Noratrieb/vps
1
0
Fork 0
mirror of https://github.com/Noratrieb/vps.git synced 2026-01-14 16:55:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor

Browse source
This commit is contained in:
nora 2024-07-31 19:54:42 +02:00
parent eb951eeaa9
commit 59ec8ef37b
4 changed files with 36 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

35
newinfra/nix/hive.nix
View file

@ -19,36 +19,7 @@
defaults = { pkgs, config, lib, ... }: { defaults = { pkgs, config, lib, ... }: {
# This module will be imported by all hosts # This module will be imported by all hosts
environment.systemPackages = with pkgs; [ imports = [ ./modules/default ];
vim
wget
curl
traceroute
dnsutils
];
imports = [
"${builtins.fetchTarball "https://github.com/ryantm/agenix/archive/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6.tar.gz"}/modules/age.nix" # main 2024-07-26
];
deployment.targetHost = "${config.networking.hostName}.infra.noratrieb.dev";
time.timeZone = "Europe/Zurich";
users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG0n1ikUG9rYqobh7WpAyXrqZqxQoQ2zNJrFPj12gTpP nilsh@PC-Nils'' ];
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
services.openssh = {
enable = true;
banner = "meoooooow!! 😼 :3\n";
settings = {
PasswordAuthentication = false;
};
};
services.fail2ban = {
enable = true;
};
system.nixos.distroName = "NixOS (gay 🏳)";
}; };
dns1 = { name, nodes, modulesPath, ... }: { dns1 = { name, nodes, modulesPath, ... }: {
@ -60,7 +31,6 @@
# The name and nodes parameters are supported in Colmena, # The name and nodes parameters are supported in Colmena,
# allowing you to reference configurations in other nodes. # allowing you to reference configurations in other nodes.
networking.hostName = name;
deployment.tags = [ "dns" "us" ]; deployment.tags = [ "dns" "us" ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
}; };
@ -70,7 +40,6 @@
./modules/dns ./modules/dns
]; ];
networking.hostName = name;
deployment.tags = [ "dns" "eu" ]; deployment.tags = [ "dns" "eu" ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
@ -123,7 +92,6 @@
age.secrets.docker_registry_password.file = ./secrets/docker_registry_password.age; age.secrets.docker_registry_password.file = ./secrets/docker_registry_password.age;
networking.hostName = name;
deployment.tags = [ "ingress" "eu" "apps" "wg" ]; deployment.tags = [ "ingress" "eu" "apps" "wg" ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
@ -154,7 +122,6 @@
./modules/wg-mesh ./modules/wg-mesh
]; ];
networking.hostName = name;
deployment.tags = [ "eu" "apps" "wg" ]; deployment.tags = [ "eu" "apps" "wg" ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";

35
newinfra/nix/modules/default/default.nix Normal file
View file

@ -0,0 +1,35 @@
{ pkgs, config, name, ... }: {
deployment.targetHost = "${config.networking.hostName}.infra.noratrieb.dev";
imports = [
"${builtins.fetchTarball "https://github.com/ryantm/agenix/archive/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6.tar.gz"}/modules/age.nix" # main 2024-07-26
];
environment.systemPackages = with pkgs; [
vim
wget
curl
traceroute
dnsutils
];
networking.hostName = name;
time.timeZone = "Europe/Zurich";
users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG0n1ikUG9rYqobh7WpAyXrqZqxQoQ2zNJrFPj12gTpP nilsh@PC-Nils'' ];
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
services.openssh = {
enable = true;
banner = "meoooooow!! 😼 :3\n";
settings = {
PasswordAuthentication = false;
};
};
services.fail2ban = {
enable = true;
};
system.nixos.distroName = "NixOS (gay 🏳)";
}

29
newinfra/nix/modules/dns/nilstrieb.dev.md
View file

@ -1,29 +0,0 @@
@ A N/A 185.199.108.153
@ A N/A 185.199.109.153
@ A N/A 185.199.110.153
@ A N/A 185.199.111.153
@ AAAA N/A 2606:50c0:8002:0:0:0:0:153
@ AAAA N/A 2606:50c0:8003:0:0:0:0:153
@ AAAA N/A 2606:50c0:8000:0:0:0:0:153
@ AAAA N/A 2606:50c0:8001:0:0:0:0:153
@ MX 10 mail.protonmail.ch
@ MX 20 mailsec.protonmail.ch
@ TXT N/A protonmail-verification=86964dcc4994261eab23dbc53dad613b10bab6de
@ TXT N/A v=spf1 include:_spf.protonmail.ch ~all
bisect-rustc A N/A 184.174.32.252
blog CNAME N/A nilstrieb.github.io
_atproto.bsky TXT N/A did=did:plc:pqyzoyxk7gfcbxk65mjyncyl
cors-school A N/A 184.174.32.252
api.cors-school A N/A 184.174.32.252
docker A N/A 184.174.32.252
hugo-chat A N/A 184.174.32.252
api.hugo-chat A N/A 184.174.32.252
k8s-control A N/A 161.97.165.1
localhost A N/A 127.0.0.1
olat A N/A 184.174.32.252
pronouns TXT N/A TODO
uptime A N/A 184.174.32.252
vps1 A N/A 161.97.165.1
vps2 A N/A 184.174.32.252
www A N/A 184.174.32.252
dns1 A N/A 154.38.163.74

3
newinfra/nix/modules/dns/nilstrieb.dev.nix
View file

@ -78,9 +78,6 @@ let
"TODO" "TODO"
]; ];
ns1 = dns1;
ns2 = dns2;
newtest.TXT = [ "uwu it works" ]; newtest.TXT = [ "uwu it works" ];
bsky.subdomains.atproto.TXT = [ "did=did:plc:pqyzoyxk7gfcbxk65mjyncyl" ]; bsky.subdomains.atproto.TXT = [ "did=did:plc:pqyzoyxk7gfcbxk65mjyncyl" ];
}; };