Compare commits
No commits in common. "c3a7c463fe2327c172e6c7185ec199b9f08b97f5" and "6c537bb6641be4ee03498b7e2b6f6f2e9d9ea215" have entirely different histories.
c3a7c463fe
...
6c537bb664
@ -56,7 +56,6 @@ in {
|
||||
(writeShellScriptBin "pufferpanel-nix" "pufferpanel --workDir /var/lib/pufferpanel $@")
|
||||
(writeShellScriptBin "nix-referrers" "nix-store --query --referrers $@")
|
||||
(writeShellScriptBin "silent-add" "git add --intent-to-add $@ ; git update-index --assume-unchanged $@")
|
||||
(writeShellScriptBin "systemd-owner" "systemctl show -pUser,UID $@")
|
||||
];
|
||||
|
||||
environment.sessionVariables = {
|
||||
|
||||
12
flake.lock
12
flake.lock
@ -202,11 +202,11 @@
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1706373441,
|
||||
"narHash": "sha256-S1hbgNbVYhuY2L05OANWqmRzj4cElcbLuIkXTb69xkk=",
|
||||
"lastModified": 1706098335,
|
||||
"narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "56911ef3403a9318b7621ce745f5452fb9ef6867",
|
||||
"rev": "a77ab169a83a4175169d78684ddd2e54486ac651",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -233,11 +233,11 @@
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1706371002,
|
||||
"narHash": "sha256-dwuorKimqSYgyu8Cw6ncKhyQjUDOyuXoxDTVmAXq88s=",
|
||||
"lastModified": 1706191920,
|
||||
"narHash": "sha256-eLihrZAPZX0R6RyM5fYAWeKVNuQPYjAkCUBr+JNvtdE=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "c002c6aa977ad22c60398daaa9be52f2203d0006",
|
||||
"rev": "ae5c332cbb5827f6b1f02572496b141021de335f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
||||
@ -41,7 +41,6 @@
|
||||
./modules/discord-matrix-bridge.nix
|
||||
./modules/mastodon.nix
|
||||
./modules/folding.nix
|
||||
./modules/ptero.nix
|
||||
agenix.nixosModules.default
|
||||
nixos-mailserver.nixosModules.default
|
||||
nixos-matrix-modules.nixosModules.default
|
||||
|
||||
@ -55,19 +55,20 @@ in {
|
||||
dbhost= "localhost:${builtins.toString config.services.postgresql.port}";
|
||||
dbtype = "pgsql";
|
||||
};
|
||||
settings = {
|
||||
extraOptions = {
|
||||
overwriteProtocol = "https";
|
||||
defaultPhoneRegion = "DE";
|
||||
};
|
||||
phpOptions = {
|
||||
"opcache.interned_strings_buffer" = "12";
|
||||
};
|
||||
extraOptions = {
|
||||
filelocking.enabled = true;
|
||||
redis = {
|
||||
host = "localhost";
|
||||
port = 6379;
|
||||
timeout = 0.0;
|
||||
};
|
||||
|
||||
};
|
||||
phpOptions = {
|
||||
"opcache.interned_strings_buffer" = "12";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
@ -1,130 +0,0 @@
|
||||
{config, pkgs, ...}: let
|
||||
root_host = "grimmauld.de";
|
||||
root_email = "contact@${root_host}";
|
||||
ptero_host = "ptero.${root_host}";
|
||||
DATA_DIR = "/var/lib/pterodactylpanel";
|
||||
panel_user = "pterodactyl";
|
||||
local_bridge = "ptero-local-br";
|
||||
ptero_ver = "1.11.5";
|
||||
ptero_port = "8042";
|
||||
in {
|
||||
users.users.${panel_user} = {
|
||||
isSystemUser = true;
|
||||
extraGroups = ["docker"];
|
||||
group = panel_user;
|
||||
};
|
||||
users.groups.${panel_user} = {};
|
||||
|
||||
age.secrets.ptero_env = {
|
||||
file = ../secrets/ptero_env.age;
|
||||
};
|
||||
|
||||
systemd.services.init-ptero-data-dir = {
|
||||
description = "Create the pterodactyl panel data dir";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig.Type = "oneshot";
|
||||
script =''
|
||||
mkdir -p ${DATA_DIR}/database
|
||||
mkdir -p ${DATA_DIR}/cache
|
||||
mkdir -p ${DATA_DIR}/panel/var
|
||||
mkdir -p ${DATA_DIR}/panel/logs
|
||||
mkdir -p ${DATA_DIR}/panel/nginx
|
||||
chown ${panel_user}:${panel_user} -R ${DATA_DIR}
|
||||
chmod +777 -R ${DATA_DIR}
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.oci-containers.backend = "podman";
|
||||
|
||||
systemd.services.init-ptero-local-network = {
|
||||
description = "Create the network bridge ${local_bridge} for ptero.";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = let podmancli = "${config.virtualisation.podman.package}/bin/podman";
|
||||
in ''
|
||||
check=$(${podmancli} pod ls | grep "ptero" || true)
|
||||
if [ -z "$check" ]; then
|
||||
${podmancli} pod create -p "${ptero_port}:80" ptero
|
||||
else
|
||||
echo "ptero pod already exists"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
virtualisation.oci-containers.containers."ptero-mysql" = {
|
||||
image = "library/mysql:8.0";
|
||||
workdir = "${DATA_DIR}/database";
|
||||
extraOptions = [ "--pod=ptero" ];
|
||||
environment = {
|
||||
"MYSQL_USER" = "pterodactyl";
|
||||
"MYSQL_DATABASE" = "panel";
|
||||
};
|
||||
environmentFiles = [ config.age.secrets.ptero_env.path ];
|
||||
volumes = ["${DATA_DIR}/database:/var/lib/mysql" "${DATA_DIR}/database:${DATA_DIR}/database"];
|
||||
cmd=["--default-authentication-plugin=mysql_native_password"];
|
||||
};
|
||||
|
||||
virtualisation.oci-containers.containers."ptero-cache" = {
|
||||
image = "redis:alpine";
|
||||
workdir = "${DATA_DIR}/cache";
|
||||
volumes = ["${DATA_DIR}/cache:${DATA_DIR}/cache"];
|
||||
extraOptions = [ "--pod=ptero" ];
|
||||
};
|
||||
|
||||
virtualisation.oci-containers.containers."ptero-panel" = {
|
||||
image = "ghcr.io/pterodactyl/panel:v${ptero_ver}";
|
||||
volumes = [
|
||||
"${DATA_DIR}/panel/var/:/app/var/"
|
||||
"${DATA_DIR}/panel/logs/:/app/storage/logs"
|
||||
"${DATA_DIR}/panel/nginx/:/etc/nginx/conf.d/"
|
||||
];
|
||||
extraOptions = [ "--pod=ptero" ];
|
||||
environment = {
|
||||
"APP_URL" = "https://${ptero_host}";
|
||||
"APP_TIMEZONE" = "Europe/Berlin";
|
||||
"APP_SERVICE_AUTHOR" = root_email;
|
||||
|
||||
"MAIL_FROM" = "noreply@${root_host}";
|
||||
"MAIL_DRIVER" = "smtp";
|
||||
"MAIL_HOST" = "mail";
|
||||
"MAIL_PORT" = "25";
|
||||
"MAIL_USERNAME" = "";
|
||||
"MAIL_PASSWORD" = "";
|
||||
"MAIL_ENCRYPTION" = "true";
|
||||
|
||||
"APP_ENV"= "production";
|
||||
"APP_ENVIRONMENT_ONLY"= "false";
|
||||
"CACHE_DRIVER" = "redis";
|
||||
"SESSION_DRIVER" = "redis";
|
||||
"QUEUE_DRIVER" = "redis";
|
||||
"REDIS_HOST" = "127.0.0.1";
|
||||
"DB_HOST" = "127.0.0.1";
|
||||
"TRUSTED_PROXIES" = "*";
|
||||
};
|
||||
labels = {
|
||||
"traefik.http.routers.pterodactyl_panel.entrypoints"="web";
|
||||
};
|
||||
environmentFiles = [ config.age.secrets.ptero_env.path ];
|
||||
};
|
||||
|
||||
security.acme.certs."${root_host}".extraDomainNames = [ ptero_host ];
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."${ptero_host}" = {
|
||||
serverName = ptero_host;
|
||||
forceSSL = true;
|
||||
useACMEHost = root_host;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${ptero_port}";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
(writeShellScriptBin "ptero-nix" "${config.virtualisation.podman.package}/bin/podman exec -it ptero-panel php artisan $@")
|
||||
];
|
||||
}
|
||||
Binary file not shown.
@ -14,5 +14,4 @@ in
|
||||
"matrix_mjolnir_pass.age".publicKeys = [ contabo_nix_pub ];
|
||||
"matrix_mjolnir_tle_pass.age".publicKeys = [ contabo_nix_pub ];
|
||||
"matrix_discord_bridge_token.age".publicKeys = [ contabo_nix_pub ];
|
||||
"ptero_env.age".publicKeys = [ contabo_nix_pub ];
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user