From ccb101b9b71dc40f667b649d815c7eff14995414 Mon Sep 17 00:00:00 2001 From: Tom Fitzhenry Date: Fri, 25 Oct 2019 19:41:44 +1100 Subject: [PATCH 1/3] maintainers: add tomfitzhenry --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 6feb3ddd1aa4..32ae4303607b 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -6666,6 +6666,12 @@ githubId = 178444; name = "Thomas Bereknyei"; }; + tomfitzhenry = { + email = "tom@tom-fitzhenry.me.uk"; + github = "tomfitzhenry"; + githubId = 61303; + name = "Tom Fitzhenry"; + }; tomsmeets = { email = "tom.tsmeets@gmail.com"; github = "tomsmeets"; From 230fc22e610a975162cc1eaf23aa6bd641b51d3d Mon Sep 17 00:00:00 2001 From: Tom Fitzhenry Date: Tue, 22 Oct 2019 10:23:30 +1100 Subject: [PATCH 2/3] openarena: add module for dedicated server --- nixos/modules/module-list.nix | 1 + nixos/modules/services/games/openarena.nix | 56 ++++++++++++++++++++++ pkgs/games/openarena/default.nix | 6 +++ 3 files changed, 63 insertions(+) create mode 100644 nixos/modules/services/games/openarena.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 5214126ff7ed..06f806d13224 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -321,6 +321,7 @@ ./services/games/factorio.nix ./services/games/minecraft-server.nix ./services/games/minetest-server.nix + ./services/games/openarena.nix ./services/games/terraria.nix ./services/hardware/acpid.nix ./services/hardware/actkbd.nix diff --git a/nixos/modules/services/games/openarena.nix b/nixos/modules/services/games/openarena.nix new file mode 100644 index 000000000000..b7d1aea6b8d2 --- /dev/null +++ b/nixos/modules/services/games/openarena.nix @@ -0,0 +1,56 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.openarena; +in +{ + options = { + services.openarena = { + enable = mkEnableOption "OpenArena"; + + openPorts = mkOption { + type = types.bool; + default = false; + description = "Whether to open firewall ports for OpenArena"; + }; + + extraFlags = mkOption { + type = types.listOf types.str; + default = []; + description = ''Extra flags to pass to oa_ded''; + example = [ + "+set dedicated 2" + "+set sv_hostname 'My NixOS OpenArena Server'" + # Load a map. Mandatory for clients to be able to connect. + "+map oa_dm1" + ]; + }; + }; + }; + + config = mkIf cfg.enable { + networking.firewall = mkIf cfg.openPorts { + allowedUDPPorts = [ 27960 ]; + }; + + systemd.services.openarena = { + description = "OpenArena"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + DynamicUser = true; + StateDirectory = "openarena"; + ExecStart = "${pkgs.openarena}/bin/openarena-server +set fs_basepath ${pkgs.openarena}/openarena-0.8.8 +set fs_homepath /var/lib/openarena ${concatStringsSep " " cfg.extraFlags}"; + Restart = "on-failure"; + + # Hardening + CapabilityBoundingSet = ""; + NoNewPrivileges = true; + PrivateDevices = true; + }; + }; + }; +} diff --git a/pkgs/games/openarena/default.nix b/pkgs/games/openarena/default.nix index 141e0151cfbd..63abc5d609c0 100644 --- a/pkgs/games/openarena/default.nix +++ b/pkgs/games/openarena/default.nix @@ -25,10 +25,16 @@ stdenv.mkDerivation { patchelf --set-interpreter "${interpreter}" "${gameDir}/openarena.x86_64" makeWrapper "${gameDir}/openarena.x86_64" "$out/bin/openarena" \ --prefix LD_LIBRARY_PATH : "${libPath}" + patchelf --set-interpreter "${interpreter}" "${gameDir}/oa_ded.x86_64" + makeWrapper "${gameDir}/oa_ded.x86_64" "$out/bin/openarena-server" \ + --prefix LD_LIBRARY_PATH : "${libPath}" '' else '' patchelf --set-interpreter "${interpreter}" "${gameDir}/openarena.i386" makeWrapper "${gameDir}/openarena.i386" "$out/bin/openarena" \ --prefix LD_LIBRARY_PATH : "${libPath}" + patchelf --set-interpreter "${interpreter}" "${gameDir}/oa_ded.i386" + makeWrapper "${gameDir}/oa_ded.i386" "$out/bin/openarena-server" \ + --prefix LD_LIBRARY_PATH : "${libPath}" ''} ''; From 6d90d17a96fd4270cdff9d01efb90d6f2f86a8f5 Mon Sep 17 00:00:00 2001 From: Tom Fitzhenry Date: Wed, 23 Oct 2019 01:20:56 +1100 Subject: [PATCH 3/3] openarena: add test --- nixos/tests/all-tests.nix | 1 + nixos/tests/openarena.nix | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 nixos/tests/openarena.nix diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index e94c9712cbfa..163a9815f2c5 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -201,6 +201,7 @@ in novacomd = handleTestOn ["x86_64-linux"] ./novacomd.nix {}; nsd = handleTest ./nsd.nix {}; nzbget = handleTest ./nzbget.nix {}; + openarena = handleTest ./openarena.nix {}; openldap = handleTest ./openldap.nix {}; opensmtpd = handleTest ./opensmtpd.nix {}; openssh = handleTest ./openssh.nix {}; diff --git a/nixos/tests/openarena.nix b/nixos/tests/openarena.nix new file mode 100644 index 000000000000..4cc4db229637 --- /dev/null +++ b/nixos/tests/openarena.nix @@ -0,0 +1,36 @@ +import ./make-test.nix ({ pkgs, ...} : { + name = "openarena"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ tomfitzhenry ]; + }; + + machine = + { pkgs, ... }: + + { imports = []; + environment.systemPackages = with pkgs; [ + socat + ]; + services.openarena = { + enable = true; + extraFlags = [ + "+set dedicated 2" + "+set sv_hostname 'My NixOS server'" + "+map oa_dm1" + ]; + }; + }; + + testScript = + '' + $machine->waitForUnit("openarena.service"); + $machine->waitUntilSucceeds("ss --numeric --udp --listening | grep -q 27960"); + + # The log line containing 'resolve address' is last and only message that occurs after + # the server starts accepting clients. + $machine->waitUntilSucceeds("journalctl -u openarena.service | grep 'resolve address: dpmaster.deathmask.net'"); + + # Check it's possible to join the server. + $machine->succeed("echo -n -e '\\xff\\xff\\xff\\xffgetchallenge' | socat - UDP4-DATAGRAM:127.0.0.1:27960 | grep -q challengeResponse"); + ''; +})