Burnout crawlout

2026-02-09 12:29:19 -08:00 · 2023-07-16 11:39:44 -07:00 · 2023-07-16 11:39:44 -07:00 · e193ee5a9f
commit e193ee5a9f
parent fa19a286c5
7 changed files with 10 additions and 275 deletions
--- a/nixos/roles/k8s-cluster/kubernetes.nix
+++ b/nixos/roles/k8s-cluster/kubernetes.nix
@ -1,39 +0,0 @@
-{
-  pkgs,
-  lib,
-  ...
-}: let
-  inherit (lib.modules) mkForce;
-  kubeMasterIP = "100.105.14.66";
-  kubeMasterHostname = "ran.gensokyo.zone";
-  kubeMasterAPIServerPort = 6443;
-in {
-  # packages for administration tasks
-  environment.systemPackages = with pkgs; [
-    kompose
-    kubectl
-    kubernetes
-  ];
-
-  networking = {
-    firewall.enable = mkForce false;
-    extraHosts = "${kubeMasterIP} ${kubeMasterHostname}";
-  };
-
-  systemd.services.etcd.preStart = ''${pkgs.writeShellScript "etcd-wait" ''
-      while [ ! -f /var/lib/kubernetes/secrets/etcd.pem ]; do sleep 1; done
-    ''}'';
-
-  services.kubernetes = {
-    roles = ["master" "node"];
-    addons.dns.enable = true; # CoreDNS
-    masterAddress = kubeMasterHostname;
-    apiserverAddress = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
-    apiserver = {
-      securePort = kubeMasterAPIServerPort;
-      advertiseAddress = kubeMasterIP;
-      extraOpts = "--service-node-port-range=1-65535";
-      allowPrivileged = true;
-    };
-  };
-}
--- a/nixos/roles/rosetta.nix
+++ b/nixos/roles/rosetta.nix
@ -1,18 +0,0 @@
-_: {
-  boot = {
-    initrd.availableKernelModules = ["virtiofs"];
-    binfmt.registrations."rosetta" = {
-      interpreter = "/run/rosetta/rosetta";
-      fixBinary = true;
-      wrapInterpreterInShell = false;
-      matchCredentials = true;
-      magicOrExtension = ''\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x3e\x00'';
-      mask = ''\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'';
-    };
-  };
-
-  nix.settings = {
-    extra-platforms = ["x86_64-linux"];
-    extra-sandbox-paths = ["/run/rosetta" "/run/binfmt"];
-  };
-}
--- a/systems/ran.nix
+++ b/systems/ran.nix
@ -1,89 +0,0 @@
-_: let
-  hostConfig = {
-    lib,
-    config,
-    modulesPath,
-    tree,
-    ...
-  }: {
-    imports = with tree.nixos.roles; [
-      server
-      k8s-cluster
-      (modulesPath + "/profiles/qemu-guest.nix")
-    ];
-    fileSystems."/" = {
-      device = "/dev/disk/by-uuid/cf27e80b-f418-472e-8846-36073a76a628";
-      fsType = "ext4";
-    };
-    hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-    networking = {
-      hostName = "ran";
-      domain = "gensokyo.zone";
-      nameservers = [
-        "8.8.8.8"
-      ];
-      defaultGateway = "172.31.1.1";
-      defaultGateway6 = {
-        address = "fe80::1";
-        interface = "eth0";
-      };
-      dhcpcd.enable = false;
-      usePredictableInterfaceNames = lib.mkForce false;
-      interfaces = {
-        eth0 = {
-          ipv4.addresses = [
-            {
-              address = "5.78.46.139";
-              prefixLength = 32;
-            }
-          ];
-          ipv6.addresses = [
-            {
-              address = "2a01:4ff:1f0:c700::1";
-              prefixLength = 64;
-            }
-            {
-              address = "fe80::9400:2ff:fe25:4acb";
-              prefixLength = 64;
-            }
-          ];
-          ipv4.routes = [
-            {
-              address = "172.31.1.1";
-              prefixLength = 32;
-            }
-          ];
-          ipv6.routes = [
-            {
-              address = "fe80::1";
-              prefixLength = 128;
-            }
-          ];
-        };
-      };
-    };
-    boot = {
-      loader.grub = {
-        enable = true;
-        device = "/dev/sda";
-        version = 2;
-      };
-      initrd = {
-        availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
-        kernelModules = [];
-      };
-      kernelModules = [];
-      extraModulePackages = [];
-    };
-    services.udev.extraRules = ''
-      ATTR{address}=="96:00:02:25:4a:cb", NAME="eth0"
-    '';
-    system.stateVersion = "21.11";
-  };
-in {
-  arch = "x86_64";
-  type = "NixOS";
-  modules = [
-    hostConfig
-  ];
-}
--- a/systems/renko.nix
+++ b/systems/renko.nix
@ -7,7 +7,6 @@ _: let
    inherit (lib.modules) mkDefault;
  in {
    imports = with tree.nixos.roles; [
-      rosetta
      bootable
    ];

@ -16,6 +15,8 @@ _: let
      initrd.availableKernelModules = ["virtio_pci" "xhci_pci" "usb_storage" "usbhid"];
    };

+    virtualization.rosetta.enable = true;
+
    fileSystems = {
      "/" = {
        device = "/dev/disk/by-uuid/d91cbfb6-5a09-45d8-b226-fc97c6b09f61";
--- a/systems/sumireko.nix
+++ b/systems/sumireko.nix
@ -14,7 +14,7 @@ _: let
      enable = true;
      extraConfig = ''
        Host renko
-          HostName 192.168.64.3
+          HostName 192.168.64.5
          Port 62954
          User root
      '';
@ -92,7 +92,14 @@ _: let
        "obsidian"
        "contexts"
        "rectangle"
+        "signal"
+        "telegram"
+        "discord"
+        "deluge"
        "keybase"
+        "anki"
+        "firefox"
+        "google-chrome"
      ];
      taps = [
        "pulumi/tap"
--- a/tf/ran-cf.tf
+++ b/tf/ran-cf.tf
@ -1,17 +0,0 @@
-resource "cloudflare_record" "ran_v4" {
-	name    = "ran"
-	proxied = false
-	ttl     = 3600
-	type    = "A"
-	value   = hcloud_server.ran.ipv4_address
-	zone_id = local.zone_ids.gensokyo
-}
-
-resource "cloudflare_record" "ran_v6" {
-	name    = "ran"
-	proxied = false
-	ttl     = 3600
-	type    = "AAAA"
-	value   = hcloud_server.ran.ipv6_address
-	zone_id = local.zone_ids.gensokyo
-}
--- a/tf/ran-hcloud.tf
+++ b/tf/ran-hcloud.tf
@ -1,110 +0,0 @@
-resource "hcloud_primary_ip" "ran_ipv4" {
-	auto_delete = false
-	name = "ran-v4"
-	datacenter = "hil-dc1"
-	type = "ipv4"
-	assignee_type = "server"
-}
-
-
-resource "hcloud_primary_ip" "ran_ipv6" {
-	auto_delete = false
-	name = "ran-v6"
-	datacenter = "hil-dc1"
-	type = "ipv6"
-	assignee_type = "server"
-}
-resource "hcloud_server" "ran" {
-    name = "ran"
-    server_type = "cpx21"
-    keep_disk = true
-    allow_deprecated_images = false
-    image = "ubuntu-22.04"
-    datacenter = "hil-dc1"
-    public_net {
-        ipv4_enabled = true
-        ipv4 = hcloud_primary_ip.ran_ipv4.id
-        ipv6_enabled = true
-        ipv6 = hcloud_primary_ip.ran_ipv6.id
-    }
-    firewall_ids = [
-        hcloud_firewall.ran.id
-    ]
-
-    lifecycle {
-        ignore_changes = [
-            user_data,
-            public_net
-        ]
-    }
-}
-
-resource "hcloud_rdns" "ran-v4" {
-    server_id  = hcloud_server.ran.id
-    ip_address = hcloud_server.ran.ipv4_address
-    dns_ptr    = "ran.gensokyo.zone"
-}
-
-resource "hcloud_rdns" "ran-v6" {
-    server_id  = hcloud_server.ran.id
-    ip_address = hcloud_server.ran.ipv6_address
-    dns_ptr    = "ran.gensokyo.zone"
-}
-
-resource "hcloud_firewall" "ran" {
-    name = "ran-firewall"
-    rule {
-        direction = "in"
-        protocol  = "icmp"
-        source_ips = [
-        "0.0.0.0/0",
-        "::/0"
-        ]
-    }
-
-    rule {
-        direction = "in"
-        protocol = "tcp"
-        port = "80"
-        source_ips = [
-            "0.0.0.0/0",
-            "::/0"
-        ]
-    }
-    rule {
-        direction = "in"
-        protocol = "tcp"
-        port = "443"
-        source_ips = [
-            "0.0.0.0/0",
-            "::/0"
-        ]
-    }
-    rule {
-        direction = "in"
-        protocol = "tcp"
-        port = "6443"
-        source_ips = [
-            "0.0.0.0/0",
-            "::/0"
-        ]
-    }
-    rule {
-        direction = "in"
-        protocol = "udp"
-        port = "60000-61000"
-        source_ips = [
-            "0.0.0.0/0",
-            "::/0"
-        ]
-    }
-    rule {
-        direction = "in"
-        protocol = "tcp"
-        port = "22"
-        source_ips = [
-            "0.0.0.0/0",
-            "::/0"
-        ]
-    }
-}