ctucx.git: nixfiles

ctucx' nixfiles

commit f7c333436aee8fe3e8a64819f6c1ac6711b0a680
parent 496d5bfa8e9eeffe2a0e3c913af01864108376b1
Author: Leah (ctucx) <git@ctu.cx>
Date: Thu, 15 Feb 2024 16:01:59 +0100

machines/trabbi/websites: remove `flauschehorn.sexy`

2 files changed, 0 insertions(+), 76 deletions(-)
M
machines/trabbi/websites/default.nix
|
1
-
D
machines/trabbi/websites/flauschehorn.sexy.nix
|
75
---------------------------------------------------------------------------
diff --git a/machines/trabbi/websites/default.nix b/machines/trabbi/websites/default.nix
@@ -3,7 +3,6 @@
 {
 
   imports = [
-    ./flauschehorn.sexy.nix
     ./wifionic.de.nix
     ./ctu.cx.nix
     ./bikemap.ctu.cx.nix

diff --git a/machines/trabbi/websites/flauschehorn.sexy.nix b/machines/trabbi/websites/flauschehorn.sexy.nix
@@ -1,75 +0,0 @@
-{ pkgs, config, lib, ...}:
-
-{
-
-  dns.zones."flauschehorn.sexy" = (pkgs.dns.lib.combinators.host config.networking.primaryIP4 config.networking.primaryIP);
-
-  users = {
-    users."flauschehorn" = {
-      home = "/var/lib/flauschehorn";
-      group = "flauschehorn";
-      isSystemUser = true;
-    };
-    groups."flauschehorn" = {};
-  };
-
-  systemd = {
-    services.flauschehorn-fetcher = {
-      startAt     = "*-*-* 3:00:00";
-      after       = [ "network-online.target" ];
-      environment = {
-        DB_PATH = "hornpostings.db";
-      };
-      serviceConfig = {
-        Type = "oneshot";
-
-        ExecStart = "${pkgs.flauschehorn-sexy}/bin/mastofetch";
-
-        User  = "flauschehorn";
-        Group = "flauschehorn";
-
-        WorkingDirectory        = "~";
-        StateDirectory          = "flauschehorn";
-        StateDirectoryMode      = "755";
-
-        NoNewPrivileges         = true;
-        PrivateTmp              = true;
-        PrivateDevices          = true;
-
-        RestrictAddressFamilies = "AF_INET AF_INET6";
-        RestrictNamespaces      = true;
-        RestrictRealtime        = true;
-
-        ProtectSystem           = "full";
-        ProtectControlGroups    = true;
-        ProtectKernelModules    = true;
-        ProtectKernelTunables   = true;
-
-        DevicePolicy            = "closed";
-        LockPersonality         = true;
-      };
-    };
-  };
-
-  services = {
-    fcgiwrap.enable = true;
-    nginx = {
-      enable = true;
-      virtualHosts."flauschehorn.sexy" = {
-        enableACME = true;
-        forceSSL   = true;
-        kTLS       = true;
-        locations  = {
-          "/".extraConfig = ''
-            include "${pkgs.nginx}/conf/fastcgi_params";
-            fastcgi_param SCRIPT_FILENAME "${pkgs.flauschehorn-sexy}/bin/website";
-            fastcgi_param DB_PATH         "/var/lib/flauschehorn/hornpostings.db";
-            fastcgi_param QUERY_STRING    $args;
-            fastcgi_pass  unix:${config.services.fcgiwrap.socketAddress};
-          '';
-        };
-      };
-    };
-  };
-
-}