add services/workadventure for true-love event
This commit is contained in:
parent
5432503397
commit
6563e0ccfa
2 changed files with 91 additions and 0 deletions
|
@ -21,6 +21,7 @@
|
||||||
../../services/gitlab-runner.nix
|
../../services/gitlab-runner.nix
|
||||||
../../services/lantifa.nix
|
../../services/lantifa.nix
|
||||||
../../services/vaultwarden.nix
|
../../services/vaultwarden.nix
|
||||||
|
../../services/workadventure.nix
|
||||||
|
|
||||||
./lxc.nix
|
./lxc.nix
|
||||||
];
|
];
|
||||||
|
|
90
services/workadventure.nix
Normal file
90
services/workadventure.nix
Normal file
|
@ -0,0 +1,90 @@
|
||||||
|
{ config, lib, pkgs, modules, profiles, evalConfig, sources, ... }:
|
||||||
|
let
|
||||||
|
wapkgs = "${sources.workadventure}/wapkgs.nix";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
services.coturn = {
|
||||||
|
enable = true;
|
||||||
|
realm = "void.hacc.space";
|
||||||
|
no-cli = true;
|
||||||
|
lt-cred-mech = true;
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
user=turn:a4c9ad080dc51146611eabd15a27b07fc92850a9ae90c53e7745fce6c5a2c457
|
||||||
|
fingerprint
|
||||||
|
external-ip=135.181.215.233
|
||||||
|
server-name=void.hacc.space
|
||||||
|
prometheus
|
||||||
|
'';
|
||||||
|
|
||||||
|
cert = config.security.acme.certs."void.hacc.space".directory + "full.pem";
|
||||||
|
pkey = config.security.acme.certs."void.hacc.space".directory + "key.pem";
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall = with config.services.coturn;
|
||||||
|
let
|
||||||
|
ports = [ listening-port tls-listening-port ];
|
||||||
|
in {
|
||||||
|
allowedTCPPorts = ports ++ [ 9641 ]; # 9641 is the port for the prometheus endpoint
|
||||||
|
allowedUDPPorts = ports;
|
||||||
|
allowedUDPPortRanges = [
|
||||||
|
{ from = min-port; to = max-port; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."void.hacc.space" = {
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://192.168.150.3";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
extraConfig = ''
|
||||||
|
allow 23.88.116.81;
|
||||||
|
allow 2a01:4f8:c17:86ba::1;
|
||||||
|
deny all;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
containers.wa-truelove = {
|
||||||
|
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostAddress = "192.168.150.1";
|
||||||
|
localAddress = "192.168.150.3";
|
||||||
|
|
||||||
|
|
||||||
|
path = (evalConfig {hosts = {}; groups = {};} ({ config, lib, pkgs, profiles, modules, sources, ... }: {
|
||||||
|
boot.isContainer = true;
|
||||||
|
networking.useDHCP = false;
|
||||||
|
users.users.root.hashedPassword = "";
|
||||||
|
|
||||||
|
imports = [
|
||||||
|
"${sources.workadventure.outPath}/default.nix"
|
||||||
|
((import sources.nix-hexchen) {}).profiles.nopersist
|
||||||
|
];
|
||||||
|
|
||||||
|
services.workadventure."truelove" = {
|
||||||
|
|
||||||
|
packageset = (import wapkgs {inherit pkgs;}).workadventure-xce;
|
||||||
|
|
||||||
|
nginx = {
|
||||||
|
default = true;
|
||||||
|
domain = "https://true-love.world.hacc.space";
|
||||||
|
};
|
||||||
|
|
||||||
|
frontend.startRoomUrl = "/_/global/localhost/maps/main.json";
|
||||||
|
commonConfig = {
|
||||||
|
webrtc.stun.url = "stun:void.hacc.space:3478";
|
||||||
|
webrtc.turn = {
|
||||||
|
url = "turn:135.181.215.233";
|
||||||
|
user = "turn";
|
||||||
|
password = "a4c9ad080dc51146611eabd15a27b07fc92850a9ae90c53e7745fce6c5a2c457";
|
||||||
|
};
|
||||||
|
jitsi.url = "meet.ffmuc.net";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})).config.system.build.toplevel;
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue