factorio server

2025-09-27 21:40:07 +02:00 · 2025-09-27 21:40:07 +02:00 · 47a4f3f9a7
commit 47a4f3f9a7
parent 00b7254d12
10 changed files with 174 additions and 52 deletions
--- a/factorio-mods/snek/VehicleSnap_2.0.2.zip
+++ b/factorio-mods/snek/VehicleSnap_2.0.2.zip
--- a/factorio-mods/snek/factoryplanner_2.0.30.zip
+++ b/factorio-mods/snek/factoryplanner_2.0.30.zip
--- a/factorio-mods/snek/flib_0.16.3.zip
+++ b/factorio-mods/snek/flib_0.16.3.zip
--- a/factorio-mods/snek/visible-planets_1.4.8.zip
+++ b/factorio-mods/snek/visible-planets_1.4.8.zip
--- a/fili/services/default.nix
+++ b/fili/services/default.nix
@ -6,6 +6,8 @@ _: {
    ./forgejo.nix
    ./obsidian-sync.nix
    ./factorio.nix
    ./media
    ./websites
    ./auth
--- a/fili/services/factorio.nix
+++ b/fili/services/factorio.nix
@ -0,0 +1,104 @@
 {lib, pkgs, config, ...}: let
  factorioVersion = version: sha: pkgs.factorio-headless.overrideAttrs (_: {
    inherit version;
    src = pkgs.fetchurl {
      url = "https://factorio.com/get-download/${version}/headless/linux64";
      name = "factorio-headless-${version}.tar.xz";
      sha256 = sha;
    };
  });
  getMods = modDir: let
    modList = lib.pipe modDir [
      builtins.readDir
      (lib.filterAttrs (k: v: v == "regular"))
      (lib.mapAttrsToList (k: v: k))
      (builtins.filter (lib.hasSuffix ".zip"))
    ];
    validPath = modFileName:
      builtins.path {
        path = modDir + "/${modFileName}";
        name = lib.strings.sanitizeDerivationName modFileName;
      };
    modToDrv = modFileName:
      pkgs.runCommand "copy-factorio-mods" {} ''
        mkdir $out
        ln -s '${validPath modFileName}' $out/'${modFileName}'
      ''
      // { deps = []; };
    in
    builtins.map modToDrv modList;
  factorioContainer = name: factorio-config: {
    "factorio-${name}" = {
      autoStart = true;
      bindMounts = {
        "/var/lib/factorio" = {
          hostPath = "/factorio/${name}";
          isReadOnly = false;
        };
        "/run/secrets" = {
          hostPath = "/run/secrets";
          isReadOnly = true;
        };
        "/etc/resolv.conf" = {
          hostPath = "/etc/resolv.conf";
          isReadOnly = true;
        };
      };
      privateUsers = "no";
      config = { config, pkgs, lib, ... }: {
        systemd.services.factorio.serviceConfig.User = "factorio";
        services.factorio = factorio-config // {
          enable = true;
          openFirewall = true;
          game-name = name;
          saveName = name;
          stateDirName = "factorio";
        };
        nixpkgs.config = {
          allowUnfree = true;
        };
        system.stateVersion = "23.11";
        networking = {
          firewall.enable = false;
        };
      };
    };
  };
 in
 {
  users.groups.factorio = { };
  users.users.factorio = {
    isSystemUser = true;
    group = "factorio";
    extraGroups = [ "storage" ];
  };
  sops.secrets.factorio = {
    sopsFile = ../../secrets/factorio.json;
    format = "json";
    key = "";
    owner = "factorio";
  };
  containers = factorioContainer "tawney" {
    autosave-interval = 20;
    admins = [ "jonay2000" "computerdruid" "pineapple" ];
    extraSettingsFile = config.sops.secrets.factorio.path;
    # mods = getMods ../../factorio-mods/tawney;
    package = factorioVersion "2.0.66" "sha256-8bOXbqzE4jOADTmdkABsNW+jZvXWQ0HFBMlcDLoyHAY=";
    port = 20001;
  }
  // factorioContainer "snek" {
    autosave-interval = 20;
    admins = [ "jonay2000" "computerdruid" "pineapple" ];
    extraSettingsFile = config.sops.secrets.factorio.path;
    mods = getMods ../../factorio-mods/snek;
    package = factorioVersion "2.0.66" "sha256-8bOXbqzE4jOADTmdkABsNW+jZvXWQ0HFBMlcDLoyHAY=";
    port = 20002;
  };
 }
--- a/fili/services/websites/mapf.nix
+++ b/fili/services/websites/mapf.nix
@ -1,9 +1,9 @@
-{ flakes, ... }:
+{ config
 , flakes
 , pkgs
 , ...
 }:
 {
  # imports = [
  #   flakes.mapf.nixosModules.default
  # ];
  sops.secrets.mapf = {
    sopsFile = ../../../secrets/mapf-prod.env;
  };
@ -20,11 +20,30 @@
    };
  };
-  # donsz.services.mapf = {
+  systemd.services.mapf-server =
-  #   enable = true;
+    let
-  #   envfile = "/run/secrets/sops/mapf";
+      package = flakes.mapf.packages.${pkgs.system}.default;
-  #   db_name = "mapfprod";
+    in
-  #   db_user = "mapfprod";
+    {
-  #   db_password = "";
+      description = "mapf-server";
-  # };
+      wantedBy = [ "multi-user.target" ];
      serviceConfig = {
        DynamicUser = "yes";
        ExecStart = "${package}/mapf_server_bin";
        Restart = "on-failure";
        RestartSec = "5s";
        EnvironmentFile = config.sops.secrets.mapf.path;
        WorkingDirectory = "${package}";
      };
      environment = {
        MAPF_TEMPLATEFOLDER = "${package}/templates";
        MAPF_DBUSER = "mapfprod";
        MAPF_DBPASSWORD = "";
        MAPF_DBPORT = "3306";
        MAPF_DBHOST = "localhost";
        MAPF_DBDATABASE = "mapfprod";
      };
    };
 }
--- a/flake.lock
+++ b/flake.lock
@ -191,11 +191,11 @@
        "nixpkgs": "nixpkgs_4"
      },
      "locked": {
-        "lastModified": 1721482233,
+        "lastModified": 1757529600,
-        "narHash": "sha256-zNTFyWdpOOTSXfCtcvdU7MjHohnKQpZcSlhCPS/C93Y=",
+        "narHash": "sha256-QSubvX4HaBx1LoePLBesrQqq0UuLuL4tM0uT0ipWlu8=",
        "ref": "refs/heads/master",
-        "rev": "aa47dd1bc41ba25d14b1ac62edcee14f6fec1aa5",
+        "rev": "85e88fdc8f9947cb847db49e59e3ab1b5befac97",
-        "revCount": 677,
+        "revCount": 678,
        "type": "git",
        "url": "ssh://git@github.com/jdonszelmann/mapf-server"
      },
@ -276,22 +276,6 @@
        "type": "github"
      }
    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1703950681,
        "narHash": "sha256-veU5bE4eLOmi7aOzhE7LfZXcSOONRMay0BKv01WHojo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "0aad9113182747452dbfc68b93c86e168811fa6c",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "release-23.05",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1738680400,
@ -426,11 +410,11 @@
        "nixpkgs-mozilla": "nixpkgs-mozilla"
      },
      "locked": {
-        "lastModified": 1755627228,
+        "lastModified": 1758149969,
-        "narHash": "sha256-0BiTSjVWxgFnhOFxM1hpeMoMZcQBsgZTeVIgXOSUMcg=",
+        "narHash": "sha256-D1K7UQSj4A62nGS08AWK6NcN5YJzEAx3vO7MX4prhn0=",
        "owner": "jdonszelmann",
        "repo": "review-queue",
-        "rev": "e2cf27dea96d2fde03c913d4b4462d3785019b36",
+        "rev": "1ff3b6f897885af1fb4f7d98b9acb1e030a6affd",
        "type": "github"
      },
      "original": {
@ -472,19 +456,18 @@
    },
    "sops-nix": {
      "inputs": {
-        "nixpkgs": "nixpkgs_8",
+        "nixpkgs": "nixpkgs_8"
        "nixpkgs-stable": "nixpkgs-stable"
      },
      "locked": {
-        "lastModified": 1704122840,
+        "lastModified": 1758425756,
-        "narHash": "sha256-K+ubwROTgvoMzBe6h/JExJTdDSrX3gWNHX2XNOsybB0=",
+        "narHash": "sha256-L3N8zV6wsViXiD8i3WFyrvjDdz76g3tXKEdZ4FkgQ+Y=",
-        "owner": "jdonszelmann",
+        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "162696bebe125a43aaaf6a249aea16fab6925762",
+        "rev": "e0fdaea3c31646e252a60b42d0ed8eafdb289762",
        "type": "github"
      },
      "original": {
-        "owner": "jdonszelmann",
+        "owner": "Mic92",
        "repo": "sops-nix",
        "type": "github"
      }
--- a/flake.nix
+++ b/flake.nix
@ -4,7 +4,7 @@
    nixpkgs.url = "github:NixOS/nixpkgs/release-25.05";
    colmena.url = "github:zhaofengli/colmena";
    flake-utils.url = "github:numtide/flake-utils";
-    sops-nix.url = "github:jdonszelmann/sops-nix";
+    sops-nix.url = "github:Mic92/sops-nix";
    vpn-confinement.url = "github:Maroka-chan/VPN-Confinement";
    # websites
@ -16,15 +16,14 @@
    reviewqueue.url = "github:jdonszelmann/review-queue";
  };
  outputs =
-    {
+    { self
-      self,
+    , nixpkgs
-      nixpkgs,
+    , colmena
-      colmena,
+    , flake-utils
-      flake-utils,
+    , sops-nix
-      sops-nix,
+    , vpn-confinement
-      vpn-confinement,
+    , mapf
-      mapf,
+    , ...
      ...
    }@inputs:
    let
      pkgsForSystem =
--- a/secrets/factorio.json
+++ b/secrets/factorio.json
@ -0,0 +1,15 @@
 {
 	"game-password": "ENC[AES256_GCM,data:2bXZIw==,iv:kJgmaUefLHo4OrBC1a1Pvc+gixKdI8ZI4yWMTOcN59A=,tag:4K8EOgslO5qVRWDZbmafkA==,type:str]",
 	"sops": {
 		"age": [
 			{
 				"recipient": "age1ygkcl4ss92z5ptzt3w5g4n98qx2c4kagyssm96m5z4c7t299c5wszjchxw",
 				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmdE1kazRGVVpQaFlSL1Ji\nNHlNSklRbUd0aHhLUjZVSEVJQkljK2ZFT0JVCm93U3U4dkpQZ0tHYis4QnJKcEtS\nMFNUMi9WK042aFlXWHQxOVVhWjRHMFUKLS0tIHVCNHFmYThUUmt3YWhqRkFHK1l2\nR2lPWnJNV1pkU09MYi9BTDdqSmJYeDQKsS93AT1x6v07GZxrGImvH1wijJIqtBCC\nABgfLrD8XhtwQLLKGdDubOjDErbNk6xZYLJC8rAQmCGJH4iv8JcpSg==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
 		"lastmodified": "2025-09-27T19:59:38Z",
 		"mac": "ENC[AES256_GCM,data:QXoanBtvK2OJOBidSEDKvOILXKdD8/te0k6mnSZRhEpE4a6JOkwzTFCqJKz2KmAWWMTcAdimj5vC4NSsDoMOiUtpRGfPcxMdS1xfIU6QI1uAq+/aVuQMf5aqp2B5JieEvgDjGC0WaeZ5ebRqt5svwbQhemL7KUnukfwqVAUD6og=,iv:kINnJ9RDEQZ83pHmRClWC+X9je8EL9y8akFm7IDkEvs=,tag:XXZxJ8aCnbXBA+89mtCKlw==,type:str]",
 		"unencrypted_suffix": "_unencrypted",
 		"version": "3.10.2"
 	}
 }