litr: bye bye

flake.nix

@@ -129,7 +129,6 @@
         faf = buildSys "x86_64-linux" stable [ ] "faf";
         hass = buildSys "x86_64-linux" stable [ ] "hass";
         h = buildSys "x86_64-linux" unstableSmall [ ] "h";
-        litr = buildSys "x86_64-linux" unstable [ ] "litr";
         stan = buildSys "x86_64-linux" stable [
           nixos-hardware.nixosModules.framework
           peerix.nixosModules.peerix

hosts/litr/default.nix

@@ -1,127 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-let
-  pubKeys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIITjFpmWZVWixv2i9902R+g5B8umVhaqmjYEKs2nF3Lu qbit@tal.tapenet.org"
-    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA7khawMK6P0fXjhXXPEUTA2rF2tYB2VhzseZA/EQ/OtAAAAC3NzaDpncmVhdGVy qbit@litr.bold.daemon"
-    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB1cBO17AFcS2NtIT+rIxR2Fhdu3HD4de4+IsFyKKuGQAAAACnNzaDpsZXNzZXI= qbit@litr.bold.daemon"
-    "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBB/V8N5fqlSGgRCtLJMLDJ8Hd3JcJcY8skI0l+byLNRgQLZfTQRxlZ1yymRs36rXj+ASTnyw5ZDv+q2aXP7Lj0= hosts@secretive.plq.local"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7v+/xS8832iMqJHCWsxUZ8zYoMWoZhjj++e26g1fLT europa"
-  ];
-
-  userBase = { openssh.authorizedKeys.keys = pubKeys; };
-
-in {
-  _module.args.isUnstable = true;
-  imports = [ ./hardware-configuration.nix ../../overlays/default.nix ];
-
-  doas.enable = true;
-  kde.enable = true;
-  jetbrains.enable = true;
-  sshFidoAgent.enable = true;
-
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-  boot.blacklistedKernelModules = [ "dvb_usb_rtl28xxu" ];
-
-  boot.kernelPackages = pkgs.linuxPackages_latest;
-
-  networking.hostName = "litr";
-  networking.hosts."172.16.30.253" = [ "proxmox-02.vm.calyptix.local" ];
-  networking.hosts."127.0.0.1" = [ "borg.calyptix.dev" "localhost" ];
-  networking.hosts."192.168.122.133" = [ "arst.arst" "vm" ];
-
-  networking.networkmanager.enable = true;
-
-  preDNS.enable = false;
-
-  sops.secrets = {
-    tskey = {
-      sopsFile = config.xin-secrets.litr.secrets;
-      owner = "root";
-      mode = "400";
-    };
-  };
-
-  systemd.services = {
-    "tailscale-init" = {
-      wantedBy = [ "tailscaled.service" ];
-      after = [ "tailscaled.service" ];
-      serviceConfig = {
-        ExecStart =
-          "${pkgs.tailscale}/bin/tailscale up --auth-key file://${config.sops.secrets.tskey.path}";
-      };
-    };
-  };
-
-  environment.systemPackages = with pkgs; [
-    arcanPackages.all-wrapped
-    aircrack-ng
-    apg
-    barrier
-    firefox
-    fzf
-    gnome.gnome-keyring
-    ispell
-    jitsi-meet-electron
-    keychain
-    kismet
-    matterhorn
-    mercurial
-    mosh
-    mupdf
-    nfs-utils
-    nmap
-    nodejs
-    notejot
-    oathToolkit
-    obs-studio
-    openvpn
-    rbw
-    rust-analyzer
-    silver-searcher
-    sshfs
-    tcpdump
-    teams
-    tor
-    uucp
-    vlc
-    vscode
-    wireshark
-    virt-manager
-
-    google-chrome-dev
-  ];
-
-  nixpkgs.config.allowUnfree = true;
-
-  virtualisation.libvirtd.enable = true;
-  programs.dconf.enable = true;
-
-  services = {
-    fwupd.enable = true;
-    unifi.enable = true;
-    openntpd.enable = true;
-    resolved = {
-      enable = true;
-      dnssec = "allow-downgrade";
-    };
-  };
-
-  networking.firewall = {
-    allowedTCPPorts = [ 22 ];
-    checkReversePath = "loose";
-  };
-
-  users.users.root = userBase;
-  users.users.abieber = userBase // {
-    isNormalUser = true;
-    shell = pkgs.zsh;
-    extraGroups = [ "wheel" "networkmanager" "libvirtd" ];
-  };
-
-  programs.zsh.enable = true;
-
-  system.stateVersion = "20.03"; # Did you read the comment?
-}
-

hosts/litr/hardware-configuration.nix

@@ -1,37 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  boot.initrd.availableKernelModules = [
-    "nvme"
-    "ehci_pci"
-    "xhci_pci"
-    "ahci"
-    "usb_storage"
-    "sd_mod"
-    "rtsx_pci_sdmmc"
-  ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  hardware = {
-    enableRedistributableFirmware = true;
-    bluetooth.enable = true;
-    #rtl-sdr.enable = true;
-  };
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/90420d7b-15a7-404b-b3cf-ac9a1bc418de";
-    fsType = "ext4";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/4378-1665";
-    fsType = "vfat";
-  };
-
-  swapDevices =
-    [{ device = "/dev/disk/by-uuid/5d0c92f0-c812-432f-a199-acce01673ffe"; }];
-
-  nix.settings.max-jobs = lib.mkDefault 8;
-}

hosts/stan/default.nix

@@ -1,8 +1,6 @@
 { config, pkgs, ... }:
 let
   pubKeys = [
-    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA7khawMK6P0fXjhXXPEUTA2rF2tYB2VhzseZA/EQ/OtAAAAC3NzaDpncmVhdGVy qbit@litr.bold.daemon"
-    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB1cBO17AFcS2NtIT+rIxR2Fhdu3HD4de4+IsFyKKuGQAAAACnNzaDpsZXNzZXI= qbit@litr.bold.daemon"
     "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBB/V8N5fqlSGgRCtLJMLDJ8Hd3JcJcY8skI0l+byLNRgQLZfTQRxlZ1yymRs36rXj+ASTnyw5ZDv+q2aXP7Lj0= hosts@secretive.plq.local"
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7v+/xS8832iMqJHCWsxUZ8zYoMWoZhjj++e26g1fLT europa"
   ];

hosts/weather/default.nix

@@ -4,8 +4,6 @@ let
   pubKeys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDM2k2C6Ufx5RNf4qWA9BdQHJfAkskOaqEWf8yjpySwH Nix Manager"
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7v+/xS8832iMqJHCWsxUZ8zYoMWoZhjj++e26g1fLT europa"
-    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA7khawMK6P0fXjhXXPEUTA2rF2tYB2VhzseZA/EQ/OtAAAAC3NzaDpncmVhdGVy qbit@litr.bold.daemon"
-    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB1cBO17AFcS2NtIT+rIxR2Fhdu3HD4de4+IsFyKKuGQAAAACnNzaDpsZXNzZXI= qbit@litr.bold.daemon"
     "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBB/V8N5fqlSGgRCtLJMLDJ8Hd3JcJcY8skI0l+byLNRgQLZfTQRxlZ1yymRs36rXj+ASTnyw5ZDv+q2aXP7Lj0= hosts@secretive.plq.local"
   ];
   userBase = { openssh.authorizedKeys.keys = pubKeys; };