X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fsystem.nix;fp=modules%2Fprivate%2Fsystem.nix;h=0000000000000000000000000000000000000000;hb=1a64deeb894dc95e2645a75771732c6cc53a79ad;hp=5f3d79e2850b727a88bcfba235e2a5f887cc8f7e;hpb=fa25ffd4583cc362075cd5e1b4130f33306103f0;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/system.nix b/modules/private/system.nix
deleted file mode 100644
index 5f3d79e..0000000
--- a/modules/private/system.nix
+++ /dev/null
@@ -1,98 +0,0 @@
-{ pkgs, lib, config, name, nodes, ... }:
-{
-  config = {
-    deployment.secrets."secret_vars.yml" = {
-      source = builtins.toString ../../nixops/secrets/vars.yml;
-      destination = config.secrets.secretsVars;
-      owner.user = "root";
-      owner.group = "root";
-      permissions = "0400";
-    };
-
-    networking.extraHosts = builtins.concatStringsSep "\n"
-      (lib.mapAttrsToList (n: v: "${v.config.hostEnv.ips.main.ip4} ${n}") nodes);
-
-    users.extraUsers.root.openssh.authorizedKeys.keys = [ config.myEnv.sshd.rootKeys.nix_repository ];
-    secrets.deleteSecretsVars = true;
-    secrets.gpgKeys = [
-      ../../nixops/public_keys/Immae.pub
-    ];
-    secrets.secretsVars = "/run/keys/vars.yml";
-
-    services.openssh.enable = true;
-
-    nixpkgs.overlays = builtins.attrValues (import ../../overlays) ++ [
-      (self: super: {
-        postgresql = self.postgresql_pam;
-        mariadb = self.mariadb_pam;
-      }) # donât put them as generic overlay because of home-manager
-    ];
-
-    services.journald.extraConfig = ''
-      #Should be "warning" but disabled for now, it prevents anything from being stored
-      MaxLevelStore=info
-      MaxRetentionSec=1year
-      '';
-
-    users.users =
-      builtins.listToAttrs (map (x: lib.attrsets.nameValuePair x.name ({
-        isNormalUser = true;
-        home = "/home/${x.name}";
-        createHome = true;
-        linger = true;
-      } // x)) (config.hostEnv.users pkgs))
-      // {
-        root.packages = let
-          nagios-cli = pkgs.writeScriptBin "nagios-cli" ''
-            #!${pkgs.stdenv.shell}
-            sudo -u naemon ${pkgs.nagios-cli}/bin/nagios-cli -c ${./monitoring/nagios-cli.cfg}
-            '';
-        in
-          [
-            pkgs.telnet
-            pkgs.htop
-            pkgs.iftop
-            pkgs.bind.dnsutils
-            pkgs.httpie
-            pkgs.iotop
-            pkgs.whois
-            pkgs.ngrep
-            pkgs.tcpdump
-            pkgs.tshark
-            pkgs.tcpflow
-            # pkgs.mitmproxy # failing
-            pkgs.nmap
-            pkgs.p0f
-            pkgs.socat
-            pkgs.lsof
-            pkgs.psmisc
-            pkgs.openssl
-            pkgs.wget
-
-            pkgs.cnagios
-            nagios-cli
-
-            pkgs.pv
-            pkgs.smartmontools
-          ];
-      };
-
-    users.mutableUsers = lib.mkDefault false;
-
-    environment.etc.cnagios.source = "${pkgs.cnagios}/share/doc/cnagios";
-    environment.systemPackages = [
-      pkgs.git
-      pkgs.vim
-      pkgs.rsync
-      pkgs.strace
-    ] ++
-    (lib.optional (builtins.length (config.hostEnv.users pkgs) > 0) pkgs.home-manager);
-
-    systemd.targets.maintenance = {
-      description = "Maintenance target with only sshd";
-      after = [ "network-online.target" "sshd.service" ];
-      requires = [ "network-online.target" "sshd.service" ];
-      unitConfig.AllowIsolate = "yes";
-    };
-  };
-}