{ config, pkgs, ... }: let foundry-vtt = pkgs.callPackage ../pkgs/foundry-vtt {}; cids = import ../modules/staticids.nix; hostConfig = config; in { users.users.foundry-vtt = { isSystemUser = true; uid = cids.uids.foundry-vtt; home = "/var/lib/foundry-vtt"; group = "foundry-vtt"; createHome = true; }; users.groups.foundry-vtt = { gid = cids.gids.foundry-vtt; }; containers.foundry-vtt = { autoStart = true; ephemeral = true; privateNetwork = true; hostBridge = "server"; hostAddress = "${hostConfig.networkPrefix}.97.1"; localAddress = "${hostConfig.networkPrefix}.97.21/24"; bindMounts = { "/var/lib/foundry-vtt" = { hostPath = "/var/lib/foundry-vtt"; isReadOnly = false; }; }; config = { lib, config, pkgs, ... }: { networking = { hostName = "foundry-vtt"; useHostResolvConf = false; defaultGateway = { address = "${hostConfig.networkPrefix}.96.1"; interface = "eth0"; }; nameservers = [ "${hostConfig.networkPrefix}.97.1" ]; }; systemd.services.foundry-vtt = { description = "Foundry VTT Server"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; environment = { NODE_ENV = "production"; }; serviceConfig = { ExecStart = "${pkgs.nodejs}/bin/node ${foundry-vtt}/share/foundry-vtt/resources/app/main.js --dataPath=${config.users.users.foundry-vtt.home}"; Restart = "always"; User = "foundry-vtt"; WorkingDirectory = "${config.users.users.foundry-vtt.home}"; }; }; users.users.foundry-vtt = { isSystemUser = true; uid = cids.uids.foundry-vtt; home = "/var/lib/foundry-vtt"; group = "foundry-vtt"; }; users.groups.foundry-vtt = { gid = cids.gids.foundry-vtt; }; networking.firewall = { enable = true; allowedTCPPorts = [ 30000 ]; }; system.stateVersion = "24.05"; }; }; }