From e193ee5a9f1a0fef4cdd147542eb849559fe5d16 Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Sun, 16 Jul 2023 11:39:44 -0700 Subject: [PATCH] Burnout crawlout --- nixos/roles/k8s-cluster/kubernetes.nix | 39 --------- nixos/roles/rosetta.nix | 18 ---- systems/ran.nix | 89 -------------------- systems/renko.nix | 3 +- systems/sumireko.nix | 9 +- tf/ran-cf.tf | 17 ---- tf/ran-hcloud.tf | 110 ------------------------- 7 files changed, 10 insertions(+), 275 deletions(-) delete mode 100644 nixos/roles/k8s-cluster/kubernetes.nix delete mode 100644 nixos/roles/rosetta.nix delete mode 100644 systems/ran.nix delete mode 100644 tf/ran-cf.tf delete mode 100644 tf/ran-hcloud.tf diff --git a/nixos/roles/k8s-cluster/kubernetes.nix b/nixos/roles/k8s-cluster/kubernetes.nix deleted file mode 100644 index e6a31c8e..00000000 --- a/nixos/roles/k8s-cluster/kubernetes.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ - pkgs, - lib, - ... -}: let - inherit (lib.modules) mkForce; - kubeMasterIP = "100.105.14.66"; - kubeMasterHostname = "ran.gensokyo.zone"; - kubeMasterAPIServerPort = 6443; -in { - # packages for administration tasks - environment.systemPackages = with pkgs; [ - kompose - kubectl - kubernetes - ]; - - networking = { - firewall.enable = mkForce false; - extraHosts = "${kubeMasterIP} ${kubeMasterHostname}"; - }; - - systemd.services.etcd.preStart = ''${pkgs.writeShellScript "etcd-wait" '' - while [ ! -f /var/lib/kubernetes/secrets/etcd.pem ]; do sleep 1; done - ''}''; - - services.kubernetes = { - roles = ["master" "node"]; - addons.dns.enable = true; # CoreDNS - masterAddress = kubeMasterHostname; - apiserverAddress = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}"; - apiserver = { - securePort = kubeMasterAPIServerPort; - advertiseAddress = kubeMasterIP; - extraOpts = "--service-node-port-range=1-65535"; - allowPrivileged = true; - }; - }; -} diff --git a/nixos/roles/rosetta.nix b/nixos/roles/rosetta.nix deleted file mode 100644 index 6a368528..00000000 --- a/nixos/roles/rosetta.nix +++ /dev/null @@ -1,18 +0,0 @@ -_: { - boot = { - initrd.availableKernelModules = ["virtiofs"]; - binfmt.registrations."rosetta" = { - interpreter = "/run/rosetta/rosetta"; - fixBinary = true; - wrapInterpreterInShell = false; - matchCredentials = true; - magicOrExtension = ''\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x3e\x00''; - mask = ''\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff''; - }; - }; - - nix.settings = { - extra-platforms = ["x86_64-linux"]; - extra-sandbox-paths = ["/run/rosetta" "/run/binfmt"]; - }; -} diff --git a/systems/ran.nix b/systems/ran.nix deleted file mode 100644 index 7f53e383..00000000 --- a/systems/ran.nix +++ /dev/null @@ -1,89 +0,0 @@ -_: let - hostConfig = { - lib, - config, - modulesPath, - tree, - ... - }: { - imports = with tree.nixos.roles; [ - server - k8s-cluster - (modulesPath + "/profiles/qemu-guest.nix") - ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/cf27e80b-f418-472e-8846-36073a76a628"; - fsType = "ext4"; - }; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - networking = { - hostName = "ran"; - domain = "gensokyo.zone"; - nameservers = [ - "8.8.8.8" - ]; - defaultGateway = "172.31.1.1"; - defaultGateway6 = { - address = "fe80::1"; - interface = "eth0"; - }; - dhcpcd.enable = false; - usePredictableInterfaceNames = lib.mkForce false; - interfaces = { - eth0 = { - ipv4.addresses = [ - { - address = "5.78.46.139"; - prefixLength = 32; - } - ]; - ipv6.addresses = [ - { - address = "2a01:4ff:1f0:c700::1"; - prefixLength = 64; - } - { - address = "fe80::9400:2ff:fe25:4acb"; - prefixLength = 64; - } - ]; - ipv4.routes = [ - { - address = "172.31.1.1"; - prefixLength = 32; - } - ]; - ipv6.routes = [ - { - address = "fe80::1"; - prefixLength = 128; - } - ]; - }; - }; - }; - boot = { - loader.grub = { - enable = true; - device = "/dev/sda"; - version = 2; - }; - initrd = { - availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; - kernelModules = []; - }; - kernelModules = []; - extraModulePackages = []; - }; - services.udev.extraRules = '' - ATTR{address}=="96:00:02:25:4a:cb", NAME="eth0" - ''; - system.stateVersion = "21.11"; - }; -in { - arch = "x86_64"; - type = "NixOS"; - modules = [ - hostConfig - ]; -} diff --git a/systems/renko.nix b/systems/renko.nix index 19a4292e..33071284 100644 --- a/systems/renko.nix +++ b/systems/renko.nix @@ -7,7 +7,6 @@ _: let inherit (lib.modules) mkDefault; in { imports = with tree.nixos.roles; [ - rosetta bootable ]; @@ -16,6 +15,8 @@ _: let initrd.availableKernelModules = ["virtio_pci" "xhci_pci" "usb_storage" "usbhid"]; }; + virtualization.rosetta.enable = true; + fileSystems = { "/" = { device = "/dev/disk/by-uuid/d91cbfb6-5a09-45d8-b226-fc97c6b09f61"; diff --git a/systems/sumireko.nix b/systems/sumireko.nix index 6f9b7a59..becefdc3 100644 --- a/systems/sumireko.nix +++ b/systems/sumireko.nix @@ -14,7 +14,7 @@ _: let enable = true; extraConfig = '' Host renko - HostName 192.168.64.3 + HostName 192.168.64.5 Port 62954 User root ''; @@ -92,7 +92,14 @@ _: let "obsidian" "contexts" "rectangle" + "signal" + "telegram" + "discord" + "deluge" "keybase" + "anki" + "firefox" + "google-chrome" ]; taps = [ "pulumi/tap" diff --git a/tf/ran-cf.tf b/tf/ran-cf.tf deleted file mode 100644 index ff4bf341..00000000 --- a/tf/ran-cf.tf +++ /dev/null @@ -1,17 +0,0 @@ -resource "cloudflare_record" "ran_v4" { - name = "ran" - proxied = false - ttl = 3600 - type = "A" - value = hcloud_server.ran.ipv4_address - zone_id = local.zone_ids.gensokyo -} - -resource "cloudflare_record" "ran_v6" { - name = "ran" - proxied = false - ttl = 3600 - type = "AAAA" - value = hcloud_server.ran.ipv6_address - zone_id = local.zone_ids.gensokyo -} \ No newline at end of file diff --git a/tf/ran-hcloud.tf b/tf/ran-hcloud.tf deleted file mode 100644 index 0071c703..00000000 --- a/tf/ran-hcloud.tf +++ /dev/null @@ -1,110 +0,0 @@ -resource "hcloud_primary_ip" "ran_ipv4" { - auto_delete = false - name = "ran-v4" - datacenter = "hil-dc1" - type = "ipv4" - assignee_type = "server" -} - - -resource "hcloud_primary_ip" "ran_ipv6" { - auto_delete = false - name = "ran-v6" - datacenter = "hil-dc1" - type = "ipv6" - assignee_type = "server" -} -resource "hcloud_server" "ran" { - name = "ran" - server_type = "cpx21" - keep_disk = true - allow_deprecated_images = false - image = "ubuntu-22.04" - datacenter = "hil-dc1" - public_net { - ipv4_enabled = true - ipv4 = hcloud_primary_ip.ran_ipv4.id - ipv6_enabled = true - ipv6 = hcloud_primary_ip.ran_ipv6.id - } - firewall_ids = [ - hcloud_firewall.ran.id - ] - - lifecycle { - ignore_changes = [ - user_data, - public_net - ] - } -} - -resource "hcloud_rdns" "ran-v4" { - server_id = hcloud_server.ran.id - ip_address = hcloud_server.ran.ipv4_address - dns_ptr = "ran.gensokyo.zone" -} - -resource "hcloud_rdns" "ran-v6" { - server_id = hcloud_server.ran.id - ip_address = hcloud_server.ran.ipv6_address - dns_ptr = "ran.gensokyo.zone" -} - -resource "hcloud_firewall" "ran" { - name = "ran-firewall" - rule { - direction = "in" - protocol = "icmp" - source_ips = [ - "0.0.0.0/0", - "::/0" - ] - } - - rule { - direction = "in" - protocol = "tcp" - port = "80" - source_ips = [ - "0.0.0.0/0", - "::/0" - ] - } - rule { - direction = "in" - protocol = "tcp" - port = "443" - source_ips = [ - "0.0.0.0/0", - "::/0" - ] - } - rule { - direction = "in" - protocol = "tcp" - port = "6443" - source_ips = [ - "0.0.0.0/0", - "::/0" - ] - } - rule { - direction = "in" - protocol = "udp" - port = "60000-61000" - source_ips = [ - "0.0.0.0/0", - "::/0" - ] - } - rule { - direction = "in" - protocol = "tcp" - port = "22" - source_ips = [ - "0.0.0.0/0", - "::/0" - ] - } -} \ No newline at end of file