diff options
author | Franck Cuny <franck@fcuny.net> | 2023-12-08 09:00:57 -0800 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2023-12-08 09:00:57 -0800 |
commit | 7ff5c2e346a8efeba0c27f473271d8298a1266c2 (patch) | |
tree | a536441a137be3d6122b4d8a247db76f9cd8d12a /hosts/tahoe | |
parent | build(deps): bump cachix/install-nix-action from 23 to 24 (diff) | |
download | world-7ff5c2e346a8efeba0c27f473271d8298a1266c2.tar.gz |
delete configuration for old machines
These machines are gone, no need to keep the configuration around.
Diffstat (limited to 'hosts/tahoe')
-rw-r--r-- | hosts/tahoe/boot.nix | 30 | ||||
-rw-r--r-- | hosts/tahoe/default.nix | 73 | ||||
-rw-r--r-- | hosts/tahoe/hardware.nix | 58 | ||||
-rw-r--r-- | hosts/tahoe/home.nix | 8 | ||||
-rw-r--r-- | hosts/tahoe/secrets/acme/credentials.age | 11 | ||||
-rw-r--r-- | hosts/tahoe/secrets/acme/gcp_service_account.json.age | bin | 2795 -> 0 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/gandi/apikey.age | 11 | ||||
-rw-r--r-- | hosts/tahoe/secrets/restic/repo-systems.age | 14 | ||||
-rw-r--r-- | hosts/tahoe/secrets/rsync.net/ssh-key.age | bin | 906 -> 0 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/secrets.nix | 38 | ||||
-rw-r--r-- | hosts/tahoe/secrets/sendsms/config.age | 12 | ||||
-rw-r--r-- | hosts/tahoe/secrets/syncthing/cert.age | bin | 1325 -> 0 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/syncthing/key.age | 14 | ||||
-rw-r--r-- | hosts/tahoe/secrets/unifi/unifi-poller.age | bin | 430 -> 0 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/wireguard_privatekey.age | 12 | ||||
-rw-r--r-- | hosts/tahoe/services.nix | 21 |
16 files changed, 0 insertions, 302 deletions
diff --git a/hosts/tahoe/boot.nix b/hosts/tahoe/boot.nix deleted file mode 100644 index 89bd672..0000000 --- a/hosts/tahoe/boot.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, ... }: - -{ - boot = { - kernelParams = [ - # get an IP address on boot, so we can unlock the root disk remotely - "ip=dhcp" - # rotate the screen 90 degree counter clockwise - "fbcon=rotate:1" - ]; - initrd = { - # driver for the NIC, required in order to get an IP address - kernelModules = [ "r8169" ]; - network = { - enable = true; - postCommands = '' - echo "cryptsetup-askpass; exit" > /root/.profile - ''; - ssh = { - enable = true; - port = 2222; - hostKeys = - [ /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_rsa_key ]; - authorizedKeys = - config.users.users.fcuny.openssh.authorizedKeys.keys; - }; - }; - }; - }; -} diff --git a/hosts/tahoe/default.nix b/hosts/tahoe/default.nix deleted file mode 100644 index 0f955f9..0000000 --- a/hosts/tahoe/default.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ config, pkgs, hostname, lib, self, ... }: -let - secrets = config.age.secrets; -in -{ - imports = [ - ./boot.nix - ./hardware.nix - ./services.nix - "${self}/profiles/btrfs.nix" - "${self}/profiles/nas.nix" - "${self}/profiles/acme.nix" - "${self}/profiles/nginx.nix" - "${self}/profiles/samba.nix" - "${self}/profiles/backup.nix" - "${self}/profiles/git-server.nix" - "${self}/profiles/music-server.nix" - "${self}/profiles/hardware/amd.nix" - "${self}/profiles/monitoring/exporter.nix" - ]; - - # Use systemd-networkd for networking - systemd.network.enable = true; - systemd.network.networks.enp42s0 = { - matchConfig.Name = "enp42s0"; - networkConfig.DHCP = "yes"; - dhcpV4Config = { - UseDNS = "yes"; - UseDomains = "yes"; - }; - }; - - systemd.network.networks.enp33s0f1 = { - matchConfig.Name = "enp33s0f1"; - networkConfig.DHCP = "yes"; - dhcpV4Config = { - UseDNS = "yes"; - UseDomains = "yes"; - }; - }; - - networking.useNetworkd = true; - networking.useDHCP = false; - networking.firewall.enable = false; - networking.private-wireguard.enable = true; - - services.nscd.enable = false; - system.nssModules = lib.mkForce [ ]; - - my.services.backup = { - enable = true; - repository = "/data/slow/backups/hosts/${config.networking.hostName}"; - timerConfig = { OnCalendar = "00:15"; }; - passwordFile = secrets."restic/repo-systems".path; - paths = - [ - "/data/fast/music" - "/data/fast/photos" - "/home/fcuny/documents" - "/home/fcuny/workspace" - "/home/fcuny/media" - ]; - exclude = [ ]; - }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? -} diff --git a/hosts/tahoe/hardware.nix b/hosts/tahoe/hardware.nix deleted file mode 100644 index 5f14ab6..0000000 --- a/hosts/tahoe/hardware.nix +++ /dev/null @@ -1,58 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/128c2a5e-48f6-4d94-b196-fb5db500b36d"; - fsType = "btrfs"; - options = [ "subvol=nixos" ]; - }; - - boot.initrd.luks.devices."system".allowDiscards = true; - boot.initrd.luks.devices."system".device = - "/dev/disk/by-uuid/0d11e090-d88f-4313-8a41-8ef52eea0870"; - - fileSystems."/home" = { - device = "/dev/disk/by-uuid/128c2a5e-48f6-4d94-b196-fb5db500b36d"; - fsType = "btrfs"; - options = [ "subvol=home" ]; - }; - - fileSystems."/.snapshots" = { - device = "/dev/disk/by-uuid/128c2a5e-48f6-4d94-b196-fb5db500b36d"; - fsType = "btrfs"; - options = [ "subvol=snapshots" ]; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/CBB9-B788"; - fsType = "vfat"; - }; - - fileSystems."/data/fast" = { - device = "/dev/disk/by-uuid/b9290b55-8ff6-4bd0-843d-a9e6f7a4df59"; - fsType = "btrfs"; - }; - - boot.initrd.luks.devices."raid-fast".device = - "/dev/disk/by-id/md-name-nixos:fast"; - - fileSystems."/data/slow" = { - device = "/dev/disk/by-uuid/0f16db51-0ee7-48d8-9e48-653b85ecbf0a"; - fsType = "btrfs"; - }; - - boot.initrd.luks.devices."raid-slow".device = - "/dev/disk/by-id/md-name-nixos:slow"; - - swapDevices = - [{ device = "/dev/disk/by-uuid/0f54b5ab-4fca-4c5a-a9eb-622553145163"; }]; -} diff --git a/hosts/tahoe/home.nix b/hosts/tahoe/home.nix deleted file mode 100644 index 9177e59..0000000 --- a/hosts/tahoe/home.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ pkgs, self, ... }: - -{ - imports = [ - "${self}/home/profiles/home.nix" - "${self}/home/profiles/nas.nix" - ]; -} diff --git a/hosts/tahoe/secrets/acme/credentials.age b/hosts/tahoe/secrets/acme/credentials.age deleted file mode 100644 index 62f2d8e..0000000 --- a/hosts/tahoe/secrets/acme/credentials.age +++ /dev/null @@ -1,11 +0,0 @@ -age-encryption.org/v1 --> X25519 I1SRmXG3GfJFAaDuRFGBemlt2hgJZXgZVPcde35p9wU -2A2DJQAtKk6oKMA0vVkyYI0+xgrXAQs5iwlCTeWONNM --> X25519 ynhAKOCdwDX+vGmQZeHiUNsXWBg44ngl15kONGIgIBs -RKIKJ+1bRdHcGt2dItang021tvwMtlyYYj/ho49tsao --> X25519 7HjxRbuBB4JzR0OGOd6oWG4NOz33NkbgI/dOQAwxoTs -a1mIT+Eoxcxr5Za0t3E85y983qCRUKRR/Df/m0qDp6M --> *.ZS)?-grease # s5)@_oL -Px5WZ6pr5T9P+HQLBfThzAneTtDKEMxOUQ ---- M3B2AdTnZ6Cv9CG2IknMfUgonbYzhVQNCFPJUbvUfk8 -j/tnjPׇ!yOZ+>o'yAK1F<4%R4BQ JN[>SNBDcVScc:1@4OxÊLB \ No newline at end of file diff --git a/hosts/tahoe/secrets/acme/gcp_service_account.json.age b/hosts/tahoe/secrets/acme/gcp_service_account.json.age deleted file mode 100644 index 861220a..0000000 --- a/hosts/tahoe/secrets/acme/gcp_service_account.json.age +++ /dev/null Binary files differdiff --git a/hosts/tahoe/secrets/gandi/apikey.age b/hosts/tahoe/secrets/gandi/apikey.age deleted file mode 100644 index 3f35522..0000000 --- a/hosts/tahoe/secrets/gandi/apikey.age +++ /dev/null @@ -1,11 +0,0 @@ -age-encryption.org/v1 --> X25519 jMYhTKmWi5riTgT9QQVOlzlIegqM1MI2QtJbOonsL2E -bM9xqcJc41bKs0as9lIQQQGZhB5cmaZtO1fHCsrMR9M --> X25519 3xMvuIuRGXBp/gbv+aZpjkp6wLw6hyRAqBIe/Pf+Szo -2X45mDvLNcDOntT4JgZUFHpnlShm3UYv7gCpHGaj4Fo --> X25519 xemfO0+4pS8WG/7QoIIqULZ/xN+C0l+LbBgv4QIdcQU -VfoMT93/3hTZdPo4ALCaEZrIO3bHhsoxCwf6DyXPwvI --> s06@-grease .@\9Og@9 7yCI nS'`(65/ -W1seHOnAnPFF8BB6uqQKv8JwpmoNCU93i06VtxuuHiaeGrlXNPiF0ikD/mysdA ---- dpDFFk5ZPUwQZp96fpS85eZCVELD4GB1uwl/8ev5moA -⇼?Zu>x3d[sLٵ)|[z1#cѨ3BHLw҂]$. \ No newline at end of file diff --git a/hosts/tahoe/secrets/restic/repo-systems.age b/hosts/tahoe/secrets/restic/repo-systems.age deleted file mode 100644 index e3e975e..0000000 --- a/hosts/tahoe/secrets/restic/repo-systems.age +++ /dev/null @@ -1,14 +0,0 @@ -age-encryption.org/v1 --> X25519 9ic8vm8qcpzWoqMDi6eN1dIM8v8ENzdrU9ef/hYptgo -vRrH93V+KVEfjWcZGTO4jvuE9vItKs2JC0LoXmEo5J0 --> X25519 oKF2qEVOVa1FvaiAmm+8poCTM6TCNkAkKlu9LjdnPQY -sJAs8bVoJKWyO1doUkY7Ppky3Q8u3JMP99Pcwtcwrk8 --> X25519 5jPqZeXJPZVD6YEkF/JuLyZDc1z6dOfkNTXV6w1R62M -fZKW+cqYJBAcA2H0mDGsKFaAMbdHe8p7hF+y1IjobVs --> /-grease zG>:_b -rUaFTPq15hon1gmx7J0IGytSHoqQceYGL2XB6h00RdWZuanXZI1F2hWbEvgWFIqB -xXxPJ4Le ---- wrrYjOQ0i4YtHfNs2g594CFVLTAKfMRJCptxZ12YkYM ->襝%@xV1sJ`'C -6/b֖xVؠW( -,8 \ No newline at end of file diff --git a/hosts/tahoe/secrets/rsync.net/ssh-key.age b/hosts/tahoe/secrets/rsync.net/ssh-key.age deleted file mode 100644 index d7c721a..0000000 --- a/hosts/tahoe/secrets/rsync.net/ssh-key.age +++ /dev/null Binary files differdiff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix deleted file mode 100644 index d8283fe..0000000 --- a/hosts/tahoe/secrets/secrets.nix +++ /dev/null @@ -1,38 +0,0 @@ -let - root = "age1nxwgdy3p9fft0zsae440wyulknf5rk82s0wnxssrpxu4nezysa4qexcvpl"; - fcuny = "age1keyvdhpspgqp4g5zjthdphau5q5qlt6fs0ex0wqnve66dmup9pzqn4sakj"; - backup = "age1fh4960rdrk4d7m4c5lwd3trvw9ylk09dvucj2gd2udy7d5cz2a0svcqws6"; - all = [ root fcuny backup ]; -in -{ - "wireguard_privatekey.age".publicKeys = all; - - "acme/credentials.age".publicKeys = all; - "acme/gcp_service_account.json.age" = { - publicKeys = all; - owner = "acme"; - }; - - "syncthing/key.age" = { - publicKeys = all; - owner = "fcuny"; - }; - - "syncthing/cert.age" = { - publicKeys = all; - owner = "fcuny"; - }; - - "unifi/unifi-poller.age" = { - publicKeys = all; - owner = "unpoller-exporter"; - }; - - "gandi/apikey.age" = { - publicKeys = all; - owner = "acme"; - }; - - "restic/repo-systems.age".publicKeys = all; - "rsync.net/ssh-key.age".publicKeys = all; -} diff --git a/hosts/tahoe/secrets/sendsms/config.age b/hosts/tahoe/secrets/sendsms/config.age deleted file mode 100644 index ecc0845..0000000 --- a/hosts/tahoe/secrets/sendsms/config.age +++ /dev/null @@ -1,12 +0,0 @@ -age-encryption.org/v1 --> X25519 Zjg3+y6mTEnsr8yCDyLBk+Z6QlSzHey7zndDYTaMfG4 -iXuA53MwZevEyGaYXQU1tzh14A5YCKpA2yJjFNggkOA --> X25519 FIxTPWtuK2265U+tv/lxypDny+WqPTYlbAcv9FXrzjg -0Xj8azxb+63MyopqX/cedwsvtFNeQdoyhUmiUjZiK40 --> X25519 ev4WoBl4Jot56FFz/8D+sVThLVE2x2ZN41WVWESP0yk -vPW/CPecXPoYy9DrbhHkg030TCspZlRyK3x8vHcK5JI --> a-grease if{suxQ- 9Ls &_~KF%= -dkuZH7Yp/LW7XONo9KhJ1RLUVUgH0IrIs/+6y6RfIxUTqQcMU2o ---- ddHv1vU3hd13grUfTVlbut4JBRt1RVT2oU6HXKlOBDU -~Tk<$U;$k俸Bg̘h ʐ -~[x(74TpݿUu%7RkPt.¡=iUHg K!jCl U6ax<t3>8ҋeaE#o?yV8u,yH6<i>=m \*f(m2R'B8[p(q \ No newline at end of file diff --git a/hosts/tahoe/secrets/syncthing/cert.age b/hosts/tahoe/secrets/syncthing/cert.age deleted file mode 100644 index cbc59bd..0000000 --- a/hosts/tahoe/secrets/syncthing/cert.age +++ /dev/null Binary files differdiff --git a/hosts/tahoe/secrets/syncthing/key.age b/hosts/tahoe/secrets/syncthing/key.age deleted file mode 100644 index d8f21e1..0000000 --- a/hosts/tahoe/secrets/syncthing/key.age +++ /dev/null @@ -1,14 +0,0 @@ -age-encryption.org/v1 --> X25519 Y52YsCYjJDZKhCIu+7kTs6jxJjwW6m84yTFX58jyt34 -4GHnB54xrAVyU0oxZhl+wnL296HA4AXPmMRzuZmOGkA --> X25519 vKd7jTrBShvHFFY67+xooWxDtmNYbc2Fh2G/cYV0tmo -CWBEcJTVuHZy9tSIcq7RSQKhvEmcJr6CT1T36e2//D0 --> X25519 tq3r1Zdz7QJdHjE8ly9Uzw54jkAyq63D6iw2JXpUDWk -ktxqJh7S1kH47G77mUB31IKrY8eHpW9huRVOoxPPOd4 --> -pi[:-grease zVwevS -mO8 ---- EBzdJICAmJmFzQ1pqU1eyGLBBcYc4DMqAgxJq25/hzg -SW Eo96GcC -?}d`:֟tu왾xRvmS:0Ŷa^zS -J`{o oUtfTA,tLߐsOCyPg5O4(R ;`qksnT_d3AG[lAϪifsa ҙEVsPr:bṆoƺ3pɪ(:.Lc}46<m*trM l>VV!: --rG$YM7X}ljrL4zb24z \ No newline at end of file diff --git a/hosts/tahoe/secrets/unifi/unifi-poller.age b/hosts/tahoe/secrets/unifi/unifi-poller.age deleted file mode 100644 index 0bba247..0000000 --- a/hosts/tahoe/secrets/unifi/unifi-poller.age +++ /dev/null Binary files differdiff --git a/hosts/tahoe/secrets/wireguard_privatekey.age b/hosts/tahoe/secrets/wireguard_privatekey.age deleted file mode 100644 index f08c7aa..0000000 --- a/hosts/tahoe/secrets/wireguard_privatekey.age +++ /dev/null @@ -1,12 +0,0 @@ -age-encryption.org/v1 --> X25519 eyw1uK0XuDb6Iaq8pY4VUQNbEKSmj2JltoXIlqUWsn8 -ZzfbNdgoYIvWSeLNyUoitEFvueZiPlYUrsLJzGlUp30 --> X25519 WcbSf4EMR2Bhn1lkkvGlb6NFG3vdVp/KOSO7m4dLRAc -3rNJ7W5idYYpNr1pavUeGtfT30whV+b2htBjQSE3jlc --> X25519 v5INWoeE7B+cdBuOWGkJ6qITX4O0cuLPEZjFV7JpEXE -D9sbaowN+HsnjVW3qyLiO2XeXudFT0BlFtUAaz1oWxE --> x-grease x -CQMrW2t0tVTjuvj+otbdZS/sxUGHDqDoyMVyAkVYhOfpxm8lZCVVlwXPhe6HEufB -oSG6QFkJ8BrPIKn2XA ---- /XVESiNkDBYD0NYoXQhomrWbAC7RufQusQ9lAj8Jgzs -$?i1-*W<9i)thXK9XsE#PX$ 8QqfFozqgr^} \ No newline at end of file diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix deleted file mode 100644 index 1159cb1..0000000 --- a/hosts/tahoe/services.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ self, config, ... }: -let secrets = config.age.secrets; -in -{ - # this unit is broken and useless. I don't know how to not install - # it, so let's mask it. - systemd.services.mdmonitor.enable = false; - - my.services = { - monitoring = { - prometheus = { - enable = true; - listenAddress = "192.168.6.40"; - }; - grafana = { - enable = true; - vhostName = "dash.${config.homelab.domain}"; - }; - }; - }; -} |