From bab826b1c711ba7303833769b08b8ef33c7a554b Mon Sep 17 00:00:00 2001 From: schweby Date: Fri, 12 Mar 2021 23:53:51 +0100 Subject: [PATCH] security: remove hexchen --- common/users.nix | 16 +++++------ hosts/hainich/configuration.nix | 42 ++++++++++++++-------------- hosts/hainich/services/syncthing.nix | 18 ++++++------ 3 files changed, 38 insertions(+), 38 deletions(-) diff --git a/common/users.nix b/common/users.nix index 7ffd2a9..02d5cca 100644 --- a/common/users.nix +++ b/common/users.nix @@ -1,9 +1,9 @@ { config, pkgs, lib, ... }: { - imports = [ - ./hexchen.nix - ]; +# imports = [ +# ./hexchen.nix +# ]; home-manager.useGlobalPkgs = true; @@ -13,11 +13,11 @@ }; # all the actual config is imported from hexchen's nixfiles - hexchen = { - uid = lib.mkForce 1000; - isNormalUser = true; - extraGroups = [ "wheel" ]; - }; +# hexchen = { +# uid = lib.mkForce 1000; +# isNormalUser = true; +# extraGroups = [ "wheel" ]; +# }; stuebinm = { uid = 1005; diff --git a/hosts/hainich/configuration.nix b/hosts/hainich/configuration.nix index 54247d1..5cc94e0 100644 --- a/hosts/hainich/configuration.nix +++ b/hosts/hainich/configuration.nix @@ -95,27 +95,27 @@ boot.kernelPackages = pkgs.linuxPackages; - services.restic.backups.tardis = { - passwordFile = "/etc/restic/system"; - s3CredentialsFile = "/etc/restic/system.s3creds"; - paths = [ - "/data" - "/home" - "/run/florinori" - "/var/lib/containers/codimd/var/lib/codimd" - "/var/lib/containers/codimd/var/backup/postgresql" - "/var/lib/containers/lantifa/var/lib/mediawiki" - "/var/lib/containers/lantifa/var/backup/mysql" - "/var/lib/murmur" - "/var/lib/syncthing" - ]; - pruneOpts = [ - "--keep-daily 7" - "--keep-weekly 5" - "--keep-monthly 12" - ]; - repository = "b2:tardis-hainich:system"; - }; +# services.restic.backups.tardis = { +# passwordFile = "/etc/restic/system"; +# s3CredentialsFile = "/etc/restic/system.s3creds"; +# paths = [ +# "/data" +# "/home" +# "/run/florinori" +# "/var/lib/containers/codimd/var/lib/codimd" +# "/var/lib/containers/codimd/var/backup/postgresql" +# "/var/lib/containers/lantifa/var/lib/mediawiki" +# "/var/lib/containers/lantifa/var/backup/mysql" +# "/var/lib/murmur" +# "/var/lib/syncthing" +# ]; +# pruneOpts = [ +# "--keep-daily 7" +# "--keep-weekly 5" +# "--keep-monthly 12" +# ]; +# repository = "b2:tardis-hainich:system"; +# }; # This value determines the NixOS release from which the default diff --git a/hosts/hainich/services/syncthing.nix b/hosts/hainich/services/syncthing.nix index 6e56632..4ec1fc5 100644 --- a/hosts/hainich/services/syncthing.nix +++ b/hosts/hainich/services/syncthing.nix @@ -24,21 +24,21 @@ id = "72B3T74-NOMJV3X-EVJXTJF-5GGAEZB-ZDKBHXQ-VQNRYEU-YCPA2JP-L6NGAAG"; }; # zauberberg - conway = { - addresses = []; # empty = dynamic - id = "HV7IU2N-Q4W3A7F-BSASR43-OB575SM-47FY2UW-7N5GMFM-PX3LWRN-HXBXMQF"; - }; +# conway = { +# addresses = []; # empty = dynamic +# id = "HV7IU2N-Q4W3A7F-BSASR43-OB575SM-47FY2UW-7N5GMFM-PX3LWRN-HXBXMQF"; +# }; # hexchen - storah = { - addresses = [ "tcp://46.4.62.95:22000" "quic://46.4.62.95:22000" ]; - id = "SGHQ2JA-7FJ6CKM-N3I54R4-UOJC5KO-7W22O62-YLTF26F-S7DLZG4-ZLP7HAM"; - }; +# storah = { +# addresses = [ "tcp://46.4.62.95:22000" "quic://46.4.62.95:22000" ]; +# id = "SGHQ2JA-7FJ6CKM-N3I54R4-UOJC5KO-7W22O62-YLTF26F-S7DLZG4-ZLP7HAM"; +# }; }; folders = { "/var/lib/syncthing/hacc" = { id = "qt2ly-xvvvs"; - devices = [ "txsbcct" "octycs" "stuebinm-desktop" "conway" "raphael-laptop" "storah" ]; + devices = [ "txsbcct" "octycs" "stuebinm-desktop" "raphael-laptop" ]; type = "receiveonly"; versioning = { type = "simple";