summaryrefslogtreecommitdiff
path: root/hosts/flora/services/workadventure.nix
diff options
context:
space:
mode:
authorstuebinm2021-03-03 00:51:39 +0100
committerstuebinm2021-03-03 00:51:39 +0100
commitd96fbd63510048bf56d3d600a65f7983096c1bb1 (patch)
tree192afecb97bcdb829e1461bebc283cc86fb99586 /hosts/flora/services/workadventure.nix
migrating config
This deploy logic is primarily based on hxchn's deploy lib [1], with some slight modifications to make it work with my setup. Everything seems to work fine for now. However, I am unsure about the usage of niv — the config doesn't seem to gain much from it, apart from (some) additional complexity. [1] https://gitlab.com/hexchen/nixfiles
Diffstat (limited to 'hosts/flora/services/workadventure.nix')
-rw-r--r--hosts/flora/services/workadventure.nix104
1 files changed, 104 insertions, 0 deletions
diff --git a/hosts/flora/services/workadventure.nix b/hosts/flora/services/workadventure.nix
new file mode 100644
index 0000000..f38f5da
--- /dev/null
+++ b/hosts/flora/services/workadventure.nix
@@ -0,0 +1,104 @@
+{pkgs, config, ...}:
+
+
+let
+ haccpkgssrc = pkgs.fetchgit {
+ url = "https://gitlab.infra4future.de/stuebinm/workadventure-nix-hacc";
+ rev = "a4ffb828aadf5ffd54a269f8a9ec9553c016069b";
+ sha256 = "12qfisfwr170b94j12rhy2q3smrwc7a3nh6xzbxlphnr3vadplvz";
+ };
+ haccpkgs = import "${haccpkgssrc}";
+ fediventure = pkgs.fetchgit {
+ url = "https://gitlab.infra4future.de/stuebinm/fediventure-simple";
+ rev = "f32d3c5efd39df558f80b862c60b2866c567d999";
+ sha256 = "0kdb29hzh6s7rsz8s9z40hsmj09rrww1lcyfdi7wpng9ixi1jfvx";
+ };
+in
+
+{
+
+ containers.wa-test = {
+ autoStart = true;
+ privateNetwork = true;
+ hostAddress6 = "fd00::42:20";
+ localAddress6 = "fd00::42:21";
+
+ config = {config, pkgs, ...}: {
+ imports = [ "${fediventure}/workadventure.nix" ];
+ networking.firewall.allowedTCPPorts = [ 80 443 5000 7890 ];
+
+ services.workadventure.instances."space.stuebinm.eu" = {
+ nginx.default = true;
+ nginx.domain = "space.stuebinm.eu";
+ maps.path = haccpkgs.workadventure-hacc-rc3-map.outPath + "/";
+ frontend.settings.startRoomUrl = "space.stuebinm.eu/maps/main.json";
+ frontend.settings = {
+ stunServer = "stun:chaski.stuebinm.eu:3478";
+ turnServer = "turn:95.217.159.23";
+ turnUser = "chaski";
+ turnPassword = "chaski";
+ jitsiUrl = "meet.ffmuc.net";
+ };
+ };
+
+ services.prometheus = {
+ enable = true;
+ port = 9001;
+ scrapeConfigs = [ {
+ job_name = "workadventure-back";
+ static_configs = [ {
+ targets = [ "localhost:8080" ];
+ } ];
+ } ];
+ };
+
+ services.grafana = {
+ enable = true;
+ port = 5000;
+ addr = "[::]";
+ rootUrl = "https://space.stuebinm.eu/metrics/";
+ auth.anonymous.enable = true;
+ provision = {
+ enable = true;
+ datasources = [ {
+ name = "workadventure";
+ type = "prometheus";
+ url = "http://localhost:9001";
+ } ];
+ };
+ };
+
+ systemd.services.goaccess = {
+ enable = true;
+ description = "Uses goaccess to publish a neat acces log on /var/www/index.html";
+ requires = [ "nginx.service" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig.Type = "simple";
+ path = [ pkgs.goaccess ];
+ environment = {"HOME" = "/tmp";}; # necessary as goaccess will crash otherwise — is fixed upstream, but not yet in nixos
+ script = ''
+ mkdir -p /var/www-goaccess/
+ goaccess /var/log/nginx/access.log -o /var/www-goaccess/index.html --log-format=COMBINED --html
+ '';
+ };
+
+ services.nginx.virtualHosts."space.stuebinm.eu" = {
+ locations."/stats/".alias = "/var/www-goaccess/";
+ };
+ };
+ };
+
+ services.nginx.virtualHosts."space.stuebinm.eu" = {
+ extraConfig = ''
+ proxy_read_timeout 300s;
+ proxy_connect_timeout 75s;
+ '';
+ locations."/metrics/".proxyPass = "http://[${config.containers.wa-test.localAddress6}]:5000/";
+ locations."/metrics/".proxyWebsockets = true;
+ locations."/".proxyPass = "http://[${config.containers.wa-test.localAddress6}]:80";
+ locations."/".proxyWebsockets = true;
+ enableACME = true;
+ forceSSL = true;
+ };
+}
+