feat: litterbox 2, remove users

2026-02-09 04:19:19 -08:00 · 2025-09-20 14:12:13 -07:00 · 2025-09-20 14:12:13 -07:00 · bc8ed413d0
commit bc8ed413d0
parent e0fe5bcd6f
5 changed files with 97 additions and 47 deletions
--- a/nixos/users/connie.nix
+++ b/nixos/users/connie.nix
@ -1,29 +0,0 @@
 {
  config,
  options,
  ...
 }: {
  config.users = {
    users.connieallure = {name, ...}: {
      uid = 8003;
      isNormalUser = true;
      autoSubUidGidRange = false;
      group = name;
      extraGroups = [
        "users"
        "peeps"
        "kyuuto"
      ];
    };
    groups.connieallure = {name, ...}: {
      gid = config.users.users.${name}.uid;
    };
  };
  config.${
    if options ? networking.firewall
    then "networking"
    else null
  } = {
    access.peeps.ranges.connieallure = "2604:3d00::/28";
  };
 }
--- a/nixos/users/kaosu.nix
+++ b/nixos/users/kaosu.nix
@ -1,18 +0,0 @@
 {config, ...}: {
  users.users.kaosubaloo = {name, ...}: {
    uid = 8002;
    isNormalUser = true;
    autoSubUidGidRange = false;
    group = name;
    extraGroups = [
      "users"
      "peeps"
      "kyuuto"
      "steamaccount"
      "beatsaber"
    ];
  };
  users.groups.kaosubaloo = {name, ...}: {
    gid = config.users.users.${name}.uid;
  };
 }
--- a/systems/litterbox-2/default.nix
+++ b/systems/litterbox-2/default.nix
@ -0,0 +1,23 @@
 _: {
  imports = [
    ./proxmox.nix
  ];
  arch = "x86_64";
  type = "NixOS";
  ci.allowFailure = true;
  access.online.enable = false;
  modules = [
    ./nixos.nix
  ];
  network.networks = {
    tail = {
      address4 = "100.70.124.79";
      address6 = "fd7a:115c:a1e0::b001:7c4f";
    };
  };
  exports = {
    services = {
      tailscale.enable = true;
    };
  };
 }
--- a/systems/litterbox-2/nixos.nix
+++ b/systems/litterbox-2/nixos.nix
@ -0,0 +1,17 @@
 {meta, ...}: {
  imports = let
    inherit (meta) nixos;
  in [
    nixos.sops
    nixos.reisen-ct
    nixos.tailscale
    nixos.syncthing-kat
  ];
  sops = {
    defaultSopsFile = ./secrets.yaml;
    secrets.tailscale-key.key = "tailscale-key";
  };
  system.stateVersion = "23.11";
 }
--- a/systems/litterbox-2/secrets.yaml
+++ b/systems/litterbox-2/secrets.yaml
@ -0,0 +1,57 @@
 tailscale-key: ENC[AES256_GCM,data:fJ+Eikbocenx5EbQR8CN4wclrxbf+Y/0tI4GSPrrt38QPt3Lw8DhY4s=,iv:LDK8zO7tWzU7+YYfC83GnOawNwXkikYJKN97sV+S6zc=,tag:7AFJPd8pRD0R2rvy5aAdeg==,type:str]
 sops:
    shamir_threshold: 1
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1xg6zm9t25wjakljm54m38pjdr9q53jysdcl82r5xwkrn0cgyuvvsuh63eh
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwSjUwb3F6NnA5cENqcFRJ
            dzdTRFptZ2hsMFR0MXMzT2I3aVpXN3N2emhJCi9SQWJQc0JZOW1FeUx5NU5DdGlF
            Yjh6VnJjaE96QzU0dGlweVNnUk9oaU0KLS0tIFFYR05qbThxb2tZamhlTmxZRXdm
            NEVHRk0zTFU4aW1wbmVEUGZXVWNsbXMKgnZY9saX6DmVdX4hgutyg78T9mqKqG8C
            4Qahrc9V3e6rC09GuCeGuAN/F51Sq6T6wbO+ESfONrhWNi4gIKKWtQ==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2024-02-23T00:08:06Z"
    mac: ENC[AES256_GCM,data:KRSoHWTux2BTJ7KH16xyJkyZnynPYIO+C6rM3WhbdphIx5WtfpSO6pX8juTDmYCob3n3jJdFEfy28M2UjSRJhC/CLcdvUx5vV7J8WVldXox8YN5uyQG5cyW2TkO1qwTov1mj4f2FWQsTgKSyXgn/yyzbA9tcfQ4qBHrUj8XiPHc=,iv:bw7UVnVOT6PN6I8iySrCxh1UIqbRQl5RMgnG5WqIPWA=,tag:NV2NTnsYwIjWJdQoTmhECg==,type:str]
    pgp:
        - created_at: "2024-09-02T04:47:29Z"
          enc: |-
            -----BEGIN PGP MESSAGE-----
            hQIMA82M54yws73UAQ//Wwh/MOunzqURoJXQaeNh2DubgZhV9rNdrvC9eW5otANa
            sqv4JgJHOYwJXGrP/959Y040M3v4L43nFSKGmiONscfWsP+hyv2izYY01ynyb5Dm
            f99Dx6irEFe1a1cK9wRdAsNW8xmHtrkP1ufFaqRcTMDyu4eMtPtuNJEcbhJ95jDU
            54cXM3JGo3Qvv+eTsbAQqM5svBsQ0tDRx9uICrtsYRfLa2lX3nn7RTXj8TewmFgF
            qJJ1qsItjVKTUs24ogcgtYbWqRacSzCIyDx2LT0ta6hC28nmPjoDJdXhlDoFqP3n
            a9zsPV04leGt69T2JhT4U3SZNC10UoiLc0Zz1wEVvgGX0zYse4gxB7xiLfC+/FMm
            FEkWxK/7OxJv9iORpPtYagmOfgg+RXnRTnnJs1IbknMCr8+YWyksy8HQ7yF05d1E
            YEnar6mb+fJp4iUtyE9hm3YBBK9biCdgFjrQR5sf0OkYZJ7/77sBkOyMAU5H6+5z
            XS+IsojnwmqN4dnnSkrZ3FwLSa2JHDAbzA0+m6QyJI0w7SO/7AzOtM8YWCjl9nUL
            O4QMEyRRsKOt4xO3APvfXnGaRn/V00L8gg7RfVF6UWl/U1Qhk/3VtgP6coHvbMcQ
            Xjke95g8x5X3kmdRQJBMCbLGbjA2iqRR/LGTZKuBsSD7KUdSCPOY/45DM7E4h4fS
            XgFsMaX+GYPeygQjnn6ttfQHSfiY6eIIXP11DwzKHdUj3NrfQ9mvuvLfkKsKvtst
            rKulWzjoXtum9/I/E4DK4FGfhrPW9BrAcGZOgMNBZCie9fc5clm9g0IqOcdG1dc=
            =/Pdm
            -----END PGP MESSAGE-----
          fp: CD8CE78CB0B3BDD4
        - created_at: "2024-09-02T04:47:29Z"
          enc: |-
            -----BEGIN PGP MESSAGE-----
            hQEMA2W9MER3HLb7AQgAhjfU3ktIoiVnbSUIwL3NbCSi2iODFtW3h59iwAMegX8O
            ahGgEZTI8AELqfNG0n6T1pn5JypwtQKIjkdl4LeoG3xcfn+G34000uWfOZgCjwwe
            K5pUERNtox3LI1baPXi3o66iKHM4D3ukcwl1OWZj0nWiTmSX4fls1OM0t74vvztI
            Ow8d/Yl7YWoXV+wI1lNi/ARJZQEJcn+wBfXnULkZAfydjtFaODS63jHnYGEzbWIm
            jjJ3zlFd0DPuVb1Qc4z7SAIwcDWPEWlWN693MiH2PxSdhlOcBlq2EKE/iRbwZ1QM
            eDsAjTHuNSEGC9H0H+nHOiUwM1JZlBcMj5bcyVbJctJeAVyMiEPdvZRXL6poHUYU
            lT1yllbP+Y8CsGfSixi7Zw8i3oidQKGiJUT3sxWHPlQCR1GQmPKWooThUG4yvvzo
            veLPUlbaWKBMffOSKJun2JFMCCscxGedB1YsVkmemQ==
            =i9QW
            -----END PGP MESSAGE-----
          fp: 65BD3044771CB6FB
    unencrypted_suffix: _unencrypted
    version: 3.8.1