thohlt/nixos-config
1
0
Fork 0
mirror of https://github.com/thiloho/nixos-config.git synced 2025-11-22 03:21:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add automated backups to backblaze with restic

Browse Source
This commit is contained in:
thiloho
2023-12-15 15:24:29 +01:00
parent 9931c0207e
commit 4c173feb66
8 changed files with 65 additions and 404 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
flake.lock generated
View File

@@ -84,40 +84,6 @@
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -159,28 +125,6 @@
"type": "github"
}
},
"nix-minecraft": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1702430423,
"narHash": "sha256-jJ2ZisjJ8ubQlBJcK9xTu2vqoqUtMw9OcxIhxmNz1BA=",
"owner": "Infinidoge",
"repo": "nix-minecraft",
"rev": "1af073ceea9c77a475fe6bac682b6d14646234fe",
"type": "github"
},
"original": {
"owner": "Infinidoge",
"repo": "nix-minecraft",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1702453208,
@@ -219,28 +163,12 @@
"aurora-blog-template": "aurora-blog-template",
"denbot": "denbot",
"home-manager": "home-manager_2",
"nix-minecraft": "nix-minecraft",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"todos": "todos",
"website": "website"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"todos": {
"inputs": {
"nixpkgs": [

4
flake.nix
View File

@@ -28,10 +28,6 @@
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-minecraft = {
url = "github:Infinidoge/nix-minecraft";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs@{ nixpkgs, home-manager, ... }: {

348
nixos-configurations/server/default.nix
View File

@@ -3,18 +3,20 @@
{
imports = [
inputs.agenix.nixosModules.default
inputs.nix-minecraft.nixosModules.minecraft-servers
./hardware-configuration.nix
../shared.nix
];
nixpkgs.overlays = [ inputs.nix-minecraft.overlay ];
nix.settings.trusted-users = [ "thiloho" ];
age.secrets.hedgedoc-environment-file.file = ../../secrets/hedgedoc-environment-file.age;
age.secrets.discord-bot-token.file = ../../secrets/discord-bot-token.age;
age.secrets.todos-environment-file.file = ../../secrets/todos-environment-file.age;
age.secrets = {
hedgedoc-environment-file.file = ../../secrets/hedgedoc-environment-file.age;
discord-bot-token.file = ../../secrets/discord-bot-token.age;
todos-environment-file.file = ../../secrets/todos-environment-file.age;
"restic/minecraft-environment-file".file = ../../secrets/restic/minecraft-environment-file.age;
"restic/minecraft-repository".file = ../../secrets/restic/minecraft-repository.age;
"restic/password".file = ../../secrets/restic/password.age;
};
environment.systemPackages = with pkgs; [
nodejs_20
@@ -33,330 +35,23 @@
enable = true;
settings.PasswordAuthentication = false;
};
minecraft-servers = {
minecraft-server = {
enable = true;
eula = true;
servers = {
thilo = {
enable = true;
autoStart = true;
package = pkgs.paperServers.paper-1_20_1;
enableReload = true;
declarative = true;
openFirewall = true;
whitelist = {
thilo_ho = "4e4d744d-7748-46bc-add8-b3e8ca3b4cf5";
PegasusIsHere = "24155f74-eb04-4f45-a743-f2b7eb71c6a2";
BakaZaps = "1888532c-6df7-4514-b96a-99ed4e7684f2";
Liaxswan = "ccbf3468-a6b4-4d7b-9837-5a2451deca79";
rayboo120 = "c65f9422-b972-4583-82b5-2e5a12e789fd";
AmValo = "a5f4a7d9-daf2-4ec9-b1c9-e39efdfb331e";
TubiCFW = "fbbd217b-cf9f-404a-a0b4-671155d43222";
TheRacccooon = "f3a639f2-b82c-49c2-80e5-ccd5cbdc9541";
_Zyronx = "865f911f-66ae-479f-a65a-8140da82b96e";
};
serverProperties = {
difficulty = 3;
max-players = 20;
motd = "§aThilo's survival server";
max-players = 10;
motd = "Thilo's SMP";
white-list = false;
};
files = {
"ops.json".value = [
{
uuid = "4e4d744d-7748-46bc-add8-b3e8ca3b4cf5";
name = "thilo_ho";
level = 4;
}
];
"config/paper-world-defaults.yml".value = {
anticheat = {
anti-xray = {
enabled = true;
engine-mode = 2;
};
};
};
"plugins/TAB/config.yml".value = {
header-footer = {
enabled = true;
header = [
"<#FFFFFF>&mx x"
""
"&aThilo's survival server"
"&7Online players: &f%online%"
""
];
footer = [
""
"<#FFFFFF>&mx x"
];
};
scoreboard-teams = {
sorting-types = [
"GROUPS:admin,mod,premium,default"
];
};
yellow-number-in-tablist = {
enabled = false;
};
};
"plugins/TAB/groups.yml".value = {
_DEFAULT_ = {
tabprefix = "%luckperms-prefix%";
tagprefix = "%luckperms-prefix%";
tabsuffix = "%luckperms-suffix%";
tagsuffix = "%luckperms-suffix%";
};
};
"plugins/Essentials/config.yml".value = {
ops-name-color = "none";
chat = {
format = "{PREFIX}&f{USERNAME}&8: {SUFFIX}{MESSAGE}";
};
teleport-cooldown = 90;
teleport-delay = 5;
teleport-invulnerability = 5;
sethome-multiple = {
"premium" = 2;
};
};
"plugins/LuckPerms/config.yml".value = {
storage-method = "yaml";
};
/*
"plugins/LuckPerms/yaml-storage/users/4e4d744d-7748-46bc-add8-b3e8ca3b4cf5.yml".value = {
uuid = "4e4d744d-7748-46bc-add8-b3e8ca3b4cf5";
name = "thilo_ho";
primary-group = "admin";
parents = [
"admin"
];
};
*/
"plugins/LuckPerms/yaml-storage/groups/admin.yml".value = {
name = "admin";
permissions = [
"weight.100"
"essentials.*"
"luckperms.*"
"tab.admin"
"minecraft.command.*"
"bukkit.command.*"
];
prefixes = [
{
"&8[&cAdmin&8] &f" = {
priority = 100;
};
}
];
suffixes = [
{
"&c" = {
priority = 100;
};
}
];
};
"plugins/LuckPerms/yaml-storage/groups/mod.yml".value = {
name = "mod";
parents = [ "default" "premium" ];
permissions = [
"weight.90"
"essentials.kick"
"essentials.kick.notify"
"essentials.ban"
"essentials.ban.notify"
"essentials.tempban"
"essentials.unban"
"essentials.mute"
"essentials.tempmute"
"essentials.unmute"
"essentials.fly"
"essentials.vanish"
"essentials.socialspy"
"essentials.seen"
"essentials.seen.alts"
"essentials.seen.banreason"
"essentials.invsee"
"essentials.tp"
"essentials.tpoffline"
];
prefixes = [
{
"&8[&dMod&8] &f" = {
priority = 90;
};
}
];
suffixes = [
{
"&d" = {
priority = 90;
};
}
];
};
"plugins/LuckPerms/yaml-storage/groups/premium.yml".value = {
name = "premium";
parents = [ "default" ];
permissions = [
"weight.20"
"essentials.sethome.multiple.premium"
];
prefixes = [
{
"&8[&6Premium&8] &f" = {
priority = 20;
};
}
];
suffixes = [
{
"&f" = {
priority = 20;
};
}
];
};
"plugins/LuckPerms/yaml-storage/groups/default.yml".value = {
name = "default";
permissions = [
{
"bukkit.command.version" = {
value = false;
};
}
{
"bukkit.command.plugins" = {
value = false;
};
}
{
"bukkit.command.help" = {
value = false;
};
}
"weight.10"
"essentials.tpr"
"essentials.spawn"
"essentials.motd"
"essentials.help"
"essentials.balance"
"essentials.afk"
"essentials.list"
"essentials.mail"
"essentials.mail.send"
"essentials.msg"
"essentials.sethome"
"essentials.home"
"essentials.delhome"
"essentials.tpa"
"essentials.tpaccept"
"essentials.tpdeny"
];
prefixes = [
{
"&8[&aUser&8] &f" = {
priority = 10;
};
}
];
suffixes = [
{
"&7" = {
priority = 10;
};
}
];
};
"plugins/GriefPreventionData/config.yml".value = {
GriefPrevention = {
Spam = {
WarningMessage = "Please refrain from spamming.";
BanOffenders = false;
};
};
};
"plugins/Essentials/motd.txt" = pkgs.writeText "motd.txt" ''
&m
&6Welcome, {PLAYER}&6!
&6Type &c/help&6 for a list of commands.
&6Type &c/list&6 to see who else is online.
&6Players online:&c {ONLINE} &6- World time:&c {WORLDTIME12}
&6Discord server: &chttps://discord.gg/SX7fXrDtth
&m
'';
};
symlinks = {
"server-icon.png" = pkgs.fetchurl {
url = "https://cdn.discordapp.com/attachments/1142193094729662627/1179544663884046468/server-icon-new.png?ex=657a2b92&is=6567b692&hm=e89f98dc64f027cead19a65d8de5baba14f062ca72d71879bf92eee3b23f0ffc&";
sha256 = "sha256-nhSGxBvsHbMFsej99RIIQUk5PfP1ErGvBHErhcQHcQ8=";
};
"plugins/TAB.jar" = pkgs.fetchurl rec {
pname = "TAB";
version = "4.0.9";
url = "https://github.com/NEZNAMY/${pname}/releases/download/${version}/${pname}.v${version}.jar";
sha256 = "sha256-xXr7Pc/T+6YfoFUpi2tq09FzCxRp/m8GFQs5qDMkqmc=";
};
"plugins/LuckPerms.jar" = pkgs.fetchurl rec {
pname = "LuckPerms";
version = "5.4.108";
url = "https://download.luckperms.net/1521/bukkit/loader/LuckPerms-Bukkit-${version}.jar";
sha256 = "sha256-TN7HH/5JiG98xBACfuoJZILsiDxU8WX5laNDS3h+qR4=";
};
"plugins/Vault.jar" = pkgs.fetchurl {
pname = "Vault";
version = "1.7.3";
url = "https://dev.bukkit.org/projects/vault/files/3007470/download";
sha256 = "sha256-prXtl/Q6XPW7rwCnyM0jxa/JvQA/hJh1r4s25s930B0=";
};
"plugins/EssentialsX.jar" = pkgs.fetchurl rec {
pname = "EssentialsX";
version = "2.20.1";
url = "https://github.com/EssentialsX/Essentials/releases/download/${version}/${pname}-${version}.jar";
sha256 = "sha256-gC6jC9pGDKRZfoGJJYFpM8EjsI2BJqgU+sKNA6Yb9UI=";
};
"plugins/EssentialsXChat.jar" = pkgs.fetchurl rec {
pname = "EssentialsXChat";
version = "2.20.1";
url = "https://github.com/EssentialsX/Essentials/releases/download/${version}/${pname}-${version}.jar";
sha256 = "sha256-QKpcICQc6zAH68tc+/Gb8sRnsMCQrlDnBlPuh6t3XKY=";
};
"plugins/EssentialsXSpawn.jar" = pkgs.fetchurl rec {
pname = "EssentialsXSpawn";
version = "2.20.1";
url = "https://github.com/EssentialsX/Essentials/releases/download/${version}/${pname}-${version}.jar";
sha256 = "sha256-ZQ18ajOGWgLF/6TrcQ3vKOc9lyya74WysfTnG5vSYaA=";
};
"plugins/GriefPrevention.jar" = pkgs.fetchurl {
pname = "GriefPrevention";
version = "16.18.1";
url = "https://dev.bukkit.org/projects/grief-prevention/files/4433061/download";
hash = "sha256-GwJLJAkrWt7UIMTPYMQ2pCu9/5rExx/a5r2BXuvndOs=";
};
"plugins/VoidGen.jar" = pkgs.fetchurl rec {
pname = "VoidGen";
version = "2.2.1";
url = "https://github.com/xtkq-is-not-available/${pname}/releases/download/v${version}/${pname}-${version}.jar";
hash = "sha256-nOEwEj3GcCXWAPdlvbL98c6nGTv4kg4+AhbF+PwILD4=";
};
"plugins/Multiverse-Core.jar" = pkgs.fetchurl rec {
pname = "Multiverse-Core";
version = "4.3.12";
url = "https://github.com/Multiverse/${pname}/releases/download/${version}/multiverse-core-${version}.jar";
hash = "sha256-mCN6rzXG7nv9lft/OZ73A7PnK/+Oq0iKkEqtnUUwzRA=";
};
};
};
};
};
terraria = {
enable = true;
maxPlayers = 10;
messageOfTheDay = "Terraria server of Thilo";
openFirewall = true;
secure = true;
};
nginx = {
enable = true;
@@ -445,6 +140,25 @@
local all all trust
'';
};
restic.backups = {
minecraft-backup = {
initialize = true;
environmentFile = config.age.secrets."restic/minecraft-environment-file".path;
repositoryFile = config.age.secrets."restic/minecraft-repository".path;
passwordFile = config.age.secrets."restic/password".path;
paths = [
"/var/lib/minecraft/world"
];
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 5"
"--keep-monthly 12"
];
};
};
};
security = {

2
nixos-configurations/shared-desktop.nix
View File

@@ -81,7 +81,6 @@
prismlauncher
ventoy-full
psensor
spotify
nil
zoom-us
teamspeak5_client
@@ -89,6 +88,7 @@
qbittorrent
neofetch
godot_4
backblaze-b2
];
};
};

BIN
secrets/restic/minecraft-environment-file.age Normal file
View File

Binary file not shown.

11
secrets/restic/minecraft-repository.age Normal file
View File

@@ -0,0 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 owVgDA wvUcfFupWO5SAjQAEPgsnzA/X9sZs1OKOtj2TbklwmU
4ALAG2v7XDtmfxzMYPHWVpsS+AJjPClV6JXd1UShdJY
-> ssh-ed25519 dRl0SQ +5YXwSUS1Sjm2m2ekhP9kQEUw8NId1WzMPg3PZ+3cQk
39p6XM4GzHM8azI7yq+o1REscLv/10zRQsGtbLsa9b4
-> 0+6U-grease V;Z uy r*_k
Vkn3nufoGWiL2JadGeBB5WV7VnFeiKgC27sL5HBimNuk4q1K6zRG+mZcgFYs/N+r
alQKxZe7BB3mUCrCbv12rtJRSXqcx3wXOri+t+ERljO5r5j+4x0EBRru2Gw
--- c0FP/81ZSdLz7nwnjPA+ZDB515CUm7sYkvv4EQBbsMA
9<>I<>}h<><68><1B><>kw쯱<77>t<EFBFBD>NS^<5E>1%<25>ɩ<><C9A9><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>cN_<4E><5F><EFBFBD><EFBFBD><EFBFBD>nA<6E>
<EFBFBD><EFBFBD>

9
secrets/restic/password.age Normal file
View File

@@ -0,0 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 owVgDA uHkIaE0OZlf5lfboMt7G1SoTQju7V2KLhavgNUmmemI
LsVhtV7olRXuoOpVlNtQ7/r9mgCk6GYUfH7USnSy8NY
-> ssh-ed25519 dRl0SQ QBYcokbUHfBOYxtMQ3lxn8ovtakSq8mclBpef6mXJFk
rwB3HTsbDtzin3UpLEnMzpkBIXMBhM3eS1gA5RkyX6c
-> lW-grease H]~ U`GrO @pIL!eeO
KGPJugVtnjtmhSTuModTRF8zu5+BIKA/vKns6hw
--- KIqadbISsYbNfx/tVpsPV6YrjbgbWdGjqabBzg3lBdo
<EFBFBD><EFBFBD>'{<7B>4O-%<25><>]<5D>UQ@<40><><EFBFBD>4<EFBFBD>y<EFBFBD><18>-<2D><><EFBFBD>5<EFBFBD>gh<05><><04>{D,<2C>ůF@p<><70><EFBFBD><EFBFBD>

3
secrets/secrets.nix
View File

@@ -6,4 +6,7 @@ in
"hedgedoc-environment-file.age".publicKeys = [ server pc ];
"discord-bot-token.age".publicKeys = [ server pc ];
"todos-environment-file.age".publicKeys = [ server pc ];
"restic/password.age".publicKeys = [ server pc ];
"restic/minecraft-environment-file.age".publicKeys = [ server pc ];
"restic/minecraft-repository.age".publicKeys = [ server pc ];
}