stash

author: andromeda <andromeda@lenovo> 2026-01-06 14:52:34 +0100
committer: andromeda <andromeda@lenovo> 2026-01-06 14:52:34 +0100
commit: c9a5c521dbc7785aa4a6c1f410e547202075c13b (patch)
tree: 4362c945c787bac5d7d1bb63d04d7281bfddf6c8 /machines
parent: 0a7e0c699e2f4fa07fb6dde0080da4eb3ac8f746 (diff)
3 files changed, 36 insertions, 105 deletions
diff --git a/machines/109-199-104-83.nix b/machines/109-199-104-83.nix
new file mode 100644
index 0000000..9b61ca4
--- /dev/null
+++ b/machines/109-199-104-83.nix
@@ -0,0 +1,35 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = [];
+  boot.extraModulePackages = [];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/159e6a69-b4e2-49c3-a6f0-5fcba0ea6a59";
+    fsType = "ext4";
+  };
+
+  fileSystems."/efi" = {
+    device = "systemd-1";
+    fsType = "autofs";
+  };
+
+  swapDevices = [];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+
+  system.stateVersion = "25.11";
+}
diff --git a/machines/109-199-104-83/configuration.nix b/machines/109-199-104-83/configuration.nix
deleted file mode 100644
index a7371c2..0000000
--- a/machines/109-199-104-83/configuration.nix
+++ /dev/null
@@ -1,105 +0,0 @@
-{
-  config,
-  modulesPath,
-  machine,
-  ...
-}: {
-  # zulip config
-  services.zulip = {
-    enable = true;
-    host = "chat.${config.networking.domain}";
-    camoKeyFile = builtins.toFile "camoKeyFile" "key";
-    rabbitmqPasswordFile = builtins.toFile "rabbitmqPasswordFile" "password";
-    secretKeyFile = builtins.toFile "secretKeyFile" "secret key";
-    sharedSecretKeyFile = builtins.toFile "sharedSecretKeyFile" "shared secret key";
-    avatarSaltKeyFile = builtins.toFile "avatarSaltKeyFile" "avatar salt key";
-    zulipSettings = {
-      EXTERNAL_HOST = "EXTERNAL_HOST";
-      ZULIP_ADMINISTRATOR = "ZULIP_ADMINISTRATOR";
-    };
-  };
-
-  # roundcube config
-  services.roundcube = {
-    enable = true;
-    hostName = "webmail.${config.networking.domain}";
-    extraConfig = ''
-      $config['imap_host'] = "ssl://${config.mailserver.fqdn}";
-      $config['smtp_host'] = "ssl://${config.mailserver.fqdn}";
-      $config['smtp_user'] = "%u";
-      $config['smtp_pass'] = "%p";
-    '';
-  };
-
-  # mailserver config
-  mailserver = {
-    enable = true;
-    stateVersion = 3;
-    fqdn = "mail.${config.networking.domain}";
-    domains = ["${config.networking.domain}"];
-    x509.useACMEHost = config.mailserver.fqdn;
-    loginAccounts = {
-      "test@${config.networking.domain}" = {
-        hashedPasswordFile = builtins.toString config.age.secrets.mailserver-acc-test-pw.path;
-      };
-    };
-  };
-
-  # cert config
-  security.acme = {
-    acceptTerms = true;
-    defaults.email = "mtgmonket@gmail.com";
-  };
-  services.nginx = {
-    enable = true;
-    virtualHosts."mail.${config.networking.domain}" = {
-      forceSSL = true;
-      enableACME = true;
-    };
-  };
-
-  # system config
-  system.stateVersion = "25.11";
-  nix.settings.experimental-features = ["flakes" "nix-command"];
-  imports = [(modulesPath + "/profiles/qemu-guest.nix")];
-  fileSystems."/" = {
-    device = "/dev/sda1";
-    fsType = "ext4";
-  };
-  boot.loader.grub.device = "/dev/sda";
-  boot.loader.timeout = 30;
-  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"];
-  boot.initrd.kernelModules = ["nvme"];
-  boot.tmp.cleanOnBoot = true;
-  zramSwap.enable = true;
-  networking = {
-    useNetworkd = true;
-    usePredictableInterfaceNames = true;
-    hostName = machine.hostname;
-    domain = "galaxious.de";
-    firewall = {
-      enable = true;
-      allowedTCPPorts = [80 443];
-      allowedUDPPorts = [80 443];
-    };
-  };
-  systemd.network = {
-    enable = true;
-    networks."40-wan" = {
-      matchConfig.Name = "enx0050565f4fff";
-      address = ["2a02:c207:2299:8419::1/64" "109.199.104.83/20"];
-      routes = [
-        {
-          Gateway = "109.199.96.1";
-          GatewayOnLink = true;
-        }
-        {Gateway = "fe80::1";}
-      ];
-      dns = ["2620:fe::fe" "9.9.9.9"];
-    };
-  };
-  services.openssh.enable = true;
-  users.mutableUsers = false;
-  users.users.root.openssh.authorizedKeys.keys = [config.pub-keys.ssh.andromeda];
-  programs.noshell.enable = true;
-}
diff --git a/machines/lenovo/configuration.nix b/machines/lenovo/configuration.nix
index 152d136..05dd082 100644
--- a/machines/lenovo/configuration.nix
+++ b/machines/lenovo/configuration.nix
@@ -8,6 +8,7 @@
   imports = [
     ./impermanence.nix
     (modulesPath + "/installer/scan/not-detected.nix")
+    ../../modules/nixos/zulip.nix
   ];
   boot.loader = {
     efi.canTouchEfiVariables = true;
author	andromeda <andromeda@lenovo>	2026-01-06 14:52:34 +0100
committer	andromeda <andromeda@lenovo>	2026-01-06 14:52:34 +0100
commit	c9a5c521dbc7785aa4a6c1f410e547202075c13b (patch)
tree	4362c945c787bac5d7d1bb63d04d7281bfddf6c8 /machines
parent	0a7e0c699e2f4fa07fb6dde0080da4eb3ac8f746 (diff)