From dfe51e396b1a8680ef903d05f7b639044f88fd1d Mon Sep 17 00:00:00 2001 From: Erwin Boskma Date: Tue, 12 Nov 2024 21:22:54 +0100 Subject: [PATCH] Remove factorio container --- .sops.yaml | 7 -- machines/default.nix | 9 --- machines/factorio/configuration.nix | 112 ---------------------------- machines/factorio/secrets.yaml | 39 ---------- 4 files changed, 167 deletions(-) delete mode 100644 machines/factorio/configuration.nix delete mode 100644 machines/factorio/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml index 1148b5c..9facbab 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -3,7 +3,6 @@ keys: - &erwin_horus age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg - &loki age1m93jeyexus2uqvrk99r7hh0xp7qxk55tgmju4h422dfkf92jce2sxpntu5 - &ci age1tmlx45s4f6qp929839yd5y5vxkj2z4z8wmhqsnne9j8j5uwx6p8qssun8l - - &factorio age1j3456p2yhs82wcxp33r8nr7zc70shuusqnpyfxe6992w28rg5ywq83es27 - &frigate age1gtzlyyxdnt23xzyq6lq5ye645egxl7up25agxw23nuhjl6ax0dmqrlqvpf - &gitea age1mh39yv2j3ltl50tjnqqgjctxth3nxa74ggwn29dpvcv08qd0psnssajsmd - &gitea-runner age19jrte20w4e5u83m5s8m8c2ca6sha6e2l2k66g28jz4mpkfs0f3jq26rdp2 @@ -30,12 +29,6 @@ creation_rules: - *erwin - *erwin_horus - *ci - - path_regex: machines/factorio/[^/]+\.yaml$ - key_groups: - - age: - - *erwin - - *erwin_horus - - *factorio - path_regex: machines/frigate/[^/]+\.yaml$ key_groups: - age: diff --git a/machines/default.nix b/machines/default.nix index 23dd5bf..14c87d8 100644 --- a/machines/default.nix +++ b/machines/default.nix @@ -10,15 +10,6 @@ inputs: { # tags = [ "container" ]; # }; }; - factorio = { - config = import ./factorio/configuration.nix inputs; - deploy = { - # host = "10.0.0.208"; - host = "factorio.barn-beaver.ts.net"; - targetUser = "erwin"; - tags = [ "container" ]; - }; - }; frigate = { config = import ./frigate/configuration.nix inputs; deploy = { diff --git a/machines/factorio/configuration.nix b/machines/factorio/configuration.nix deleted file mode 100644 index af85340..0000000 --- a/machines/factorio/configuration.nix +++ /dev/null @@ -1,112 +0,0 @@ -{ - self, - ... -}: -{ - modulesPath, - config, - ... -}: -{ - imports = [ - (modulesPath + "/virtualisation/lxc-container.nix") - - ../../users/root - ../../users/erwin - ]; - - eboskma = { - users.erwin = { - enable = true; - server = true; - }; - nix-common = { - enable = true; - remote-builders = true; - }; - rust-motd.enable = true; - tailscale.enable = true; - }; - - boot = { - isContainer = true; - }; - - time.timeZone = "Europe/Amsterdam"; - - system.configurationRevision = self.inputs.nixpkgs.lib.mkIf (self ? rev) self.rev; - - networking = { - hostName = "factorio"; - useDHCP = false; - useHostResolvConf = false; - networkmanager.enable = false; - useNetworkd = true; - nftables.enable = true; - - firewall.trustedInterfaces = [ "tailscale0" ]; - }; - - services = { - factorio = { - enable = true; - game-name = "Blocks"; - description = "It's cityblocks"; - lan = true; - openFirewall = true; - saveName = "Blocks"; - admins = [ "eboskma" ]; - requireUserVerification = false; - extraSettingsFile = config.sops.secrets.factorio-config.path; - }; - }; - - systemd = { - services = { - factorio.serviceConfig = { - User = "factorio"; - }; - logrotate-checkconf.enable = false; - }; - - network = { - enable = true; - - wait-online.anyInterface = true; - - networks = { - "40-eth0" = { - matchConfig = { - Name = "eth0"; - }; - - networkConfig = { - Address = "10.0.0.208/24"; - Gateway = "10.0.0.1"; - DNS = "10.0.0.206"; - DHCP = "no"; - }; - }; - }; - }; - }; - - security = { - sudo-rs = { - enable = true; - execWheelOnly = true; - wheelNeedsPassword = false; - }; - sudo.enable = false; - }; - - sops.defaultSopsFile = ./secrets.yaml; - sops.secrets = { - factorio-config = { - owner = "factorio"; - group = "factorio"; - }; - }; - - system.stateVersion = "24.11"; -} diff --git a/machines/factorio/secrets.yaml b/machines/factorio/secrets.yaml deleted file mode 100644 index e75618a..0000000 --- a/machines/factorio/secrets.yaml +++ /dev/null @@ -1,39 +0,0 @@ -factorio-config: ENC[AES256_GCM,data:Nso4QXpdmTL7jzWYJfv4TwZ68VQ8GflOpiuQx2t9kWEgeAQ1Ajq7TlG61gLKROKKGLt2FOok9tJb63Hm+HPiIyI=,iv:eMjhMhJ7kkxfJyZ0PIA72tygOFFamKneHHm5Ee+xYjs=,tag:flOiObW4RZ1ZTv/3TrWszw==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1h7ddyj66gcqt5vnzphjfn6y5tul79q0glcdl0et9w44z2evl999qe02wht - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBic2p1NFBXZTJra09NQjY5 - YzcrTnY1dzl1eFJuYWZVMHUwWS9wSVc0Q0RRCkdnSFJnS3lIUWVJd2s2R0hqRzlE - dW9VSVhTZFE5a2taWVdxMzE5RlBsd3cKLS0tIDJSTTY3eTA0R2RyOEpsV0dGYndR - WEhLMEZiWEFSTDJEbU9CbU5jbU9DeVUK4hJHJz3m/lqDkW/MK/4yMoMfp0LPpmmL - S48qlzHsBP0NxbBkR6cxYgd/cI6ppVCgOkQWBAyV1wiAqyNPKAgO+g== - -----END AGE ENCRYPTED FILE----- - - recipient: age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBld09PSlFjbnpkT2tqaVI4 - R0RPUlk4bUdjR2lENHdVOHhJV2lWamFnTlVrCnBYSE1tRnZKb0dhMzViUCtIOVVO - QjFZMlVFV04vY0JiQ0E2K21LTGdIYU0KLS0tIGYrUzd2VXN5NFBMWmljN2pnWml4 - T1pqb1dtdlAzdmNLNDBjUGFHajVCdmsKmwiA1FuwfiPG2YLUQHhFDITahl6jcwz9 - CBKRPArsDXqRFQgG3DTievvPS7VmfXbyhHYyUHa5Soarr1PFYBqQ8Q== - -----END AGE ENCRYPTED FILE----- - - recipient: age1j3456p2yhs82wcxp33r8nr7zc70shuusqnpyfxe6992w28rg5ywq83es27 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwQUxyZkFoWjJaQ0g2ZSs3 - SU1Qd1c3MFp5S0piM244MTFiM0ppVWp4YjB3CkplNVp3ZUFSQ2xobnZYYkEwMS8x - NmtHMkNHQmxTTytNVXFvSzM4NWp2eWMKLS0tIGovL3pGV253QWQxdGRIKy9KdlpC - K041NXVyYjZabGQzbG9HaExYRVJ3VEkKM1pL72IU2thhKg/irj7t1m5gx3078DD7 - HmyWa6+/A25fsWBHuHktUBMlOy5Jw+4ViysSNyzLMJegYRKBJAVpQQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-12T19:30:54Z" - mac: ENC[AES256_GCM,data:PQ7b7fTauWCmI9TOujBDT4RO6WyPsBOEKL9AAYh06Xoczb4n9b1n/jMX5JN4vx4ZKq7CanlA0D9SzF5CwkoYYQPwD/R5Zg3ln14i6uQ85z5zmoizxwHrhqAJyRUniYKFqZQvQ8XelcXEbteZ32EejeTaM3TMALivFDMgSBHc+To=,iv:xQKfg9mCXjee1AetwSk17r9Uchpgy62p3Zk19COgyOw=,tag:0tqAmzUZ5dRwgI/nMRvWYA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.1