From 360782bd4a42e4563097157627a165d46263be90 Mon Sep 17 00:00:00 2001 From: Yorick van Pelt Date: Sun, 3 Jan 2021 17:09:48 +0100 Subject: [PATCH] treewide: delete unused code --- modules/nixos-in-place.nix | 50 -------------------------- modules/victoriametrics.nix | 49 -------------------------- services/collectd.nix | 70 ------------------------------------- services/gogs.nix | 52 --------------------------- services/graphs.nix | 38 -------------------- services/quassel.nix | 45 ------------------------ services/xmpp.nix | 57 ------------------------------ 7 files changed, 361 deletions(-) delete mode 100644 modules/nixos-in-place.nix delete mode 100644 modules/victoriametrics.nix delete mode 100644 services/collectd.nix delete mode 100644 services/gogs.nix delete mode 100644 services/graphs.nix delete mode 100644 services/quassel.nix delete mode 100644 services/xmpp.nix diff --git a/modules/nixos-in-place.nix b/modules/nixos-in-place.nix deleted file mode 100644 index d51cf01..0000000 --- a/modules/nixos-in-place.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, lib, pkgs, ... }: -let - inherit (lib) mkEnableOption mkOption types mkIf; - cfg = config."nixos-in-place"; -in -{ - imports = [ ]; - options."nixos-in-place" = { - enable = mkEnableOption "enable nixos-in-place FS"; - rootfs = mkOption { - type = types.str; - description = "device name for root fs"; - }; - swapfs = mkOption { - type = types.str; - description = "device name for root fs"; - }; - }; - config = mkIf cfg.enable { - boot = { - kernelModules = [ ]; - extraModulePackages = [ ]; - kernelParams = ["root=${cfg.rootfs}" "boot.shell_on_fail"]; - loader.grub = { - enable = true; - storePath = "/nixos/nix/store"; - }; - initrd = { - supportedFilesystems = [ "ext4" ]; - postDeviceCommands = '' - mkdir -p /mnt-root/old-root ; - mount -t ext4 ${cfg.rootfs} /mnt-root/old-root ; - ''; - }; - }; - - fileSystems = { - "/" = { - device = "/old-root/nixos"; - fsType = "none"; - options = [ "bind" ]; - }; - "/old-root" = { - device = cfg.rootfs; - fsType = "ext4"; - }; - }; - swapDevices = [ { device = cfg.swapfs; } ]; - }; -} diff --git a/modules/victoriametrics.nix b/modules/victoriametrics.nix deleted file mode 100644 index ef3a554..0000000 --- a/modules/victoriametrics.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, pkgs, lib, ... }: -let cfg = config.services.victoriametrics; in -{ - options.services.victoriametrics = with lib; { - enable = mkEnableOption "victoriametrics"; - package = mkOption { - type = types.package; - default = pkgs.victoriametrics; - defaultText = "pkgs.victoriametrics"; - description = '' - The VictoriaMetrics distribution to use. - ''; - }; - http = mkOption { - default = ":8428"; - type = types.str; - description = '' - The listen address for the http interface. - ''; - }; - retentionPeriod = mkOption { - type = types.int; - default = 1; - description = '' - Retention period in months. - ''; - }; - extraOptions = mkOption { - type = types.listOf types.str; - default = []; - description = '' - Extra options to pass to VictoriaMetrics. See - the README or victoriametrics -help for more - information. - ''; - }; - }; - config = lib.mkIf cfg.enable { - systemd.services.victoriametrics = { - description = "VictoriaMetrics time series database"; - serviceConfig = { - StateDirectory = "victoriametrics"; - DynamicUser = true; - ExecStart = "${cfg.package}/bin/victoria-metrics -storageDataPath=/var/lib/victoriametrics -httpListenAddr ${cfg.http} -retentionPeriod ${toString cfg.retentionPeriod} ${lib.concatStringsSep " " cfg.extraOptions}"; - }; - wantedBy = [ "multi-user.target" ]; - }; - }; -} diff --git a/services/collectd.nix b/services/collectd.nix deleted file mode 100644 index 3ea09b8..0000000 --- a/services/collectd.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ config, pkgs, lib, ...}: -let - secrets = import ; -in -{ - services.collectd = { - enable = true; - extraConfig = '' - LoadPlugin network - - LoadPlugin conntrack - LoadPlugin cpu - LoadPlugin df - LoadPlugin disk - LoadPlugin interface - LoadPlugin fhcount - LoadPlugin load - LoadPlugin memory - LoadPlugin processes - LoadPlugin swap - LoadPlugin tcpconns - LoadPlugin uptime - LoadPlugin users - LoadPlugin sensors - - - - LocalPort "443" - - - - Username "${config.networking.hostName}" - Password "${secrets.influx_pass.${config.networking.hostName}}" - - - - FSType "btrfs" - FSType "ext3" - FSType "ext4" - FSType "vfat" - - ''; - }; - boot.kernel.sysctl."net.core.rmem_max" = 26214400; - boot.kernel.sysctl."net.core.rmem_default" = 26214400; - nixpkgs.config.packageOverrides = pkgs: { - collectd = pkgs.collectd.override { - jdk = null; - libcredis = null; - libdbi = null; - libmemcached = null; cyrus_sasl = null; - libmodbus = null; - libnotify = null; gdk_pixbuf = null; - libsigrok = null; - libvirt = null; - libxml2 = null; - libtool = null; - lvm2 = null; - mysql = null; - protobufc = null; - python = null; - rabbitmq-c = null; - riemann_c_client = null; - rrdtool = null; - varnish = null; - yajl = null; - net_snmp = null; - }; - }; -} diff --git a/services/gogs.nix b/services/gogs.nix deleted file mode 100644 index 5baf704..0000000 --- a/services/gogs.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, pkgs, lib, ... }: -let - cfg = config.services.yorick.gogs; -in -{ - options.services.yorick.gogs = with lib; { - enable = mkEnableOption "gogs"; - dir = mkOption { type = types.str; default = "/var/gogs"; }; - port = mkOption { type = types.int; default = 8001; }; - vhost = mkOption { type = types.str; }; - }; - config = lib.mkIf cfg.enable { - - users.extraUsers.git = { home = cfg.dir; extraGroups = [ "git" ]; useDefaultShell = true;}; - users.extraGroups.git = { }; - services.gogs = rec { - enable = true; - user = "git"; - group = "git"; - database.user = "root"; - stateDir = cfg.dir; - repositoryRoot = "${stateDir}/gogs-repositories"; - rootUrl = "https://${cfg.vhost}/"; - httpAddress = "localhost"; - httpPort = cfg.port; - extraConfig = '' - [service] - REGISTER_EMAIL_CONFIRM = false - ENABLE_NOTIFY_MAIL = false - DISABLE_REGISTRATION = true - REQUIRE_SIGNIN_VIEW = false - [picture] - DISABLE_GRAVATAR = false - AVATAR_UPLOAD_PATH = ${cfg.dir}/data/avatars - [mailer] - ENABLED = false - ''; - domain = cfg.vhost; - }; - users.extraUsers.gogs.createHome = lib.mkForce false; - services.nginx.virtualHosts.${cfg.vhost} = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - extraConfig = '' - proxy_buffering off; - ''; - }; - }; - }; -} diff --git a/services/graphs.nix b/services/graphs.nix deleted file mode 100644 index be097e6..0000000 --- a/services/graphs.nix +++ /dev/null @@ -1,38 +0,0 @@ -# use together with ./collectd.nix -{ config, pkgs, lib, ...}: -let - secrets = import ; - grafana_port = 3000; - domain = "graphs.yori.cc"; -in -{ - networking.firewall.allowedUDPPorts = [25826]; - services.influxdb = { - enable = true; - extraConfig = { - collectd = [{ - enabled = true; - typesdb = "${pkgs.collectd}/share/collectd/types.db"; - database = "collectd_db"; - "security-level" = "sign"; - "auth-file" = pkgs.writeText "collectd_auth" - (builtins.concatStringsSep "\n" (lib.mapAttrsToList (n: p: "${n}: ${p}") secrets.influx_pass) + "\n"); - port = 25826; - }]; - }; - }; - services.grafana = { - enable = true; - inherit domain; - rootUrl = "https://${domain}/"; - port = grafana_port; - }; - services.nginx.virtualHosts.${domain} = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString grafana_port}"; - }; - }; - -} diff --git a/services/quassel.nix b/services/quassel.nix deleted file mode 100644 index 2ddc413..0000000 --- a/services/quassel.nix +++ /dev/null @@ -1,45 +0,0 @@ -{config, pkgs, lib, ...}: -{ - options.services.yorick.quassel = { - enable = lib.mkEnableOption "quassel container"; - }; - config = lib.mkIf config.services.yorick.quassel.enable { - containers.quassel = { - config = { config, pkgs, ... }: { - services.postgresql = { - enable = true; - package = pkgs.postgresql94; - extraConfig = '' - max_connections = 10 - shared_buffers = 1GB - effective_cache_size = 4GB - work_mem = 50MB - maintenance_work_mem = 100MB - ''; - }; - services.quassel = { - # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/networking/quassel.nix - enable = true; - interfaces = ["0.0.0.0"]; - }; - environment.systemPackages = [ - pkgs.quasselDaemon - ]; - networking.firewall.allowedTCPPorts = [4242]; - }; - privateNetwork = true; - hostAddress = "192.168.125.1"; - localAddress = "192.168.125.11"; - }; - # give the containers networking - networking.nat = { - enable = true; - internalInterfaces = ["ve-+"]; - externalInterface = "enp2s0"; - forwardPorts = [ - { sourcePort = 4242; destination = "192.168.125.11:4242"; } - ]; - }; - networking.firewall.allowedTCPPorts = [4242]; - }; -} diff --git a/services/xmpp.nix b/services/xmpp.nix deleted file mode 100644 index 132cd26..0000000 --- a/services/xmpp.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - acmeKeyDir = "${config.security.acme.directory}/${cfg.vhost}"; - communityModules = [ "mam" "carbons" "smacks" ]; - cfg = config.services.yorick.xmpp; -in -{ - options.services.yorick.xmpp = with lib; { - enable = mkEnableOption "xmpp"; - vhost = mkOption { type = types.str; }; - admins = mkOption { type = types.listOf types.str; }; - }; - config = lib.mkIf cfg.enable { - # XMPP - services.prosody = let - in { - enable = true; - - allowRegistration = false; - extraModules = [ "private" "vcard" "privacy" "compression" "muc" "pep" "adhoc" "lastactivity" "admin_adhoc" "blocklist"] ++ communityModules; - virtualHosts.default = { - enabled = true; - domain = cfg.vhost; - ssl = { - key = "/var/lib/prosody/keys/key.pem"; - cert = "/var/lib/prosody/keys/fullchain.pem"; - }; - }; - # TODO: Component "chat.yori.cc" "muc" # also proxy65 and pubsub? - extraConfig = '' - use_libevent = true - s2s_require_encryption = true - c2s_require_encryption = true - archive_expires_after = "never" - storage = { - archive2 = "sql"; - } - ''; - inherit (cfg) admins; - package = pkgs.prosody.override { - withZlib = true; withDBI = true; - withCommunityModules = communityModules; - }; - }; - systemd.services.prosody.serviceConfig.PermissionsStartOnly = true; - systemd.services.prosody.preStart = '' - mkdir -m 0700 -p /var/lib/prosody/keys - cp ${acmeKeyDir}/key.pem ${acmeKeyDir}/fullchain.pem /var/lib/prosody/keys - chown -R prosody:prosody /var/lib/prosody - ''; - networking.firewall.allowedTCPPorts = [5222 5269]; - security.acme.certs.${cfg.vhost}.postRun = '' - systemctl restart prosody.service - ''; - }; -}