1
Fork 0

Deploy shimmeringmoon

This commit is contained in:
prescientmoon 2025-02-11 08:31:18 +01:00
parent 55751fccf9
commit 30123a1e0e
Signed by: prescientmoon
SSH key fingerprint: SHA256:UUF9JT2s8Xfyv76b8ZuVL7XrmimH4o49p4b+iexbVH4
7 changed files with 203 additions and 21 deletions

View file

@ -35,6 +35,7 @@
./services/qbittorrent.nix
./services/radicale.nix
./services/redlib.nix
./services/shimmeringmoon.nix
./services/vaultwarden.nix
./services/whoogle.nix
./services/zfs.nix

View file

@ -12,6 +12,7 @@ guacamole_users: ENC[AES256_GCM,data:0oJdvTX/9SXV5fBdY0qr9BmSO1HMXX/7+R/f7UxeC/e
glass_server_admin_password: ENC[AES256_GCM,data:i6nLp5Jo4LmdsBQilSh9,iv:E3ukSNRlZWe+bmSANRXP0m1GBfA8GKhWAzEdT8Kyncw=,tag:M0gD9kv2P9Kv+PjwX8WuGQ==,type:str]
glass_server_secret_key: ENC[AES256_GCM,data:lfrUSUfNk9yuX++2UxDZddP5iyk+zYdA2lbTNwOvrZRRQLVHky0HE8G/D3g=,iv:E6ET35pG/4Xo83sOo9Ukb4b+zvussaDsq2Nr5vyDFRI=,tag:1CamjtZNnlMjqdO75TKTBg==,type:str]
glass_server_admin_token: ENC[AES256_GCM,data:VkJtLAGcK3j5jAOJKKVk3fe3xNQ5RmljQP/XCCmej3VNU+w1byT2TQOeAQ==,iv:EJOpNit3ykEWvyZpJZC//2zad5dRYy3paN+gKggLVOY=,tag:LPWE0DMCc33KnMhNnZBHZQ==,type:str]
shimmering_discord_token: ENC[AES256_GCM,data:UszOvKnsCI3CrM6Xx7EcwuYw3UuL/50xBGTQwUBFXI3lLVF8O/2FTERSZj3BDfkwJ8cOfZjXeXajDEAv9PBp7sUMaQdQvAvd,iv:cl51JIpYW4fgDPmeljkievM87+narjvIC2ViIfJAmWg=,tag:HrcQ4uVRQAYwrOuTdjtN8g==,type:str]
sops:
kms: []
gcp_kms: []
@ -54,8 +55,8 @@ sops:
RkpibTJpVzVtR0txL1dHbmFkdlkvUk0KDgqO8c7CggeXhEMzx/tcLqtMG6MmuOi/
UmG9eSUO9im0Q7q7FG4Z+/lZ7+Iu15Dj8qA2/5MtDYPW+vxN3gzZrg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-02-10T22:53:44Z"
mac: ENC[AES256_GCM,data:79jqTQZ8WuoVTcFpf5y8j4HH+s5SKh5iZfFjdEu0XxwQO5Ted+XxYaLWnvrIJDt/8Ldiriep2sNoHZELhsG5R+KNAxaaJ3HMbUOnFg1/PsaD7ILaYa62Ol44QW+T3544fZFZej2Wm2+h+GmyNlcf4HdgPRzC4CA6NTJVCZlwaws=,iv:IOE84up63PThX7w01Ko6XBeFCK76kH5V1efZP7iRMgc=,tag:lTvYzeyxMAkU+/GWpj2DnQ==,type:str]
lastmodified: "2025-02-11T05:19:04Z"
mac: ENC[AES256_GCM,data:W1gAmZ6A+cDYFZodb7cFvONFNOnlWuo4hjZKA1TIWAAa40161eNlAgWpxhZP90Ia8yJTtUQysfdywmSs/gCaGn38c7hhWyeJjMmX8+DavBg+fLf9Gw8EU2elXDtJucU9k0UUneJ5RO+lmrnUGqYMRomBPeNwUyeNCqa7tvL8vX8=,iv:uFmXTB9pTiiIbH3V72ik39SEQ1SVytcrjlANuzpp658=,tag:TXkkMqANU1uS1G27VMkIfw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

View file

@ -1,4 +1,4 @@
{ config, ... }:
{ inputs, config, ... }:
{
imports = [ ./module.nix ];
@ -24,13 +24,12 @@
sops.templates.glass-server-config = {
owner = config.services.glass-server.user;
group = config.services.glass-server.user;
content = ''
{
"SECRET_KEY": "${config.sops.placeholder.glass_server_secret_key}",
"PASSWORD": "${config.sops.placeholder.glass_server_admin_password}",
"API_TOKEN": "${config.sops.placeholder.glass_server_admin_token}"
}
'';
content = builtins.toJSON {
CONTENT_BUNDLE_FOLDER_PATH = "${inputs.shimmeringdarkness}/bundles";
SECRET_KEY = "${config.sops.placeholder.glass_server_secret_key}";
PASSWORD = "${config.sops.placeholder.glass_server_admin_password}";
API_TOKEN = "${config.sops.placeholder.glass_server_admin_token}";
};
};
# }}}

View file

@ -5,7 +5,7 @@
...
}:
let
defaultUser = "taritsu";
defaultUser = "tairitsu";
cfg = config.services.glass-server;
pkg = pkgs.glassServer;
@ -29,7 +29,6 @@ let
SONG_FILE_FOLDER_PATH = "${cfg.dataDir}/songs/";
SONGLIST_FILE_PATH = "${cfg.dataDir}/songs/songlist";
CONTENT_BUNDLE_FOLDER_PATH = "${cfg.dataDir}/bundle/";
SQLITE_DATABASE_BACKUP_FOLDER_PATH = "${cfg.dataDir}/backup/";
DATABASE_INIT_PATH = "${pkg}/source/database/init/";
@ -107,7 +106,6 @@ in
"d ${cfg.dataDir}/map 0755 ${cfg.user} ${cfg.user}"
"d ${cfg.dataDir}/songs 0755 ${cfg.user} ${cfg.user}"
"d ${cfg.dataDir}/bundle 0755 ${cfg.user} ${cfg.user}"
"L+ ${cfg.dataDir}/pkgs/server 0755 ${cfg.user} ${cfg.user} - ${pkg}"
"L+ ${cfg.dataDir}/pkgs/db 0755 ${cfg.user} ${cfg.user} - ${databaseRepo}"

View file

@ -0,0 +1,48 @@
{
config,
inputs,
pkgs,
...
}:
let
user = config.services.shimmeringmoon.user;
pkg = inputs.shimmeringmoon.packages.${pkgs.system}.default;
dataDir = "/persist/state/var/lib/shimmeringmoon";
in
{
systemd.services.shimmeringmoon = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
description = "Arcaea score analyzer discord bot";
environment.SHIMMERING_DATA_DIR = dataDir;
serviceConfig = {
User = user;
Group = user;
ExecStart = "${pkg}/bin/shimmering-discord-bot";
Restart = "on-failure";
LogsDirectory = "shimmeringmoon";
EnvironmentFile = config.sops.templates.shimmering_env_file.path;
};
};
systemd.tmpfiles.rules = [ "d ${dataDir} 0755 ${user} ${user}" ];
# {{{ Secrets
sops.secrets.shimmering_discord_token = {
owner = user;
group = user;
sopsFile = ../../secrets.yaml;
};
sops.templates.shimmering_env_file = {
owner = config.services.shimmeringmoon.user;
group = config.services.shimmeringmoon.user;
content = ''
SHIMMERING_DISCORD_TOKEN = ${config.sops.placeholder.shimmering_discord_token};
SHIMMERING_PRIVATE_SERVER_TOKEN = ${config.sops.placeholder.glass_server_admin_token};
SHIMMERING_PRIVATE_SERVER_URL = ${config.cloudflared.at.arcaea.url};
'';
};
# }}}
}