From d5239805a0b90ac18ce9bf716553e010019e930b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 13 Dec 2023 12:08:18 +0100 Subject: [PATCH] hosts: remove poseidon --- flake.nix | 9 --- hosts/poseidon/default.nix | 84 ----------------------- hosts/poseidon/hardware-configuration.nix | 45 ------------ hosts/poseidon/home.nix | 5 -- hosts/poseidon/secrets.nix | 27 -------- modules/secrets/secrets.nix | 7 +- poseidon.nix | 23 ------- 7 files changed, 2 insertions(+), 198 deletions(-) delete mode 100644 hosts/poseidon/default.nix delete mode 100644 hosts/poseidon/hardware-configuration.nix delete mode 100644 hosts/poseidon/home.nix delete mode 100644 hosts/poseidon/secrets.nix delete mode 100644 poseidon.nix diff --git a/flake.nix b/flake.nix index 600b12c..9c829c1 100644 --- a/flake.nix +++ b/flake.nix @@ -105,15 +105,6 @@ ] ++ (nixpkgs.lib.attrValues self.nixosModules); in { - poseidon = nixpkgs.lib.nixosSystem rec { - inherit system; - modules = - [ - ./poseidon.nix - ] - ++ sharedModules; - }; - hades = nixpkgs.lib.nixosSystem rec { inherit system; modules = diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix deleted file mode 100644 index 83c7069..0000000 --- a/hosts/poseidon/default.nix +++ /dev/null @@ -1,84 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). -{ - config, - lib, - pkgs, - ... -}: let - secrets = config.my.secrets; -in { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - - ./home.nix - ./secrets.nix - ]; - - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only - - boot.supportedFilesystems = ["btrfs"]; - - services.btrfs = { - autoScrub = { - enable = true; - fileSystems = ["/"]; - }; - }; - - networking.hostName = "poseidon"; # Define your hostname. - networking.domain = "alarsyo.net"; - - # Set your time zone. - time.timeZone = "Europe/Paris"; - - # The global useDHCP flag is deprecated, therefore explicitly set to false here. - # Per-interface useDHCP will be mandatory in the future, so this generated config - # replicates the default behaviour. - networking.useDHCP = false; - networking.interfaces.eno1.ipv4.addresses = [ - { - address = "163.172.11.110"; - prefixLength = 24; - } - ]; - networking.defaultGateway = { - address = "163.172.11.1"; - interface = "eno1"; - }; - networking.nameservers = [ - "62.210.16.6" - "62.210.16.7" - ]; - my.networking.externalInterface = "eno1"; - - my.services = { - restic-backup = { - enable = true; - repo = "b2:poseidon-backup"; - passwordFile = config.age.secrets."restic-backup/poseidon-password".path; - environmentFile = config.age.secrets."restic-backup/poseidon-credentials".path; - }; - - fail2ban = { - enable = true; - }; - - tailscale = { - enable = true; - exitNode = true; - }; - }; - - services = { - openssh.enable = true; - vnstat.enable = true; - }; - - # Takes a long while to build - documentation.nixos.enable = false; -} diff --git a/hosts/poseidon/hardware-configuration.nix b/hosts/poseidon/hardware-configuration.nix deleted file mode 100644 index fd1d735..0000000 --- a/hosts/poseidon/hardware-configuration.nix +++ /dev/null @@ -1,45 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: let - inherit - (lib) - mkDefault - ; -in { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = ["ahci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/adcf0158-edfb-402f-82e7-61e4902af989"; - fsType = "btrfs"; - options = [ - "subvol=@nixos" - "compress=zstd" - "noatime" - ]; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/ff54b622-0e26-4c6e-aa0c-ac2c1e12699a"; - fsType = "ext4"; - }; - - swapDevices = [ - {device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc";} - ]; - - powerManagement.cpuFreqGovernor = mkDefault "ondemand"; -} diff --git a/hosts/poseidon/home.nix b/hosts/poseidon/home.nix deleted file mode 100644 index 3bb7dab..0000000 --- a/hosts/poseidon/home.nix +++ /dev/null @@ -1,5 +0,0 @@ -{config, ...}: { - home-manager.users.alarsyo = { - my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; - }; -} diff --git a/hosts/poseidon/secrets.nix b/hosts/poseidon/secrets.nix deleted file mode 100644 index 238e7ea..0000000 --- a/hosts/poseidon/secrets.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ - config, - lib, - options, - ... -}: { - config.age = { - secrets = let - toSecret = name: {...} @ attrs: - { - file = ./../../modules/secrets + "/${name}.age"; - } - // attrs; - in - lib.mapAttrs toSecret { - "gandi/api-key" = {}; - - "lohr/shared-secret" = {}; - - "restic-backup/poseidon-credentials" = {}; - "restic-backup/poseidon-password" = {}; - - "users/alarsyo-hashed-password" = {}; - "users/root-hashed-password" = {}; - }; - }; -} diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index cb0cb5e..28760e7 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -5,13 +5,12 @@ let boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal"; hades = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxw8CtKUPAiPdKDEnuS7UyRrZN5BkUwsy5UPVF8V+lt root@hades"; hephaestus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7Cp+n5+huof68QlAoJV8bVf5h5p9kEZFAVpltWopdL root@hephaestus"; - poseidon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYhZYMbWQG9TSQ2qze8GgFo2XrZzgu/GuSOGwenByJo root@poseidon"; - machines = [boreal hades hephaestus poseidon]; + machines = [boreal hades hephaestus]; all = users ++ machines; in { - "gandi/api-key.age".publicKeys = [alarsyo hades poseidon]; + "gandi/api-key.age".publicKeys = [alarsyo hades]; "lohr/shared-secret.age".publicKeys = [alarsyo hades]; @@ -34,8 +33,6 @@ in { "restic-backup/hades-credentials.age".publicKeys = [alarsyo hades]; "restic-backup/hephaestus-password.age".publicKeys = [alarsyo hephaestus]; "restic-backup/hephaestus-credentials.age".publicKeys = [alarsyo hephaestus]; - "restic-backup/poseidon-password.age".publicKeys = [alarsyo poseidon]; - "restic-backup/poseidon-credentials.age".publicKeys = [alarsyo poseidon]; "users/root-hashed-password.age".publicKeys = machines; "users/alarsyo-hashed-password.age".publicKeys = machines ++ [alarsyo]; diff --git a/poseidon.nix b/poseidon.nix deleted file mode 100644 index ecb36c6..0000000 --- a/poseidon.nix +++ /dev/null @@ -1,23 +0,0 @@ -{...}: { - imports = [ - # Default configuration - ./base - - # Module definitions - ./modules - - # Service definitions - ./services - - # Host-specific config - ./hosts/poseidon - ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "20.09"; # Did you read the comment? -}