diff --git a/SUMMARY.md b/SUMMARY.md index f8742a5..498cc39 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -29,5 +29,4 @@ - [cyprianspitz](nixos-configurations/cyprianspitz/README.md) - [lindberg](nixos-configurations/lindberg/README.md) - [stompert](nixos-configurations/stompert/README.md) -- [tierberg](nixos-configurations/tierberg/README.md) diff --git a/defaults/meta/hosts.json b/defaults/meta/hosts.json index 8780258..8ae54a3 100644 --- a/defaults/meta/hosts.json +++ b/defaults/meta/hosts.json @@ -22,10 +22,6 @@ "batzberg": { "hostName": "batzberg" }, - "tierberg": { - "hostName": "tierberg", - "sshKey": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJS2v0mUDJsNr1DHdgjxEQRnoVaEmExFfvHqpvagYLi6" - }, "stompert": { "hostName": "stompert", "sshKey": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKuqMPLbREFIrYcmReaRoHdz1TatpvlrZN14L6cikia" diff --git a/defaults/meta/network-physical.nix b/defaults/meta/network-physical.nix index 972476d..f3e7806 100644 --- a/defaults/meta/network-physical.nix +++ b/defaults/meta/network-physical.nix @@ -91,9 +91,6 @@ }; domain = "lattenbach-lan.net.qo.is"; hosts = { - tierberg = { - v4.ip = "10.0.0.60"; - }; }; }; diff --git a/defaults/meta/network-virtual.nix b/defaults/meta/network-virtual.nix index d69be2b..f8ed2e3 100644 --- a/defaults/meta/network-virtual.nix +++ b/defaults/meta/network-virtual.nix @@ -41,11 +41,6 @@ publicKey = "6XGL4QKB8AMpm/VGcTgWqk9RiSws7DmY5TpIDkXbwlg="; persistentKeepalive = 25; }; - tierberg = { - v4.ip = "10.250.0.4"; - publicKey = "51j1l+pT9W61wx4y2KyUb1seLdCHs3FUKAjmrHBFz1w="; - persistentKeepalive = 25; - }; stompert = { v4.ip = "10.250.0.5"; publicKey = "CHTjQbmN9WhbRCxKgowxpMx4c5Zu0NDk0rRXEvuB3XA="; diff --git a/nixos-configurations/lindberg-build/backup.nix b/nixos-configurations/lindberg-build/backup.nix deleted file mode 100644 index 493171d..0000000 --- a/nixos-configurations/lindberg-build/backup.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, pkgs, ... }: - -let - vnet = config.qois.meta.network.virtual.backplane.hosts; - systemTargets = [ - "tierberg" - ]; - systemJobs = builtins.listToAttrs ( - map (backupHost: { - name = "system-${backupHost}"; - value = { - repo = "borg@${vnet.${backupHost}.v4.ip}:."; - environment.BORG_RSH = "ssh -i /secrets/backup/system/ssh-key"; - - paths = [ - "/etc" - "/home" - "/var" - "/secrets" - ]; - exclude = [ - "/var/tmp" - "/var/cache" - "/var/lib/atticd" - "/var/cache/nginx/nixpkgs-cache" - ]; - - doInit = false; - encryption = { - mode = "repokey"; - passCommand = "cat /secrets/backup/system/password"; - }; - - startAt = "07:06"; - persistentTimer = true; - }; - }) systemTargets - ); -in -{ - services.borgbackup.jobs = systemJobs; -} diff --git a/nixos-configurations/lindberg-build/default.nix b/nixos-configurations/lindberg-build/default.nix index f5b4bfd..1cbfd2f 100644 --- a/nixos-configurations/lindberg-build/default.nix +++ b/nixos-configurations/lindberg-build/default.nix @@ -6,7 +6,6 @@ ../../defaults/meta ./applications - ./backup.nix ./disko-config.nix ./networking.nix ./secrets.nix diff --git a/nixos-configurations/lindberg-nextcloud/secrets.nix b/nixos-configurations/lindberg-nextcloud/secrets.nix index 8327b13..4171609 100644 --- a/nixos-configurations/lindberg-nextcloud/secrets.nix +++ b/nixos-configurations/lindberg-nextcloud/secrets.nix @@ -3,7 +3,6 @@ let backupConfiguration = { restartUnits = [ "borgbackup-job-system-cyprianspitz.service" - "borgbackup-job-system-tierberg.service" ]; }; in diff --git a/nixos-configurations/lindberg/secrets.nix b/nixos-configurations/lindberg/secrets.nix index 27905c3..0df28fa 100644 --- a/nixos-configurations/lindberg/secrets.nix +++ b/nixos-configurations/lindberg/secrets.nix @@ -3,7 +3,6 @@ let backupConfiguration = { restartUnits = [ "borgbackup-job-data-cyprianspitz.service" - "borgbackup-job-data-tierberg.service" ]; }; in diff --git a/nixos-configurations/tierberg/README.md b/nixos-configurations/tierberg/README.md deleted file mode 100644 index e3a2232..0000000 --- a/nixos-configurations/tierberg/README.md +++ /dev/null @@ -1,9 +0,0 @@ -Access via `tierberg.coredump-ext.net.qo.is` `:51022` (SSH) and `:51023` (SSH-LUKS) - -## Operations - -Reboot requires passphrase (see pass `host/tierberg/hdd_luks) - -```bash -ssh -p 51023 root@tierberg.coredump-ext.net.qo.is -``` diff --git a/nixos-configurations/tierberg/backup.nix b/nixos-configurations/tierberg/backup.nix deleted file mode 100644 index 0a6dbca..0000000 --- a/nixos-configurations/tierberg/backup.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ config, pkgs, ... }: -{ - - qois.backup-server = { - enable = true; - backupStorageRoot = "/mnt/nas-backup-qois"; - }; - - services.borgbackup.repos = - let - backupRoot = "/mnt/nas-backup-qois"; - hostBackupRoot = "${backupRoot}/hosts"; - dataBackupRoot = "${backupRoot}/data"; - in - { - "lindberg-nextcloud" = { - authorizedKeys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIpzfp9VqclbPJ42ZrkRpvjMSTeyq0qce03zCRXqIHMw backup@lindberg-nextcloud" - ]; - path = "${hostBackupRoot}/lindberg-nextcloud"; - }; - "lindberg-data" = { - authorizedKeys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGTmyoVONC12MgOodvzdPpZzLSVwpkC6zkf+Rg0W36gy backup-data@lindberg" - ]; - path = "${dataBackupRoot}/lindberg-data"; - }; - "lindberg-build-system" = { - authorizedKeys = [ - "ssh-ed25519 AAAATODOTODOTODOTODOAAAAIGTmyoVONC12MgOodvzdPpZzLSVwpkC6zkf+Rg0W36gy backup-system@lindberg-build" - ]; - path = "${dataBackupRoot}/lindberg-build-system"; - }; - }; -} diff --git a/nixos-configurations/tierberg/default.nix b/nixos-configurations/tierberg/default.nix deleted file mode 100644 index 1058b24..0000000 --- a/nixos-configurations/tierberg/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ./networking.nix - ./filesystems.nix - ./backup.nix - - ../../defaults/hardware/apu1.nix - # wle600: Not used currently - - ../../defaults/base - ../../defaults/meta - ]; - - # Set your time zone. - # time.timeZone = "Europe/Amsterdam"; - - # This value determines the NixOS release with which your system is to be - # compatible, in order to avoid breaking some software such as database - # servers. You should change this only after NixOS release notes say you - # should. - system.stateVersion = "24.11"; # Did you read the comment? -} diff --git a/nixos-configurations/tierberg/filesystems.nix b/nixos-configurations/tierberg/filesystems.nix deleted file mode 100644 index 9e74fa1..0000000 --- a/nixos-configurations/tierberg/filesystems.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, pkgs, ... }: -{ - - boot.initrd.luks.devices = { - "system".device = "/dev/disk/by-uuid/ac7f7ef2-280d-4b9f-8150-a6f11ecec1df"; - "swap".device = "/dev/disk/by-uuid/6ce21585-6813-46d0-9a98-ebcfa507bdb0"; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/c775e380-b15f-499b-94f2-8caa27e6e0ff"; - fsType = "btrfs"; - options = [ - "defaults" - "subvol=nixos" - "noatime" - ]; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/0b22a6bc-0721-49d6-9e66-1f8d9258f47b"; - fsType = "ext4"; - }; - "/mnt/nas-backup-qois" = { - device = "192.168.254.1:/raid0/data/_NAS_NFS_Exports_/backup-qois"; - fsType = "nfs"; - options = [ - "defaults" - "noatime" - "soft" - "vers=3" - ]; - }; - "/mnt/nas-backup-coredump" = { - device = "192.168.254.1:/raid0/data/_NAS_NFS_Exports_/backup-qois"; - fsType = "nfs"; - options = [ - "defaults" - "noatime" - "soft" - "vers=3" - ]; - }; - }; - - swapDevices = [ { device = "/dev/disk/by-uuid/e91f9aba-1e59-4d41-a772-f11d4314dc19"; } ]; - - boot.loader.grub = { - enable = true; - device = "/dev/sda"; - }; -} diff --git a/nixos-configurations/tierberg/networking.nix b/nixos-configurations/tierberg/networking.nix deleted file mode 100644 index e80eb9d..0000000 --- a/nixos-configurations/tierberg/networking.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, pkgs, ... }: - -let - meta = config.qois.meta; - lattenbach-nas-net = meta.network.physical.lattenbach-nas; -in -{ - networking.hostName = meta.hosts.tierberg.hostName; - - networking.enableIPv6 = false; # TODO - - networking.useDHCP = false; - networking.interfaces.enp1s0.useDHCP = true; - networking.interfaces.enp2s0.ipv4.addresses = [ - { - inherit (lattenbach-nas-net.v4) prefixLength; - address = lattenbach-nas-net.hosts.tierberg.v4.ip; - } - ]; - networking.interfaces.enp3s0.useDHCP = true; - - qois.backplane-net.enable = true; - - services.qois.luks-ssh = { - enable = true; - interface = "eth0"; - sshPort = 2222; - }; -} diff --git a/private b/private index 1d096ec..18d3b3b 160000 --- a/private +++ b/private @@ -1 +1 @@ -Subproject commit 1d096ecce6a9b722dbdc70515375ec6798958c23 +Subproject commit 18d3b3b703a6139b9ebd5ec64311717cf2a6f9bc diff --git a/updates.md b/updates.md index 5d7a6e3..09373c1 100644 --- a/updates.md +++ b/updates.md @@ -28,7 +28,7 @@ deploy-qois .#lindberg-nextcloud .#lindberg-build deploy-qois .#lindberg # Deploy slow physical hosts (maybe do individually) -deploy-qois --confirm-timeout 600 --activation-timeout 600 --targets .#tierberg .#stompert .#stompert +deploy-qois --confirm-timeout 600 --activation-timeout 600 --targets .#stompert .#stompert ```