8 files changed, 0 insertions, 347 deletions
diff --git a/hosts/cloud/spanm/configuration.nix b/hosts/cloud/spanm/configuration.nix
deleted file mode 100644
index 0ec8bf2..0000000
--- a/hosts/cloud/spanm/configuration.nix
+++ /dev/null
@@ -1,66 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
-  imports =
-    [ # Include the results of the hardware scan.
-      ./hardware-configuration.nix
-    ];
-
-  # Bootloader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking.hostName = "spanmail"; # Define your hostname.
-  #
-  # Enable networking
-  networking.networkmanager.enable = true;
-
-  networking.interfaces.ens160.ipv4.addresses = [ {
-   address = "185.32.214.66";
-   prefixLength = 22;
-   } ];
-  networking.defaultGateway = "185.32.212.1";
-  
-  networking.nameservers = [ "185.32.212.3" ];
-
-  # Set your time zone.
-  time.timeZone = "Europe/Zurich";
-
-  # Select internationalisation properties.
-  i18n.defaultLocale = "en_US.UTF-8";
-  users.users.root.openssh.authorizedKeys.keys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKKD2DxTdE7vekp+BTifuB9gPoIPdaFSGkgVblA5MbTh"
-];
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  # };
-
-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  services.openssh.enable = true;
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  networking.firewall.enable = false;
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.11"; # Did you read the comment?
-
-}
diff --git a/hosts/cloud/spanm/flake.lock b/hosts/cloud/spanm/flake.lock
deleted file mode 100644
index 6bc7bd0..0000000
--- a/hosts/cloud/spanm/flake.lock
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-  "nodes": {
-    "nixpkgs": {
-      "locked": {
-        "lastModified": 1704008649,
-        "narHash": "sha256-rGPSWjXTXTurQN9beuHdyJhB8O761w1Zc5BqSSmHvoM=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "d44d59d2b5bd694cd9d996fd8c51d03e3e9ba7f7",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixpkgs-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "root": {
-      "inputs": {
-        "nixpkgs": "nixpkgs"
-      }
-    }
-  },
-  "root": "root",
-  "version": 7
-}
diff --git a/hosts/cloud/spanm/flake.nix b/hosts/cloud/spanm/flake.nix
deleted file mode 100644
index b801212..0000000
--- a/hosts/cloud/spanm/flake.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
-
-  outputs = { nixpkgs, ... }:
-    {
-      nixosConfigurations.spanmail = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          ./configuration.nix
-          ./users.nix
-          ./packages.nix
-          ./mail.nix
-        ];
-      };
-    };
-}
diff --git a/hosts/cloud/spanm/hardware-configuration.nix b/hosts/cloud/spanm/hardware-configuration.nix
deleted file mode 100644
index fad27b2..0000000
--- a/hosts/cloud/spanm/hardware-configuration.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports = [ ];
-
-  boot.initrd.availableKernelModules = [ "ata_piix" "mptspi" "ahci" "sd_mod" "sr_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/7a5731fc-56f0-4ce5-9dbe-dec8d1ba25db";
-      fsType = "ext4";
-    };
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/066C-4E19";
-      fsType = "vfat";
-    };
- swapDevices = [ {
-    device = "/var/lib/swapfile";
-    size = 4*1024;
-  } ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.ens160.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-}
diff --git a/hosts/cloud/spanm/mail.nix b/hosts/cloud/spanm/mail.nix
deleted file mode 100644
index d020fec..0000000
--- a/hosts/cloud/spanm/mail.nix
+++ /dev/null
@@ -1,67 +0,0 @@
-{ config, pkgs, ... }: {
-  imports = [
-    (builtins.fetchTarball {
-      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-23.11/nixos-mailserver-nixos-23.11.tar.gz";
-      # To get the sha256 of the nixos-mailserver tarball, we can use the nix-prefetch-url command:
-      # release="nixos-23.05"; nix-prefetch-url "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz" --unpack
-
-      sha256 = "122vm4n3gkvlkqmlskiq749bhwfd0r71v6vcmg1bbyg4998brvx8";
-    })
-  ];
-
-  services.dovecot2.sieve.extensions = [ "fileinto" ];
-  mailserver = {
-    enable = true;
-    fqdn = "mail.spandrell.ch";
-    domains = [ "spandrell.ch" ];
-
-    # A list of all login accounts. To create the password hashes, use
-    # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
-    loginAccounts = {
-      "s@spandrell.ch" = {
-        hashedPasswordFile = "/home/span/mail.key";
-      };
-      "book@spandrell.ch" = {
-        hashedPasswordFile = "/home/span/mail.key";
-      };
-      "site@spandrell.ch" = {
-        hashedPasswordFile = "/home/span/mail.key";
-      };
-      "lol@spandrell.ch" = {
-        hashedPasswordFile = "/home/span/mail.key";
-      };
-      "sub@spandrell.ch" = {
-        hashedPasswordFile = "/home/span/mail.key";
-      };
-      "security@spandrell.ch" = {
-        hashedPasswordFile = "/home/span/mail.key";
-      };
-      "parallax@spandrell.ch" = {
-        hashedPassword = "$2y$12$RVCKyEwpPmQLznKOgtXiBOR3nRy5aT3rFMtypJiDe6xFPfi/r3TXq";
-      };
-      "finnem@spandrell.ch" = {
-        hashedPasswordFile = "/home/span/finnem.key";
-      };
-    };
-
-    # Use Let's Encrypt certificates. Note that this needs to set up a stripped
-    # down nginx and opens port 80.
-    certificateScheme = "acme-nginx";
-  };
-  security.acme.acceptTerms = true;
-  security.acme.defaults.email = "security@spandrell.ch";
-  services.roundcube = {
-     enable = true;
-     # this is the url of the vhost, not necessarily the same as the fqdn of
-     # the mailserver
-     hostName = "mail.spandrell.ch";
-     extraConfig = ''
-       # starttls needed for authentication, so the fqdn required to match
-       # the certificate
-       $config['smtp_server'] = "tls://${config.mailserver.fqdn}";
-       $config['smtp_user'] = "%u";
-       $config['smtp_pass'] = "%p";
-     '';
-  };
-  services.nginx.enable = true;
-}
diff --git a/hosts/cloud/spanm/nginx.nix b/hosts/cloud/spanm/nginx.nix
deleted file mode 100644
index cda5ab4..0000000
--- a/hosts/cloud/spanm/nginx.nix
+++ /dev/null
@@ -1,46 +0,0 @@
-{ config, pkgs, ... }: {
-
-  services.nginx = {
-    enable = true;
-    appendHttpConfig = ''
-      limit_req_zone $binary_remote_addr zone=blog:10m rate=10r/s;
-    '';
-    virtualHosts."spandrell.ch" =  {
-      enableACME = true;
-      forceSSL = true;
-      locations."/" = {
-        proxyPass = "http://127.0.0.1:8080";
-        proxyWebsockets = true; # needed if you need to use WebSocket
-        extraConfig = ''
-          limit_req zone=blog burst=20 nodelay;
-          proxy_set_header Host $Host;
-          proxy_set_header Forwarded for=$remote_addr;
-        '';
-      };
-    };
-    virtualHosts."u.spandrell.ch" =  {
-      enableACME = true;
-      forceSSL = true;
-      locations."/" = {
-        proxyPass = "http://127.0.0.1:8081";
-        proxyWebsockets = true; # needed if you need to use WebSocket
-        extraConfig = ''
-          limit_req zone=blog burst=20 nodelay;
-          proxy_set_header Host $Host;
-          proxy_set_header Forwarded for=$remote_addr;
-        '';
-      };
-    };
-    virtualHosts."s3.spandrell.ch" =  {
-      enableACME = true;
-      forceSSL = true;
-      locations."/" = {
-        proxyPass = "http://127.0.0.1:9000";
-        proxyWebsockets = true; # needed if you need to use WebSocket
-        extraConfig = ''
-         proxy_set_header Host $Host;
-        '';
-      };
-    };
-  };
-}
diff --git a/hosts/cloud/spanm/packages.nix b/hosts/cloud/spanm/packages.nix
deleted file mode 100644
index 6574071..0000000
--- a/hosts/cloud/spanm/packages.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{ config, pkgs, ... }:
-
-{
-   nixpkgs.config = {
-     allowUnfree = true;
-   };
-
-  environment.systemPackages = with pkgs; [
-    vim
-    helix
-    fish
-    # unix utilities
-    tmux
-    bat # cat replacement written in Rust
-    colordiff
-    direnv # Per-directory environment variables
-    lsd
-    fd # find replacement written in Rust
-    fzf # Fuzzy finder
-    git
-    htop # Resource monitoring
-    jq # JSON parsing for the CLI
-    lsof
-    ripgrep # grep replacement written in Rust
-    sd # Fancy sed replacement
-    silver-searcher
-    strace # debug stack trace
-    tealdeer # tldr for various shell tools
-    testdisk
-    tokei # Handy tool to see lines of code by language
-    watchexec # Fileystem watcher/executor useful for speedy development
-    xsv # CSV file parsing utility
-    just # Intriguing new make replacement
-    mdcat # Markdown converter/reader for the CLI
-    tree
-    unzip
-    zip
-
-    # networking
-    curl
-    wget
-    
-    minio
-    ncdu
-  ];
-}
-
diff --git a/hosts/cloud/spanm/users.nix b/hosts/cloud/spanm/users.nix
deleted file mode 100644
index 60e3a5a..0000000
--- a/hosts/cloud/spanm/users.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{ config, pkgs, ... }:
-
-
-let shellAliases = {
-  l = "lsd -lAh";
-  la = "lsd -lAh";
-  ports = "sudo lsof -i -P -n | grep LISTEN";
-  gco = "git checkout";
-  gcob = "git checkout -b";
-};
-
-in {
-  programs.fish = {
-    inherit shellAliases;
-    enable = true;
-  };
-
-  users = {
-    users = {
-      span = {
-        group = "users";
-        isNormalUser = true;
-        extraGroups = [
-          "networkmanager"
-          "systemd-journal"
-          "wheel"
-        ];
-        createHome = true;
-        home = "/home/span";
-        isSystemUser = false;
-        shell = pkgs.fish;
-        openssh.authorizedKeys.keys =
-          [ 
-            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKKD2DxTdE7vekp+BTifuB9gPoIPdaFSGkgVblA5MbTh"
-          ];
-     };
-    };
-  };
-}
-
-
-