Squad.nix
Go to file
Price Hiller 4334ac281a
fix: allow server configs to writeable by service user
This allows secrets to be correctly written to the files
2023-12-19 04:01:23 -06:00
modules fix: allow server configs to writeable by service user 2023-12-19 04:01:23 -06:00
flake.lock Initial Commit 2023-12-18 09:37:50 -06:00
flake.nix fix: ensure squad server module is correctly imported for nixosModules 2023-12-18 10:20:56 -06:00
LICENSE chore: add LICENSE 2023-12-18 09:41:34 -06:00
README.org docs: update README to reflect modified path for squad nixos module 2023-12-18 12:01:23 -06:00

Squad.nix

NixOS flake for standing up multiple Squad Servers on NixOS.

Installation to a NixOS Flake Config

{
  inputs.squad-nix.url = "github:AsgardEternal/Squad.nix";

  outputs = { self, nixpkgs, squad-nix, ... }: {
    nixosConfigurations.exampleHost = nixpkgs.lib.nixosSystem {
      system = "x86_64-linux";
      modules = [
        # ...
        squad-nix.nixosModules.server
      ]
    };
  }
}

Example Server Configuration

services.squad-server = {
  servers."[ASG] Asgard Eternal | New Player Friendly" = {
    enable = true;
    openFirewall = true;
    config = {
      layerRotation = [
        "Gorodok_Invasion_v3"
        "Gorodok_RAAS_v12"
        "Harju_RAAS_v6"
        "Manicouagan_Invasion_v2"
        "Manicouagan_Invasion_v2"
        "Yehorivka_RAAS_v13"
        "Mestia_Invasion_v2"
      ];
      admins = {
        Admin = {
          comment = "Admin Group";
          accessLevels = [
            "changemap"
            "pause"
            "balance"
            "chat"
            "kick"
            "ban"
            "cameraman"
            "teamchange"
            "forceteamchange"
            "canseeadminchat"
            "reserve"
            "config"
            "cheat"
            "featuretest"
          ];
          members = [
            {
              id = 76561199101367413;
              comment = "Atrocity";
            }
            {
              id = 76561198153769543;
              comment = "MaxRecon";
            }
            # ...
         ];
        };
      };
    };
  };
};

All settings can be viewed within the Squad Server Module.

Defaults

By default this module does not attempt to increment the in use ports for each server defined. It is expected that each server has its ports defined via gamePort, rconPort, queryPort, and beaconPort if more than one server is defined.

The default configuration largely follows the default settings that Squad installs its configs as, but there may be options that do not closely follow defaults or shouldn't be modified. One such example is map voting. This is due to the lack of functionality for the feature, or due to the option not being permitted in Licensed servers.

This module attempts to closely follow licensed server configuration requirements.

Security

Preference all passwordFile options over the generic password option if possible (or equivalents, such as license.file instead of license.content). Using non file options for secrets can expose your secrets in the Nix store.

By default all secrets are loaded via Systemd Credentials (systemd.systemd-credentials(7)).

Purpose of this Repository

As part of a migration in Asgard Eternal's infrastructure, we're shifting our primary operating system to NixOS. This module was created separately to support that initiative.

Interested in joining up with a community to play Squad? Join Asgard Eternal's Discord.