Cleanup

2025-06-18 09:27:31 +02:00 · 2025-06-18 09:27:31 +02:00 · 8754f0d1a0
commit 8754f0d1a0
parent 1fc6e03c2c
7 changed files with 2 additions and 155 deletions
--- a/flake.nix
+++ b/flake.nix
@ -15,18 +15,14 @@
  };

  outputs = inputs @ {
-    self,
    nixpkgs,
-    home-manager,
    agenix,
    crowdsec,
    ...
  }: let
    system = "x86_64-linux";
-    username = "tbarnouin";
    proxy_host = "192.168.1.40";
    pgsql_host = "192.168.1.13";
-    pkgs = import nixpkgs {inherit system;};
  in {
    nixosConfigurations = {
      nginx = nixpkgs.lib.nixosSystem {
@ -155,23 +151,6 @@
          }
        ];
      };
-      nixarr = nixpkgs.lib.nixosSystem {
-        inherit system;
-        specialArgs = {inherit inputs;};
-        modules = [
-          agenix.nixosModules.default
-          crowdsec.nixosModules.crowdsec-firewall-bouncer
-          "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix"
-          "${inputs.self}/systems/minimalVMConfig.nix"
-          "${inputs.self}/services"
-          "${inputs.self}/modules"
-          {
-            services.vm_nixarr = {
-              enable = true;
-            };
-          }
-        ];
-      };
      arr-box = nixpkgs.lib.nixosSystem {
        inherit system;
        specialArgs = {inherit inputs;};
--- a/modules/default.nix
+++ b/modules/default.nix
@ -1,4 +1,4 @@
-{inputs, ...}: {
+{...}: {
  imports = [
    ./crowdsec.nix
  ];
--- a/packages/cs-firewall-bouncer/default.nix
+++ b/packages/cs-firewall-bouncer/default.nix
@ -1,28 +0,0 @@
-{
-  lib,
-  buildGoModule,
-  fetchFromGitHub,
-}:
-buildGoModule rec {
-  pname = "cs-firewall-bouncer";
-  version = "0.0.31";
-
-  src = fetchFromGitHub {
-    owner = "crowdsecurity";
-    repo = pname;
-    rev = "v${version}";
-    hash = "sha256-59MWll8v00CF4WA53gjHZSTFc8hpYaHENg9O7LgTCrA=";
-  };
-
-  vendorHash = "sha256-7Jxvg8UEjUxnIz1llvXyI2AefJ31OVdNzhWD/C8wU/Y=";
-
-  meta = with lib; {
-    homepage = "https://crowdsec.net/";
-    changelog = "https://github.com/crowdsecurity/${pname}/releases/tag/v${version}";
-    description = "Crowdsec bouncer for firewalls.";
-    longDescription = ''
-      crowdsec-firewall-bouncer will fetch new and old decisions from a CrowdSec API to add them in a blocklist used by supported firewalls.
-    '';
-    license = licenses.mit;
-  };
-}
--- a/services/default.nix
+++ b/services/default.nix
@ -1,4 +1,4 @@
-{inputs, ...}: {
+{...}: {
  imports = [
    ./nginx
    ./forgejo
--- a/services/jellyfin-nvidia/default.nix
+++ b/services/jellyfin-nvidia/default.nix
@ -1,57 +0,0 @@
-{
-  lib,
-  config,
-  pkgs,
-  ...
-}: let
-  cfg = config.services.vm_jellyfin_nvidia;
-in {
-  options.services.vm_jellyfin_nvidia = {
-    enable = lib.mkEnableOption "Enable minimal config";
-  };
-  config = lib.mkIf cfg.enable {
-    environment = {
-      systemPackages = with pkgs; [
-        nvtopPackages.nvidia
-      ];
-    };
-    # Nvidia Hardware Acceleration config
-    services.xserver.videoDrivers = ["nvidia"];
-    hardware = {
-      graphics = {
-        enable = true;
-        extraPackages = with pkgs; [cudaPackages.cudatoolkit];
-      };
-      nvidia = {
-        package = config.boot.kernelPackages.nvidiaPackages.latest;
-        nvidiaSettings = true;
-        modesetting.enable = true;
-        # Nvidia power management. Experimental, and can cause sleep/suspend to fail.
-        # Enable this if you have graphical corruption issues or application crashes after waking
-        # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
-        # of just the bare essentials.
-        powerManagement.enable = false;
-        powerManagement.finegrained = false;
-
-        # Use the NVidia open source kernel module
-        # Recommended by Nvidia for 20+ series GPU
-        open = true;
-      };
-    };
-    services = {
-      jellyfin = {
-        enable = true;
-        user = "tbarnouin";
-        openFirewall = true;
-      };
-    };
-    fileSystems."/mnt/media" = {
-      device = "192.168.1.125:/BIGDATA";
-      fsType = "nfs";
-      options = [
-        "x-systemd.automount"
-        "noauto"
-      ];
-    };
-  };
-}
--- a/services/netbox/default.nix
+++ b/services/netbox/default.nix
@ -1,44 +0,0 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}: let
-  cfg = config.services.vm_netbox;
-in {
-  options.services.vm_netbox = {
-    enable = lib.mkEnableOption "Enable minimal config";
-    pgsql_ip = lib.mkOption {
-      type = lib.types.str;
-      description = "Netbox database IP address";
-    };
-  };
-  config = lib.mkIf cfg.enable {
-    age.secrets.netbox-lapi-key = {
-      file = ../../secrets/netbox-lapi-key.age;
-      owner = "crowdsec";
-    };
-    services = {
-      crowdsec = {
-        settings.lapi.credentialsFile = "${config.age.secrets.netbox-lapi-key.path}";
-        localConfig = {
-          acquisitions = [
-            {
-              source = "journalctl";
-              journalctl_filter = ["_SYSTEMD_UNIT=netbox.service"];
-              labels = {
-                type = "syslog";
-              };
-            }
-          ];
-        };
-      };
-      netbox = {
-        enable = true;
-        package = pkgs.netbox_3_7;
-        port = 8001;
-      };
-    };
-    networking.firewall.allowedTCPPorts = [8001];
-  };
-}
--- a/systems/minimalMicrovmConfig.nix
+++ b/systems/minimalMicrovmConfig.nix
@ -2,9 +2,6 @@
  config,
  pkgs,
  lib,
-  inputs,
-  modulesPath,
-  microvm,
  ...
 }: let
  cfg = config.services.micro_vm;