diff --git a/bert/README.md b/bert/README.md index a09d035..5fc22b6 100644 --- a/bert/README.md +++ b/bert/README.md @@ -5,12 +5,7 @@ 3. Deploy updated config with `make` 4. Set up [Remote Disk Unlocking](https://nixos.wiki/wiki/Remote_disk_unlocking) 1. mkdir -p /etc/secrets/initrd && ssh-keygen -N "" -f /etc/secrets/initrd/ssh_host_25519_key -5. Deploy content: - - websites in /srv - - factorio world at /var/lib/factorio/saves/default.zip - - git/forgejo in /var/lib/forgejo - - navidrome -6. Set up Grafana users (log in with default admin/admin; change creds; configure) +5. Deploy content to web services # Notes on Caddy Until 2.8 is released with 24.11, Caddy has a pretty limited sense of what diff --git a/bert/services/forgejo.nix b/bert/services/forgejo.nix index ae2f8f8..9d7d619 100644 --- a/bert/services/forgejo.nix +++ b/bert/services/forgejo.nix @@ -13,10 +13,6 @@ HTTP_PORT = 3001; LANDING_PAGE = "/chandlerswift"; }; - repository = { - ENABLE_PUSH_CREATE_USER = true; - ENABLE_PUSH_CREATE_ORG = true; - }; service.DISABLE_REGISTRATION = true; }; }; diff --git a/bert/services/http/harborpaperco.com.nix b/bert/services/http/harborpaperco.com.nix deleted file mode 100644 index 705b0b1..0000000 --- a/bert/services/http/harborpaperco.com.nix +++ /dev/null @@ -1,22 +0,0 @@ - -{ - services.caddy.virtualHosts."harborpaperco.com" = { - serverAliases = ["www.harborpaperco.com"]; - extraConfig = '' - encode zstd gzip - file_server - root * /srv/www/harborpaperco.com - ''; - }; - # services.caddy.virtualHosts."pureserendipityweddings.com" = { - # serverAliases = ["www.pureserendipityweddings.com"]; - # extraConfig = '' - # redir https://harborpaperco.com - # ''; - # }; - systemd.tmpfiles.settings."10-harborpaperco-com" = { - "/srv/www/harborpaperco.com" = { - d = {}; - }; - }; -} diff --git a/bert/services/http/index.nix b/bert/services/http/index.nix index 4420666..3054875 100644 --- a/bert/services/http/index.nix +++ b/bert/services/http/index.nix @@ -2,7 +2,6 @@ imports = [ ./files.chandlerswift.com.nix ./git.chandlerswift.com.nix - ./harborpaperco.com.nix ./home.chandlerswift.com.nix ./katherineandchandler.com.nix ./maps.chandlerswift.com.nix diff --git a/bigbird/Makefile b/bigbird/Makefile deleted file mode 100644 index 93d66e6..0000000 --- a/bigbird/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# https://stackoverflow.com/a/23324703 -current_dir:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST)))) - -.PHONY: remote-deploy -remote-deploy: - rsync -av $(current_dir)/ root@bigbird:config/ - ssh root@bigbird nixos-rebuild switch --fast -I nixos-config=/root/config/configuration.nix - -## This probably doesn't work, since architectures are different? -# .PHONY: deploy -# deploy: -# nixos-rebuild switch --fast -I nixos-config=./configuration.nix --build-host root@animal.chandlerswift.com --target-host root@animal.chandlerswift.com - -.PHONY: remote-deploy-upgrade -remote-deploy-upgrade: - rsync -avz $(current_dir)/ root@animal.chandlerswift.com:config/ - ssh root@animal.chandlerswift.com nixos-rebuild switch --upgrade-all --fast -I nixos-config=/root/config/configuration.nix - -# TODO: build an SD card? -#sd-image: -# nix-build '' diff --git a/bigbird/README.md b/bigbird/README.md deleted file mode 100644 index 0ccdd49..0000000 --- a/bigbird/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# `bigbird`: ODROID HC4 NAS - -## SD card notes -Many SD cards I attempted would boot fine but then fail to reset on reboot. -Some preliminary research suggests that this may be a kernel issue, but I'm not -entirely sure at this point. For now, I took the easy way out: Just keep trying -SD cards until one works! Thankfully, it seems to be reliable that an SD card -works either 100% or 0% of the time. Currently using a 32GB Microcenter cheapo, -in place of the nicer 128GB ones I was planning on instead. diff --git a/bigbird/configuration.nix b/bigbird/configuration.nix deleted file mode 100644 index e60b61e..0000000 --- a/bigbird/configuration.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - imports = - [ # Include the results of the hardware scan. - # - ./hardware-configuration.nix - ./kathe.nix - ./smb.nix - ]; - - # Use the extlinux boot loader. (NixOS wants to enable GRUB by default) - boot.loader.grub.enable = false; - # Enables the generation of /boot/extlinux/extlinux.conf - boot.loader.generic-extlinux-compatible.enable = true; - - networking.hostName = "bigbird"; # Define your hostname. - networking.networkmanager.enable = true; - - # Enable ZFS: https://openzfs.github.io/openzfs-docs/Getting%20Started/NixOS/index.html - boot.supportedFilesystems = [ "zfs" ]; - boot.zfs.forceImportRoot = false; - boot.zfs.extraPools = [ "nas" ]; - - services.zfs.autoScrub.enable = true; # Current scan takes ~12h, runs monthly (I spend 2% of the time doing scans? lol) - - networking.hostId = "66abd088"; # `openssl rand -hex 4` - - time.timeZone = "America/Chicago"; - - i18n.defaultLocale = "en_US.UTF-8"; - - environment.systemPackages = with pkgs; [ - vim - rsync - ]; - - services.openssh.enable = true; - services.openssh.settings.PasswordAuthentication = false; - users.users.root.openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEhPyyqS3BGYor3zLbjc8hZuhem3mS8TNmvWogXcnz/b chandler@chandlerswift.com'' ]; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "24.05"; # Did you read the comment? -} diff --git a/bigbird/hardware-configuration.nix b/bigbird/hardware-configuration.nix deleted file mode 100644 index 3fc409f..0000000 --- a/bigbird/hardware-configuration.nix +++ /dev/null @@ -1,31 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888"; - fsType = "ext4"; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.end0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; -} diff --git a/bigbird/kathe.nix b/bigbird/kathe.nix deleted file mode 100644 index a98f3ad..0000000 --- a/bigbird/kathe.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - users.users.kathe = { - isNormalUser = true; - description = "Käthe Swift"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMJFkFEKuT9v9B9ynAf5QfLZF54jWhzEnQIeW2kQWKJ+ kathe.t.swift@gmail.com" - ]; - packages = with pkgs; [ - # - ]; - }; -} diff --git a/bigbird/smb.nix b/bigbird/smb.nix deleted file mode 100644 index 59fe09d..0000000 --- a/bigbird/smb.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ - services.samba = { - enable = true; - securityType = "user"; - openFirewall = true; - ## Switch to structured config with NixOS 24.11 - # settings = { - # global = { - # "workgroup" = "WORKGROUP"; - # "hosts allow" = "192.168."; - # "hosts deny" = "0.0.0.0/0"; - # "guest account" = "nobody"; - # "map to guest" = "bad user"; - # }; - # "public" = { - # "path" = "/nas/chandler/Public"; - # "browseable" = "yes"; - # "read only" = "yes"; - # "guest ok" = "yes"; # aka "public = yes" - # }; - # # "private" = { - # # "path" = "/mnt/Shares/Private"; - # # "browseable" = "yes"; - # # "read only" = "no"; - # # "guest ok" = "no"; - # # "create mask" = "0644"; - # # "directory mask" = "0755"; - # # "force user" = "username"; - # # "force group" = "groupname"; - # # }; - # }; - extraConfig = '' - workgroup = WORKGROUP - hosts allow = 192.168. - hosts deny = 0.0.0.0/0 - guest account = nobody - map to guest = bad user - ''; - shares = { - "public" = { - "path" = "/nas/chandler/public"; - "browseable" = "yes"; - "read only" = "yes"; - "guest ok" = "yes"; # aka "public = yes" - }; - }; - }; -}