Remove gemini.c3d2.de container

The gemini server is running on c3d2.de.
This commit is contained in:
Emery 2022-03-06 09:03:54 -06:00
parent 2a0b099ce9
commit 6c6d4a18ff
5 changed files with 12 additions and 143 deletions

View File

@ -44,23 +44,6 @@
"type": "github"
}
},
"gemini": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1639155521,
"narHash": "sha256-Lh74QEjPIPZSZNvz1zPKEqEjSA6eIci0eDRoZJKIYeE=",
"owner": "nix-community",
"repo": "flake-gemini",
"rev": "2900f752c983974a03e66077f1e6522764486aed",
"type": "github"
},
"original": {
"id": "gemini",
"type": "indirect"
}
},
"heliwatch": {
"inputs": {
"fenix": "fenix_2",
@ -142,15 +125,15 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1639153468,
"narHash": "sha256-AXlstb8jjYs8HKGTLOuSjIdFLyPQSI5aYPN34qUy+Rc=",
"owner": "NixOS",
"lastModified": 1646342893,
"narHash": "sha256-Q5Nrl98lB7I2ld2FULc/Wx9YL/tM+nsi+uTIOldcsyY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cf8f41fe116c8e733c833acd4759d9261ecd6d1f",
"rev": "7a6f7df2e4ef9c7563b73838c7f86a1d6dd0755b",
"type": "github"
},
"original": {
"owner": "NixOS",
"owner": "nixos",
"ref": "release-21.11",
"repo": "nixpkgs",
"type": "github"
@ -219,22 +202,6 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1646342893,
"narHash": "sha256-Q5Nrl98lB7I2ld2FULc/Wx9YL/tM+nsi+uTIOldcsyY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7a6f7df2e4ef9c7563b73838c7f86a1d6dd0755b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "release-21.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1637209424,
"narHash": "sha256-oXw75hkCOVtoB+CEElWiTmkC1gNdL3jf0tG2GInytHA=",
@ -250,7 +217,7 @@
"type": "github"
}
},
"nixpkgs_4": {
"nixpkgs_3": {
"locked": {
"lastModified": 1638097282,
"narHash": "sha256-EXCzj9b8X/lqDPJapxZThIOKL5ASbpsJZ+8L1LnY1ig=",
@ -266,7 +233,7 @@
"type": "github"
}
},
"nixpkgs_5": {
"nixpkgs_4": {
"locked": {
"lastModified": 1646162891,
"narHash": "sha256-Yoyur5LD3nRKFZRwVi2lHZi2HKoWUJFAHgIFcYsRhho=",
@ -302,11 +269,10 @@
"root": {
"inputs": {
"fenix": "fenix",
"gemini": "gemini",
"heliwatch": "heliwatch",
"naersk": "naersk_2",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs",
"nixpkgs-mobilizon": "nixpkgs-mobilizon",
"nixpkgs-openwebrx": "nixpkgs-openwebrx",
"nixpkgs-unstable": "nixpkgs-unstable",
@ -372,7 +338,7 @@
},
"secrets": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_2",
"sops-nix": [
"sops-nix"
]
@ -393,7 +359,7 @@
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_4"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1645891244,
@ -495,7 +461,7 @@
},
"zentralwerk": {
"inputs": {
"nixpkgs": "nixpkgs_5",
"nixpkgs": "nixpkgs_4",
"nixpkgs-master": "nixpkgs-master",
"openwrt": "openwrt"
},

View File

@ -31,7 +31,7 @@
fenix.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs@{ self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker, heliwatch, sops-nix, naersk, fenix, gemini, ... }:
outputs = inputs@{ self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker, heliwatch, sops-nix, naersk, fenix, ... }:
let
inherit (nixpkgs) lib;
forAllSystems = lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];
@ -246,16 +246,6 @@
];
};
gemini = nixosSystem' {
nixpkgs = inputs.nixpkgs-unstable;
modules = [
./config/lxc-container.nix
./hosts/containers/gemini
gemini.nixosModules.duckling-proxy
gemini.nixosModules.kineto
];
};
gitea = nixosSystem' {
nixpkgs = inputs.nixpkgs-unstable;
modules = [

View File

@ -12,13 +12,6 @@
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMFbxHGfBMBjjior1FNRub56O62K++HVnqUH67BeKD7d";
};
gemini = {
ip6 = "2a00:8180:2c00:223:58f4:2eff:fe48:5216";
# ygg = "30c:c3d2:b946:76d0:58f4:2eff:fe48:5216";
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvB3MTO5+MJk8/sojF+bX0MBz9BLwo3FRH5SjIbrfeH";
};
gitea.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM8MmjiiRmiyUqRYs5a07m7qKDwxh2NwvS2h7pm2b+zx";
glotzbert = {

View File

@ -1,62 +0,0 @@
{ config, lib, pkgs, ... }:
let fqdn = "gemini.c3d2.de";
in {
imports = [ ./users.nix ];
c3d2.hq.statistics.enable = true;
c3d2.autoUpdate = true;
networking.hostName = "gemini";
networking.hosts."::1" = [ fqdn ];
networking.firewall.enable = false;
networking.firewall.allowedTCPPorts = [
80
443
config.services.molly-brown.settings.Port
config.services.duckling-proxy.port
];
services.duckling-proxy = {
enable = true;
address = "0.0.0.0";
port = 1966;
serverCert = "/var/lib/acme/${fqdn}/cert.pem";
serverKey = "/var/lib/acme/${fqdn}/key.pem";
};
services.kineto = {
enable = true;
port = 1967;
geminiDomain = "gemini://${fqdn}";
};
services.molly-brown = {
enable = true;
hostName = fqdn;
certPath = "/var/lib/acme/${fqdn}/cert.pem";
keyPath = "/var/lib/acme/${fqdn}/key.pem";
docBase = "/var/gemini";
settings = {
DefaultLang = "de";
ReadMollyFiles = true;
};
};
services.nginx = {
enable = true;
virtualHosts.${fqdn} = {
default = true;
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:1967";
};
};
systemd.services.duckling-proxy.serviceConfig.SupplementaryGroups =
[ config.security.acme.certs.${fqdn}.group ];
systemd.services.molly-brown.serviceConfig.SupplementaryGroups =
[ config.security.acme.certs.${fqdn}.group ];
}

View File

@ -1,18 +0,0 @@
{ config, lib, ... }:
{
system.activationScripts.gemini = ''
mkdir -p ${config.services.molly-brown.docBase}/users/
'' + lib.strings.concatStrings (lib.attrsets.mapAttrsToList (name:
{ isNormalUser, home, ... }:
lib.strings.optionalString (isNormalUser && home != null) ''
ln -sf ${home}/public_gemini ${config.services.molly-brown.docBase}/users/${name}
'') config.users.users);
users.users = lib.attrsets.mapAttrs (name:
{ sshKeys, ... }: {
createHome = true;
isNormalUser = true;
openssh.authorizedKeys.keys = sshKeys;
}) config.c3d2.users;
}