-
Notifications
You must be signed in to change notification settings - Fork 0
/
valheim-service.nix
44 lines (40 loc) · 1.21 KB
/
valheim-service.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
{ config, pkgs, ... }:
let
valheim-runner = pkgs.callPackage ./valheim-runner.nix {};
in
{
# open valheim ports on system
networking.firewall = {
allowedUDPPorts = [
2456
2457
2458
];
};
users.users.valheim.isNormalUser = true;
sops.validateSopsFiles = false;
sops.defaultSopsFile = "/etc/nixos/secrets/secrets.yaml"; # todo: copy to this path from activation
sops.secrets.valheim-password = {};
sops.secrets.valheim-password.owner = config.users.users.valheim.name;
systemd.services.valheim = {
description = "Valheim Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
SupplementaryGroups = [ "keys" ];
LoadCredential="VALHEIM_PASSWORD:${config.sops.secrets.valheim-password.path}";
User = "valheim";
Group = "users";
StandardOutput= "journal";
Type = "simple";
WorkingDirectory = "/home/valheim";
ExecStart = "${valheim-runner}/bin/start_valheim.sh \${CREDENTIALS_DIRECTORY}/VALHEIM_PASSWORD"; # from valheim-runner
};
};
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
steam-run
steamPackages.steamcmd
valheim-runner
];
}