From fd901ced4043bbb6af93649e63db282e69ff562a Mon Sep 17 00:00:00 2001 From: Julien Malka Date: Tue, 10 Sep 2024 14:27:52 +0200 Subject: [PATCH] chore: decomission lisa --- machines/lisa/default.nix | 72 ----------------------------------- machines/lisa/hardware.nix | 41 -------------------- machines/lisa/home-julien.nix | 22 ----------- 3 files changed, 135 deletions(-) delete mode 100644 machines/lisa/default.nix delete mode 100644 machines/lisa/hardware.nix delete mode 100644 machines/lisa/home-julien.nix diff --git a/machines/lisa/default.nix b/machines/lisa/default.nix deleted file mode 100644 index e8d00aa..0000000 --- a/machines/lisa/default.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ modulesPath, inputs, ... }: -{ - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ./hardware.nix - ./home-julien.nix - ]; - - machine.meta = { - arch = "x86_64-linux"; - nixpkgs_version = inputs.nixpkgs; - hm_version = inputs.home-manager; - ips = { - public.ipv4 = "212.129.40.11"; - vpn.ipv4 = "100.100.45.12"; - public.ipv6 = "2a01:e0a:5f9:9681:5880:c9ff:fe9f:3dfb"; - vpn.ipv6 = "fd7a:115c:a1e0::c"; - }; - - }; - - deployment.tags = [ "server" ]; - - services.fail2ban.enable = true; - - networking.hostId = "fbb334ae"; - - networking.useNetworkd = true; - systemd.network = { - enable = true; - - networks = { - "10-wan" = { - matchConfig.Name = "ens20"; - address = [ "212.129.40.11/32" ]; - routes = [ - { - routeConfig = { - Gateway = "212.129.40.11"; - Destination = "0.0.0.0/0"; - }; - } - ]; - linkConfig.RequiredForOnline = "routable"; - }; - "20-wan" = { - matchConfig.Name = "ens18"; - networkConfig.DHCP = "yes"; - linkConfig.RequiredForOnline = "routable"; - }; - }; - - }; - - services.openssh.extraConfig = '' - HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub - HostKey /etc/ssh/ssh_host_ed25519_key - TrustedUserCAKeys /etc/ssh/ssh_user_key.pub - MaxAuthTries 20 - ''; - - networking.firewall.allowedTCPPorts = [ - 51820 - 51821 - ]; - networking.firewall.allowedUDPPorts = [ - 51820 - 51821 - ]; - - system.stateVersion = "21.11"; -} diff --git a/machines/lisa/hardware.nix b/machines/lisa/hardware.nix deleted file mode 100644 index 8d1b79e..0000000 --- a/machines/lisa/hardware.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ pkgs, ... }: -{ - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; - boot.kernelPackages = pkgs.linuxPackages_5_15; - - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - fileSystems."/" = - { - device = "zroot/root"; - fsType = "zfs"; - }; - - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/4E38-3626"; - fsType = "vfat"; - }; - swapDevices = [ ]; - - - boot.initrd.network = { - enable = true; - ssh = { - enable = true; - port = 2222; - hostKeys = [ /boot/initrd-ssh-key ]; - }; - postCommands = '' - zpool import zroot - echo "zfs load-key -a; killall zfs" >> /root/.profile - ''; - }; - - - - -} diff --git a/machines/lisa/home-julien.nix b/machines/lisa/home-julien.nix deleted file mode 100644 index 3fa01cd..0000000 --- a/machines/lisa/home-julien.nix +++ /dev/null @@ -1,22 +0,0 @@ -_: { - - age.secrets.ssh-lisa-pub = { - file = ../../secrets/ssh-lisa-pub.age; - mode = "0644"; - owner = "julien"; - path = "/home/julien/.ssh/id_ed25519.pub"; - }; - - age.secrets.ssh-lisa-priv = { - file = ../../secrets/ssh-lisa-priv.age; - mode = "0600"; - owner = "julien"; - path = "/home/julien/.ssh/id_ed25519"; - }; - - luj.hmgr.julien = { - luj.programs.neovim.enable = true; - luj.programs.ssh-client.enable = true; - luj.programs.git.enable = true; - }; -}