From 9ff10ccc7b830c66fe41460240dc23e37b81aa66 Mon Sep 17 00:00:00 2001
From: Yorick van Pelt <yorick@yorickvanpelt.nl>
Date: Tue, 4 Oct 2022 15:45:11 +0200
Subject: [PATCH] rm zazu

---
 nixos/machines/zazu/apu2c4.nix  |  22 ---
 nixos/machines/zazu/default.nix | 237 --------------------------------
 nixos/overlay.nix               |   2 +-
 nixos/vpn.nix                   |   2 -
 secrets/secrets.nix             | Bin 1410 -> 1271 bytes
 secrets/wg.zazu.age             |   9 --
 6 files changed, 1 insertion(+), 271 deletions(-)
 delete mode 100644 nixos/machines/zazu/apu2c4.nix
 delete mode 100644 nixos/machines/zazu/default.nix
 delete mode 100644 secrets/wg.zazu.age

diff --git a/nixos/machines/zazu/apu2c4.nix b/nixos/machines/zazu/apu2c4.nix
deleted file mode 100644
index 957051e..0000000
--- a/nixos/machines/zazu/apu2c4.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-# Do not modify this file!  It was generated by â€˜nixos-generate-configâ€™
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
-
-{
-  boot.initrd.availableKernelModules =
-    [ "xhci_pci" "ahci" "ehci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/1396f814-6cc2-4988-992a-3558fa1ac5a2";
-    fsType = "ext4";
-  };
-
-  swapDevices =
-    [{ device = "/dev/disk/by-uuid/5f8f358d-f63c-48ad-a322-d1aeb403e4ff"; }];
-
-  nix.settings.max-jobs = lib.mkDefault 4;
-}
diff --git a/nixos/machines/zazu/default.nix b/nixos/machines/zazu/default.nix
deleted file mode 100644
index 71df825..0000000
--- a/nixos/machines/zazu/default.nix
+++ /dev/null
@@ -1,237 +0,0 @@
-# Edit this configuration file to define what should be installed on your system.  Help is available in the configuration.nix(5) man page and in the NixOS manual (accessible by running â€˜nixos-helpâ€™).
-{ config, lib, pkgs, inputs, modulesPath, ... }:
-
-{
-  imports = [ # Include the results of the hardware scan.
-    ./apu2c4.nix
-    #<yori-nix/roles/homeserver.nix>
-    ../../roles
-    inputs.nixos-hardware.nixosModules.pcengines-apu
-    "${modulesPath}/profiles/minimal.nix"
-  ];
-
-  boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
-  boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
-
-  boot.kernel.sysctl = {
-    "net.ipv6.conf.all.forwarding" = true;
-    "net.ipv6.conf.enp1s0.accept_ra" = 2;
-  };
-  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
-  # Per-interface useDHCP will be mandatory in the future, so this generated config
-  # replicates the default behaviour.
-  networking.useDHCP = false;
-  networking.interfaces.enp1s0 = {
-    useDHCP = true;
-    tempAddress = "disabled";
-  };
-  #networking.interfaces.enp2s0.useDHCP = false;
-  networking.interfaces.enp3s0.useDHCP = false;
-  networking.interfaces.enp2s0 = {
-    tempAddress = "disabled";
-    ipv4.addresses = [{
-      address = "192.168.178.1";
-      prefixLength = 24;
-    }];
-    useDHCP = true;
-  };
-  # systemd.services.network-link-br0.unitConfig.After = lib.mkForce [ "network-pre.target" "br0-netdev.service" ];
-  # systemd.services.network-link-br0.unitConfig.BindsTo = lib.mkForce [ "br0-netdev.service" ];
-  networking.nat = {
-    enable = true;
-    externalInterface = "dslite1";
-    internalIPs = [ "192.168.178.1/24" ];
-  };
-  networking.defaultGateway = {
-    address = "192.0.0.1";
-    interface = "dslite1";
-  };
-  systemd.services.dslite1-netdev = {
-    wantedBy =
-      [ "network-setup.service" "sys-subsystem-net-devices-dslite1.device" ];
-    bindsTo = [ ];
-    partOf = [ "network-setup.service" ];
-    after = [
-      "network-pre.target"
-      "network-addresses-enp1s0.service"
-      "network-link-enp1s0.service"
-    ];
-    before = [ "network-setup.service" ];
-    path = [ pkgs.iproute2 ];
-    serviceConfig = {
-      Type = "oneshot";
-      RemainAfterExit = true;
-    };
-    script = ''
-      ip tunnel add dslite1 mode ip4ip6 local 2a02:a212:2200:4c00:20d:b9ff:fe56:ba04 remote 2001:730:2000:2::31 encaplimit none
-      ip link set dslite1 up
-    '';
-    postStop = ''
-      ip link del dslite1 || true
-    '';
-  };
-  networking.interfaces.dslite1 = {
-    mtu = 1452; # todo: ipv6 fragmenting?
-    ipv4.addresses = [{
-      address = "192.0.0.2";
-      prefixLength = 24;
-    }];
-  };
-  # networking.bridges = {
-  #   br0.interfaces = [ "enp2s0" "enp3s0" ];
-  # };
-  networking.dhcpcd.persistent = true;
-  # request prefix delegation
-  networking.dhcpcd.extraConfig = ''
-    noipv6rs
-    ipv6only
-    interface enp1s0
-    ipv6rs
-    iaid 1
-    ia_pd 1/::/60 enp2s0/0/64
-  '';
-  services.dnsmasq = {
-    enable = true;
-    servers = [ "8.8.8.8" "1.1.1.1" ];
-  };
-  services.dhcpd4 = {
-    interfaces = [ "enp2s0" ];
-    enable = true;
-    machines = [
-      {
-        hostName = "amateria";
-        ethernetAddress = "a8:a1:59:15:8b:63";
-        ipAddress = "192.168.178.42";
-      }
-      {
-        hostName = "blackadder";
-        ethernetAddress = "a8:a1:59:03:8a:75";
-        ipAddress = "192.168.178.33";
-      }
-      {
-        hostName = "frumar";
-        ethernetAddress = "bc:5f:f4:e8:42:9f";
-        ipAddress = "192.168.178.37";
-      }
-      {
-        hostName = "jarvis";
-        ethernetAddress = "18:1d:ea:35:13:58";
-        ipAddress = "192.168.178.34";
-      }
-      {
-        hostName = "jarvis-dock";
-        ethernetAddress = "64:4b:f0:10:05:f2";
-        ipAddress = "192.168.178.13";
-      }
-      {
-        hostName = "printer";
-        ethernetAddress = "30:05:5c:44:20:a7";
-        ipAddress = "192.168.178.26";
-      }
-      {
-        hostName = "raspberrypi";
-        ethernetAddress = "b8:27:eb:b9:ec:3a";
-        ipAddress = "192.168.178.21";
-      }
-      {
-        hostName = "smartMeter";
-        ethernetAddress = "5c:cf:7f:26:ca:91";
-        ipAddress = "192.168.178.30";
-      }
-      {
-        hostName = "gang-ap";
-        ethernetAddress = "b4:fb:e4:2d:fc:f3";
-        ipAddress = "192.168.178.32";
-      }
-    ];
-    extraConfig = ''
-      subnet 192.168.178.0 netmask 255.255.255.0 {
-        option subnet-mask 255.255.255.0;
-        option broadcast-address 192.168.178.255;
-        option routers 192.168.178.1;
-        option domain-name-servers 192.168.178.1;
-        range 192.168.178.3 192.168.178.200;
-      }
-    '';
-  };
-  services.radvd = {
-    enable = true;
-    config = ''
-      interface enp2s0 {
-        AdvSendAdvert on;
-        prefix 2a02:a212:2200:4c70::/64 {
-          AdvOnLink on;
-          AdvAutonomous on;
-        };
-      };
-    '';
-  };
-  networking.firewall.allowedUDPPorts = [ 53 ];
-  networking.firewall.allowedTCPPorts = [ 53 ];
-
-  services.fstrim.enable = true;
-
-  # Select internationalisation properties.
-  # i18n = {
-  #   consoleFont = "Lat2-Terminus16";
-  #   consoleKeyMap = "us";
-  #   defaultLocale = "en_US.UTF-8";
-  # };
-
-  # Set your time zone.
-  time.timeZone = "Europe/Amsterdam";
-
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  # environment.systemPackages = with pkgs; [
-  #   wget vim
-  # ];
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  #   pinentryFlavor = "gnome3";
-  # };
-
-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  services.openssh.enable = true;
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
-
-  # Enable CUPS to print documents.
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. Itâ€˜s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "20.09"; # Did you read the comment?
-  services.udisks2.enable = false;
-  boot.supportedFilesystems = lib.mkForce [ "ext4" ];
-  boot.initrd.supportedFilesystems = lib.mkForce [ "ext4" ];
-  security.polkit.enable = false;
-  nixpkgs.overlays = [
-    (self: super: {
-      dhcpcd = super.dhcpcd.overrideAttrs (o: rec {
-        pname = "dhcpcd";
-        version = "8.1.9";
-        src = self.fetchurl {
-          url = "mirror://roy/${pname}/${pname}-${version}.tar.xz";
-          sha256 = "1kzv61bgrd0zwiy6r218zkccx36j9p5mz1gxqvbhg05xn9g50alf";
-        };
-        patches = [ ];
-      });
-    })
-  ];
-}
diff --git a/nixos/overlay.nix b/nixos/overlay.nix
index b4aeeb0..02a66b6 100644
--- a/nixos/overlay.nix
+++ b/nixos/overlay.nix
@@ -1,4 +1,4 @@
-let names = [ "pennyworth" "jarvis" "blackadder" "frumar" "zazu" "smithers" ];
+let names = [ "pennyworth" "jarvis" "blackadder" "frumar" "smithers" ];
 in pkgs: super: {
   yorick = (super.yorick or { }) // rec {
     nixos = configuration: extraArgs:
diff --git a/nixos/vpn.nix b/nixos/vpn.nix
index 197b3be..d1d976a 100644
--- a/nixos/vpn.nix
+++ b/nixos/vpn.nix
@@ -4,7 +4,6 @@
     jarvis = "10.209.0.2";
     frumar = "10.209.0.3";
     blackadder = "10.209.0.6";
-    zazu = "10.209.0.7";
     smithers = "10.209.0.8";
   };
   keys = {
@@ -13,7 +12,6 @@
     frumar = "UpFw4KmrvmOWdMOJ+LHvMzgN7cQMnasqlkzF8/apoGI=";
     jarvis = "2/Qaq5uiy8uGGnZLIfjeomL47XjZCsJ1dDFDD9Nlq3E=";
     pennyworth = "XoeUMsiSOWBFEFuAu+S4iQd3MzkyGhIj9dtxzZ0I500=";
-    zazu = "6X5EdNMO1MtFi18LCRGZ2cBD0d50Wq+pwkwVubjY1Ew=";
     smithers = "CXsx26Xi+mBeuB6U8hdeuOBC3o4gTnBc6biez/BCqzM=";
   };
 }
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 52722993fc3553614734949c7522976e2362c0bd..b81407f30a151e8886dc73bf8d96ff127dfd8056 100644
GIT binary patch
literal 1271
zcmV<T1PJ>8M@dveQdv+`0Kc)?djdmNC^(z+U934`s=$wtiy(-y^Cp6`C)GXI-q3~_
z%o%wf@u6WLu8xBWEI9*PH_@$N_otmu6EI%Yn4O^txum1CJM5ze6}~4AUrn&X>g$Mi
z@qcDgET`>!U}7!3e;78S{Z2=cR@`7*dsiPA^B;z75%_iyxV%vRT)iFCll)=j#w;Y?
z=Xan@Di#bRkjMO=R;a33X#vl|N!6N}n7X?-KXOyH{M*1R1w;pprA8bpQl=C<5C1Hx
zgtE$7Y{6=)%jQ*4xCMOMXo?zQGiF@zIU<WRF5innHBlM9=T-?|2L=(B$GC3^%2oVT
z(5sPD5q8=P%Q)?>Vej4S)gC3i^Msy}@!;Lt^)vT>#UDBZlf42)YC<$UpIGIC$erIh
zH{CZS-{wR;(^>L&R<NLW%%@9%$e+}ZT~oZSC?UFepzw25vf8S7%Bt|*vV(o(v7Mod
z;gd2u70CB5;4f&g!lJsHKwO|*C7xAgJo8t74xhfDPOvZPz!VsM^E@s+z0|e(-(1J6
zac;$PLQjbFD;RD^|K#FfMNsrQJArB>Am8dP>E|Uu7yCG>E?=h=Za=UKD9sb(It&S9
z*HV>WqG;PdwK62ylSLAY%LAHv&rcFo-EMl)rgUQ&9gGeRTn!~Im&Y3|63Yv!As?q|
zZ8S*ZgbGHQt^)2KMO^P3sy;@Ghe@lEqJMT5NwlUT3mLZH_7{x}cguPUsexQ#^hdY?
z#ajAuf70NNK%x_k08QX|#qJDL+B`TDDq!k&o}pA0$Obv~);qtrkK+clPSn`S3ZLs|
zJ#Tuk%r4d6oqlq7T@w#icM|M-P(c5=&$d+>YFe^Tnow4{e>JgIXKWa_5_*5IB~Nec
zjppx^`tD_^8omqEQ>TEiH@8+{kFy~ji%qqG=OwzCEvy}%1Ja+}s?At(BbEYKV%bbS
zdr{1pnCM%pcf&ZcYfvT*+}vp6A6K?B5RGX!*(AWZ_kFjIG`S5fs#lcUmgx6+(4A`P
z`{`=Q&6U{HnVcm6sW^HYtmhuZuI6<Rt3FC@4>m-B{JN0KGhnu5foun`KDc#34JL--
zY}oer`iA)mN4briQ2sF5aR$glSkMO#TB0PVZK5#9<QUu@3w5B|Ve_iJ*y&x+p);c;
zjnmL$=EfC0PAHz&Un+rCOTjSIvosYvhsPON8OP+<f7vN>SnbT}n<aI|UtAujunemi
zELnnLtK*H{xLxxXT!eAP_A8xVCrr@mvhqc0IpWo<YgL9F_?-Q~8%zSm`1PnSX<k=#
zWIJsHGY^@(Q@3Y59!~6<U<CL>)Bl!-+~;+q;)D0s>9g!xb79&rN{74+l(N}wD0$EF
z6Fh2iU_I~TB}&DJ`Q6b8A9fofy$}FmMy0@vtAL5@UnHdSP@TcpY$zasz`NfF?Hteg
zMR*s$AVZ)zMQaHB8k{o3Xug9JFsn^nY+z5Fm^KE37rx%X0q(Ch`W;k~&7GH;jX+;$
zetR+%lY~seR7@3&vpQmM@~YgzSUx%bC@c&l-r$b8pu2WTMQJu?Q7bbI>{tNuQ*q+K
zL{~ew54SHngAwN^RWSdbz`#=*k`#UXYh2x}Ez|PsNJT5SSBVY;V{X<;j#Wp%0F@O7
h7qL@nsq*+er@r83YNn?ABJzq<II+#+K|)p1eCAlYaPt5F

literal 1410
zcmV-|1%3JeM@dveQdv+`01BdJH=z|js^Z^wlOtIwUEYAI91RbZ*Et-TXzRTHX=-GG
zxE^{b4E%U+jn`^Ldw0vx<46FSC<hw0I%52z*%*iM?@P|VVn)~iBMTQ}RU6Xg%eoHJ
zw9QE>VOHbo&n(R1Np9hz>U8k8_r;Ji{mly=t_zufUd5U?(0Maqi@AuTa>Y-65{r-R
zSJu#EkcR;vbrQJ?;7oN`crHJxM%zM$X2yGM3&+u)2Ve_1vzOS*fIs<)JM7H#F;I_(
zemwsdrg63a^;D!IKPXz!4?1X^wzk`1N6TCnn>A~q%@})IA0+r6h9?Keam=>!Z927U
zujSGWL+%uSFo*6HTN01~pRjy^OCRSz{WX<cCwnHL1FxPh&TppjZaKo56x}wWm_o|~
zq<U#~#m+Z;)p#)g)XsNlmF);2-vrG%Y;dt}Qv44o{4?P7u{%fL3L&=2l?tIMIFfIq
zIq#$}bL^ua(LQy5fsF5Hbl5&udURSRP3ivW@?9B8v2Ql{RUwPJ<a9LmnGGDE#4EQV
zs_#1orlo3@3W$>s48y}A`$6K(Q~z>0BsDYboIS7`Y|>i7Q=r2PT*ipi=y`KZYd6pY
zvBk4TobfL7(XHkh_<Fu&^t4<$z!y9NnYOnKF4Zk%hrmN;`YR@tIHT1rmCd4M8RHpk
z$Z4fVW)YX!d8amel*8_ko5`ytT6=~Ec0<n~$!9Hdo5A6*<Hps6Ei0hnKg2Tyo}@A4
z({dkRvIagR)>3lzDwE^2cgaRCsnF{Y#UYVpj;5HDPnZ8#`T`<Yt5P?naMoN0z%w3E
z)f4eQGvTGI5Y#5ywd0?$=Zy7U(X^iN=SuqAPnaA{6N@>L$zFqnGN*ul@PyA_k@Z{S
zn@pmHbH$2_*_|mu{J4K{O4jHegXZqaxbog=LaQMW4zGJug4`Ec!bH7ku70XPJXvN*
z*hL!soR%S+8i&!A6r?CuUq0-*hT(H%Mrf+e(rZ$$#~JcO_ZgV?B=SivVG+9)Dgysy
z^)V;e5-48f1CkM^Qo*N3PptCUprRxc+=+LoFDhzXUun83dXW%&RD^%k5`-MvYr!yJ
z;|^mYC_NeT7i~Jl8biK*6jB@y_a=4qoNDI?W3Vk?M;(?e{97Zdwudc0-DWp1l+t(N
z%#~r1nL9sD?7BYL4Q2pO?`E@SEcVPywP(nkR>4C<vGd|&9M6!0e)TdxZb1`U^fJN@
zT_PTC;DfKS$XtGiit{?vbUY8VJ3@mqznT0v@?+OfHMOUXc-D$?cL#!u=DuM!)G(4*
ze$MgTy}0^_wH<1!doy8qcjVLXg1t%Sc`z9+g+_!AH>=1%c_l$BR2}$BZ<UZ-6J}o&
zB{f>Y<8g(1rP+OpKZo`8kf%8!!SZvg4=J+%;sjcC=8+p&zPmBQbF|TJ(?;4(brA+%
zRFe7DmA933r1ze87JlJmD?mpw!x$`#CnO@Qbg-tl0g^8{iBD9~a4no9>ojI$<M4ve
zq~aHaY#W5)K5uJLMrt&u1|<Hg{QWqod~Cn(;PTCOkHC9K8YE-<WC6g{yB>AaNVt{o
zvv}UDG>q%4ztfw60_b6=2ilK5Y!e>bW9(GAuXkS!!=ZL70EvUP%f@4rC5%Jc7vlKj
z{%77KmBJds_A$at0ZQovWoh5*?mHsIV>o8A^HYtx7UWp)t&{tH?hODZF_rhSba|ye
z3UBSK#U-TZ#Zt&56UCG>+~HM5ons`!u7NJR8qU}8+8zAAh&1)6#)$3_N*7lGUF^9t
zk7O;Jrg3J=Ju)Y!q1NmwPQkM=1YL=FmH5n;-e|`)1|G`R?PzlsN5|0;gFboc?xI;j
Q>_<aW+c1JI;(VWO1S}=H_W%F@

diff --git a/secrets/wg.zazu.age b/secrets/wg.zazu.age
deleted file mode 100644
index 97a9b1d..0000000
--- a/secrets/wg.zazu.age
+++ /dev/null
@@ -1,9 +0,0 @@
-age-encryption.org/v1
--> X25519 eORjizW1ee6FYqEQqTa5uuN/+2pTczTSjdmfUNn/tDc
-CKLNuNxkorS/hgGNGgdagJFUMWrrV33MxAFEEDwxM5c
--> ssh-ed25519 5WyvFg eRI44sQ73aOgg7ifbPwHN55Rr9tfY73jm2SpRzngX10
-ioYtOQzjWSGFZa/uJg2PPfyjXKJuUCUTrLFbWROENH8
--> n>fQw<k[-grease H01`o(l(
-4fmi7YLYpd+EoRjQNCPMgAo
---- 8maSKzEcu0uFAZKPJjlGh5LwgzfQptd5HKGpABUpgEA
-Z·QÒéW¾þÚ,6+‡@¶`Uëjë·oÂpF|	ƒí?uµPuíŸ(­ŽÑˆÖ¤ô¡ xßöm}Ô—ŸI1ùi³¬UõÔÒ¤ÁEnëG
\ No newline at end of file