From df83c62e0c626a4b995f8b012b48377ce81b3606 Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 6 Dec 2024 14:04:04 +0200 Subject: [PATCH] Remove fulberg host --- SUMMARY.md | 1 - defaults/meta/hosts.json | 4 -- defaults/meta/network-physical.nix | 3 -- defaults/meta/network-virtual.nix | 9 ---- defaults/meta/network.md | 4 +- nixos-configurations/calanda/networking.nix | 22 --------- nixos-configurations/fulberg/README.md | 1 - .../fulberg/applications/default.nix | 1 - nixos-configurations/fulberg/backup.nix | 35 -------------- nixos-configurations/fulberg/default.nix | 22 --------- nixos-configurations/fulberg/filesystems.nix | 31 ------------ nixos-configurations/fulberg/networking.nix | 48 ------------------- nixos-configurations/fulberg/secrets.nix | 8 ---- .../lindberg-build/backup.nix | 1 - .../lindberg-nextcloud/secrets.nix | 2 +- nixos-configurations/lindberg/secrets.nix | 2 +- nixos-configurations/stompert/default.nix | 2 +- updates.md | 2 +- 18 files changed, 6 insertions(+), 192 deletions(-) delete mode 100644 nixos-configurations/fulberg/README.md delete mode 100644 nixos-configurations/fulberg/applications/default.nix delete mode 100644 nixos-configurations/fulberg/backup.nix delete mode 100644 nixos-configurations/fulberg/default.nix delete mode 100644 nixos-configurations/fulberg/filesystems.nix delete mode 100644 nixos-configurations/fulberg/networking.nix delete mode 100644 nixos-configurations/fulberg/secrets.nix diff --git a/SUMMARY.md b/SUMMARY.md index 0c7d4e6..f8742a5 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -27,7 +27,6 @@ - [calanda](nixos-configurations/calanda/README.md) - [cyprianspitz](nixos-configurations/cyprianspitz/README.md) -- [fulberg](nixos-configurations/fulberg/README.md) - [lindberg](nixos-configurations/lindberg/README.md) - [stompert](nixos-configurations/stompert/README.md) - [tierberg](nixos-configurations/tierberg/README.md) diff --git a/defaults/meta/hosts.json b/defaults/meta/hosts.json index 1befacf..8780258 100644 --- a/defaults/meta/hosts.json +++ b/defaults/meta/hosts.json @@ -1,8 +1,4 @@ { - "fulberg": { - "hostName": "fulberg", - "sshKey": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDCG9qqpUOJ2RsohIqhMuw3YZZSrnPqhf5ayh5y0Cq/I" - }, "calanda": { "hostName": "calanda", "sshKey": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdoOZcFFRXIqEWqUnwCk/kqP8DZw6/4omDefCT6aNN4" diff --git a/defaults/meta/network-physical.nix b/defaults/meta/network-physical.nix index 3f20460..69a4057 100644 --- a/defaults/meta/network-physical.nix +++ b/defaults/meta/network-physical.nix @@ -36,9 +36,6 @@ calanda = { v4.ip = "10.1.2.1"; }; - fulberg = { - v4.ip = "10.1.2.2"; - }; }; }; diff --git a/defaults/meta/network-virtual.nix b/defaults/meta/network-virtual.nix index f0b8b3d..6e1fdad 100644 --- a/defaults/meta/network-virtual.nix +++ b/defaults/meta/network-virtual.nix @@ -27,15 +27,6 @@ domain = "backplane.net.qo.is"; hosts = { - fulberg = { - v4.ip = "10.250.0.1"; - endpoint = { - fqdn = physical-network.plessur-ext.hosts.calanda.fqdn; - port = 51821; - }; - publicKey = "xcQOu+pp4ckNygcsLmJL1NmUzbbC+k3I7y+hJ9Ul4nk="; - persistentKeepalive = 25; - }; lindberg = { v4.ip = "10.250.0.2"; #endpoint = { # TODO: Port forwarding diff --git a/defaults/meta/network.md b/defaults/meta/network.md index 3015417..72e13ba 100644 --- a/defaults/meta/network.md +++ b/defaults/meta/network.md @@ -18,7 +18,7 @@ package "plessur.net.qo.is" { ] node calanda - node fulberg + node cyprianspitz cloud plessurnet [ LAN Plessur @@ -26,7 +26,7 @@ package "plessur.net.qo.is" { mediaconvchur - "enp4" calanda calanda "br0 (enp2, wlp1, wlp5)" --- plessurnet - calanda "enp4" -- "eno1" fulberg + plessurnet -- cyprianspitz } package "riedbach.net.qo.is" { diff --git a/nixos-configurations/calanda/networking.nix b/nixos-configurations/calanda/networking.nix index e909427..5aa0760 100644 --- a/nixos-configurations/calanda/networking.nix +++ b/nixos-configurations/calanda/networking.nix @@ -66,14 +66,6 @@ in # DMZ Portforwarding networking.nat.forwardPorts = let - fulbergPort = ( - proto: port: { - destination = "10.1.2.2:${toString port}"; - proto = proto; - sourcePort = port; - loopbackIPs = [ "85.195.200.253" ]; - } - ); cyprianspitzPort = ( proto: port: { destination = "10.1.1.11:${toString port}"; @@ -84,26 +76,12 @@ in ); in [ - { - destination = "10.1.2.2:22"; - proto = "tcp"; - sourcePort = 8022; - } - { - destination = "10.1.2.2:2222"; - proto = "tcp"; - sourcePort = 8222; - } { destination = "10.1.1.11:2222"; proto = "tcp"; sourcePort = 8223; } ] - ++ map (fulbergPort "udp") [ - 51820 - 51821 - ] ++ map (cyprianspitzPort "tcp") [ 80 443 diff --git a/nixos-configurations/fulberg/README.md b/nixos-configurations/fulberg/README.md deleted file mode 100644 index 2db184e..0000000 --- a/nixos-configurations/fulberg/README.md +++ /dev/null @@ -1 +0,0 @@ -# fulberg diff --git a/nixos-configurations/fulberg/applications/default.nix b/nixos-configurations/fulberg/applications/default.nix deleted file mode 100644 index c915eb0..0000000 --- a/nixos-configurations/fulberg/applications/default.nix +++ /dev/null @@ -1 +0,0 @@ -{ ... }: { } diff --git a/nixos-configurations/fulberg/backup.nix b/nixos-configurations/fulberg/backup.nix deleted file mode 100644 index e37c8e8..0000000 --- a/nixos-configurations/fulberg/backup.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ config, pkgs, ... }: -{ - - qois.backup-server = { - enable = true; - backupStorageRoot = "/mnt/nas/backup"; - }; - - services.borgbackup.repos = - let - backupRoot = "/mnt/nas/backup"; - hostBackupRoot = "${backupRoot}/hosts"; - dataBackupRoot = "${backupRoot}/data"; - in - { - "lindberg-nextcloud" = { - authorizedKeys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIpzfp9VqclbPJ42ZrkRpvjMSTeyq0qce03zCRXqIHMw backup@lindberg-nextcloud" - ]; - path = "${hostBackupRoot}/lindberg-nextcloud"; - }; - "lindberg-data" = { - authorizedKeys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGTmyoVONC12MgOodvzdPpZzLSVwpkC6zkf+Rg0W36gy backup-data@lindberg" - ]; - path = "${dataBackupRoot}/lindberg"; - }; - "lindberg-build-system" = { - authorizedKeys = [ - "ssh-ed25519 AAAATODOTODOTODONTE5AAAAIGTmyoVONC12MgOodvzdPpZzLSVwpkC6zkf+Rg0W36gy backup-system@lindberg-build" - ]; - path = "${dataBackupRoot}/lindberg-build-system"; - }; - }; -} diff --git a/nixos-configurations/fulberg/default.nix b/nixos-configurations/fulberg/default.nix deleted file mode 100644 index 4605b9d..0000000 --- a/nixos-configurations/fulberg/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, pkgs, ... }: -{ - - imports = [ - ../../defaults/base - ../../defaults/hardware/apu.nix - ../../defaults/meta - ./applications - ./backup.nix - ./filesystems.nix - ./networking.nix - ./secrets.nix - ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like fi:le locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? -} diff --git a/nixos-configurations/fulberg/filesystems.nix b/nixos-configurations/fulberg/filesystems.nix deleted file mode 100644 index 547cd79..0000000 --- a/nixos-configurations/fulberg/filesystems.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, pkgs, ... }: -{ - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/360a6bc9-fc4e-4803-bd53-69320ac32ac5"; - fsType = "btrfs"; - options = [ - "defaults" - "subvol=nixos" - "noatime" - ]; - }; - "/mnt/nas" = { - device = "10.1.1.39:/qois"; - fsType = "nfs"; - options = [ - "defaults" - "noatime" - "soft" - ]; - }; - }; - - swapDevices = [ { device = "/dev/disk/by-uuid/73f91e99-d856-4504-b6b2-d60f855d6d95"; } ]; - - boot.loader.grub = { - enable = true; - device = "/dev/sda"; - }; -} diff --git a/nixos-configurations/fulberg/networking.nix b/nixos-configurations/fulberg/networking.nix deleted file mode 100644 index 125539d..0000000 --- a/nixos-configurations/fulberg/networking.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ config, pkgs, ... }: -let - meta = config.qois.meta; - plessur-dmz-net = meta.network.physical.plessur-dmz; - getCalandaIp4 = net: net.hosts.calanda.v4.ip; -in -{ - networking.hostName = meta.hosts.fulberg.hostName; - - imports = [ ../../defaults/backplane-net ]; - - # WWAN is currently not available due to a broken SIM-card. - #services.qois.wwan = { - # enable = true; - # apn = "gprs.swisscom.ch"; - # networkInterface = "wwp0s19u1u3i12"; - #}; - - networking.interfaces.enp1s0 = { - useDHCP = false; - ipv4.addresses = [ - { - inherit (plessur-dmz-net.v4) prefixLength; - address = plessur-dmz-net.hosts.fulberg.v4.ip; - } - ]; - }; - - networking.defaultGateway = plessur-dmz-net.v4.gateway; - networking.nameservers = plessur-dmz-net.v4.nameservers; - - # Configure this node to be used as an vpn exit node - qois.backup-client.includePaths = [ "/var/lib/tailscale" ]; - services.tailscale = { - enable = true; - openFirewall = true; - useRoutingFeatures = "server"; - authKeyFile = config.sops.secrets."tailscale/key".path; - extraUpFlags = [ - "--login-server=https://vpn.qo.is" - "--advertise-exit-node" - ( - with meta.network.virtual.backplane.v4; "--advertise-routes=${id}/${builtins.toString prefixLength}" - ) - "--advertise-tags=tag:srv" - ]; - }; -} diff --git a/nixos-configurations/fulberg/secrets.nix b/nixos-configurations/fulberg/secrets.nix deleted file mode 100644 index b7aa8fe..0000000 --- a/nixos-configurations/fulberg/secrets.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ ... }: -{ - sops.secrets = { - "tailscale/key" = { - restartUnits = [ "tailscale.service" ]; - }; - }; -} diff --git a/nixos-configurations/lindberg-build/backup.nix b/nixos-configurations/lindberg-build/backup.nix index 287f4ad..493171d 100644 --- a/nixos-configurations/lindberg-build/backup.nix +++ b/nixos-configurations/lindberg-build/backup.nix @@ -3,7 +3,6 @@ let vnet = config.qois.meta.network.virtual.backplane.hosts; systemTargets = [ - "fulberg" "tierberg" ]; systemJobs = builtins.listToAttrs ( diff --git a/nixos-configurations/lindberg-nextcloud/secrets.nix b/nixos-configurations/lindberg-nextcloud/secrets.nix index 3fa2f78..8327b13 100644 --- a/nixos-configurations/lindberg-nextcloud/secrets.nix +++ b/nixos-configurations/lindberg-nextcloud/secrets.nix @@ -2,7 +2,7 @@ let backupConfiguration = { restartUnits = [ - "borgbackup-job-system-fulberg.service" + "borgbackup-job-system-cyprianspitz.service" "borgbackup-job-system-tierberg.service" ]; }; diff --git a/nixos-configurations/lindberg/secrets.nix b/nixos-configurations/lindberg/secrets.nix index b9121f7..27905c3 100644 --- a/nixos-configurations/lindberg/secrets.nix +++ b/nixos-configurations/lindberg/secrets.nix @@ -2,7 +2,7 @@ let backupConfiguration = { restartUnits = [ - "borgbackup-job-data-fulberg.service" + "borgbackup-job-data-cyprianspitz.service" "borgbackup-job-data-tierberg.service" ]; }; diff --git a/nixos-configurations/stompert/default.nix b/nixos-configurations/stompert/default.nix index e4cb9a4..d1855d2 100644 --- a/nixos-configurations/stompert/default.nix +++ b/nixos-configurations/stompert/default.nix @@ -59,5 +59,5 @@ # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. - system.stateVersion = "22.11"; # Did you read the comment? + system.stateVersion = "24.11"; # Did you read the comment? } diff --git a/updates.md b/updates.md index 0f7994c..5d7a6e3 100644 --- a/updates.md +++ b/updates.md @@ -28,7 +28,7 @@ deploy-qois .#lindberg-nextcloud .#lindberg-build deploy-qois .#lindberg # Deploy slow physical hosts (maybe do individually) -deploy-qois --confirm-timeout 600 --activation-timeout 600 --targets .#fulberg .#tierberg .#stompert .#stompert +deploy-qois --confirm-timeout 600 --activation-timeout 600 --targets .#tierberg .#stompert .#stompert ```