remove data-hoarder-borken
This commit is contained in:
parent
c3dc8f2b0c
commit
067b632288
11
.sops.yaml
11
.sops.yaml
|
@ -9,7 +9,6 @@ keys:
|
|||
|
||||
- &data-hoarder age1djp5hk6vpm5glzqy9h2e2cgam5xydx888glgs85kvs57spaf8v0sfm0pa2
|
||||
- &data-hoarder-staging age1m4g4y5ga2m8xdvs7rarda3tyk4gtkyta6pfyq2n3xmy47z20kfxq73m8r8
|
||||
- &data-hoarder-borken age10wj28zkuy3ewmv6hmup7849667qmevgdv4gxa8vyljye7mpu7shsjt4jeh
|
||||
- ¬ice-me-senpai age1wxewmzwlzgtsmr29tnu76n30kv29ra5p0ptvr2e3f3ymkqh569kqm07fv4
|
||||
- &tram-borzoi age10sedt7xftzu383y8g4pxsj0hazht8tnnxhcngedcsl93s4v9uvvsk99er4
|
||||
- &uranus age1xnaw8ssrq2hpsntnt8kdu4dlqh4lz3dcq5lzwn490cskz886te6sreuale
|
||||
|
@ -76,16 +75,6 @@ creation_rules:
|
|||
age:
|
||||
- *data-hoarder
|
||||
- *data-hoarder-staging
|
||||
- path_regex: secrets/data-hoarder-borken/[^/]+\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *admin_oxa
|
||||
- *admin_revol-xut
|
||||
- *admin_marenz-1
|
||||
- *admin_marenz-2
|
||||
age:
|
||||
- *data-hoarder
|
||||
- *data-hoarder-borken
|
||||
- path_regex: secrets/notice-me-senpai/[^/]+\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
|
|
10
flake.nix
10
flake.nix
|
@ -236,7 +236,6 @@
|
|||
|
||||
packages = {
|
||||
staging-microvm = self.nixosConfigurations.staging-data-hoarder.config.microvm.declaredRunner;
|
||||
borken-microvm = self.nixosConfigurations.borken-data-hoarder.config.microvm.declaredRunner;
|
||||
data-hoarder-microvm = self.nixosConfigurations.data-hoarder.config.microvm.declaredRunner;
|
||||
}
|
||||
// (import ./pkgs/deployment.nix { inherit self pkgs lib; })
|
||||
|
@ -269,15 +268,6 @@
|
|||
] ++ data-hoarder-modules;
|
||||
};
|
||||
|
||||
borken-data-hoarder = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs self; };
|
||||
modules = [
|
||||
./hosts/borken-data-hoarder
|
||||
microvm.nixosModules.microvm
|
||||
] ++ data-hoarder-modules;
|
||||
};
|
||||
|
||||
notice-me-senpai = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs self; };
|
||||
|
|
|
@ -1,86 +0,0 @@
|
|||
{ config, self, ... }:
|
||||
let
|
||||
mac_addr = "00:de:5b:f9:e2:3e";
|
||||
in
|
||||
{
|
||||
microvm = {
|
||||
vcpu = 4;
|
||||
mem = 4096;
|
||||
hypervisor = "qemu";
|
||||
socket = "${config.networking.hostName}.socket";
|
||||
|
||||
interfaces = [{
|
||||
type = "tap";
|
||||
id = "serv-dvb-bork";
|
||||
mac = mac_addr;
|
||||
}];
|
||||
|
||||
shares = [{
|
||||
source = "/nix/store";
|
||||
mountPoint = "/nix/.ro-store";
|
||||
tag = "store";
|
||||
proto = "virtiofs";
|
||||
socket = "store.socket";
|
||||
}
|
||||
{
|
||||
source = "/var/lib/microvms/borken-data-hoarder/etc";
|
||||
mountPoint = "/etc";
|
||||
tag = "etc";
|
||||
proto = "virtiofs";
|
||||
socket = "etc.socket";
|
||||
}
|
||||
{
|
||||
source = "/var/lib/microvms/borken-data-hoarder/var";
|
||||
mountPoint = "/var";
|
||||
tag = "var";
|
||||
proto = "virtiofs";
|
||||
socket = "var.socket";
|
||||
}];
|
||||
};
|
||||
|
||||
networking.hostName = "borken-data-hoarder";
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
networking.useNetworkd = true;
|
||||
|
||||
|
||||
sops.defaultSopsFile = self + /secrets/data-hoarder-borken/secrets.yaml;
|
||||
deployment-TLMS.net = {
|
||||
iface.uplink = {
|
||||
name = "ens3";
|
||||
mac = mac_addr;
|
||||
matchOn = "mac";
|
||||
useDHCP = false;
|
||||
addr4 = "172.20.73.39/25";
|
||||
dns = [ "172.20.73.8" "9.9.9.9" ];
|
||||
routes = [
|
||||
{
|
||||
routeConfig = {
|
||||
Gateway = "172.20.73.1";
|
||||
GatewayOnLink = true;
|
||||
Destination = "0.0.0.0/0";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
wg = {
|
||||
addr4 = "10.13.37.7";
|
||||
prefix4 = 24;
|
||||
privateKeyFile = config.sops.secrets.wg-seckey.path;
|
||||
publicKey = "jUQxEav0M5pmkcdCri7R4mryB5Q3ksnn276FYeGCHQ0=";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
deployment-TLMS.domain = "borken.tlm.solutions";
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
}
|
|
@ -1,103 +0,0 @@
|
|||
wg-seckey: ENC[AES256_GCM,data:b0QcY/9TKPG8lyxUrIHU3Re8r4X9PM+hewPTEvVteKQq2t71zrR49OlYoO4=,iv:ufxvGhjk01FcgERZtp8C2U351LOoSrIiH8LmiQLdFuU=,tag:XnOHL2um0C14OmNL32di7A==,type:str]
|
||||
postgres_password: ENC[AES256_GCM,data:7lEBJLa1BQ7Y,iv:keUinQS68xGcKb10jjQDSDcbVsagoVJhJ9//AC8enBI=,tag:+h8ltz+PMZMhl6O0SxFlhw==,type:str]
|
||||
postgres_password_grafana: ENC[AES256_GCM,data:7UmDdje0/guR,iv:bvAt/6mnPS4q663teBzJn7+TLxZVbKmHIJKK4TX7BGY=,tag:+GSZy4OWMHp5WqATle5VEQ==,type:str]
|
||||
postgres_password_hash_salt: ENC[AES256_GCM,data:WALvYBu6UwaP3kk=,iv:m5G08JoBy3IPzJzZL/OxE3nmDlVuCP755Am2nojTl4Q=,tag:TvQDSDafcHgSwtQPyEZEMg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1djp5hk6vpm5glzqy9h2e2cgam5xydx888glgs85kvs57spaf8v0sfm0pa2
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0dFRYQVBJaWFMSkdRN1h5
|
||||
QjZXajQwdEpWcDhnUzhNbFhwSzgycmttZWtnCjhBNko1WUZuZm8rRVV4ai9sWHRT
|
||||
aE5pN1Q5U2llZEhzV082OUs4WEIxblUKLS0tIEhuQkFjSDNEb0psVHB4NVVUZjUv
|
||||
eVZQNyswY1diOS9CN2R0bTUvajhIYVkKA+7ffa20N/IW3wIiQpX6WsfV17OVXEE/
|
||||
XUvkn/7wuHrGASosuIXNzUtoqnFgBDdhWHa3MSUURMQ3W4NEYrRmIA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age10wj28zkuy3ewmv6hmup7849667qmevgdv4gxa8vyljye7mpu7shsjt4jeh
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDNjJiSXNXeDlhc3V4bllW
|
||||
QUFJbXZLb2RCQjA1Y1R4bnpWWktXbFUzQnhvCmhHQjB6eDV3bVJ0U3dWM082cVdk
|
||||
cGY2QnU1TUZFVWJkR3J5cUJIUjJZOHcKLS0tIEJSczNidnVINUZtM1IxbE5RV0tl
|
||||
Nzk0SnJzNmlaRmVlTDRjckZrdkdXQjQK1Qow+N3XCITfUeFbLunUVxgcAwWI9UUq
|
||||
Tc29hy4VzIppR5KqrQ7vbOQPut9/JPovGINyl1wrqbo0z1P4RVJAcg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-05-01T02:15:23Z"
|
||||
mac: ENC[AES256_GCM,data:z7/83Sch5rrtdy/b1gTxhRFLnZtNsJYtAOGjPVxbk07btKnwz24gflkoYcyDYzNLsAfxBI8ht4S7ZBTHbi/6PkF7QCvWFR8WuHDc9pKYLf4UmkKA+98sGsoIe0y9oDamb7Bh1a3J4SW4/7wPiCzMQHqeohDTzwQ5OxX14GSKQoU=,iv:+ujuMkU1pzP3oop6JlCkLbpWSUr7HK7oEw4/4+PIw04=,tag:DOcGlEV2qFgFjMWS/5ACoQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-05-01T04:55:48Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
wcFMA7zUOKwzpAE7ARAAhakYMsv72V4qZs6ulA3dFlteJhAS3T3p13rooTpYNAiQ
|
||||
BWhqZR36REaauKtuA7TxhM+QHHEf4sYQ1Oks664kp1e7N1IwSe3TkmrJzhBpfJ3/
|
||||
f0s80jBTdIx3ZUVivV9E6G8ly3L/PoQyKvER/p/D82fHpbCWcRLidph4DOKpXCcR
|
||||
eW1FMXAw5vgxSvvOwTeS0WRUD4djjjnjBp1ikgZAjb74hXB5p/hS/lmIYZ45CtTR
|
||||
FONmwJOSWL0ssXe558yJ3AeL9Ut7gK0UvR6ccR+Xi6Yb5YrvkM3mzJyZZEgb4/IK
|
||||
tQKAmpWXD3YYMcjpmDlzVHcQArfoXr0rM1KFUBfycRkAxl8E0OvkJRh8pzCZTHbk
|
||||
4hglDs+fTd2qTrTCcrYwSQ1TlX9EmzUna7QIdPhpO17uXCvLWfr5bk6Y1DbpZA7a
|
||||
xExTPcrIVwXr8cR77LIC5/onKylKK94zNlpDWG9bXS7iGc7fnm8pT9VM45yNFdS3
|
||||
2A3NTbKPniou5Lu+kCd4IKf4jBDu87OqoMidYI7iviS7Ya0E/8uowFFWVBdlty++
|
||||
p1oKghOUIDgnxEGGdN+0nDJ1+K51CqGtk3a5F2RdJ5F8PRVGHbaS0HSqftT0TBnY
|
||||
LSXTaIYxjv3S4adsYLcy54sLTRuPrHHsVPEB0bHK1EhMxLV2BFGXTMELFHc+31PS
|
||||
UQFoCL64dI+aD8XhQTNJq4ZeaZmEK08lWdGpZWf+6k1uVi4n/j/HTm9S+nYOvv5l
|
||||
mIM4f5Lt+OVpXwTVoEc338wEGOKNsRTVKp8GgRrWayS4Dw==
|
||||
=eSbT
|
||||
-----END PGP MESSAGE-----
|
||||
fp: DD0998E6CDF294537FC604F991FA5E5BF9AA901C
|
||||
- created_at: "2023-05-01T04:55:48Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMA/YLzOYaRIJJAQ/+P9VQnRpo7qEfb8ONxAJ3SMQOv0KsIO/O6Jt+C0ad5W4h
|
||||
cy5kN0YzfLg+fnBLhwnsQuVuhpt8YJkl6LQl7TysMUsc8B2opfJMhrXkG6sapY9z
|
||||
v4DF+D0sPO1gnu1VJ4a+q66CpEdkHuS3vDss25xT9RomtRc5yM2B29+qZSCmitj/
|
||||
VkufiDOOndBYByVzJ6BXiIHpTdQxDZfrL40k8cY09+fHW+O5550+6TX8pvpwKB0p
|
||||
SdtDcQAENosYjCgTgZk0Nf6X28ssWs1vwzsq/IssjEluOnRqOjlvwC3YcfvYhizN
|
||||
kO2lFAxTdgbPwnqcRW5/oSC8uHs2MgWa2axAG841xr1Szlyk0SRM3gjUSMq8AscT
|
||||
GSdVwWIPH9lky7ZFWiLxizZzfIOHad+Xwt78gAHBQEpggNqThoiXs081q7s7wzHE
|
||||
DHThYkOJKWEi2xvOaSUKA6cTZSm8epWVBT+MWtibp+Qqzpruqj3qIsCNYw5D0Zl2
|
||||
HaAU7I7Al+tIuItB6laWXXPp9QMwmCn28PbU9rGpYVtJEJ5n8oZKzg1xAmmkkOSD
|
||||
UUA0e5++DfZAZHsgCaiGDvwQM/5vKJixGDNP2+JOEu+NFL/0fmGuDI2ISC07GUe+
|
||||
7HAAT7CH7cBweO3P9K4+aO7+GGBnBIGIeYrW+027wdy11GhL+ODBw9ZynhFHQC3S
|
||||
XgEwR96tHyGiIPhGKT9PxcK+2asuDTxSgw2YV8DdOaVskL/xhuG6jG7/19f/h+AD
|
||||
iiMjm+OL1kzHrS/PktmOgxmwg0Hu9Q0j5A7PPqMrd/xY61Cnaj7HcKdNWD3pYwA=
|
||||
=Lmii
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 91EBE87016391323642A6803B966009D57E69CC6
|
||||
- created_at: "2023-05-01T04:55:48Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA1N/l9+zlMQzAQgAp5lpYqMolYFOJtiIPxHdMbkUXZf9X9OMP2Bm/90TO25o
|
||||
J52eYn4NagTbGBpl4nqndMtZKAs2AmJeeX2eR3c7Q51eE+D9LijonA0T3x7q9HN+
|
||||
OXXDTGyX/RvIroWhzCCiftXvzZHhHYXCqcpcQ2CzSCOflMbSTh21ZUVEt97u29HL
|
||||
V7LRILU3BaQ4Z/i1S8abFoBF/qBjVljoiKvWb5mySulrH33D1L/v6mwqYN1VKMiD
|
||||
TbYPOuD7ou5i74wwwjGn3Y+Klq/oGZorskVHH/rfEQExXHeeC4zCzYBLhohvmJxW
|
||||
7azPF28DXLra/FjdtWy97Bh++9gf7BX0PC3OEuM7adJeAU7t0bJaKc4Ww7xFCHj2
|
||||
YcYrXcCctHMfDtpMs4sgZ8j4Quxk9/+9JJn6jD5q1p5DFP9Pbm8OJuEgBraxFLZH
|
||||
SM1US3+TA+5ZzxJTPuHVONNaRy94rtJJRRZpgZlKfw==
|
||||
=GP7Z
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 069836A578F7939612DB4934F77D0F7E247A1EE4
|
||||
- created_at: "2023-05-01T04:55:48Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA1N/l9+zlMQzAQf+O12zDC/pFf1H5kie/Uyty712QZxlWmnWRkoiAVk/J3j9
|
||||
Pq5VBnlmNzaNDtD5UOQEUPf2669QrzkAVs4NjnQrRwImX9q3/Z6fS2TPZ2LTbZp3
|
||||
1dS1H/jhWfdTAFc9C2GEU/5hrVZ46TwsrGbo47dg8vofcG0vCWg6IxfF1RFhDdtI
|
||||
C2ZqCF+/IyNigvL8nNejIz9fRqi3BWHWIOV9H8XXzL+E1OBcO90mkcRZg6NPRy/u
|
||||
o1J8D+PK22chskDwfoNkN5DKl6pd6nlE4iyYGaIRUz4ftcCC8iqZLhzJ8evTd6KN
|
||||
tB2VX20VaZRcYBaq/VOmKYpDpHkXMKgHM2Fmuq5ZSdJeAd3n6xfulH5m8rw1gwCQ
|
||||
wL5nYALACdvHZglQ6yiIZZ++qWLXT86FZqyOXWOXhjIG/+mUkoKTCZg6ZDGJMfbf
|
||||
oNTYVdIKdgyIAlLubGW4SgoComjHiBBxbH2KZQouYA==
|
||||
=T06/
|
||||
-----END PGP MESSAGE-----
|
||||
fp: ED06986DFAAE6A61B751DC2F537F97DFB394C433
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
Loading…
Reference in New Issue