From 9b622e6e3eb77e26afbfe8bc145fdd0021ad66d5 Mon Sep 17 00:00:00 2001
From: Paul Brinkmeier <hallo@pbrinkmeier.de>
Date: Sat, 18 Nov 2023 13:44:10 +0100
Subject: [PATCH] Number of fixes

Package IONOS-DynDNS repository

Fix spigot-server's ExecStop

Enable Firewall but allow port 25565
---
 nix/gilgamesh/configuration.nix | 14 ++++++----
 nix/gilgamesh/deploy.sh         |  2 +-
 nix/gilgamesh/spigot.nix        | 46 ++++++++++++++++++++++++++-------
 nix/packages/ionos-dyndns.nix   | 29 +++++++++++++++++++++
 nix/packages/spigot-server.nix  |  1 -
 5 files changed, 76 insertions(+), 16 deletions(-)
 create mode 100644 nix/packages/ionos-dyndns.nix

diff --git a/nix/gilgamesh/configuration.nix b/nix/gilgamesh/configuration.nix
index 6807c90..897ba8b 100644
--- a/nix/gilgamesh/configuration.nix
+++ b/nix/gilgamesh/configuration.nix
@@ -55,6 +55,9 @@
   # $ nix search wget
   environment.systemPackages = with pkgs; [
     vim
+    tmux
+    bottom
+    (pkgs.callPackage ../packages/ionos-dyndns.nix {})
   ];
 
   # List services that you want to enable:
@@ -78,14 +81,15 @@
     enable = true;
   };
 
-  # TODO: ddclient + a nice domain
+  # DynDNS stuff. IONOS has a (proprietary?) API for this,
+  # so we're using a Python script from the interwebs :shrug:
+  # TODO: Config using agenix
 
   # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
+  networking.firewall.allowedTCPPorts = [ 25565 ];
+  networking.firewall.allowedUDPPorts = [ 25565 ];
   # Or disable the firewall altogether.
-  # TODO: Only enable minecraft outside
-  networking.firewall.enable = false;
+  # networking.firewall.enable = false;
 
   # TODO: Backups
 
diff --git a/nix/gilgamesh/deploy.sh b/nix/gilgamesh/deploy.sh
index a3c7a07..e909f38 100755
--- a/nix/gilgamesh/deploy.sh
+++ b/nix/gilgamesh/deploy.sh
@@ -1,3 +1,3 @@
 #!/usr/bin/env bash
 
-nixos-rebuild -I nixos-config=configuration.nix --target-host 192.168.0.206 --use-remote-sudo switch
+nixos-rebuild -I nixos-config=configuration.nix --target-host gilgamesh --use-remote-sudo switch
diff --git a/nix/gilgamesh/spigot.nix b/nix/gilgamesh/spigot.nix
index 511677e..8ba8eca 100644
--- a/nix/gilgamesh/spigot.nix
+++ b/nix/gilgamesh/spigot.nix
@@ -1,6 +1,7 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
+  ionos-dyndns = pkgs.callPackage ../packages/ionos-dyndns.nix {};
   spigot-server = pkgs.callPackage ../packages/spigot-server.nix {};
   cfg = config.services.spigot;
   name = "spigot";
@@ -39,16 +40,43 @@ in {
       };
     };
 
-    systemd.services.spigot-server = rec {
-      description = "Spigot Minecraft server";
-      wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" ];
-      serviceConfig = {
-        User = "${cfg.user}";
+    systemd = {
+      services.spigot-server = {
+        description = "Spigot Minecraft server";
+        wantedBy = [ "multi-user.target" ];
+        after = [ "network.target" ];
+        serviceConfig = {
+          User = "${cfg.user}";
 
-        inherit StateDirectory;
-        WorkingDirectory = "/var/lib/${StateDirectory}";
-        ExecStart = "${spigot-server}/bin/spigot-server";
+          Sockets = "spigot-server.socket";
+          StandardInput = "socket";
+          StandardOutput = "journal";
+          StandardError = "journal";
+
+          inherit StateDirectory;
+          WorkingDirectory = "/var/lib/${StateDirectory}";
+          ExecStart = "${spigot-server}/bin/spigot-server -nogui";
+          ExecStop = [
+            "${pkgs.bash}/bin/bash -c '${pkgs.coreutils}/bin/echo save-all > /run/spigot-server.stdin'"
+            "${pkgs.bash}/bin/bash -c '${pkgs.coreutils}/bin/echo stop > /run/spigot-server.stdin'"
+            # Wait for the main process to exit
+            # If we don't do this systemd tries to nudge Java to stop, causing a race condition
+            # that leads to an ungraceful shutdown
+            "${pkgs.coreutils}/bin/echo \"Waiting for \${MAINPID} to exit...\""
+            "${pkgs.bash}/bin/bash -c 'while ${pkgs.coreutils}/bin/kill -s 0 $MAINPID 2>/dev/null; do sleep 0.5; done'"
+          ];
+        };
+      };
+
+      sockets.spigot-server = {
+        description = "Spigot Minecraft server socket for commands and stuff";
+        unitConfig = {
+          # Automatically start and stop socket along with the service
+          PartOf = "spigot-server.service";
+        };
+        socketConfig = {
+          ListenFIFO = "/run/spigot-server.stdin";
+        };
       };
     };
   };
diff --git a/nix/packages/ionos-dyndns.nix b/nix/packages/ionos-dyndns.nix
new file mode 100644
index 0000000..8a540dd
--- /dev/null
+++ b/nix/packages/ionos-dyndns.nix
@@ -0,0 +1,29 @@
+{
+  fetchFromGitHub,
+  makeWrapper,
+  stdenv,
+  # Runtime Dependencies
+  python3
+}:
+let
+  pythonWithDeps = python3.withPackages (p: [p.requests]);
+in stdenv.mkDerivation rec {
+  pname = "ionos-dyndns";
+  # Packaging time, not commit time
+  version = "20231118";
+  src = fetchFromGitHub {
+    owner = "lazaroblanc";
+    repo = "IONOS-DynDNS";
+    rev = "6c090ab928ce8d6eaa28b09614995b036ad60027";
+    hash = "sha256-rabDuKuPvzcMltnCSvc5kDjcDhv7sXxbDLWw3/hdSmk=";
+  };
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  buildCommand = ''
+    install -Dm755 $src/ionos_dyndns.py $out/lib/ionos_dyndns.py
+
+    makeWrapper ${pythonWithDeps}/bin/python3 $out/bin/ionos-dyndns \
+      --add-flags $out/lib/ionos_dyndns.py
+  '';
+}
diff --git a/nix/packages/spigot-server.nix b/nix/packages/spigot-server.nix
index 5bf7708..830919f 100644
--- a/nix/packages/spigot-server.nix
+++ b/nix/packages/spigot-server.nix
@@ -18,7 +18,6 @@ in stdenv.mkDerivation rec {
   buildCommand = ''
     install -Dm644 $src $out/lib/spigot-${version}.jar
 
-    mkdir -p $out/bin
     makeWrapper ${jre}/bin/java $out/bin/spigot-server \
       --argv0 spigot-server \
       --add-flags "${javaFlags}" \