Generalize www proxy to spikkjeposche

Redirect subpages like ./well-known, add @-domains
Prepare to replace knakelibrak
2023-11-28 08:55:01 +01:00 · 2023-11-27 21:25:01 +01:00 · 2023-11-26 05:52:47 +01:00 · 2023-11-26 05:52:47 +01:00
22 changed files with 40 additions and 2083 deletions
--- a/base.nix
+++ b/base.nix
@@ -73,7 +73,6 @@

  # Trusted users on the nix builder machines
  users.groups."nix-builder-users".name = "nix-builder-users";
-  users.motd = builtins.readFile ./misc/motd;

  services.openssh = {
    enable = true;
--- a/flake.lock
+++ b/flake.lock
@@ -7,11 +7,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1702569759,
-        "narHash": "sha256-Ze3AdEEsVZBRJ4wn13EZpV1Uubkzi59TkC4j2G9xoFI=",
+        "lastModified": 1699099781,
+        "narHash": "sha256-2WAs839yL6xmIPBLNVwbft46BDh0/RAjq1bAKNRqeR4=",
        "owner": "nix-community",
        "repo": "disko",
-        "rev": "98ab91109716871f50ea8cb0e0ac7cc1e1e14714",
+        "rev": "548962c50b8afad7b8c820c1d6e21dc8394d6e65",
        "type": "github"
      },
      "original": {
@@ -65,11 +65,11 @@
        "nixpkgs-lib": "nixpkgs-lib"
      },
      "locked": {
-        "lastModified": 1701507532,
-        "narHash": "sha256-Zzv8OFB7iilzDGe6z2t/j8qRtR23TN3N8LssGsvRWEA=",
+        "lastModified": 1697936579,
+        "narHash": "sha256-nMyepKnwoHMzu2OpXvG2ZhU081TV9ENmWCo0vWxs6AI=",
        "owner": "dali99",
        "repo": "nixos-matrix-modules",
-        "rev": "046194cdadc50d81255a9c57789381ed1153e2b1",
+        "rev": "e09814657187c8ed1a5fe1646df6d8da1eb2dee9",
        "type": "github"
      },
      "original": {
@@ -80,16 +80,16 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1702601832,
-        "narHash": "sha256-z+GyetKtwj7ZVZrRcI73N8Xy1B3JGAqDyPniBFRpIgo=",
+        "lastModified": 1699110214,
+        "narHash": "sha256-L2TU4RgtiqF69W8Gacg2jEkEYJrW+Kp0Mp4plwQh5b8=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "dff64d4ba6e9dc3f0a4ef8737f372a528d5bc8d1",
+        "rev": "78f3a4ae19f0e99d5323dd2e3853916b8ee4afee",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
-        "ref": "nixos-23.11-small",
+        "ref": "nixos-23.05-small",
        "type": "indirect"
      }
    },
@@ -110,11 +110,11 @@
    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1702148972,
-        "narHash": "sha256-h2jODFP6n+ABrUWcGRSVPRFfLOkM9TJ2pO+h+9JcaL0=",
+        "lastModified": 1699110214,
+        "narHash": "sha256-L2TU4RgtiqF69W8Gacg2jEkEYJrW+Kp0Mp4plwQh5b8=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "b8f33c044e51de6dde3ad80a9676945e0e4e3227",
+        "rev": "78f3a4ae19f0e99d5323dd2e3853916b8ee4afee",
        "type": "github"
      },
      "original": {
@@ -126,11 +126,11 @@
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1702635820,
-        "narHash": "sha256-rClms9NTmSL/WIN5VmEccVhUExMkjCrRNswxU9QGNNo=",
+        "lastModified": 1699128932,
+        "narHash": "sha256-4Hn/fpR/FRucpXQqMI0OSgxiu2ImowmR0dThAycPt/4=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "02357adddd0889782362d999628de9d309d202dc",
+        "rev": "0d2d729bf7091df906a78b69f90620f933ea963f",
        "type": "github"
      },
      "original": {
@@ -179,11 +179,11 @@
        "nixpkgs-stable": "nixpkgs-stable"
      },
      "locked": {
-        "lastModified": 1702177193,
-        "narHash": "sha256-J2409SyXROoUHYXVy9h4Pj0VU8ReLuy/mzBc9iK4DBg=",
+        "lastModified": 1699153251,
+        "narHash": "sha256-CGx98mbAy9svKTa1dzlrVmkJwgGSXpAQUdMh7U0szts=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "d806e546f96c88cd9f7d91c1c19ebc99ba6277d9",
+        "rev": "5bc2cde6e53241e7df0e8f5df5872223983efa72",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -2,7 +2,7 @@
  description = "PVV System flake";

  inputs = {
-    nixpkgs.url = "nixpkgs/nixos-23.11-small";
+    nixpkgs.url = "nixpkgs/nixos-23.05-small";
    nixpkgs-unstable.url = "nixpkgs/nixos-unstable-small";

    sops-nix.url = "github:Mic92/sops-nix";
@@ -57,6 +57,9 @@
          pkgs = import nixpkgs {
            inherit system;
            overlays = [
+              (final: prev: {
+                mx-puppet-discord = prev.mx-puppet-discord.override { nodejs_14 = final.nodejs_18; };
+              })
              inputs.pvv-calendar-bot.overlays.${system}.default
            ];
          };
@@ -108,12 +111,6 @@
          inputs.grzegorz-clients.nixosModules.grzegorz-webui
        ];
      };
-      buskerud = stableNixosConfig "buskerud" {
-        modules = [
-          ./hosts/buskerud/configuration.nix
-          sops-nix.nixosModules.sops
-        ];
-      };
    };

    devShells = forAllSystems (system: {
--- a/hosts/bekkalokk/services/gitea/gitea-import-users.py
+++ b/hosts/bekkalokk/services/gitea/gitea-import-users.py
@@ -32,6 +32,7 @@ def add_user(username, name):
            "full_name": name,
            "username": username,
            "login_name": username,
+            "visibility": "public",
            "source_id": 1,  # 1 = SMTP
    }

--- a/hosts/bekkalokk/services/nginx/ingress.nix
+++ b/hosts/bekkalokk/services/nginx/ingress.nix
@@ -6,10 +6,8 @@
      addSSL = true;
      enableACME = true;

-      locations = {
-        # Proxy home directories
-        "/~" = {
-          extraConfig = ''
+      locations = let
+        proxy_tom = ''
            proxy_redirect off;
            proxy_pass https://tom.pvv.ntnu.no;
            proxy_set_header Host $host;
@@ -17,10 +15,12 @@
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        '';
-        };
+      in  {
+        # Proxy home directories
+        "/~".extraConfig = proxy_tom;

-        # Redirect old wiki entries
-        "/disk".return = "301 https://www.pvv.ntnu.no/pvv/Diskkjøp";
+        # Redirect old wiki entries - TODO: Move these to the main website
+        "= /disk".return = "301 https://www.pvv.ntnu.no/pvv/Diskkjøp";
        "/dok/boker.php".return = "301 https://www.pvv.ntnu.no/pvv/Bokhyllen";
        "/styret/lover/".return = "301 https://www.pvv.ntnu.no/pvv/Lover";
        "/styret/".return = "301 https://www.pvv.ntnu.no/pvv/Styret";
@@ -29,25 +29,17 @@
        "/medlemssider/meldinn.php".return = "301 https://www.pvv.ntnu.no/pvv/Medlemskontingent";
        "/diverse/medlems-sider.php".return = "301 https://www.pvv.ntnu.no/pvv/Medlemssider";
        "/cert/".return = "301 https://www.pvv.ntnu.no/pvv/CERT";
-        "/drift".return = "301 https://www.pvv.ntnu.no/pvv/Drift";
+        "= /drift".return = "301 https://www.pvv.ntnu.no/pvv/Drift";
        "/diverse/abuse.php".return = "301 https://www.pvv.ntnu.no/pvv/CERT/Abuse";
        "/nerds/".return = "301 https://www.pvv.ntnu.no/pvv/Nerdepizza";
+        "/pvvmud/".extraConfig = proxy_tom;
+	"= /pvvmud".return = "301 $request_uri/";

        # TODO: Redirect webmail
        "/webmail".return = "301 https://webmail.pvv.ntnu.no/squirrelmail";

        # Redirect everything else to the main website
        "/".return = "301 https://www.pvv.ntnu.no$request_uri";
-
-        # Proxy the matrix well-known files
-        # Host has be set before proxy_pass
-        # The header must be set so nginx on the other side routes it to the right place
-        "/.well-known/matrix/" = {
-          extraConfig = ''
-            proxy_set_header Host matrix.pvv.ntnu.no;
-            proxy_pass https://matrix.pvv.ntnu.no/.well-known/matrix/;
-          '';
-        };
      };
    };
  };
--- a/hosts/bicep/configuration.nix
+++ b/hosts/bicep/configuration.nix
@@ -12,8 +12,7 @@
    ./services/mysql.nix
    ./services/postgres.nix
    ./services/mysql.nix
-    # TODO: fix the calendar bot
-    # ./services/calendar-bot.nix
+    ./services/calendar-bot.nix

    ./services/matrix
  ];
--- a/hosts/bicep/services/matrix/smtp-authenticator/smtp_auth_provider.py
+++ b/hosts/bicep/services/matrix/smtp-authenticator/smtp_auth_provider.py
@@ -5,7 +5,6 @@ from smtplib import SMTP_SSL as SMTP
 import synapse
 from synapse import module_api

-import re

 class SMTPAuthProvider:
    def __init__(self, config: dict, api: module_api):
@@ -28,10 +27,6 @@ class SMTPAuthProvider:
        if login_type != "m.login.password":
            return None

-        # Convert `@username:server` to `username`
-        match = re.match(r'^@([\da-z\-\.=_\/\+]+):[\w\d\.:\[\]]+$', username)
-        username = match.group(1) if match else username
-
        result = False
        with SMTP(self.config["smtp_host"]) as smtp:
            password = login_dict.get("password")
--- a/hosts/bicep/services/matrix/synapse.nix
+++ b/hosts/bicep/services/matrix/synapse.nix
@@ -216,19 +216,7 @@ in {

  services.redis.servers."".enable = true;
  
-  services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [
-  ({
-    locations."/.well-known/matrix/server" = {
-      return = ''
-        200 '{"m.server": "matrix.pvv.ntnu.no:443"}'
-      '';
-      extraConfig = ''
-        default_type application/json;
-        add_header Access-Control-Allow-Origin *;
-      '';
-    };
-  })
-  ({
+  services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [({
    locations = let
      connectionInfo = w: matrix-lib.workerConnectionResource "metrics" w;
      socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString (c.port)}";
--- a/hosts/buskerud/bikkje/default.nix
+++ b/hosts/buskerud/bikkje/default.nix
@@ -1,125 +0,0 @@
-{ config, pkgs, values, lib, ... }:
-{
-  containers.bikkje = {
-    autoStart = true;
-    interfaces = [ "enp4s0f0" ];
-
-    config = { config, pkgs, ... }: {
-      imports = [
-        ../../../modules/home-areas.nix
-        ./services/kerberos
-      ];
-
-      environment.systemPackages = with pkgs; [
-          zsh
-          bash
-          fish
-          tcsh
-
-          alpine
-          mutt
-          mutt-ics
-          mutt-wizard
-          notmuch
-          mailutils
-          procmail
-
-          irssi
-          weechat
-          weechatScripts.edit
-
-          coreutils-full
-          diffutils
-          findutils
-          ripgrep
-          cvs
-          gawk
-          git
-          gnupg
-          gnused
-          groff
-          less
-          p7zip
-          rcs
-          screen
-          tmux
-          tree
-          unzip
-          zip
-
-          emacs
-          helix
-          joe
-          micro
-          nano
-          neovim
-
-          autossh
-          inetutils
-          lynx
-          mosh
-          rsync
-          w3m
-
-          clang
-          gcc
-          guile
-          lua
-          perl
-          php
-          python3
-          (python3.withPackages (ps: with ps; [
-            numpy
-            sympy
-            scipy
-            requests
-            imageio
-            pillow
-            httpx
-            pycryptodome
-            pandas
-            matplotlib
-          ]))
-          ruby
-          tcl
-      ];
-
-      services.openssh = {
-        enable = true;
-        ports = [ 22 80 443 ];
-        openFirewall = true;
-        extraConfig = ''
-          PubkeyAcceptedAlgorithms=+ssh-rsa
-       '';
-
-        settings = {
-          GatewayPorts = "yes";
-          PermitRootLogin = "yes";
-        };
-      };
-
-      users.motd = builtins.readFile ../../../misc/motd;
-
-      networking = {
-        firewall.enable = true;
-        # Use systemd-resolved inside the container
-        # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
-        useHostResolvConf = lib.mkForce false;
-        hostName = "bikkje";
-      };
-
-      systemd.network.enable = true;
-      systemd.network.networks."30-enp4s0f0" = values.defaultNetworkConfig // {
-        matchConfig.Name = "enp4s0f0";
-        address = with values.hosts.bikkje; [ (ipv4 + "/25") (ipv6 + "/64") ];
-      };
-      
-      system.stateVersion = "23.11";
-      services.resolved.enable = true;
-    };
-  };
-
-  # TODO
-  # - Kerberos Authentication
-  # - Mail Transfer Agent
-}
--- a/hosts/buskerud/bikkje/services/kerberos/default.nix
+++ b/hosts/buskerud/bikkje/services/kerberos/default.nix
@@ -1,27 +0,0 @@
-{ config, pkgs, lib, ... }:
-{
-  #######################
-  # TODO: remove these once nixos 24.05 gets released
-  #######################
-  imports = [
-    ./krb5.nix
-    ./pam.nix
-  ];
-  disabledModules = [
-    "config/krb5/default.nix"
-    "security/pam.nix"
-  ];
-  #######################
-
-  security.krb5 = {
-    enable = true;
-    settings = {
-      libdefaults = {
-        default_realm = "PVV.NTNU.NO";
-        dns_lookup_realm = "yes";
-        dns_lookup_kdc = "yes";
-      };
-      realms."PVV.NTNU.NO".admin_server = "kdc.pvv.ntnu.no";
-    };
-  };
-}
--- a/hosts/buskerud/bikkje/services/kerberos/krb5-conf-format.nix
+++ b/hosts/buskerud/bikkje/services/kerberos/krb5-conf-format.nix
@@ -1,88 +0,0 @@
-{ pkgs, lib, ... }:
-
-# Based on
-# - https://web.mit.edu/kerberos/krb5-1.12/doc/admin/conf_files/krb5_conf.html
-# - https://manpages.debian.org/unstable/heimdal-docs/krb5.conf.5heimdal.en.html
-
-let
-  inherit (lib) boolToString concatMapStringsSep concatStringsSep filter
-    isAttrs isBool isList mapAttrsToList mdDoc mkOption singleton splitString;
-  inherit (lib.types) attrsOf bool coercedTo either int listOf oneOf path
-    str submodule;
-in
-{ }: {
-  type = let
-    section = attrsOf relation;
-    relation = either (attrsOf value) value;
-    value = either (listOf atom) atom;
-    atom = oneOf [int str bool];
-  in submodule {
-    freeformType = attrsOf section;
-    options = {
-      include = mkOption {
-        default = [ ];
-        description = mdDoc ''
-          Files to include in the Kerberos configuration.
-        '';
-        type = coercedTo path singleton (listOf path);
-      };
-      includedir = mkOption {
-        default = [ ];
-        description = mdDoc ''
-          Directories containing files to include in the Kerberos configuration.
-        '';
-        type = coercedTo path singleton (listOf path);
-      };
-      module = mkOption {
-        default = [ ];
-        description = mdDoc ''
-          Modules to obtain Kerberos configuration from.
-        '';
-        type = coercedTo path singleton (listOf path);
-      };
-    };
-  };
-
-  generate = let
-    indent = str: concatMapStringsSep "\n" (line: "  " + line) (splitString "\n" str);
-
-    formatToplevel = args @ {
-      include ? [ ],
-      includedir ? [ ],
-      module ? [ ],
-      ...
-    }: let
-      sections = removeAttrs args [ "include" "includedir" "module" ];
-    in concatStringsSep "\n" (filter (x: x != "") [
-      (concatStringsSep "\n" (mapAttrsToList formatSection sections))
-      (concatMapStringsSep "\n" (m: "module ${m}") module)
-      (concatMapStringsSep "\n" (i: "include ${i}") include)
-      (concatMapStringsSep "\n" (i: "includedir ${i}") includedir)
-    ]);
-
-    formatSection = name: section: ''
-      [${name}]
-      ${indent (concatStringsSep "\n" (mapAttrsToList formatRelation section))}
-    '';
-
-    formatRelation = name: relation:
-      if isAttrs relation
-      then ''
-        ${name} = {
-        ${indent (concatStringsSep "\n" (mapAttrsToList formatValue relation))}
-        }''
-      else formatValue name relation;
-
-    formatValue = name: value:
-      if isList value
-      then concatMapStringsSep "\n" (formatAtom name) value
-      else formatAtom name value;
-
-    formatAtom = name: atom: let
-      v = if isBool atom then boolToString atom else toString atom;
-    in "${name} = ${v}";
-  in
-    name: value: pkgs.writeText name ''
-      ${formatToplevel value}
-    '';
-}
--- a/hosts/buskerud/bikkje/services/kerberos/krb5.nix
+++ b/hosts/buskerud/bikkje/services/kerberos/krb5.nix
@@ -1,90 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
-  inherit (lib) mdDoc mkIf mkOption mkPackageOption mkRemovedOptionModule;
-  inherit (lib.types) bool;
-
-  mkRemovedOptionModule' = name: reason: mkRemovedOptionModule ["krb5" name] reason;
-  mkRemovedOptionModuleCfg = name: mkRemovedOptionModule' name ''
-    The option `krb5.${name}' has been removed. Use
-    `security.krb5.settings.${name}' for structured configuration.
-  '';
-
-  cfg = config.security.krb5;
-  format = import ./krb5-conf-format.nix { inherit pkgs lib; } { };
-in {
-  imports = [
-    (mkRemovedOptionModuleCfg "libdefaults")
-    (mkRemovedOptionModuleCfg "realms")
-    (mkRemovedOptionModuleCfg "domain_realm")
-    (mkRemovedOptionModuleCfg "capaths")
-    (mkRemovedOptionModuleCfg "appdefaults")
-    (mkRemovedOptionModuleCfg "plugins")
-    (mkRemovedOptionModuleCfg "config")
-    (mkRemovedOptionModuleCfg "extraConfig")
-    (mkRemovedOptionModule' "kerberos" ''
-      The option `krb5.kerberos' has been moved to `security.krb5.package'.
-    '')
-  ];
-
-  options = {
-    security.krb5 = {
-      enable = mkOption {
-        default = false;
-        description = mdDoc "Enable and configure Kerberos utilities";
-        type = bool;
-      };
-
-      package = mkPackageOption pkgs "krb5" {
-        example = "heimdal";
-      };
-
-      settings = mkOption {
-        default = { };
-        type = format.type;
-        description = mdDoc ''
-          Structured contents of the {file}`krb5.conf` file. See
-          {manpage}`krb5.conf(5)` for details about configuration.
-        '';
-        example = {
-          include = [ "/run/secrets/secret-krb5.conf" ];
-          includedir = [ "/run/secrets/secret-krb5.conf.d" ];
-
-          libdefaults = {
-            default_realm = "ATHENA.MIT.EDU";
-          };
-
-          realms = {
-            "ATHENA.MIT.EDU" = {
-              admin_server = "athena.mit.edu";
-              kdc = [
-                "athena01.mit.edu"
-                "athena02.mit.edu"
-              ];
-            };
-          };
-
-          domain_realm = {
-            "mit.edu" = "ATHENA.MIT.EDU";
-          };
-
-          logging = {
-            kdc = "SYSLOG:NOTICE";
-            admin_server = "SYSLOG:NOTICE";
-            default = "SYSLOG:NOTICE";
-          };
-        };
-      };
-    };
-  };
-
-  config = mkIf cfg.enable {
-    environment = {
-      systemPackages = [ cfg.package ];
-      etc."krb5.conf".source = format.generate "krb5.conf" cfg.settings;
-    };
-  };
-
-  meta.maintainers = builtins.attrValues {
-    inherit (lib.maintainers) dblsaiko h7x4;
-  };
-}
--- a/hosts/buskerud/bikkje/services/kerberos/pam.nix
+++ b/hosts/buskerud/bikkje/services/kerberos/pam.nix
--- a/hosts/buskerud/configuration.nix
+++ b/hosts/buskerud/configuration.nix
@@ -1,38 +0,0 @@
-{ config, pkgs, values, ... }:
-{
-  imports = [
-    ./hardware-configuration.nix
-    ../../base.nix
-    ../../misc/metrics-exporters.nix
-
-    ./bikkje
-  ];
-
-  # buskerud does not support efi?
-  # boot.loader.systemd-boot.enable = true;
-  # boot.loader.efi.canTouchEfiVariables = true;
-  boot.loader.grub.enable = true;
-  boot.loader.grub.device = "/dev/sdb";
-
-  networking.hostName = "buskerud";
-  networking.search = [ "pvv.ntnu.no" "pvv.org" ];
-  networking.nameservers = [ "129.241.0.200" "129.241.0.201" ];
-  networking.tempAddresses = "disabled";
-
-  systemd.network.networks."enp3s0f0" = values.defaultNetworkConfig // {
-    matchConfig.Name = "enp3s0f0";
-    address = with values.hosts.buskerud; [ (ipv4 + "/25") (ipv6 + "/64") ];
-  };
-
-  # List packages installed in system profile
-  environment.systemPackages = with pkgs; [
-  ];
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.05"; # Did you read the comment?
-}
--- a/hosts/buskerud/hardware-configuration.nix
+++ b/hosts/buskerud/hardware-configuration.nix
@@ -1,37 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ata_piix" "hpsa" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/ed9654fe-575a-4fb3-b6ff-1b059479acff";
-      fsType = "ext4";
-    };
-
-  swapDevices = [ ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp14s0f0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp14s0f1.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp3s0f0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp3s0f1.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp4s0f0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp4s0f1.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
--- a/misc/motd
+++ b/misc/motd
@@ -1,16 +0,0 @@
-		 ███████████  █████   █████ █████   █████
-		░░███░░░░░███░░███   ░░███ ░░███   ░░███
-		 ░███    ░███ ░███    ░███  ░███    ░███
-		 ░██████████  ░███    ░███  ░███    ░███
-		 ░███░░░░░░   ░░███   ███   ░░███   ███
-		 ░███          ░░░█████░     ░░░█████░
-		 █████           ░░███         ░░███
-		░░░░░             ░░░           ░░░
-
-================= EN ==================|================== NB =================
-Welcome to a PVV machine, life is good.|Velkommen til en PVV-maskin,
-                                       |livet er deilig.
-If you are confused, try pvv.ntnu.no or|Hvis du er forvirret prøv pvv.ntnu.no
-our discord server.                    |eller vår discord-server.
-More info at pvv.ntnu.no/kontakt/      |Mer info på pvv.ntnu.no/kontakt/
-===============================================================================
--- a/modules/home-areas.nix
+++ b/modules/home-areas.nix
@@ -1,20 +0,0 @@
-{ pkgs, lib, ... }:
-{
-  fileSystems = let
-    # See microbel:/etc/exports
-    homeMounts = (lib.listToAttrs (map
-      (l: lib.nameValuePair "/home/pvv/${l}" "homepvv${l}.pvv.ntnu.no:/export/home/pvv/${l}")
-      [ "a" "b" "c" "d"  "h" "i" "j" "k" "l" "m" "z" ]));
-  in { }
-  //
-  (lib.mapAttrs (_: device: {
-    inherit device;
-    fsType = "nfs";
-    options = [
-      "nfsvers=3"
-      "proto=tcp"
-      "nofail"
-      "_netdev"
-    ];
-  }) homeMounts);
-}
--- a/users/adriangl.nix
+++ b/users/adriangl.nix
@@ -9,7 +9,7 @@
    ];

    packages = with pkgs; [
-      eza
+      exa
      neovim
    ];

--- a/users/eirikwit.nix
+++ b/users/eirikwit.nix
@@ -1,18 +0,0 @@
-{ pkgs, ... }:
-{
-  users.users.eirikwit = {
-    isNormalUser = true;
-    extraGroups = [
-      "wheel"
-      "drift"
-    ];
-
-    packages = with pkgs; [
-      micro
-    ];
-
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGZusOSiUVSMjrvNdUq4R91Gafq4XVs9C77Zt+LMPhCU eirikw@live.no"
-    ];
-  };
-}
--- a/users/jonmro.nix
+++ b/users/jonmro.nix
@@ -3,7 +3,7 @@
 {
  users.users.jonmro = {
    isNormalUser = true;
-    extraGroups = [ "wheel" "drift" "nix-builder-users" ]; 
+    extraGroups = [ "wheel" ]; 
    shell = pkgs.zsh;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEm5PfYmfl/0fnAP/3coVlvTw3/TYNLT6r/NwJHZbLAK jonrodtang@gmail.com"
--- a/users/oysteikt.nix
+++ b/users/oysteikt.nix
@@ -6,12 +6,11 @@
    extraGroups = [
      "wheel"
      "drift"
-      "nix-builder-users"
    ];

    packages = with pkgs; [
      bottom
-      eza
+      exa
      neovim
      diskonaut
      ripgrep
--- a/values.nix
+++ b/values.nix
@@ -41,9 +41,6 @@ in rec {
      ipv4 = "129.241.152.254";
      # ipv6 = ;
    };
-    knutsen = {
-      ipv4 = pvv-ipv4 191;
-    };
    shark = {
      ipv4 = pvv-ipv4 196;
      ipv6 = pvv-ipv6 196;
@@ -56,14 +53,6 @@ in rec {
      ipv4 = pvv-ipv4 204;
      ipv6 = pvv-ipv6 "1:4f"; # Wtf øystein og daniel why
    };
-    bikkje = {
-      ipv4 = pvv-ipv4 216;
-      ipv6 = pvv-ipv6 216;
-    };
-    buskerud = {
-      ipv4 = pvv-ipv4 231;
-      ipv6 = pvv-ipv6 231;
-    };
  };

  defaultNetworkConfig = {
Author	SHA1	Message	Date
Felix Albrigtsen	fb286be3ec	Generalize www proxy to spikkjeposche All checks were successful Eval nix flake / evals (push) Successful in 3m33s Details	2023-11-28 08:55:01 +01:00
Felix Albrigtsen	3fae1f6d4e	Redirect subpages like ./well-known, add @-domains All checks were successful Eval nix flake / evals (pull_request) Successful in 13m33s Details Eval nix flake / evals (push) Successful in 16m19s Details	2023-11-27 21:25:01 +01:00
Felix Albrigtsen	18324820f4	Prepare to replace knakelibrak All checks were successful Eval nix flake / evals (push) Successful in 20m14s Details Eval nix flake / evals (pull_request) Successful in 38m4s Details	2023-11-26 05:52:47 +01:00
h7x4	71c86d4267	WIP	2023-11-26 05:52:47 +01:00