hosts/hazel: decommission

2026-03-15 19:48:08 +11:00 · 2026-03-15 19:48:08 +11:00 · f84e8c1013
commit f84e8c1013
parent 5c55793134
6 changed files with 0 additions and 174 deletions
--- a/flake.nix
+++ b/flake.nix
@ -76,7 +76,6 @@
    {
      nixosConfigurations."anemone" = mkSystem nixpkgs "anemone" "x86_64-linux" [];
      nixosConfigurations."dandelion" = mkSystem nixpkgs "dandelion" "aarch64-linux" [];
-      nixosConfigurations."hazel" = mkSystem nixpkgs "hazel" "x86_64-linux" [];
      nixosConfigurations."hyacinth" = mkSystem nixpkgs "hyacinth" "x86_64-linux" [];

      packages."x86_64-linux" =
--- a/hosts/hazel/default.nix
+++ b/hosts/hazel/default.nix
@ -1,95 +0,0 @@
-{ config, modules, pkgs, ... }:
-let
-  dirs = [
-    ["immich" "immich"]
-    ["nextcloud" "nextcloud"]
-    ["postgresql" "postgres"]
-    ["redis-immich" "redis-immich"]
-  ];
-
-  rules = builtins.map (d: "d /flower/${builtins.elemAt d 0} 750 ${builtins.elemAt d 1} ${builtins.elemAt d 1}") dirs;
-  mounts = builtins.listToAttrs (builtins.map (d: {
-    name = "/var/lib/${builtins.elemAt d 0}";
-    value = {
-      depends = [ "/flower" ];
-      device = "/flower/${builtins.elemAt d 0}";
-      fsType = "none";
-      options = [ "bind" ];
-    };
-  }) dirs);
-in
-{
-  networking.hostName = "hazel";
-  system.stateVersion = "24.11";
-  time.timeZone = "Australia/Melbourne";
-
-  age.secrets = {
-    acme_dns.file = ../../secrets/acme_dns.age;
-    wg_hazel.file = ../../secrets/wg_hazel.age;
-  };
-
-  imports = with modules.system; with modules.services; [
-    home-manager-stable
-
-    base
-    kernel
-    nix-stable
-    packages
-    security
-
-    nginx
-    unbound
-    wireguard
-
-    ./filesystem.nix
-    ./kernel.nix
-    ./networking.nix
-
-    ../../users/hana
-  ];
-
-  me.environment = "headless";
-
-  services.nextcloud = {
-    enable = true;
-    package = pkgs.nextcloud31;
-    hostName = "cloud.lava.moe";
-    database.createLocally = true;
-    config = {
-      dbtype = "pgsql";
-      adminpassFile = "/persist/nextcloud-admin-pass";
-    };
-    https = true;
-  };
-
-  services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
-    forceSSL = true;
-    enableACME = true;
-  };
-
-  services.immich = {
-    enable = true;
-    port = 2283;
-  };
-
-  users.users.immich.extraGroups = [ "video" "render" ];
-  hardware.graphics.enable = true;
-  services.nginx.virtualHosts."photos.lava.moe" = {
-    enableACME = true;
-    forceSSL = true;
-    locations."/" = {
-      proxyPass = "http://[::1]:${toString config.services.immich.port}";
-      proxyWebsockets = true;
-      recommendedProxySettings = true;
-      extraConfig = ''
-        client_max_body_size 50000M;
-        proxy_read_timeout   600s;
-        proxy_send_timeout   600s;
-        send_timeout         600s;
-      '';
-    };
-  };
-
-  systemd.tmpfiles.rules = rules;
-  fileSystems = mounts;
-}
--- a/hosts/hazel/filesystem.nix
+++ b/hosts/hazel/filesystem.nix
@ -1,53 +0,0 @@
-{ ... }:
-let
-  mkLabelMount = label: type: options: {
-    device = "/dev/disk/by-label/${label}";
-    fsType = type;
-    options = [ "defaults" ] ++ options;
-  };
-  mkBtrfsMount = name: ext: subvol: atime: mkLabelMount name "btrfs"
-  ([
-    "autodefrag"
-    "compress=zstd:4"
-    "compress-force=zstd:4"
-    "defaults"
-    "nossd"
-    "space_cache=v2"
-    "subvol=${subvol}"
-    (if atime then "relatime" else "noatime")
-  ] ++ ext);
-
-  mkHazelMount = mkBtrfsMount "HAZEL" [];
-in
-{
-  boot.supportedFilesystems = [ "btrfs" ];
-  fileSystems = {
-    "/" = {
-      device = "rootfs";
-      fsType = "tmpfs";
-      options = [ "defaults" "mode=755" ];
-    };
-    "/boot" = mkLabelMount "ROOT" "vfat" [];
-
-    "/flower" = mkHazelMount "/current/flower" true;
-    "/persist" = mkHazelMount "/current/persist" true;
-    "/var" = mkHazelMount "/current/var" true;
-    "/nix" = mkHazelMount "/current/nix" false;
-
-    "/mnt" = mkHazelMount "/" true;
-  };
-
-  services.snapper.cleanupInterval = "1h";
-  services.snapper.configs.flower = {
-      FSTYPE = "btrfs";
-      SUBVOLUME = "/mnt/current/flower";
-      TIMELINE_CLEANUP = true;
-      TIMELINE_CREATE = true;
-      TIMELINE_MIN_AGE = "1800";
-      TIMELINE_LIMIT_HOURLY = "5";
-      TIMELINE_LIMIT_DAILY = "7";
-      TIMELINE_LIMIT_WEEKLY = "0";
-      TIMELINE_LIMIT_MONTHLY = "0";
-      TIMELINE_LIMIT_YEARLY = "0";
-    };
-}
--- a/hosts/hazel/fs-decrypt.nix
+++ b/hosts/hazel/fs-decrypt.nix
--- a/hosts/hazel/kernel.nix
+++ b/hosts/hazel/kernel.nix
@ -1,10 +0,0 @@
-{ ... }: {
-  boot = {
-    loader = {
-      efi.canTouchEfiVariables = true;
-      systemd-boot.enable = true;
-    };
-    initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
-    kernelModules = [ "kvm-amd" ];
-  };
-}
--- a/hosts/hazel/networking.nix
+++ b/hosts/hazel/networking.nix
@ -1,15 +0,0 @@
-{ gcSecrets, ... }: {
-  networking = {
-    useDHCP = true;
-    interfaces.enp8s0.ipv6.addresses = [
-      {
-        address = gcSecrets.hazel.ipv6Addr;
-        prefixLength = 64;
-      }
-    ];
-    defaultGateway6 = {
-      address = "fe80::1";
-      interface = "enp8s0";
-    };
-  };
-}