europa is kil

.sops.yaml

@@ -3,7 +3,6 @@ keys:
   - &host_tsuki age1c92j4w0gqh32hwssl5m2mfrggssxax9pge8qxwytv9lmrnfttcvqdrgsst
   - &host_kasei age1eu2a6m3adakfzelfa9pqpl74a5dz0wkyr0v7gegm5ajnx7aqmqcqsp2ftc
   - &host_dosei age1s6s4w7cdfgajm30z9gy8va8pvs2lrzk5gnsg0hmn5z2sl8z36seqej406r
-  - &host_europa age14mer45e52r2q4uz8n3fmv69tvk8gvwany4m4ndudud8ajv3jm4nqdj9m6a
   - &host_xps16 age1np3fg9ue2tp4l47x7waapvjxh5zcaye2j54laapy7uklamve2c4qv3gytm
   - &home age10f4a5acpar8vwz3v298r3nv7gggfpmyh4wxpkc2hwq9paq0scf8qee8lau
   - &home_dosei age17acs5lw7npma4sughxq3wj3cs5gjkenqdzscyvaks0er33n8gupsce7jlp
@@ -17,7 +16,6 @@ creation_rules:
         - *host_tsuki
         - *host_kasei
         - *host_dosei
-        - *host_europa
         - *host_xps16
         - *home
         - *home_dosei
@@ -57,10 +55,3 @@ creation_rules:
         - *gpg_h7x4
         age:
         - *host_dosei
-
-  - path_regex: secrets/europa.yaml
-    key_groups:
-      - pgp:
-        - *gpg_h7x4
-        age:
-        - *host_europa

README.md

@@ -25,7 +25,6 @@ Here are some of the interesting files and dirs:
 | `Tsuki` | Dell Poweredge r710 server | Data storage / Build server / Selfhosted services. This server hosts a wide variety of services, including websites, matrix server, git repos, CI/CD and more. **This is probably the most interesting machine to pick config from** |
 | `Kasei` | AMD Zen 2 CPU / AMD GPU - desktop computer | Semi-daily driver. This is my main computer at home. |
 | `Dosei` | Dell Optiplex | Work computer, mostly used for development and testing. |
-| `Europa` | Dell Optiplex | Other work computer, used as nix builder for `Dosei`. |
 
 
 ## home-manager configuration

flake.nix

@@ -274,14 +274,6 @@
           nixos-hardware.nixosModules.common-gpu-intel
         ];
       };
-      europa = nixSys "europa" {
-        modules = [
-          nixos-hardware.nixosModules.common-pc
-          nixos-hardware.nixosModules.common-pc-ssd
-          nixos-hardware.nixosModules.common-cpu-intel
-          nixos-hardware.nixosModules.common-gpu-intel
-        ];
-      };
       tsuki = nixSys "tsuki" {
         modules = [
           matrix-synapse-next.nixosModules.default

hosts/dosei/services/journald-remote.nix

@@ -1,19 +0,0 @@
-{ ... }:
-{
-  # TODO: Reproducible certificates
-  services.journald.remote = {
-    enable = true;
-    settings.Remote = {
-      # ServerKeyFile = "/run/credentials/systemd-journald-remote.service/key.pem";
-      # ServerCertificateFile = "/run/credentials/systemd-journald-remote.service/.pem";
-      ServerKeyFile = "/etc/journald-remote-certs/key.pem";
-      ServerCertificateFile = "/etc/journald-remote-certs/cert.pem";
-      TrustedCertificateFile = "-";
-    };
-  };
-
-  # systemd.services.systemd-journal-remote.serviceConfig.LoadCredential = [
-  #   "key.pem:/etc/journald-remote-certs/key.pem"
-  #   "cert.pem:/etc/journald-remote-certs/cert.pem"
-  # ];
-}

hosts/europa/configuration.nix

@@ -1,96 +0,0 @@
-{ config, pkgs, lib, ... }:
-{
-  imports = [
-    ./hardware-configuration.nix
-
-    ./services/avahi.nix
-    ./services/docker.nix
-    ./services/journald-remote.nix
-  ];
-
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  boot.binfmt.emulatedSystems = [
-    "aarch64-linux"
-    "armv7l-linux"
-  ];
-
-  i18n.defaultLocale = "en_US.UTF-8";
-
-  services.udev.packages = with pkgs; [
-    segger-jlink
-  ];
-
-  system.stateVersion = "24.05";
-
-  machineVars = {
-    headless = true;
-    gaming = false;
-    development = true;
-    creative = false;
-
-    dataDrives = let
-      main = "/data";
-    in {
-      drives = { inherit main; };
-      default = main;
-    };
-  };
-
-  systemd.targets = {
-    sleep.enable = false;
-    suspend.enable = false;
-    hibernate.enable = false;
-    hybrid-sleep.enable = false;
-  };
-
-  # security.pam.services.login.unixAuth = true;
-
-  # systemd.network = {
-  #   enable = true;
-  #   # broken
-  #   wait-online.enable = true;
-  # };
-
-  networking = {
-    hostName = "europa";
-    networkmanager.enable = true;
-    # TODO: reenable
-    firewall.enable = false;
-    # hostId = "007f0201";
-  };
-
-  services = {
-    openssh = {
-      enable = true;
-      settings.X11Forwarding = true;
-      settings.PasswordAuthentication = lib.mkForce true;
-    };
-    # xserver = {
-    #   # displayManager.gdm.enable = true;
-    #   # desktopManager.gnome.enable = true;
-    #   # videoDrivers = [ "nvidia" ];
-    # };
-    # tailscale.enable = true;
-  };
-
-  hardware = {
-    bluetooth.enable = true;
-    # cpu.amd.updateMicrocode = true;
-    enableRedistributableFirmware = true;
-    keyboard.zsa.enable = true;
-    opengl = {
-      enable = true;
-      driSupport = true;
-      driSupport32Bit = true;
-    };
-
-    # nvidia = {
-    #   modesetting.enable = true;
-    #   nvidiaSettings = true;
-    # };
-  };
-
-  programs.usbtop.enable = true;
-}

hosts/europa/hardware-configuration.nix

@@ -1,40 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/2de4150d-e418-4f22-a516-3f35352eb66a";
-      fsType = "ext4";
-    };
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/12CE-A600";
-      fsType = "vfat";
-      options = [ "fmask=0077" "dmask=0077" ];
-    };
-
-  swapDevices =
-    [ { device = "/dev/disk/by-uuid/8c8bc640-83f4-4eee-909b-457989cebfe4"; }
-    ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}

hosts/europa/home/default.nix

@@ -1,4 +0,0 @@
-{ ... }:
-{
-  home.stateVersion = "24.05";
-}

hosts/europa/services/avahi.nix

@@ -1,13 +0,0 @@
-{ config, pkgs, lib, ... }:
-{
-  services.avahi = {
-    enable = true;
-    publish.enable = true;
-    publish.addresses = true;
-    publish.domain = true;
-    publish.hinfo = true;
-    publish.userServices = true;
-    publish.workstation = true;
-    extraServiceFiles.ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service";
-  };
-}

hosts/europa/services/docker.nix

@@ -1,4 +0,0 @@
-{ config, pkgs, lib, ... }:
-{
-  virtualisation.docker.enable = true;
-}

hosts/europa/services/journald-remote.nix

@@ -1,14 +0,0 @@
-{ ... }:
-{
-  services.journald.upload = {
-    enable = true;
-    settings.Upload = {
-      URL = "https://10.250.14.105:19532";
-      # ServerKeyFile = toString ./key.pem;
-      # ServerCertificateFile = toString ./cert.pem;
-      ServerKeyFile = "-";
-      ServerCertificateFile = "-";
-      TrustedCertificateFile = "-";
-    };
-  };  
-}