# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, lib, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; # boot.loader.grub.efiSupport = true; # boot.loader.grub.efiInstallAsRemovable = true; # boot.loader.efi.efiSysMountPoint = "/boot/efi"; # Define on which hard drive you want to install Grub. boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only # networking.hostName = "nixos"; # Define your hostname. # Configure network connections interactively with nmcli or nmtui. networking.networkmanager.enable = true; # Set your time zone. # time.timeZone = "Europe/Amsterdam"; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Select internationalisation properties. # i18n.defaultLocale = "en_US.UTF-8"; # console = { # font = "Lat2-Terminus16"; # keyMap = "us"; # useXkbConfig = true; # use xkb.options in tty. # }; # Enable the X11 windowing system. # services.xserver.enable = true; # Configure keymap in X11 # services.xserver.xkb.layout = "us"; # services.xserver.xkb.options = "eurosign:e,caps:escape"; # Enable CUPS to print documents. # services.printing.enable = true; # Enable sound. # services.pulseaudio.enable = true; # OR # services.pipewire = { # enable = true; # pulse.enable = true; # }; # Enable touchpad support (enabled default in most desktopManager). # services.libinput.enable = true; # Define a user account. Don't forget to set a password with ‘passwd’. # users.users.alice = { # isNormalUser = true; # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. # packages = with pkgs; [ # tree # ]; # }; # programs.firefox.enable = true; # List packages installed in system profile. # You can use https://search.nixos.org/ to find more packages (and options). # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. # system.copySystemConfiguration = true; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # # Most users should NEVER change this value after the initial install, for any reason, # even if you've upgraded your system to a new NixOS release. # # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how # to actually do that. # # This value being lower than the current NixOS release does NOT mean your system is # out of date, out of support, or vulnerable. # # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, # and migrated your data accordingly. # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "25.11"; # Did you read the comment? # Custom part start environment.systemPackages = with pkgs; [ neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. wget tmux git curl unzip xz nginx ]; # Enable the OpenSSH daemon. services.openssh = { enable = true; ports = [ 22 ]; }; users.users.h3lp = { isNormalUser = true; home = "/home/h3lp"; description = "Personal account"; extraGroups = [ "wheel" "networkmanager" "h3lp" ]; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzvHaN1tZOfEIM/XYJCKMrVjs6AUcB8Lr7P2qWjEdp9Hoy1ELDyhCnjSr6BaMriP0F1puEBG8qqccYDOH3Y6bJbde94H6FSQ6dTjXPDko51E21HiY11xa2Dr7n8cxyc37tpL4WLYNihFHQPSHX4K7u9NCNR8jrLM486kaK5mIjB9VKWvArrJSzgbrogXvCmSMP6f5YTw4/jBlUs2ZLVqzJ7yCMHfpoUAiUhVtumDVZ2BcZa3OuWlI6eUl45lA1YyOLc8YhrqxKzUrucsMgQ6Xyx+8s7LshVpIrL7IJ6pg/z9U6RZf2cAt0o/njJkbEkplHFk7UyY63H1mDLtOe28+kfNlLQyPU8KCeYucI1ZL4LwMe/YbmI05WSieDRXkjQ0EV4wa2AnNcBofJeBnueDu86vnH08+ULi4JmM2F/PgNXyaw76vx/Ulopim4I1MlvTeY9sC44Lph2XWrnmq1hdir7z5RuGUDvB5Sk2w/AvnqSNEiZPTbEVezH1gcv/ai+uk= trilolol@trilolol-LINUX" ]; initialHashedPassword = "$y$j9T$ELYt.wXZ1vXZK0vBuTBI1/$WuYQxV.CanOyEvVAKC2AaAEY0KNTAnBgQ/RrPxaBAsB"; }; users.groups.h3lp.gid = 1000; networking.firewall.enable = false; systemd.services.minecraft-setup = { description = "Minecraft Server Initial Setup"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; wants = [ "network-online.target" ]; # Only run if setup hasn't been completed yet unitConfig.ConditionPathExists = "!/home/h3lp/mineserver/.setup-done"; serviceConfig = { Type = "oneshot"; User = "h3lp"; RemainAfterExit = true; }; script = '' set -e MINESERVER=/home/h3lp/mineserver TMPDIR=$(mktemp -d) # 1) Clone repo and checkout cavemen branch ${pkgs.git}/bin/git clone --branch cavemen \ https://gitea.20111511.xyz/h3lp/autodeploy.git "$TMPDIR/autodeploy" # 2) Read env vars from minecraft.env source "$TMPDIR/autodeploy/minecraft.env" # 3) Download and extract server pack to /home/h3lp/mineserver mkdir -p "$MINESERVER" ${pkgs.curl}/bin/curl -L "$SERVERPACK" -o "$TMPDIR/serverpack.tar.xz" ${pkgs.xz}/bin/xz -d "$TMPDIR/serverpack.tar.xz" --stdout | ${pkgs.gnutar}/bin/tar -x -C "$MINESERVER" # 4) Download and extract world to /home/h3lp/mineserver/world mkdir -p "$MINESERVER/world" ${pkgs.curl}/bin/curl -L "$WORLD" -o "$TMPDIR/world.tar.xz" # world.tar.xz contains world folder, otherwise use "$MINESERVER/world" ${pkgs.xz}/bin/xz -d "$TMPDIR/world.tar.xz" --stdout | ${pkgs.gnutar}/bin/tar -x -C "$MINESERVER" # 5) Copy cavemen/* files over, overwriting existing cp -rf "$TMPDIR/autodeploy/cavemen/." "$MINESERVER/" chmod +x "$MINESERVER/nixrunserver.sh" # Cleanup and mark setup as done rm -rf "$TMPDIR" touch "$MINESERVER/.setup-done" ''; }; systemd.services.minecraft = { description = "Minecraft Server"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" "minecraft-setup.service" ]; # wait for setup requires = [ "minecraft-setup.service" ]; # and fail if setup fails serviceConfig = { Type = "forking"; User = "h3lp"; WorkingDirectory = "/home/h3lp/mineserver"; Environment = "PATH=/run/current-system/sw/bin:/usr/bin:/bin"; ExecStart = "${pkgs.tmux}/bin/tmux new-session -d -s minecraft /home/h3lp/mineserver/nixrunserver.sh"; ExecStop = "${pkgs.tmux}/bin/tmux send-keys -t minecraft 'stop' Enter"; RemainAfterExit = true; }; }; services.nginx = { enable = true; virtualHosts."_" = { root = "/var/www/hostedfiles"; locations."/" = { extraConfig = "autoindex on;"; }; }; }; systemd.tmpfiles.rules = [ "d /var/www/hostedfiles 0755 h3lp h3lp -" ]; }