanager.enable = false; + useNetworkd = true; + nftables.enable = true; + + firewall.trustedInterfaces = [ "tailscale0" ]; + }; + + systemd = { + services = { + factorio.serviceConfig = { + User = "factorio"; + }; + logrotate-checkconf.enable = false; + }; + + network = { + enable = true; + + wait-online.anyInterface = true; + + networks = { + "40-eth0" = { + matchConfig = { + Name = "eth0"; + }; + + networkConfig = { + Address = "10.0.0.208/24"; + Gateway = "10.0.0.1"; + DNS = "10.0.0.206"; + DHCP = "no"; + }; + }; + }; + }; + }; + + security = { + sudo-rs = { + enable = true; + execWheelOnly = true; + wheelNeedsPassword = false; + }; + sudo.enable = false; + }; + + sops.defaultSopsFile = ./secrets.yaml; + sops.secrets = { + factorio-config = { + owner = "factorio"; + group = "factorio"; + }; + }; + + system.stateVersion = "24.11"; +} diff --git a/machines/factorio/factorio.nix b/machines/factorio/factorio.nix new file mode 100644 index 0000000..c9973be --- /dev/null +++ b/machines/factorio/factorio.nix @@ -0,0 +1,41 @@ +{ pkgs, lib, ... }: +let + modDir = ./mods; + modList = lib.pipe modDir [ + builtins.readDir + (lib.filterAttrs (_: v: v == "regular")) + (lib.mapAttrsToList (k: _: k)) + (builtins.filter (lib.hasSuffix ".zip")) + ]; + + validPath = + modFileName: + builtins.path { + path = "${modDir}/${modFileName}"; + name = lib.strings.sanitizeDerivationName modFileName; + }; + + modToDrv = + modFileName: + pkgs.runCommand "copy-factorio-mods" { } '' + mkdir $out + ln -s '${validPath modFileName}' $out/'${modFileName}' + '' + // { + deps = [ ]; + }; +in +{ + services = { + factorio = { + enable = true; + game-name = "stats-export-test"; + saveName = "stats-export-test"; + mods = builtins.map modToDrv modList; + lan = true; + admins = [ "eboskma" ]; + nonBlockingSaving = true; + }; + }; + +} diff --git a/machines/factorio/mods/EditorExtensions_2.3.1.zip b/machines/factorio/mods/EditorExtensions_2.3.1.zip new file mode 100644 index 0000000..9505217 Binary files /dev/null and b/machines/factorio/mods/EditorExtensions_2.3.1.zip differ diff --git a/machines/factorio/mods/OrePatchOrganizer_0.2.2.zip b/machines/factorio/mods/OrePatchOrganizer_0.2.2.zip new file mode 100644 index 0000000..1c1c5a2 Binary files /dev/null and b/machines/factorio/mods/OrePatchOrganizer_0.2.2.zip differ diff --git a/machines/factorio/mods/RateCalculator_3.3.2.zip b/machines/factorio/mods/RateCalculator_3.3.2.zip new file mode 100644 index 0000000..64a0c84 Binary files /dev/null and b/machines/factorio/mods/RateCalculator_3.3.2.zip differ diff --git a/machines/factorio/mods/VehicleSnap_2.0.0.zip b/machines/factorio/mods/VehicleSnap_2.0.0.zip new file mode 100644 index 0000000..1093285 Binary files /dev/null and b/machines/factorio/mods/VehicleSnap_2.0.0.zip differ diff --git a/machines/factorio/mods/blueprint-sandboxes_2.1.6.zip b/machines/factorio/mods/blueprint-sandboxes_2.1.6.zip new file mode 100644 index 0000000..155053c Binary files /dev/null and b/machines/factorio/mods/blueprint-sandboxes_2.1.6.zip differ diff --git a/machines/factorio/mods/calculator-ui_2.0.1.zip b/machines/factorio/mods/calculator-ui_2.0.1.zip new file mode 100644 index 0000000..dbf08f7 Binary files /dev/null and b/machines/factorio/mods/calculator-ui_2.0.1.zip differ diff --git a/machines/factorio/mods/car-finder_2.0.0.zip b/machines/factorio/mods/car-finder_2.0.0.zip new file mode 100644 index 0000000..68a9023 Binary files /dev/null and b/machines/factorio/mods/car-finder_2.0.0.zip differ diff --git a/machines/factorio/mods/even-distribution_2.0.2.zip b/machines/factorio/mods/even-distribution_2.0.2.zip new file mode 100644 index 0000000..2d8c527 Binary files /dev/null and b/machines/factorio/mods/even-distribution_2.0.2.zip differ diff --git a/machines/factorio/mods/factorio-prometheus-exporter_0.2.2.zip b/machines/factorio/mods/factorio-prometheus-exporter_0.2.2.zip new file mode 100644 index 0000000..f32dd1f Binary files /dev/null and b/machines/factorio/mods/factorio-prometheus-exporter_0.2.2.zip differ diff --git a/machines/factorio/mods/flib_0.15.0.zip b/machines/factorio/mods/flib_0.15.0.zip new file mode 100644 index 0000000..9662cb3 Binary files /dev/null and b/machines/factorio/mods/flib_0.15.0.zip differ diff --git a/machines/factorio/mods/power-grid-comb_2.0.0.zip b/machines/factorio/mods/power-grid-comb_2.0.0.zip new file mode 100644 index 0000000..3bfcecf Binary files /dev/null and b/machines/factorio/mods/power-grid-comb_2.0.0.zip differ diff --git a/machines/factorio/mods/squeak-through-2_0.1.2.zip b/machines/factorio/mods/squeak-through-2_0.1.2.zip new file mode 100644 index 0000000..9231e7e Binary files /dev/null and b/machines/factorio/mods/squeak-through-2_0.1.2.zip differ diff --git a/machines/factorio/secrets.yaml b/machines/factorio/secrets.yaml new file mode 100644 index 0000000..52a391a --- /dev/null +++ b/machines/factorio/secrets.yaml @@ -0,0 +1,39 @@ +factorio-config: ENC[AES256_GCM,data:Nso4QXpdmTL7jzWYJfv4TwZ68VQ8GflOpiuQx2t9kWEgeAQ1Ajq7TlG61gLKROKKGLt2FOok9tJb63Hm+HPiIyI=,iv:eMjhMhJ7kkxfJyZ0PIA72tygOFFamKneHHm5Ee+xYjs=,tag:flOiObW4RZ1ZTv/3TrWszw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1h7ddyj66gcqt5vnzphjfn6y5tul79q0glcdl0et9w44z2evl999qe02wht + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLMDJ4clJoa01OVmxYZVVL + Skxuc25VN2FNaXFDc2R3VXBrSWxBRmRlREcwClhoV3NlQkU5NHpKRStkWldZMXJK + ZVVDRE84c3NpUDJuTzZZa1hYMkIvQXcKLS0tIG5kYUx6L01JSDg3aklnVlY5bnNP + MUwvbzlackF2MW43R0k1M0piNEJtOEEKSuni5C7DZj8wmmLLvNg/TzaC8RNYr+kL + 44rMX6m34fl9dNjSthsYrc21ygXTYgDvQ2AxeRqKZtFQLOTUxcXerQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0UllsRkx1MG9QM0U4aTdl + TUtySG9BamdmcjBKOWdSakdORTdaZ2pVNXhNCnhWRlBxT2p6Yyt5RXZRR3c5endR + cXlobm5oRERzMEZvTkNEVHBsNWZMemMKLS0tIGVablNKMnVnaGxYVXpGZENic3p4 + UDVBZEZBREMveXJSZHJNTk5vT05WMWMKKzwG7SXFEqhr4xYXVYTMkkhuRHkUcpt/ + I/f991vQHNpBP0ogOIx8O8wLa8fhzaBCcHwh3a2sdSLJJk7C22lBDQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1vvxx738y8aq6sgvagz4rrjgnzuekdl20vltmp026qfnax7mdldrs3j4nrf + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0ZnQ3MlE1eDU5ZXdIelAr + NXZkWDhlaFFGSUd4ZHdUL1U0TStCS281RDBjCjJpclJTdWNVSUxQUFhENWU5M01u + RTNjcy8zK1pYcjE1cWIwNDJMQ25TcjgKLS0tIEs5NHh4QXB2M3pnSXkzYStVeGU1 + a1hiTjkvSHNWbFg0bWVHMHRtYVAxeEkKjZu0JJLN8gvEOnRuNVZjNEei83NGAJVW + YX0/keyoJmkq+y7A4em17NVlEwXrGL5lUpLkx+Ziwx1+uUYH6QV6Ag== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-12T19:30:54Z" + mac: ENC[AES256_GCM,data:PQ7b7fTauWCmI9TOujBDT4RO6WyPsBOEKL9AAYh06Xoczb4n9b1n/jMX5JN4vx4ZKq7CanlA0D9SzF5CwkoYYQPwD/R5Zg3ln14i6uQ85z5zmoizxwHrhqAJyRUniYKFqZQvQ8XelcXEbteZ32EejeTaM3TMALivFDMgSBHc+To=,iv:xQKfg9mCXjee1AetwSk17r9Uchpgy62p3Zk19COgyOw=,tag:0tqAmzUZ5dRwgI/nMRvWYA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1