bert/README.md

@@ -1,20 +1,13 @@
-# `bert`
+# Installation
-
-## Installation
 1. Install NixOS minimal
 2. `ssh-keygen -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key`
 2. Enable SSH server and add root SSH key
 3. Deploy updated config with `make`
 4. Set up [Remote Disk Unlocking](https://nixos.wiki/wiki/Remote_disk_unlocking)
    1. mkdir -p /etc/secrets/initrd && ssh-keygen -N "" -f /etc/secrets/initrd/ssh_host_25519_key
-5. Deploy content:
+5. Deploy content to web services
-   - websites in /srv
-   - factorio world at /var/lib/factorio/saves/default.zip
-   - git/forgejo in /var/lib/forgejo
-   - navidrome DB/etc in /var/lib/navidrome
-6. Set up Grafana users (log in with default admin/admin; change creds; configure)
 
-## Notes on Caddy
+# Notes on Caddy
 Until 2.8 is released with 24.11, Caddy has a pretty limited sense of what
 content-types should be compressed:
 

bert/configuration.nix

@@ -58,14 +58,6 @@
   services.openssh.settings.PasswordAuthentication = false;
   users.users.root.openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEhPyyqS3BGYor3zLbjc8hZuhem3mS8TNmvWogXcnz/b chandler@chandlerswift.com'' ];
 
-  users.users.isaac = {
-    isNormalUser = true;
-    description = "Isaac Swift";
-    openssh.authorizedKeys.keys = [
-      # TODO
-    ];
-  };
-
   networking.firewall.allowedTCPPorts = [
     80 # Caddy
     443 # Caddy

bert/services/http/index.nix

@@ -5,11 +5,9 @@
     ./git.chandlerswift.com.nix
     ./harborpaperco.com.nix
     ./home.chandlerswift.com.nix
-    ./isaacswift.com.nix
     ./katherineandchandler.com.nix
     ./maps.chandlerswift.com.nix
     ./music.chandlerswift.com.nix
-    ./preview.chandlerswift.com.nix
     ./stjohnscccc.org.nix
     ./swiftgang.net.nix
   ];

bert/services/http/isaacswift.com.nix

@@ -1,23 +0,0 @@
-
-{
-  services.caddy.virtualHosts."isaacswift.com" = {
-    serverAliases = ["www.isaacswift.com"];
-    extraConfig = ''
-      encode zstd gzip
-      file_server
-      root * /srv/www/isaacswift.com
-      # hide .git # ???
-
-      handle_errors {
-        respond "{err.status_code} {err.status_text}"
-      }
-    '';
-  };
-  systemd.tmpfiles.settings."10-isaacswift-com" = {
-    "/srv/www/isaacswift.com" = {
-      d = {
-        user = "isaac";
-      };
-    };
-  };
-}

bert/services/http/preview.chandlerswift.com.nix

@@ -1,9 +0,0 @@
-{config, ...}: {
-  services.caddy.virtualHosts."preview.chandlerswift.com".extraConfig = ''
-    reverse_proxy oscar:4000
-
-    handle_errors {
-      respond "{err.status_code} {err.status_text}"
-    }
-  '';
-}

bigbird/Makefile

@@ -1,20 +1,20 @@
 # https://stackoverflow.com/a/23324703
 current_dir:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
 
-.PHONY: deploy
+.PHONY: remote-deploy
-deploy:
+remote-deploy:
 	rsync -av $(current_dir)/ root@bigbird:config/
 	ssh root@bigbird nixos-rebuild switch --fast -I nixos-config=/root/config/configuration.nix
 
 ## This probably doesn't work, since architectures are different?
-# .PHONY: local-build-deploy
+# .PHONY: deploy
-# local-build-deploy:
+# deploy:
 # 	nixos-rebuild switch --fast -I nixos-config=./configuration.nix --build-host root@animal.chandlerswift.com --target-host root@animal.chandlerswift.com
 
-.PHONY: deploy-upgrade
+.PHONY: remote-deploy-upgrade
-deploy-upgrade:
+remote-deploy-upgrade:
-	rsync -avz $(current_dir)/ root@bigbird:config/
+	rsync -avz $(current_dir)/ root@animal.chandlerswift.com:config/
-	ssh root@bigbird nixos-rebuild switch --upgrade-all --fast -I nixos-config=/root/config/configuration.nix
+	ssh root@animal.chandlerswift.com nixos-rebuild switch --upgrade-all --fast -I nixos-config=/root/config/configuration.nix
 
 # TODO: build an SD card?
 #sd-image:

bigbird/configuration.nix

@@ -14,6 +14,7 @@
   boot.loader.generic-extlinux-compatible.enable = true;
 
   networking.hostName = "bigbird"; # Define your hostname.
+  networking.networkmanager.enable = true;
 
   # Enable ZFS: https://openzfs.github.io/openzfs-docs/Getting%20Started/NixOS/index.html
   boot.supportedFilesystems = [ "zfs" ];

bigbird/kathe.nix

@@ -1,4 +1,4 @@
-{pkgs, ...}: {
+{
   users.users.kathe = {
     isNormalUser = true;
     description = "Käthe Swift";

oscar/configuration.nix

@@ -119,8 +119,7 @@
   # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users.chandler.isNormalUser = true;
   users.users.chandler.description = "Chandler Swift";
-  users.users.chandler.extraGroups = [ "networkmanager" "wheel" "dialout" "cdrom" "plugdev" ];
+  users.users.chandler.extraGroups = [ "networkmanager" "wheel" "dialout" "cdrom" ];
-  home-manager.backupFileExtension = "backup";
   home-manager.users.chandler = { pkgs, ... }: {
 
     nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
@@ -134,13 +133,11 @@
       freecad
       frescobaldi
       gimp
-      gnome-sound-recorder
       josm
       kate
       kicad
       libreoffice-qt
       prismlauncher
-      prusa-slicer
       qgis
 
       # command line applications
@@ -152,7 +149,6 @@
       alsa-utils
       dig
       file
-      git-absorb
       killall
       pv
       wl-clipboard
@@ -205,7 +201,6 @@
         url."https://aur.archlinux.org/".insteadOf = "aur:";
         url."ssh://aur@aur.archlinux.org/".pushInsteadOf = "aur:";
         url."ssh://git@github.com/ChandlerSwift/".insteadOf = "gh:";
-        url."ssh://forgejo@bert/chandlerswift/".insteadOf = "forgejo:";
         push.autoSetupRemote = true;
         rebase.autosquash = true;
         rebase.autostash = true;