From 30123a1e0ece068756abbe74bef4e8a19c4a8fcb Mon Sep 17 00:00:00 2001 From: prescientmoon Date: Tue, 11 Feb 2025 08:31:18 +0100 Subject: [PATCH] Deploy shimmeringmoon --- flake.lock | 145 +++++++++++++++++- flake.nix | 6 + hosts/nixos/lapetus/default.nix | 1 + hosts/nixos/lapetus/secrets.yaml | 5 +- .../lapetus/services/glass-server/default.nix | 15 +- .../lapetus/services/glass-server/module.nix | 4 +- .../nixos/lapetus/services/shimmeringmoon.nix | 48 ++++++ 7 files changed, 203 insertions(+), 21 deletions(-) create mode 100644 hosts/nixos/lapetus/services/shimmeringmoon.nix diff --git a/flake.lock b/flake.lock index ca37509..71b7de9 100644 --- a/flake.lock +++ b/flake.lock @@ -399,6 +399,28 @@ "type": "github" } }, + "fenix": { + "inputs": { + "nixpkgs": [ + "shimmeringmoon", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1739169164, + "narHash": "sha256-2+/6/2rHsMjlrulkrjZbwthCQiQpeW2pukRFaaUMLy8=", + "owner": "nix-community", + "repo": "fenix", + "rev": "d7616af878cd0cb7f940b470440347920395be0c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "firefox-addons": { "inputs": { "flake-utils": "flake-utils", @@ -722,6 +744,24 @@ "inputs": { "systems": "systems_4" }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_6": { + "inputs": { + "systems": "systems_5" + }, "locked": { "lastModified": 1685518550, "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", @@ -736,9 +776,9 @@ "type": "github" } }, - "flake-utils_6": { + "flake-utils_7": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1710146030, @@ -754,7 +794,7 @@ "type": "github" } }, - "flake-utils_7": { + "flake-utils_8": { "inputs": { "systems": [ "stylix", @@ -1674,7 +1714,7 @@ "openapi-code-generator": { "inputs": { "autodocodec": "autodocodec_3", - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "nixpkgs": "nixpkgs_11", "pre-commit-hooks": "pre-commit-hooks_2", "safe-coloured-text": "safe-coloured-text_2", @@ -1719,7 +1759,7 @@ "pre-commit-hooks_2": { "inputs": { "flake-compat": "flake-compat_6", - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_6", "gitignore": "gitignore_3", "nixpkgs": "nixpkgs_12", "nixpkgs-stable": "nixpkgs-stable_2" @@ -1741,7 +1781,7 @@ "pre-commit-hooks_3": { "inputs": { "flake-compat": "flake-compat_7", - "flake-utils": "flake-utils_6", + "flake-utils": "flake-utils_7", "gitignore": "gitignore_4", "nixpkgs": "nixpkgs_13", "nixpkgs-stable": "nixpkgs-stable_3" @@ -1874,12 +1914,31 @@ "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_8", "nixpkgs-unstable": "nixpkgs-unstable", + "shimmeringdarknes": "shimmeringdarknes", + "shimmeringmoon": "shimmeringmoon", "smos": "smos", "sops-nix": "sops-nix", "spicetify-nix": "spicetify-nix", "stylix": "stylix" } }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1739099919, + "narHash": "sha256-YUdM2yZzQIbakgc2LdVmkgJMYTqeTu3YdWGgFfiZiTg=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "35181e167efb94d5090df588e6af9f93250421f3", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "safe-coloured-text": { "flake": false, "locked": { @@ -1960,6 +2019,61 @@ "type": "github" } }, + "shimmeringdarknes": { + "flake": false, + "locked": { + "lastModified": 1739258921, + "narHash": "sha256-7EOXxJ5e2t/z6bs7Ah1CbxVcNHsZNj98iKqmX+ZBBPI=", + "ref": "refs/heads/main", + "rev": "e3abd1c997b052891a847a39f639ec87c06268dd", + "revCount": 69, + "type": "git", + "url": "ssh://forgejo@ssh.git.moonythm.dev/prescientmoon/shimmeringmoon.git" + }, + "original": { + "type": "git", + "url": "ssh://forgejo@ssh.git.moonythm.dev/prescientmoon/shimmeringmoon.git" + } + }, + "shimmeringdarkness": { + "flake": false, + "locked": { + "lastModified": 1739242531, + "narHash": "sha256-OYLvznlkZRjeUdMG1LqifYY0Mo4/SHZInMxmzG1KsqU=", + "ref": "refs/heads/main", + "rev": "ded8a4858e8815db29bfa5bc1d700bd635b2327c", + "revCount": 4, + "type": "git", + "url": "ssh://forgejo@ssh.git.moonythm.dev/prescientmoon/shimmeringdarkness.git" + }, + "original": { + "type": "git", + "url": "ssh://forgejo@ssh.git.moonythm.dev/prescientmoon/shimmeringdarkness.git" + } + }, + "shimmeringmoon": { + "inputs": { + "fenix": "fenix", + "flake-utils": "flake-utils_4", + "nixpkgs": [ + "nixpkgs" + ], + "shimmeringdarkness": "shimmeringdarkness" + }, + "locked": { + "lastModified": 1739258921, + "narHash": "sha256-7EOXxJ5e2t/z6bs7Ah1CbxVcNHsZNj98iKqmX+ZBBPI=", + "ref": "refs/heads/main", + "rev": "e3abd1c997b052891a847a39f639ec87c06268dd", + "revCount": 69, + "type": "git", + "url": "ssh://forgejo@ssh.git.moonythm.dev/prescientmoon/shimmeringmoon.git" + }, + "original": { + "type": "git", + "url": "ssh://forgejo@ssh.git.moonythm.dev/prescientmoon/shimmeringmoon.git" + } + }, "slimlock": { "inputs": { "nixpkgs": [ @@ -2096,11 +2210,11 @@ "base16-helix": "base16-helix", "base16-vim": "base16-vim", "flake-compat": "flake-compat_9", - "flake-utils": "flake-utils_7", + "flake-utils": "flake-utils_8", "gnome-shell": "gnome-shell", "home-manager": "home-manager_3", "nixpkgs": "nixpkgs_14", - "systems": "systems_6", + "systems": "systems_7", "tinted-foot": "tinted-foot", "tinted-kitty": "tinted-kitty", "tinted-tmux": "tinted-tmux" @@ -2257,6 +2371,21 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "template-haskell-reload": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index c22c612..1701a5d 100644 --- a/flake.nix +++ b/flake.nix @@ -57,6 +57,12 @@ # Spotify client with theming support spicetify-nix.url = "github:Gerg-L/spicetify-nix"; spicetify-nix.inputs.nixpkgs.follows = "nixpkgs"; + + shimmeringmoon.inputs.nixpkgs.follows = "nixpkgs"; + shimmeringmoon.url = "git+ssh://forgejo@ssh.git.moonythm.dev/prescientmoon/shimmeringmoon.git"; + + shimmeringdarknes.flake = false; + shimmeringdarknes.url = "git+ssh://forgejo@ssh.git.moonythm.dev/prescientmoon/shimmeringmoon.git"; # }}} # {{{ Theming darkmatter-grub-theme.url = "gitlab:VandalByte/darkmatter-grub-theme"; diff --git a/hosts/nixos/lapetus/default.nix b/hosts/nixos/lapetus/default.nix index 0773a0d..9955636 100644 --- a/hosts/nixos/lapetus/default.nix +++ b/hosts/nixos/lapetus/default.nix @@ -35,6 +35,7 @@ ./services/qbittorrent.nix ./services/radicale.nix ./services/redlib.nix + ./services/shimmeringmoon.nix ./services/vaultwarden.nix ./services/whoogle.nix ./services/zfs.nix diff --git a/hosts/nixos/lapetus/secrets.yaml b/hosts/nixos/lapetus/secrets.yaml index 3437071..b8cf771 100644 --- a/hosts/nixos/lapetus/secrets.yaml +++ b/hosts/nixos/lapetus/secrets.yaml @@ -12,6 +12,7 @@ guacamole_users: ENC[AES256_GCM,data:0oJdvTX/9SXV5fBdY0qr9BmSO1HMXX/7+R/f7UxeC/e glass_server_admin_password: ENC[AES256_GCM,data:i6nLp5Jo4LmdsBQilSh9,iv:E3ukSNRlZWe+bmSANRXP0m1GBfA8GKhWAzEdT8Kyncw=,tag:M0gD9kv2P9Kv+PjwX8WuGQ==,type:str] glass_server_secret_key: ENC[AES256_GCM,data:lfrUSUfNk9yuX++2UxDZddP5iyk+zYdA2lbTNwOvrZRRQLVHky0HE8G/D3g=,iv:E6ET35pG/4Xo83sOo9Ukb4b+zvussaDsq2Nr5vyDFRI=,tag:1CamjtZNnlMjqdO75TKTBg==,type:str] glass_server_admin_token: ENC[AES256_GCM,data:VkJtLAGcK3j5jAOJKKVk3fe3xNQ5RmljQP/XCCmej3VNU+w1byT2TQOeAQ==,iv:EJOpNit3ykEWvyZpJZC//2zad5dRYy3paN+gKggLVOY=,tag:LPWE0DMCc33KnMhNnZBHZQ==,type:str] +shimmering_discord_token: ENC[AES256_GCM,data:UszOvKnsCI3CrM6Xx7EcwuYw3UuL/50xBGTQwUBFXI3lLVF8O/2FTERSZj3BDfkwJ8cOfZjXeXajDEAv9PBp7sUMaQdQvAvd,iv:cl51JIpYW4fgDPmeljkievM87+narjvIC2ViIfJAmWg=,tag:HrcQ4uVRQAYwrOuTdjtN8g==,type:str] sops: kms: [] gcp_kms: [] @@ -54,8 +55,8 @@ sops: RkpibTJpVzVtR0txL1dHbmFkdlkvUk0KDgqO8c7CggeXhEMzx/tcLqtMG6MmuOi/ UmG9eSUO9im0Q7q7FG4Z+/lZ7+Iu15Dj8qA2/5MtDYPW+vxN3gzZrg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-02-10T22:53:44Z" - mac: ENC[AES256_GCM,data:79jqTQZ8WuoVTcFpf5y8j4HH+s5SKh5iZfFjdEu0XxwQO5Ted+XxYaLWnvrIJDt/8Ldiriep2sNoHZELhsG5R+KNAxaaJ3HMbUOnFg1/PsaD7ILaYa62Ol44QW+T3544fZFZej2Wm2+h+GmyNlcf4HdgPRzC4CA6NTJVCZlwaws=,iv:IOE84up63PThX7w01Ko6XBeFCK76kH5V1efZP7iRMgc=,tag:lTvYzeyxMAkU+/GWpj2DnQ==,type:str] + lastmodified: "2025-02-11T05:19:04Z" + mac: ENC[AES256_GCM,data:W1gAmZ6A+cDYFZodb7cFvONFNOnlWuo4hjZKA1TIWAAa40161eNlAgWpxhZP90Ia8yJTtUQysfdywmSs/gCaGn38c7hhWyeJjMmX8+DavBg+fLf9Gw8EU2elXDtJucU9k0UUneJ5RO+lmrnUGqYMRomBPeNwUyeNCqa7tvL8vX8=,iv:uFmXTB9pTiiIbH3V72ik39SEQ1SVytcrjlANuzpp658=,tag:TXkkMqANU1uS1G27VMkIfw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.1 diff --git a/hosts/nixos/lapetus/services/glass-server/default.nix b/hosts/nixos/lapetus/services/glass-server/default.nix index 5cbf64b..b9cf361 100644 --- a/hosts/nixos/lapetus/services/glass-server/default.nix +++ b/hosts/nixos/lapetus/services/glass-server/default.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ inputs, config, ... }: { imports = [ ./module.nix ]; @@ -24,13 +24,12 @@ sops.templates.glass-server-config = { owner = config.services.glass-server.user; group = config.services.glass-server.user; - content = '' - { - "SECRET_KEY": "${config.sops.placeholder.glass_server_secret_key}", - "PASSWORD": "${config.sops.placeholder.glass_server_admin_password}", - "API_TOKEN": "${config.sops.placeholder.glass_server_admin_token}" - } - ''; + content = builtins.toJSON { + CONTENT_BUNDLE_FOLDER_PATH = "${inputs.shimmeringdarkness}/bundles"; + SECRET_KEY = "${config.sops.placeholder.glass_server_secret_key}"; + PASSWORD = "${config.sops.placeholder.glass_server_admin_password}"; + API_TOKEN = "${config.sops.placeholder.glass_server_admin_token}"; + }; }; # }}} diff --git a/hosts/nixos/lapetus/services/glass-server/module.nix b/hosts/nixos/lapetus/services/glass-server/module.nix index aa72b68..e0c19af 100644 --- a/hosts/nixos/lapetus/services/glass-server/module.nix +++ b/hosts/nixos/lapetus/services/glass-server/module.nix @@ -5,7 +5,7 @@ ... }: let - defaultUser = "taritsu"; + defaultUser = "tairitsu"; cfg = config.services.glass-server; pkg = pkgs.glassServer; @@ -29,7 +29,6 @@ let SONG_FILE_FOLDER_PATH = "${cfg.dataDir}/songs/"; SONGLIST_FILE_PATH = "${cfg.dataDir}/songs/songlist"; - CONTENT_BUNDLE_FOLDER_PATH = "${cfg.dataDir}/bundle/"; SQLITE_DATABASE_BACKUP_FOLDER_PATH = "${cfg.dataDir}/backup/"; DATABASE_INIT_PATH = "${pkg}/source/database/init/"; @@ -107,7 +106,6 @@ in "d ${cfg.dataDir}/map 0755 ${cfg.user} ${cfg.user}" "d ${cfg.dataDir}/songs 0755 ${cfg.user} ${cfg.user}" - "d ${cfg.dataDir}/bundle 0755 ${cfg.user} ${cfg.user}" "L+ ${cfg.dataDir}/pkgs/server 0755 ${cfg.user} ${cfg.user} - ${pkg}" "L+ ${cfg.dataDir}/pkgs/db 0755 ${cfg.user} ${cfg.user} - ${databaseRepo}" diff --git a/hosts/nixos/lapetus/services/shimmeringmoon.nix b/hosts/nixos/lapetus/services/shimmeringmoon.nix new file mode 100644 index 0000000..a845271 --- /dev/null +++ b/hosts/nixos/lapetus/services/shimmeringmoon.nix @@ -0,0 +1,48 @@ +{ + config, + inputs, + pkgs, + ... +}: +let + user = config.services.shimmeringmoon.user; + pkg = inputs.shimmeringmoon.packages.${pkgs.system}.default; + dataDir = "/persist/state/var/lib/shimmeringmoon"; +in +{ + systemd.services.shimmeringmoon = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + description = "Arcaea score analyzer discord bot"; + environment.SHIMMERING_DATA_DIR = dataDir; + serviceConfig = { + User = user; + Group = user; + ExecStart = "${pkg}/bin/shimmering-discord-bot"; + + Restart = "on-failure"; + LogsDirectory = "shimmeringmoon"; + EnvironmentFile = config.sops.templates.shimmering_env_file.path; + }; + }; + + systemd.tmpfiles.rules = [ "d ${dataDir} 0755 ${user} ${user}" ]; + + # {{{ Secrets + sops.secrets.shimmering_discord_token = { + owner = user; + group = user; + sopsFile = ../../secrets.yaml; + }; + + sops.templates.shimmering_env_file = { + owner = config.services.shimmeringmoon.user; + group = config.services.shimmeringmoon.user; + content = '' + SHIMMERING_DISCORD_TOKEN = ${config.sops.placeholder.shimmering_discord_token}; + SHIMMERING_PRIVATE_SERVER_TOKEN = ${config.sops.placeholder.glass_server_admin_token}; + SHIMMERING_PRIVATE_SERVER_URL = ${config.cloudflared.at.arcaea.url}; + ''; + }; + # }}} +}