From f72f22b250ecf22657ffc9e6082086377031ea8a Mon Sep 17 00:00:00 2001 From: tzlil Date: Sun, 30 Jul 2023 13:19:39 +0300 Subject: clean up a bit --- hosts/vps/services/hydrus.nix | 60 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 hosts/vps/services/hydrus.nix (limited to 'hosts/vps/services/hydrus.nix') diff --git a/hosts/vps/services/hydrus.nix b/hosts/vps/services/hydrus.nix new file mode 100644 index 0000000..c967fbc --- /dev/null +++ b/hosts/vps/services/hydrus.nix @@ -0,0 +1,60 @@ +{ + pkgs, + config, + lib, + ... +}: { + config = { + users.groups.hydrus = {}; + users.users.hydrus = { + isSystemUser = true; + description = "hydrus"; + group = "hydrus"; + home = "/home/hydrus"; + }; + + systemd.services.Xvnc = { + description = "Xvnc"; + wantedBy = ["multi-user.target"]; + + serviceConfig = { + ExecStart = "${pkgs.turbovnc}/bin/Xvnc :30 -iglx -depth 24 -rfbwait 120000 -deferupdate 1 -localhost -verbose -securitytypes none"; + User = "hydrus"; + Group = "hydrus"; + Restart = "on-failure"; + RestartSec = "5s"; + }; + }; + + systemd.services.hydrus = { + description = "Hydrus"; + wantedBy = ["multi-user.target" "Xvnc.service"]; + wants = ["podman-hydrus-web.service"]; + + serviceConfig = { + Environment = "DISPLAY=:30"; + ExecStart = "${pkgs.hydrus}/bin/hydrus-client -d /home/hydrus"; + User = "hydrus"; + Group = "hydrus"; + Restart = "on-failure"; + RestartSec = "5s"; + }; + }; + + security.lockKernelModules = lib.mkForce false; + virtualisation.oci-containers.containers.hydrus-web = { + ports = ["100.67.217.90:8080:80"]; + image = "ghcr.io/floogulinc/hydrus-web:dev"; + }; + + networking.firewall.allowedTCPPorts = [45869]; + + environment.persistence."/nix/persist".directories = [ + { + directory = "/home/hydrus"; + user = "hydrus"; + group = "hydrus"; + } + ]; + }; +} -- cgit 1.4.1