remove nova

2026-03-04 22:40:01 -05:00 · 2026-03-04 22:40:01 -05:00 · b842acbf53
commit b842acbf53
parent 529870e16e
8 changed files with 0 additions and 142 deletions
--- a/clients/nova/ava.nix
+++ b/clients/nova/ava.nix
@ -1,16 +0,0 @@
 { config, lib, ... }:
 {
  users = {
    mutableUsers = lib.mkForce true;
    users.ava = {
      isNormalUser = true;
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcXzWUeVwJN7iPxMT/1lhJySY4t6Z2/fH/GHVuzQFr6 cardno:32_241_564"
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBnstd9HyyIjfXWfGymWDcRlK9nZuqgTIcueiqPUDaQ star@starforge"
      ];
      hashedPasswordFile = config.age.secrets."initialFloriPassword.age".path;
      description = "Flori Ava Star";
      extraGroups = [ "wheel" ];
    };
  };
 }
--- a/clients/nova/hardware-configuration.nix
+++ b/clients/nova/hardware-configuration.nix
@ -1,38 +0,0 @@
 { modulesPath, ... }:
 {
  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
  boot = {
    initrd.luks.devices."luks-ef228969-52cc-4238-b90f-9d97d625bba6".device =
      "/dev/disk/by-uuid/ef228969-52cc-4238-b90f-9d97d625bba6";
    kernelParams = [ "ip=dhcp" ];
    initrd.availableKernelModules = [
      "sr_mod"
      "ata_piix"
      "uhci_hcd"
      "virtio_pci"
      "virtio_net"
      "virtio_blk"
    ];
  };
  fileSystems = {
    "/" = {
      device = "/dev/disk/by-uuid/3c343e41-ca80-413f-a48c-af513bb28f5c";
      fsType = "btrfs";
      options = [ "subvol=@" ];
    };
    "/boot" = {
      device = "/dev/disk/by-uuid/9300-4D1C";
      fsType = "vfat";
      options = [
        "fmask=0077"
        "dmask=0077"
      ];
    };
  };
  swapDevices = [
    { device = "/dev/disk/by-uuid/c0c9de6f-9990-4346-b774-5f315b5ea115"; }
  ];
 }
--- a/clients/nova/matrix/continuwuity.nix
+++ b/clients/nova/matrix/continuwuity.nix
@ -1,10 +0,0 @@
 {
  quad.matrix = {
    enable = true;
    domain = "polyphony.chat";
    settings.well_known = {
      support_email = "info@polyphony.chat";
      support_mxid = null;
    };
  };
 }
--- a/clients/nova/matrix/zulip.nix
+++ b/clients/nova/matrix/zulip.nix
@ -1,51 +0,0 @@
 {
  lib,
  pkgs,
  config,
  ...
 }:
 {
  systemd.services.matrix-zulip-bridge = {
    description = "matrix-zulip-bridge server";
    wantedBy = [ "multi-user.target" ];
    wants = [ "network-online.target" ];
    after = [ "network-online.target" ];
    serviceConfig =
      let
        secretName = "matrix-zulip-bridge-secrets";
      in
      {
        LoadCredential = [
          "${secretName}:${config.age.secrets."zulipRegistration.age".path}"
        ];
        ExecStart = "${lib.getExe pkgs.matrix-zulip-bridge} --config /run/credentials/matrix-zulip-bridge.service/${secretName} --owner @quadradical:${config.quad.matrix.domain} ${config.services.matrix-continuwuity.settings.global.well_known.client}";
        DynamicUser = true;
        LockPersonality = true;
        MemoryDenyWriteExecute = true;
        ProtectClock = true;
        ProtectControlGroups = true;
        ProtectHostname = true;
        ProtectKernelLogs = true;
        ProtectKernelModules = true;
        ProtectKernelTunables = true;
        PrivateDevices = true;
        PrivateMounts = true;
        RestrictAddressFamilies = [
          "AF_INET"
          "AF_INET6"
        ];
        RestrictNamespaces = true;
        RestrictRealtime = true;
        ProtectHome = true;
        SystemCallArchitectures = "native";
        SystemCallFilter = [
          "@system-service"
          "~@privileged"
          "~@resources"
        ];
        Restart = "always";
        RestartSec = 5;
      };
  };
 }
--- a/clients/nova/unlock-ssh-initrd.nix
+++ b/clients/nova/unlock-ssh-initrd.nix
@ -1,20 +0,0 @@
 { config, ... }:
 {
  fileSystems."/".options = [ "x-systemd.device-timeout=0" ];
  networking.firewall.allowedTCPPorts = [ 222 ];
  boot = {
    loader.grub.enable = false;
    initrd = {
      systemd = {
        enable = true;
        users.root.shell = "/bin/systemd-tty-ask-password-agent";
      };
      network.ssh = {
        enable = true;
        port = 222;
        hostKeys = [ "/etc/ssh/ssh_host_ed25519_key_initrd" ];
        authorizedKeys = config.users.users.ava.openssh.authorizedKeys.keys;
      };
    };
  };
 }
--- a/flake.nix
+++ b/flake.nix
@ -160,10 +160,6 @@
              type = "server";
              graphical = false;
            };
            "nova" = {
              type = "server";
              graphical = false;
            };
            "quadphone" = {
              type = "mobile";
              system = "aarch64-linux";
--- a/modules/common/nh.nix
+++ b/modules/common/nh.nix
@ -15,6 +15,5 @@
      upgrade = "nh os switch --update";
      rebuild = "nh os switch";
      rebuild-server = build + "quadraticserver --target-host server";
      rebuild-nova = build + "nova --target-host nova";
    };
 }
--- a/modules/graphical/ssh.nix
+++ b/modules/graphical/ssh.nix
@ -3,8 +3,6 @@
    Host server
      HostName ssh.federated.nexus
      Port 2222
    Host nova
      HostName nova.bitfl0wer.de
    Host phone
      HostName 172.16.42.1
  '';