From 6989da5705a202daf6c2775865255dfcfe6dd28b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= <cyplo@cyplo.dev>
Date: Sat, 1 Oct 2022 11:33:56 +0100
Subject: [PATCH] remove vultr, move services to vpsfree

---
 nixos/boxes/vpsfree1/default.nix              |  3 ++
 .../{vultr1 => vpsfree1}/matrix-front.nix     |  0
 nixos/boxes/{vultr1 => vpsfree1}/search.nix   |  0
 nixos/boxes/vultr1/default.nix                | 21 ---------
 nixos/boxes/vultr1/folding.nix                |  9 ----
 nixos/boxes/vultr1/snowflake.nix              | 40 -----------------
 nixos/boxes/vultr1/vultr-boot.nix             | 44 -------------------
 7 files changed, 3 insertions(+), 114 deletions(-)
 rename nixos/boxes/{vultr1 => vpsfree1}/matrix-front.nix (100%)
 rename nixos/boxes/{vultr1 => vpsfree1}/search.nix (100%)
 delete mode 100644 nixos/boxes/vultr1/default.nix
 delete mode 100644 nixos/boxes/vultr1/folding.nix
 delete mode 100644 nixos/boxes/vultr1/snowflake.nix
 delete mode 100644 nixos/boxes/vultr1/vultr-boot.nix

diff --git a/nixos/boxes/vpsfree1/default.nix b/nixos/boxes/vpsfree1/default.nix
index e0ef9f58..65889105 100644
--- a/nixos/boxes/vpsfree1/default.nix
+++ b/nixos/boxes/vpsfree1/default.nix
@@ -4,11 +4,14 @@
   imports = [
     ./vpsfree1-vpsadminos.nix
     ../cli.nix
+    ../nginx.nix
     ./foundryvtt.nix
     ./cryptpad.nix
     ./syncthing-relay.nix
     ./backups.nix
     ./blog.cyplo.net.nix
+    ./search.nix
+    ./matrix-front.nix
   ];
 
   services.dockerRegistry = {
diff --git a/nixos/boxes/vultr1/matrix-front.nix b/nixos/boxes/vpsfree1/matrix-front.nix
similarity index 100%
rename from nixos/boxes/vultr1/matrix-front.nix
rename to nixos/boxes/vpsfree1/matrix-front.nix
diff --git a/nixos/boxes/vultr1/search.nix b/nixos/boxes/vpsfree1/search.nix
similarity index 100%
rename from nixos/boxes/vultr1/search.nix
rename to nixos/boxes/vpsfree1/search.nix
diff --git a/nixos/boxes/vultr1/default.nix b/nixos/boxes/vultr1/default.nix
deleted file mode 100644
index a2d7ad67..00000000
--- a/nixos/boxes/vultr1/default.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ config, pkgs, inputs, lib, ... }: {
-  networking.hostName = "vultr1";
-
-  imports = [
-    ./vultr-boot.nix
-    ./folding.nix
-    ./matrix-front.nix
-    ./../nginx.nix
-    ./search.nix
-    ./snowflake.nix
-    ../cli.nix
-  ];
-
-  systemd.extraConfig = ''
-    DefaultTimeoutStartSec=900s
-  '';
-
-  security.allowUserNamespaces = true;
-  time.timeZone = "Europe/London";
-
-}
diff --git a/nixos/boxes/vultr1/folding.nix b/nixos/boxes/vultr1/folding.nix
deleted file mode 100644
index 125ab894..00000000
--- a/nixos/boxes/vultr1/folding.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ config, pkgs, lib, ... }: {
-  nixpkgs.config.allowUnfreePredicate = pkg:
-    builtins.elem (lib.getName pkg) [ "fahclient" ];
-  services.foldingathome = {
-    enable = true;
-    user = "cyplo";
-  };
-  boot.kernel.sysctl = { "kernel.unprivileged_userns_clone" = 1; };
-}
diff --git a/nixos/boxes/vultr1/snowflake.nix b/nixos/boxes/vultr1/snowflake.nix
deleted file mode 100644
index 7b5b2cee..00000000
--- a/nixos/boxes/vultr1/snowflake.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{ config, pkgs, lib, ... }: {
-  containers.snowflake = {
-    autoStart = true;
-    ephemeral = true;
-    config = {
-      systemd.services.snowflake = {
-        wantedBy = [ "multi-user.target" ];
-        serviceConfig = {
-          IPAccounting = "yes";
-          ExecStart = "${pkgs.snowflake}/bin/proxy";
-          DynamicUser = "yes";
-          # Read-only filesystem
-          ProtectSystem = "strict";
-          PrivateDevices = "yes";
-          ProtectKernelTunables = "yes";
-          ProtectControlGroups = "yes";
-          ProtectHome = "yes";
-          # Deny access to as many things as possible
-          NoNewPrivileges = "yes";
-          PrivateUsers = "yes";
-          LockPersonality = "yes";
-          MemoryDenyWriteExecute = "yes";
-          ProtectClock = "yes";
-          ProtectHostname = "yes";
-          ProtectKernelLogs = "yes";
-          ProtectKernelModules = "yes";
-          RestrictNamespaces = "yes";
-          RestrictRealtime = "yes";
-          RestrictSUIDSGID = "yes";
-          SystemCallArchitectures = "native";
-          SystemCallFilter =
-            "~@chown @clock @cpu-emulation @debug @module @mount @obsolete @raw-io @reboot @setuid @swap @privileged @resources";
-          CapabilityBoundingSet = "";
-          ProtectProc = "invisible";
-          ProcSubset = "pid";
-        };
-      };
-    };
-  };
-}
diff --git a/nixos/boxes/vultr1/vultr-boot.nix b/nixos/boxes/vultr1/vultr-boot.nix
deleted file mode 100644
index 510f013d..00000000
--- a/nixos/boxes/vultr1/vultr-boot.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-{ config, pkgs, ... }: {
-
-  boot = {
-    initrd.availableKernelModules = [
-      "ata_piix"
-      "uhci_hcd"
-      "virtio_pci"
-      "sr_mod"
-      "virtio_blk"
-      "virtio_net"
-      "virtio_pci"
-      "virtio_mmio"
-      "virtio_blk"
-      "virtio_scsi"
-      "9p"
-      "9pnet_virtio"
-    ];
-    initrd.kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ];
-
-    initrd.postDeviceCommands = ''
-      # Set the system time from the hardware clock to work around a
-      # bug in qemu-kvm > 1.5.2 (where the VM clock is initialised
-      # to the *boot time* of the host).
-        hwclock -s
-    '';
-
-    kernelPackages = pkgs.linuxPackages_latest;
-    loader.grub.enable = true;
-    loader.grub.version = 2;
-    loader.grub.device = "/dev/vda";
-  };
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/d37c4c81-4807-4b8b-bcd4-05ae76bccbaa";
-    fsType = "ext4";
-  };
-
-  swapDevices = [{
-    device = "/swapfile";
-    size = 2048;
-  }];
-
-}
-