From 1369154dbbf751e1fa2d36cefbe0f1d3c53c3594 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Wed, 2 Jun 2021 21:35:04 +0200
Subject: [PATCH] dnscache: remove

---
 hosts/containers/dnscache/configuration.nix | 229 --------------------
 1 file changed, 229 deletions(-)
 delete mode 100644 hosts/containers/dnscache/configuration.nix

diff --git a/hosts/containers/dnscache/configuration.nix b/hosts/containers/dnscache/configuration.nix
deleted file mode 100644
index 1aae9ac4..00000000
--- a/hosts/containers/dnscache/configuration.nix
+++ /dev/null
@@ -1,229 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-{
-  imports = [ <nixpkgs/nixos/modules/profiles/minimal.nix> ];
-  nix.useSandbox = false;
-  nix.maxJobs = lib.mkDefault 4;
-
-  boot.isContainer = true;
-  # /sbin/init
-  boot.loader.initScript.enable = true;
-  boot.loader.grub.enable = false;
-  #boot.supportedFilesystems = ["zfs" "ext2" "ext3" "vfat" "fat32" "bcache" "bcachefs"];
-
-  fileSystems."/" = {
-    fsType = "rootfs";
-    device = "rootfs";
-  };
-
-  networking.hostName = "dnscache"; # Define your hostname.
-  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-  networking.useNetworkd = true;
-  networking.useDHCP = false;
-  networking.interfaces.eth0.ipv4.addresses = [{
-    address = "172.20.73.8";
-    prefixLength = 26;
-  }];
-  networking.defaultGateway = "172.20.73.1";
-  services.resolved.enable = false;
-
-  # Set your time zone.
-  time.timeZone = "Europe/Berlin";
-  # Select internationalisation properties.
-  i18n = {
-    defaultLocale = "en_US.UTF-8";
-    supportedLocales = lib.mkForce [ "en_US.UTF-8/UTF-8" ];
-  };
-
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  environment.systemPackages = with pkgs; [ wget vim traceroute tcpdump bind ];
-
-  # Create a few files early before packing tarball for Proxmox
-  # architecture/OS detection.
-  system.extraSystemBuilderCmds = ''
-    mkdir -m 0755 -p $out/bin
-    ln -s ${pkgs.bash}/bin/bash $out/bin/sh
-    mkdir -m 0755 -p $out/sbin
-    ln -s ../init $out/sbin/init
-  '';
-
-  # This value determines the NixOS release with which your system is to be
-  # compatible, in order to avoid breaking some software such as database
-  # servers. You should change this only after NixOS release notes say you
-  # should.
-  system.stateVersion = "19.09"; # Did you read the comment?
-
-  networking.firewall.allowedUDPPorts = [ 53 ];
-  networking.firewall.allowedTCPPorts = [ 22 53 ];
-  # For NixOps:
-  services.openssh = {
-    enable = true;
-    permitRootLogin = "yes";
-  };
-  services.unbound = {
-    enable = true;
-    interfaces = [ "0.0.0.0" "::0" ];
-    allowedAccess = [
-      "fd23:42:c3d2:500::/56"
-      "2a02:8106:208:5200::/56"
-      "2a02:8106:211:e900::/56"
-      "::172.20.72.0/117"
-      "::172.22.99.0/120"
-      "::1/128"
-      "172.20.72.0/21"
-      "10.0.0.0/24"
-      "10.200.0.0/15"
-      "172.22.99.0/24"
-      "127.0.0.0/8"
-    ];
-    forwardAddresses = [
-      # Quad9
-      "9.9.9.9@853" # dns.quad9.net
-      "2620:fe::fe@853" # dns.quad9.net
-      "149.112.112.112@853" # dns.quad9.net
-      "2620:fe::9@853" # dns.quad9.net
-      # Cloudflare DNS
-      "1.1.1.1@853" # cloudflare-dns.com
-      "2606:4700:4700::1111@853" # cloudflare-dns.com
-      "1.0.0.1@853" # cloudflare-dns.com
-      ''
-        2606:4700:4700::1001@853
-            forward-ssl-upstream: yes'' # cloudflare-dns.com
-    ];
-    extraConfig = ''
-        server:
-          domain-insecure: "dn42"
-          domain-insecure: "20.172.in-addr.arpa"
-          domain-insecure: "21.172.in-addr.arpa"
-          domain-insecure: "22.172.in-addr.arpa"
-          domain-insecure: "23.172.in-addr.arpa"
-          domain-insecure: "d.f.ip6.arpa"
-          domain-insecure: "ffdd"
-          domain-insecure: "200.10.in-addr.arpa"
-          local-zone: "20.172.in-addr.arpa." nodefault
-          local-zone: "21.172.in-addr.arpa." nodefault
-          local-zone: "22.172.in-addr.arpa." nodefault
-          local-zone: "23.172.in-addr.arpa." nodefault
-          local-zone: "d.f.ip6.arpa." nodefault
-          local-zone: "ffdd." nodefault
-          local-zone: "200.10.in-addr.arpa." nodefault
-
-        remote-control:
-          control-enable: yes
-          server-key-file: /var/lib/unbound/unbound_server.key
-          server-cert-file: /var/lib/unbound/unbound_server.pem
-          control-key-file: /var/lib/unbound/unbound_control.key
-          control-cert-file: /var/lib/unbound/unbound_control.pem
-
-      forward-zone:
-          name: "99.22.172.in-addr.arpa"
-          forward-host: "ns.c3d2.de"
-
-      forward-zone:
-          name: "zentralwerk.dn42"
-          forward-host: "dns.serv.zentralwerk.org"
-
-      forward-zone:
-          name: "72.20.172.in-addr.arpa"
-          forward-host: "dns.serv.zentralwerk.org"
-
-      forward-zone:
-          name: "73.20.172.in-addr.arpa"
-          forward-host: "dns.serv.zentralwerk.org"
-
-      forward-zone:
-          name: "74.20.172.in-addr.arpa"
-          forward-host: "dns.serv.zentralwerk.org"
-
-      forward-zone:
-          name: "75.20.172.in-addr.arpa"
-          forward-host: "dns.serv.zentralwerk.org"
-
-      forward-zone:
-          name: "76.20.172.in-addr.arpa"
-          forward-host: "dns.serv.zentralwerk.org"
-
-      forward-zone:
-          name: "77.20.172.in-addr.arpa"
-          forward-host: "dns.serv.zentralwerk.org"
-
-      forward-zone:
-          name: "dn42"
-          forward-addr: 172.23.0.53
-
-      forward-zone:
-          name: "20.172.in-addr.arpa"
-          forward-addr: 172.23.0.53
-
-      forward-zone:
-          name: "21.172.in-addr.arpa"
-          forward-addr: 172.23.0.53
-
-      forward-zone:
-          name: "22.172.in-addr.arpa"
-          forward-addr: 172.23.0.53
-
-      forward-zone:
-          name: "23.172.in-addr.arpa"
-          forward-addr: 172.23.0.53
-
-      forward-zone:
-          name: "d.f.ip6.arpa"
-          forward-addr: 172.23.0.53
-
-      forward-zone:
-          name: "ffdd"
-          forward-addr: 10.200.0.4
-          forward-addr: 10.200.0.16
-
-      forward-zone:
-          name: "200.10.in-addr.arpa"
-          forward-addr: 10.200.0.4
-          forward-addr: 10.200.0.16
-    '';
-  };
-
-  services.collectd = {
-    enable = true;
-    autoLoadPlugin = true;
-    plugins = {
-      cpu = "";
-      memory = "";
-      interface = "";
-      load = "";
-      exec = let
-        unboundScript = builtins.toFile "unbound.rb" ''
-          loop do
-            `/run/current-system/sw/bin/unbound-control -c /var/lib/unbound/unbound.conf stats_noreset`
-              .lines
-              .filter { |l| l =~ /^total\./ }
-              .each { |l|
-                if l =~ /total\.(.+?)=([\d\.]+)/
-                  name = $1
-                  value = $2.to_f
-                  if name =~ /\.avg$/ || name =~ /\.median$/ || name =~ /\.max$/ || name =~ /\.min$/
-                    ty = "gauge"
-                  else
-                    ty = "derive"
-                    value = value.to_i
-                  end
-                  puts "PUTVAL dnscache/unbound/#{ty}-#{name} N:#{value}"
-                end
-              }
-
-            sleep 10
-          end
-        '';
-      in ''
-        Exec "collectd" "${pkgs.ruby}/bin/ruby" "${unboundScript}"
-      '';
-      network = ''
-        Server "grafana.serv.zentralwerk.dn42" "25826"
-      '';
-    };
-    extraConfig = ''
-      Interval 10
-    '';
-  };
-}