tywin.storage: delete

hosts/router.home.ts.hillion.co.uk/default.nix

@@ -216,12 +216,12 @@
                     data = "10.64.50.1, 1.1.1.1, 8.8.8.8";
                   }
                 ];
-                reservations = lib.lists.imap0
-                  (i: el: {
+                reservations = lib.lists.remove null (lib.lists.imap0
+                  (i: el: if el == null then null else {
                     ip-address = "10.64.50.${toString (20 + i)}";
                     inherit (el) hw-address hostname;
                   }) [
-                  { hostname = "tywin"; hw-address = "c8:7f:54:6d:e1:03"; }
+                  null
                   { hostname = "microserver"; hw-address = "e4:5f:01:b4:58:95"; }
                   { hostname = "theon"; hw-address = "00:1e:06:49:06:1e"; }
                   { hostname = "server-switch"; hw-address = "84:d8:1b:9d:0d:85"; }
@@ -229,7 +229,7 @@
                   { hostname = "sodium"; hw-address = "d8:3a:dd:c3:d6:2b"; }
                   { hostname = "gendry"; hw-address = "18:c0:4d:35:60:1e"; }
                   { hostname = "phoenix"; hw-address = "a8:b8:e0:04:17:a5"; }
-                ];
+                ]);
               }
               {
                 subnet = "10.239.19.0/24";

hosts/tywin.storage.ts.hillion.co.uk/README.md

@@ -1,7 +0,0 @@
-# tywin.storage.ts.hillion.co.uk
-
-Additional installation step for Clevis/Tang:
-
-    $ echo -n $DISK_ENCRYPTION_PASSWORD | clevis encrypt sss "$(cat /etc/nixos/hosts/tywin.storage.ts.hillion.co.uk/clevis_config.json)" >/mnt/disk_encryption.jwe
-    $ sudo chown root:root /mnt/disk_encryption.jwe
-    $ sudo chmod 0400 /mnt/disk_encryption.jwe

hosts/tywin.storage.ts.hillion.co.uk/clevis_config.json

@@ -1,14 +0,0 @@
-{
-  "t": 1,
-  "pins": {
-    "tang": [
-      {
-        "url": "http://10.64.50.21:7654"
-      },
-      {
-        "url": "http://10.64.50.25:7654"
-      }
-    ]
-  }
-}
-

hosts/tywin.storage.ts.hillion.co.uk/default.nix

@@ -1,57 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-{
-  imports = [
-    ./hardware-configuration.nix
-  ];
-
-  config = {
-    system.stateVersion = "22.11";
-
-    networking.hostName = "tywin";
-    networking.domain = "storage.ts.hillion.co.uk";
-    networking.hostId = "2a9b6df5";
-
-    boot.loader.systemd-boot.enable = true;
-    boot.loader.efi.canTouchEfiVariables = true;
-
-    boot.kernelParams = [ "ip=dhcp" ];
-    boot.initrd = {
-      availableKernelModules = [ "r8169" ];
-      network.enable = true;
-      clevis = {
-        enable = true;
-        useTang = true;
-        devices."root".secretFile = "/disk_encryption.jwe";
-      };
-    };
-
-    custom.locations.autoServe = true;
-    custom.defaults = true;
-
-    ## Tailscale
-    age.secrets."tailscale/tywin.storage.ts.hillion.co.uk".file = ../../secrets/tailscale/tywin.storage.ts.hillion.co.uk.age;
-    services.tailscale = {
-      enable = true;
-      authKeyFile = config.age.secrets."tailscale/tywin.storage.ts.hillion.co.uk".path;
-    };
-
-    ## Filesystems
-    fileSystems."/".options = [ "compress=zstd" ];
-
-    services.btrfs.autoScrub = {
-      enable = true;
-      interval = "Tue, 02:00";
-      # All filesystems includes the BTRFS parts of all the hard drives. This
-      # would take forever and is redundant as they get fully read regularly.
-      fileSystems = [ "/" ];
-    };
-
-    ## Networking
-    networking.nameservers = lib.mkForce [ ]; # Trust the DHCP nameservers
-    networking.firewall.interfaces."tailscale0".allowedTCPPorts = [
-      80 # Caddy HTTP  1-2 (restic.ts.)
-      443 # Caddy HTTPS 1-2 (restic.ts.)
-    ];
-  };
-}

hosts/tywin.storage.ts.hillion.co.uk/hardware-configuration.nix

@@ -1,44 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [
-      (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    {
-      device = "/dev/disk/by-uuid/cb48d4ed-d268-490c-9977-2b5d31ce2c1b";
-      fsType = "btrfs";
-    };
-
-  boot.initrd.luks.devices."root" = {
-    device = "/dev/disk/by-uuid/32837730-5e15-4917-9939-cbb58bb0aabf";
-    allowDiscards = true;
-  };
-
-  fileSystems."/boot" =
-    {
-      device = "/dev/disk/by-uuid/BC57-0AF6";
-      fsType = "vfat";
-    };
-
-  swapDevices = [ ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp7s0.useDHCP = lib.mkDefault true;
-
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}

hosts/tywin.storage.ts.hillion.co.uk/system

@@ -1 +0,0 @@
-x86_64-linux

modules/dns.nix

@@ -56,7 +56,6 @@ in
                 };
                 storage = {
                   theon = "100.104.142.22";
-                  tywin = "100.115.31.91";
                 };
               };
             };
@@ -86,7 +85,6 @@ in
                 };
                 storage = {
                   theon = "fd7a:115c:a1e0::4aa8:8e16";
-                  tywin = "fd7a:115c:a1e0:ab12:4843:cd96:6273:1f5b";
                 };
               };
             };

modules/ssh/default.nix

@@ -50,7 +50,6 @@ in
       "router.home.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAlCj/i2xprN6h0Ik2tthOJQy6Qwq3Ony73+yfbHYTFu";
       "sodium.pop.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQmG7v/XrinPmkTU2eIoISuU3+hoV4h60Bmbwd+xDjr";
       "theon.storage.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN59psLVu3/sQORA4x3p8H3ei8MCQlcwX5T+k3kBeBMf";
-      "tywin.storage.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGATsjWO0qZNFp2BhfgDuWi+e/ScMkFxp79N2OZoed1k";
     };
     programs.ssh.knownHostsFiles = [ ./github_known_hosts ];
   };

secrets/secrets.nix

@@ -28,7 +28,6 @@ let
             terminals = { jakehillion = { gendry = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXM5aDvNv4MTITXAvJWSS2yvr/mbxJE31tgwJtcl38c root@gendry"; }; };
             st = { phoenix = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBPQcp9MzabvwbViNmILVNfipMUnwV+5okRfhOuV7+Mt root@phoenix"; };
             storage = {
-              tywin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGATsjWO0qZNFp2BhfgDuWi+e/ScMkFxp79N2OZoed1k root@tywin";
               theon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN59psLVu3/sQORA4x3p8H3ei8MCQlcwX5T+k3kBeBMf root@theon";
             };
           };
@@ -59,7 +58,6 @@ in
   "tailscale/router.home.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.home.router ];
   "tailscale/sodium.pop.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.pop.sodium ];
   "tailscale/theon.storage.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.storage.theon ];
-  "tailscale/tywin.storage.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
 
   # WiFi Environment Files
   "wifi/be.lt.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.lt.be ];