From 5bf9572734025ddbe680c0c4978f72df5718ae4b Mon Sep 17 00:00:00 2001
From: EuAndreh <eu@euandre.org>
Date: Mon, 7 Mar 2022 19:12:06 -0300
Subject: Delete all old code and configuration to start from scratch with Guix
 only

Delete files related to:
- Terraform
- opt/*
- scripts/deploy
- secrets/*
- git-crypt
- Nix
---
 servers/active/nixvps/configuration.nix | 229 --------------------------------
 1 file changed, 229 deletions(-)
 delete mode 100644 servers/active/nixvps/configuration.nix

(limited to 'servers/active/nixvps/configuration.nix')

diff --git a/servers/active/nixvps/configuration.nix b/servers/active/nixvps/configuration.nix
deleted file mode 100644
index 4d793db..0000000
--- a/servers/active/nixvps/configuration.nix
+++ /dev/null
@@ -1,229 +0,0 @@
-{ config, pkgs, ... }:
-
-let
-  envsubstConfiguration =
-    pkgs.callPackage /opt/secrets/envsubst-configuration.nix { };
-  config = rec {
-    TLD = envsubstConfiguration.TLD;
-    cgitPort = "81";
-    openSSHPort = 23841;
-  };
-in {
-  imports = [
-    ./hardware-configuration.nix
-    (builtins.fetchTarball {
-      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/master/nixos-mailserver-master.tar.gz";
-    })
-  ];
-
-  boot.loader.grub = {
-    enable = true;
-    version = 2;
-    device = "/dev/vda";
-  };
-
-  networking = {
-    interfaces.ens3.useDHCP = true;
-  };
-
-  nix = {
-    gc = {
-      automatic = true;
-      options = "--delete-older-than 7d";
-    };
-    # min-free 1G
-    extraOptions = ''
-      min-free = ${toString (1024 * 1024 * 1024)}
-    '';
-  };
-
-  environment = {
-    systemPackages = let
-      c99 = pkgs.tinycc.overrideAttrs (oldAttrs: {
-        postInstall = ''
-          ln -s $out/bin/tcc $out/bin/c99
-        '';
-      });
-    in with pkgs; [ vim git gitAndTools.git-annex gnumake gnum4 c99 bpytop ];
-    shellAliases = { l = "ls -lahF"; };
-  };
-
-  networking.firewall.allowedTCPPorts = [
-    # SSH: OpenSSH
-    config.openSSHPort
-
-    # HTTP and HTPPS: NGINX
-    80
-    443
-
-    # Git daemon
-    9418
-  ];
-
-  security = {
-    acme = {
-      acceptTerms = true;
-      email = "eu@euandre.org";
-    };
-    sudo.enable = false;
-    doas = {
-      enable = true;
-      extraConfig = ''
-        permit nopass setenv { NIX_PATH } :wheel
-      '';
-    };
-  };
-
-  services = {
-    openssh = {
-      enable = true;
-      permitRootLogin = "no";
-      passwordAuthentication = false;
-      ports = [ config.openSSHPort ];
-    };
-
-    nginx = {
-      enable = true;
-      recommendedGzipSettings = true;
-      recommendedOptimisation = true;
-      recommendedProxySettings = true;
-      recommendedTlsSettings = true;
-      virtualHosts = {
-        "${config.TLD}" = {
-          forceSSL = true;
-          enableACME = true;
-          root = "/srv/http/";
-          extraConfig = ''
-            # Allow <script type="module" src="..."> 3rd-party HTML pages
-            add_header 'Access-Control-Allow-Origin' '*';
-            autoindex on;
-          '';
-        };
-        "git.${config.TLD}" = {
-          forceSSL = true;
-          enableACME = true;
-          extraConfig = ''
-            location = /favicon.ico {
-              alias ${pkgs.cgit}/cgit/favicon.ico;
-            }
-            location / {
-              # Allow <script type="module" src="..."> 3rd-party HTML pages
-              add_header 'Access-Control-Allow-Origin' '*';
-              proxy_pass http://localhost:${config.cgitPort};
-            }
-          '';
-        };
-      };
-    };
-
-    lighttpd = {
-      enable = true;
-      port = pkgs.lib.toInt config.cgitPort;
-      cgit = {
-        enable = true;
-        subdir = "";
-        configText = ''
-          enable-blame=1
-          enable-commit-graph=1
-          enable-follow-links=1
-          enable-index-owner=0
-          enable-log-filecount=1
-          enable-log-linecount=1
-          enable-html-serving=1
-          root-desc=Patches welcome!
-          readme=:README.en.md
-          readme=:README.md
-          readme=:README
-          max-repodesc-length=120
-          max-repo-count=999
-          remove-suffix=1
-          root-title=EuAndreh's repositories
-          snapshots=tar.xz
-          source-filter=${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py
-          about-filter=${pkgs.cgit}/lib/cgit/filters/about-formatting.sh
-          scan-path=/srv/http
-          mimetype.mjs=text/javascript
-        '';
-      };
-    };
-
-    gitDaemon = {
-      enable = true;
-      basePath = "/srv/http";
-      exportAll = true;
-    };
-
-    cron = {
-      enable = true;
-      systemCronJobs = [
-        "30 1 * * 1 root /opt/bin/gc.sh"
-        "30 0 * * * root /opt/bin/backup.sh"
-      ];
-    };
-  };
-
-  users = {
-    # Improve: make mutable
-    mutableUsers = false;
-    extraUsers = let
-      andrehUser = {
-        andreh = {
-          uid = 1000;
-          isNormalUser = true;
-          extraGroups = [ "wheel" ];
-          hashedPassword = envsubstConfiguration.hashedPassword;
-          openssh.authorizedKeys.keys = [
-            "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDF+uy407LKZAFnfFkJPRiOBzwV98qIEcKhITnLYhqfITfrJvcFVOY0/YDCrs6WHXyLdM29AoywVWsQ1qXiB7xQCwknPV8YZoCnJQcn0gvH8jbCk+C8Po0Rx846wbhL49qYolnmlhe+Uoy30j7XIJSDtPVO9d/hZqt2GPwGVJ98HLyY2ak+j4i1YkHr+mPFgnCaqCAzA374d1Bop18+YENYtMMU0k8hCsomwZny/7qNo4V8mjLxQAS8FvTuljxlthEpOM4Jsjl07yDLgE69kLvU7mmFi8EeC26e50N18Ouse82dZigtVhAMeLBhbJnQbDff4WfUBzSjpKjZPGcxoRaej3qSRbIkcMMqCOSlww6GcjRi+COvlpA4c1i4hKI15wHceoiKghDLA6jbaHfOqEMldflYl5gCVUIYzJ5XehZppH6L7PzO+L4suNs+aFjWPDZ0jqEtcyTmgTMea40p7wwz086ExnBDorbG79oDiJrWc+swJjXuVakS+fQjb3mPsCC/FgUhsxEtqiVfvLo2mphp47pOYvs64aUp3RV9muqQNuS4tEuP9V1urGTLtgPL26LEjF0oLu1ag0H+VZY5O/T9KRYvWre8IWbj/KkZYo1tJaGJyEVr0plmyzLBEy8b3Hu/6Wtq7yB0Eii60fxqFWC24nEkvs1V0cxDa+o6I2iA9w== eu@euandre.org"
-          ];
-        };
-      };
-      buildUser = (i: {
-        "guixbuilder${i}" = {
-          group = "guixbuild";
-          extraGroups = [ "guixbuild" ];
-          home = "/var/empty";
-          shell = pkgs.nologin;
-          description = "Guix build user ${i}";
-          isSystemUser = true;
-        };
-      });
-    in pkgs.lib.fold (str: acc: acc // buildUser str) andrehUser
-    (map (pkgs.lib.fixedWidthNumber 2) (builtins.genList (n: n + 1) 10));
-    extraGroups.guixbuild = { name = "guixbuild"; };
-  };
-
-  mailserver = {
-    enable = true;
-    fqdn = "mail.${config.TLD}";
-    domains = [ config.TLD ];
-    loginAccounts = {
-      "eu@${config.TLD}" = {
-        hashedPasswordFile = "/opt/secrets/mail-user-password-hash.txt";
-      	aliases = [ "@${config.TLD}" ];
-      };
-    };
-    certificateScheme = 3;
-  };
-
-  systemd = {
-    services = {
-      guix-daemon = {
-        enable = true;
-        description = "Build daemon for GNU Guix";
-        serviceConfig = {
-          ExecStart =
-            "/var/guix/profiles/per-user/root/current-guix/bin/guix-daemon --build-users-group=guixbuild";
-        };
-        wantedBy = [ "multi-user.target" ];
-      };
-    };
-  };
-
-  system = {
-    stateVersion = "20.09";
-    autoUpgrade = {
-      enable = true;
-      allowReboot = true;
-    };
-  };
-}
-- 
cgit v1.2.3