]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - systems/dilion/base.nix
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Remove private nginx configuration
[perso/Immae/Config/Nix.git] / systems / dilion / base.nix
diff --git a/systems/dilion/base.nix b/systems/dilion/base.nix
index ac4bdaf669f054a14ddcfe2dcdded11a471eeb34..8c0b3ada3978b0d86bfd608db628354b4c672cc2 100644 (file)
--- a/systems/dilion/base.nix
+++ b/systems/dilion/base.nix
@@ -30,7 +30,6 @@
     "/boot"       = { fsType = "ext4"; device = "/dev/disk/by-uuid/fd1c511e-2bc0-49d5-b8bb-95e7e8c8c816"; };
     "/etc"        = { fsType = "zfs"; device = "zpool/root/etc"; };
     "/home"       = { fsType = "zfs"; device = "zpool/root/home"; };
-    "/home/immae" = { fsType = "zfs"; device = "zpool/root/home/immae"; };
     "/tmp"        = { fsType = "zfs"; device = "zpool/root/tmp"; };
     "/var"        = { fsType = "zfs"; device = "zpool/root/var"; };
     "/data"       = { fsType = "ext4"; label = "data"; };
@@ -70,8 +69,6 @@
     ];
   };
 
-  myServices.ssh.modules.regular.snippet = builtins.readFile ./ssh_ldap_regular.sh;
-
   imports = [
     secrets.nixosModules.users-config-dilion
     ./monitoring.nix
@@ -147,23 +144,12 @@
     in
       ["command=\"${pkgs.zrepl}/bin/zrepl stdinserver --config ${zreplConfig} eldiron\",restrict ${config.myEnv.zrepl_backup.ssh_key.public}"];
   };
-  security.sudo.extraRules = pkgs.lib.mkAfter [
-    {
-      commands = [
-        { command = "/home/immae/.nix-profile/root_scripts/*"; options = [ "NOPASSWD" ]; }
-      ];
-      users = [ "immae" ];
-      runAs = "root";
-    }
-  ];
 
   virtualisation.docker.enable = true;
   virtualisation.docker.storageDriver = "zfs";
   virtualisation.libvirtd.enable = true;
   virtualisation.libvirtd.qemu.package = pkgs-no-overlay.qemu;
   systemd.services.libvirtd.path = lib.mkAfter [ config.boot.zfs.package ];
-  users.groups.immae = {};
-  users.extraUsers.immae.extraGroups = [ "immae" "libvirtd" "docker" ];
   systemd.services.libvirtd.postStart = ''
     install -m 0770 -g libvirtd -d /var/lib/libvirt/images
   '';
@@ -216,7 +202,6 @@
         acmeRoot = config.security.acme.defaults.webroot;
         useACMEHost = name;
         forceSSL = true;
-        locations."/".root = "/home/immae/www";
       };
     };
   };
My infrastructure configuration