simplify hosts management

1 files changed, 0 insertions, 86 deletions

diff --git a/machines/nixos/x86_64-linux/rivendell/default.nix b/machines/nixos/x86_64-linux/rivendell/default.nix
deleted file mode 100644
index abbc78f..0000000
--- a/machines/nixos/x86_64-linux/rivendell/default.nix
+++ /dev/null
@@ -1,86 +0,0 @@
-{
-  lib,
-  config,
-  modulesPath,
-  inputs,
-  ...
-}:
-{
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-    inputs.nixos-hardware.nixosModules.framework-desktop-amd-ai-max-300-series
-    ../../../../profiles/disk/btrfs-on-luks.nix
-    ../../../../profiles/defaults.nix
-    ../../../../profiles/server.nix
-    ../../../../profiles/cgroups.nix
-    ../../../../profiles/forgejo.nix
-    ../../../../profiles/keycloak.nix
-    ../../../../profiles/tailscale.nix
-  ];
-
-  age = {
-    secrets = {
-      wireguard = {
-        file = ../../../../secrets/rivendell/wireguard.age;
-      };
-    };
-  };
-
-  boot.initrd.availableKernelModules = [
-    "nvme"
-    "xhci_pci"
-    "thunderbolt"
-    "usbhid"
-    "usb_storage"
-    "sd_mod"
-    "r8169" # ethernet driver
-  ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-
-  networking.hostName = "rivendell";
-  networking.useDHCP = lib.mkDefault true;
-  systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP;
-
-  users.users.builder = {
-    openssh.authorizedKeys.keys = [
-      # my personal key
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"
-      # remote builder ssh key
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGFGxdplt9WwGjdhoYkmPe2opZMJShtpqnGCI+swrgvw"
-    ];
-    isNormalUser = true;
-    group = "nogroup";
-  };
-
-  nix.settings.trusted-users = [ "builder" ];
-
-  networking.wireguard = {
-    enable = true;
-    interfaces.wg0 = {
-      ips = [ "10.100.0.60/32" ];
-      listenPort = 51871;
-      privateKeyFile = config.age.secrets.wireguard.path;
-      peers = [
-        {
-          # digital ocean droplet
-          publicKey = "I+l/sWtfXcdunz2nZ05rlDexGew30ZuDxL0DVTTK318=";
-          allowedIPs = [ "10.100.0.0/24" ];
-          endpoint = "165.232.158.110:51871";
-          persistentKeepalive = 25;
-        }
-      ];
-    };
-  };
-
-  networking.firewall.allowedUDPPorts = [ 51871 ];
-
-  my.modules.hardware.baremetal.enable = true;
-  my.modules.remote-unlock.enable = true;
-
-  system.stateVersion = "23.11"; # Did you read the comment?
-}