From 668639fac15af846ab05fff1999a14e42b9766b3 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Thu, 2 Dec 2021 01:59:44 +0100
Subject: [PATCH] PoC

---
 flake.lock                  | 27 ++++++++++++++++++++
 flake.nix                   | 51 +++++++++++++++++++++++++++++++++++++
 nixos-modules/container.nix | 27 ++++++++++++++++++++
 nixos-modules/quake3ded.nix | 10 ++++++++
 pkgs/baseq3.nix             | 25 ++++++++++++++++++
 q3config.cfg                | 22 ++++++++++++++++
 6 files changed, 162 insertions(+)
 create mode 100644 flake.lock
 create mode 100644 flake.nix
 create mode 100644 nixos-modules/container.nix
 create mode 100644 nixos-modules/quake3ded.nix
 create mode 100644 pkgs/baseq3.nix
 create mode 100644 q3config.cfg

diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..47afc23
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1638379089,
+        "narHash": "sha256-i46UYx7K40zuwcBcp52HcWrAq6LxUcGlzwgPZlMvpW4=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "19b97c86986e72e5728e14c08f8c942df21ba180",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "release-21.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..38a7d2b
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,51 @@
+{
+  description = "Quake 3 Arena Dedicated Server";
+
+  inputs = {
+    nixpkgs.url = "github:nixos/nixpkgs/release-21.11";
+  };
+
+  outputs = inputs@{ self, nixpkgs }: {
+
+    packages = builtins.mapAttrs (system: _:
+      let
+        inherit (self.nixosConfigurations) quakeserver;
+
+        remoteCommand = "ssh -Co ClearAllForwardings=yes sbz -- sudo lxc-attach -n quake-astro --";
+      in rec {
+        rootfs = quakeserver.config.system.build.toplevel;
+        container = quakeserver.config.system.build.tarball;
+
+        deploy = with nixpkgs.legacyPackages.${system};
+          writeScriptBin "deploy" ''
+            #! ${runtimeShell} -e
+
+            nix-store --export $(cat ${writeReferencesToFile rootfs}) | pv -brep | ${remoteCommand} /run/current-system/sw/bin/nix-store --import
+            ${remoteCommand} ${rootfs}/bin/switch-to-configuration switch
+          '';
+      } //
+      import ./pkgs/baseq3.nix (inputs // { inherit system; })
+    ) { x86_64-linux = true; };
+
+    nixosModules = {
+      container = import ./nixos-modules/container.nix;
+      quake3ded = import ./nixos-modules/quake3ded.nix;
+    };
+    
+    nixosConfigurations.quakeserver = nixpkgs.lib.nixosSystem {
+      system = "x86_64-linux";
+      extraArgs = {
+        inherit self;
+      };
+      modules = [
+        "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
+        self.nixosModules.container
+        self.nixosModules.quake3ded
+        {
+          networking.hostName = "quakeserver";
+        }
+      ];
+    };
+
+  };
+}
diff --git a/nixos-modules/container.nix b/nixos-modules/container.nix
new file mode 100644
index 0000000..366b8e0
--- /dev/null
+++ b/nixos-modules/container.nix
@@ -0,0 +1,27 @@
+{ pkgs, ... }:
+{
+  # system
+  boot = {
+    isContainer = true;
+    tmpOnTmpfs = true;
+  };
+  nix = {
+    extraOptions = "experimental-features = nix-command flakes";
+    package = pkgs.nixUnstable;
+  };
+  system.stateVersion = "21.11";
+
+  # network
+  networking.useDHCP = false;
+  systemd.network.enable = false;
+  services.resolved.enable = false;
+  services.openssh = {
+    enable = false;
+    startWhenNeeded = false;
+  };
+
+  environment.noXlibs = false;
+  environment.systemPackages = with pkgs; [
+    git tcpdump
+  ];
+}
diff --git a/nixos-modules/quake3ded.nix b/nixos-modules/quake3ded.nix
new file mode 100644
index 0000000..7dd31cc
--- /dev/null
+++ b/nixos-modules/quake3ded.nix
@@ -0,0 +1,10 @@
+{ pkgs, self, ... }:
+with pkgs;
+{
+  services.quake3-server = {
+    enable = true;
+    openFirewall = true;
+    baseq3 = self.packages.${pkgs.system}.baseq3;
+    extraConfig = builtins.readFile ../q3config.cfg;
+  };
+}
diff --git a/pkgs/baseq3.nix b/pkgs/baseq3.nix
new file mode 100644
index 0000000..0814647
--- /dev/null
+++ b/pkgs/baseq3.nix
@@ -0,0 +1,25 @@
+{ self, nixpkgs, system }:
+with (import nixpkgs {
+  inherit system;
+  config = { allowUnfree = true; };
+});
+rec {
+  q3iso = fetchurl {
+    url = "https://archive.org/download/quake-iii/Quake%20III.iso";
+    name = "QuakeIII.iso";
+    sha256 = "1qgk5kx7mf75dvlf54x15dpvjvwwh27q6m3cgg8gyiv57hw20cp9";
+  };
+  baseq3 = stdenv.mkDerivation {
+    name = "baseq3";
+    src = q3iso;
+    nativeBuildInputs = [ p7zip ];
+    unpackPhase = ''
+      7z x $src
+    '';
+    installPhase = ''
+      mkdir $out
+      cp -av baseq3/* $out/
+      cp -av ${quake3pointrelease}/baseq3/* $out/
+    '';
+  };
+}
diff --git a/q3config.cfg b/q3config.cfg
new file mode 100644
index 0000000..d3b8975
--- /dev/null
+++ b/q3config.cfg
@@ -0,0 +1,22 @@
+set g_password ""
+rconpassword ""
+sv_maxRate "25000"
+sv_maxclients 32
+sv_hostname "[SBZ] spaceboyz.net"
+g_motd "Grrr!"
+
+sets "Administrator" "Astro"
+sets "Email" "astro@spaceboyz.net"
+sets "URL" "https://spaceboyz.net"
+sets "Location" "Valley of the clueless"
+sets "CPU" "2010s"
+//sets "mappack" "http://www.myserver.com/mappack.zip"
+
+fraglimit 25
+capturelimit 5
+g_gametype 4
+
+set m1 "capturelimit 8; map q3ctf1; set nextmap vstr m2"
+set m2 "capturelimit 8; map q3ctf2 ; set nextmap vstr m3"
+set m3 "capturelimit 8; map q3ctf3 ; set nextmap vstr m1"
+vstr m1