summaryrefslogtreecommitdiffstats
path: root/lass/1systems/green
diff options
context:
space:
mode:
Diffstat (limited to 'lass/1systems/green')
-rw-r--r--lass/1systems/green/config.nix75
-rw-r--r--lass/1systems/green/physical.nix7
-rw-r--r--lass/1systems/green/source.nix6
3 files changed, 0 insertions, 88 deletions
diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix
deleted file mode 100644
index 81b8b909b..000000000
--- a/lass/1systems/green/config.nix
+++ /dev/null
@@ -1,75 +0,0 @@
-with import <stockholm/lib>;
-{ config, lib, pkgs, ... }:
-{
- imports = [
- <stockholm/lass>
- <stockholm/lass/2configs>
- <stockholm/lass/2configs/retiolum.nix>
- <stockholm/lass/2configs/exim-retiolum.nix>
- <stockholm/lass/2configs/mail.nix>
-
- <stockholm/lass/2configs/syncthing.nix>
- <stockholm/lass/2configs/sync/sync.nix>
- <stockholm/lass/2configs/sync/decsync.nix>
-
- <stockholm/lass/2configs/weechat.nix>
- <stockholm/lass/2configs/bitlbee.nix>
-
- <stockholm/lass/2configs/pass.nix>
-
- <stockholm/lass/2configs/git-brain.nix>
- <stockholm/lass/2configs/et-server.nix>
- <stockholm/lass/2configs/consul.nix>
-
- <stockholm/lass/2configs/atuin-server.nix>
- ];
-
- krebs.build.host = config.krebs.hosts.green;
-
- krebs.sync-containers3.inContainer = {
- enable = true;
- pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlUMf943qEQG64ob81p6dgoHq4jUjq7tSvmSdEOEU2y";
- };
-
- systemd.tmpfiles.rules = [
- "d /home/lass/.local/share 0700 lass users -"
- "d /home/lass/.local 0700 lass users -"
- "d /home/lass/.config 0700 lass users -"
-
- "d /var/state/lass_mail 0700 lass users -"
- "L+ /home/lass/Maildir - - - - ../../var/state/lass_mail"
-
- "d /var/state/lass_ssh 0700 lass users -"
- "L+ /home/lass/.ssh - - - - ../../var/state/lass_ssh"
- "d /var/state/lass_gpg 0700 lass users -"
- "L+ /home/lass/.gnupg - - - - ../../var/state/lass_gpg"
- "d /var/state/lass_sync 0700 lass users -"
- "L+ /home/lass/sync - - - - ../../var/state/lass_sync"
-
- "d /var/state/git 0700 git nogroup -"
- "L+ /var/lib/git - - - - ../../var/state/git"
- ];
-
- users.users.mainUser.openssh.authorizedKeys.keys = [
- config.krebs.users.lass-android.pubkey
- config.krebs.users.lass-tablet.pubkey
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKgpZwye6yavIs3gUIYvSi70spDa0apL2yHR0ASW74z8" # weechat ssh tunnel
- ];
-
- krebs.iptables.tables.nat.PREROUTING.rules = [
- { predicate = "-i eth0 -p tcp -m tcp --dport 22"; target = "ACCEPT"; }
- ];
-
- # workaround for ssh access from yubikey via android
- services.openssh.extraConfig = ''
- HostKeyAlgorithms +ssh-rsa
- PubkeyAcceptedAlgorithms +ssh-rsa
- '';
-
- services.dovecot2 = {
- enable = true;
- mailLocation = "maildir:~/Maildir";
- };
-
- networking.firewall.allowedTCPPorts = [ 143 ];
-}
diff --git a/lass/1systems/green/physical.nix b/lass/1systems/green/physical.nix
deleted file mode 100644
index 8577daf34..000000000
--- a/lass/1systems/green/physical.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- imports = [
- ./config.nix
- ];
- boot.isContainer = true;
- networking.useDHCP = true;
-}
diff --git a/lass/1systems/green/source.nix b/lass/1systems/green/source.nix
deleted file mode 100644
index 4acdb0c26..000000000
--- a/lass/1systems/green/source.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ lib, pkgs, test, ... }: let
- npkgs = lib.importJSON ../../../krebs/nixpkgs-unstable.json;
-in if test then {} else {
- nixpkgs.git.ref = lib.mkForce npkgs.rev;
- nixpkgs-unstable = lib.mkForce { file = "/var/empty"; };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 21:43:09 +0000