home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit e5ff450b2dc79b3c6f61809e512c35fd4004e570
parent f820766d5db5586dab8611b057ef02ccea2301a0
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Tue, 26 Oct 2021 10:32:59 +0200

systems: remove foo and okinawa hosts…

… they do not exists anymore.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Dsystems/hosts/foo.nix | 101-------------------------------------------------------------------------------
Dsystems/hosts/okinawa.nix | 110-------------------------------------------------------------------------------
2 files changed, 0 insertions(+), 211 deletions(-)

diff --git a/systems/hosts/foo.nix b/systems/hosts/foo.nix @@ -1,101 +0,0 @@ -{ pkgs, lib, ... }: - -with lib; -let - hostname = "foo"; - secretPath = ../../secrets/machines.nix; - secretCondition = (builtins.pathExists secretPath); -in -{ - imports = [ - ../modules - (import ../../users).vincent - (import ....//users - ).root - ]; - - nix.maxJobs = 2; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/884a3d57-f652-49b2-9c8b-f6eebd5edbeb"; - fsType = "ext4"; - }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/C036-34B9"; - fsType = "vfat"; - }; - swapDevices = [{ device = "/dev/disk/by-uuid/e1833693-77ac-4d52-bcc7-54d082788639"; }]; - - networking = { - hostName = hostname; - }; - - profiles = { - home = true; - avahi.enable = true; - git.enable = true; - ssh.enable = true; - dev.enable = true; - yubikey.enable = true; - }; - - services.xserver.enable = true; - services.xserver.layout = "fr"; - services.xserver.xkbVariant = "bepo"; - services.xserver.xkbOptions = "grp:menu_toggle,grp_led:caps,compose:caps"; - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome3.enable = true; - services.gnome3.chrome-gnome-shell.enable = true; - services.gnome3.core-shell.enable = true; - services.gnome3.core-os-services.enable = true; - services.gnome3.core-utilities.enable = true; - - fonts = { - enableFontDir = true; - enableGhostscriptFonts = true; - fonts = with pkgs; [ - corefonts - dejavu_fonts - emojione - feh - fira - fira-code - fira-code-symbols - fira-mono - hasklig - inconsolata - iosevka - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - noto-fonts-extra - overpass - symbola - source-code-pro - twemoji-color-font - ubuntu_font_family - unifont - ]; - }; - /* - services.xserver.enable = true; - services.xserver.displayManager.xpra.enable = true; - services.xserver.displayManager.xpra.bindTcp = "0.0.0.0:10000"; - services.xserver.displayManager.xpra.pulseaudio = true; - */ - - virtualisation.containers = { - enable = true; - registries = { - search = [ "registry.fedoraproject.org" "registry.access.redhat.com" "registry.centos.org" "docker.io" "quay.io" ]; - }; - policy = { - default = [{ type = "insecureAcceptAnything"; }]; - transports = { - docker-daemon = { - "" = [{ type = "insecureAcceptAnything"; }]; - }; - }; - }; - }; -} diff --git a/systems/hosts/okinawa.nix b/systems/hosts/okinawa.nix @@ -1,110 +0,0 @@ -{ pkgs, lib, ... }: - -with lib; -let - hostname = "okinawa"; - secretPath = ../../secrets/machines.nix; - secretCondition = (builtins.pathExists secretPath); - - ip = strings.optionalString secretCondition (import secretPath).wireguard.ips."${hostname}"; - ips = lists.optionals secretCondition ([ "${ip}/24" ]); - endpointIP = strings.optionalString secretCondition (import secretPath).wg.endpointIP; - endpointPort = if secretCondition then (import secretPath).wg.listenPort else 0; - endpointPublicKey = strings.optionalString secretCondition (import secretPath).wireguard.kerkouane.publicKey; -in -{ - imports = [ - ../hardware/gigabyte-brix.nix - (import ../../nix).home-manager-stable - ../modules - (import ../../users).vincent - (import ../../users).root - ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/f10a12e7-d711-4bec-8246-a063de66589a"; - fsType = "ext4"; - options = [ "noatime" "discard" ]; - }; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/0cd32a1a-5eab-4cba-8c9c-de310645b8b1"; - fsType = "ext4"; - options = [ "noatime" "discard" ]; - }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/B89C-E217"; - fsType = "vfat"; - }; - fileSystems."/mnt/naha" = { - device = "/dev/disk/by-uuid/9e2c7dda-2469-4f28-8d64-b34a609e3136"; - fsType = "ext4"; - options = [ "noatime" ]; - }; - swapDevices = [{ device = "/dev/disk/by-uuid/de4449cb-a158-409f-9e22-32a7b2c98c86"; }]; - - networking = { - hostName = hostname; - firewall.enable = false; # we are in safe territory :D - bridges.br1.interfaces = [ "enp0s31f6" ]; - useDHCP = false; - interfaces.br1 = { - useDHCP = true; - }; - }; - - profiles = { - home = true; - avahi.enable = true; - ssh.enable = true; - syncthing.enable = true; - virtualization = { enable = true; nested = true; listenTCP = true; }; - }; - - services = { - bind = { - enable = true; - forwarders = [ "8.8.8.8" "8.8.4.4" ]; - cacheNetworks = [ "192.168.1.0/24" "127.0.0.0/8" "10.100.0.0/24" ]; - zones = [ - { - # home - name = "home"; - master = true; - slaves = [ ]; - file = pkgs.mkSecret ../../secrets/db.home; - } - { - # home.reverse - name = "192.168.1.in-addr.arpa"; - master = true; - slaves = [ ]; - file = pkgs.mkSecret ../../secrets/db.192.168.1; - } - { - # vpn - name = "vpn"; - master = true; - slaves = [ ]; - file = pkgs.mkSecret ../../secrets/db.vpn; - } - { - # vpn.reverse - name = "10.100.0.in-addr.arpa"; - master = true; - slaves = [ ]; - file = pkgs.mkSecret ../../secrets/db.10.100.0; - } - ]; - }; - syncthing.guiAddress = "0.0.0.0:8384"; - wireguard = { - enable = true; - ips = ips; - endpoint = endpointIP; - endpointPort = endpointPort; - endpointPublicKey = endpointPublicKey; - }; - }; - security.apparmor.enable = true; - security.pam.enableSSHAgentAuth = true; -}