move around work host config

author: Jasper Ras <jras@hostnet.nl> 2025-02-03 22:04:02 +0100
committer: Jasper Ras <jras@hostnet.nl> 2025-02-03 22:04:02 +0100
commit: 574da5b3416e2376c4ffe20a53ddb1dc2c02b6ce (patch)
tree: f52234097940d6e3b3018d777f6ecbd14384392a /hosts/work.nix
parent: fa83bdc5067417e3407241b17116a560c9d86b61 (diff)
1 files changed, 0 insertions, 152 deletions
diff --git a/hosts/work.nix b/hosts/work.nix
deleted file mode 100644
index 9256d09..0000000
--- a/hosts/work.nix
+++ /dev/null
@@ -1,152 +0,0 @@
-{ config, pkgs, inputs, ... }:
-{
-  imports = [ ./hardware-configuration/work.nix ];
-
-  age.secrets.ghostnet-cert.file = ../secrets/ghostnet-cert.age;
-  age.secrets.ghostnet-key.file = ../secrets/ghostnet-key.age;
-  age.secrets.ghostnet-ca.file = ../secrets/ghostnet-ca.age;
-  age.secrets.ghostnet-tls-auth.file = ../secrets/ghostnet-tls-auth.age;
-  age.secrets.ghostnet-auth-user-pass.file = ../secrets/ghostnet-auth-user-pass.age;
-
-  age.secrets.systems-cert.file = ../secrets/systems-cert.age;
-  age.secrets.systems-key.file = ../secrets/systems-key.age;
-  age.secrets.systems-ca.file = ../secrets/systems-ca.age;
-  age.secrets.systems-tls-auth.file = ../secrets/systems-tls-auth.age;
-
-  environment.systemPackages = with pkgs; [
-    slack
-    git-review
-    hexchat
-    apacheHttpd
-    moonlight-qt
-    brightnessctl
-    hugo
-    google-chrome
-  ];
-
-  hardware.bluetooth.enable = true;
-  hardware.bluetooth.powerOnBoot = true;
-
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking.hostName = "work";
-  networking.networkmanager.enable = true;
-  networking.networkmanager.dns = "systemd-resolved";
-  networking.nameservers = [ "1.1.1.1" ];
-  networking.firewall.allowedTCPPorts = [];
-
-  time.timeZone = "Europe/Amsterdam";
-
-  i18n.defaultLocale = "en_US.UTF-8";
-  i18n.extraLocaleSettings = {
-    LC_ADDRESS = "nl_NL.UTF-8";
-    LC_IDENTIFICATION = "nl_NL.UTF-8";
-    LC_MEASUREMENT = "nl_NL.UTF-8";
-    LC_MONETARY = "nl_NL.UTF-8";
-    LC_NAME = "nl_NL.UTF-8";
-    LC_NUMERIC = "nl_NL.UTF-8";
-    LC_PAPER = "nl_NL.UTF-8";
-    LC_TELEPHONE = "nl_NL.UTF-8";
-    LC_TIME = "nl_NL.UTF-8";
-  };
-
-  services.libinput.mouse.accelProfile = "flat";
-  services.libinput.mouse.accelSpeed = "-5";
-  services.upower.enable = true;
-  services.openssh.enable = true;
-  services.openvpn.servers = {
-    ghostnet = {
-      config = ''
-        client
-        remote 185.57.9.6 1194
-        cert ${config.age.secrets.ghostnet-cert.path}
-        key ${config.age.secrets.ghostnet-key.path}
-        ca ${config.age.secrets.ghostnet-ca.path}
-        auth-user-pass ${config.age.secrets.ghostnet-auth-user-pass.path}
-        reneg-sec 0
-        cipher AES-256-CBC
-        comp-lzo adaptive
-        dev tun
-        proto udp
-        remote-cert-tls server
-        tls-auth ${config.age.secrets.ghostnet-tls-auth.path} 1
-        nobind
-        auth-nocache
-        script-security 2
-        persist-key
-        persist-tun
-        user nm-openvpn
-        group nm-openvpn
-      '';
-      updateResolvConf = false;
-      autoStart = false;
-    };
-    systems = {
-      config = ''
-        client
-        remote 'vpn-v2.one.com'
-        cert '${config.age.secrets.systems-cert.path}'
-        key '${config.age.secrets.systems-key.path}'
-        ca '${config.age.secrets.systems-ca.path}'
-        cipher AES-128-CBC
-        comp-lzo adaptive
-        dev tun
-        proto udp
-        port 1200
-        remote-cert-tls server
-        tls-auth '${config.age.secrets.systems-tls-auth.path}' 1
-        nobind
-        auth-nocache
-        script-security 2
-        persist-key
-        persist-tun
-        user nm-openvpn
-        group nm-openvpn
-      '';
-      updateResolvConf = false;
-      autoStart = false;
-    };
-  };
-
-  programs.update-systemd-resolved.servers = {
-    ghostnet = {
-      includeAutomatically = true;
-      settings = {
-        routeOnlyDomains = [ "hostnetbv.nl." ];
-        defaultRoute = false;
-        multicastDNS = "no";
-        dnsOverTLS = "opportunistic";
-        dnssec = "no";
-      };
-    };
-  };
-
-  services.resolved = {
-    enable = true;
-    dnssec = "true";
-    domains = [ "~." ];
-    fallbackDns = [ "1.1.1.1" ];
-    dnsovertls = "opportunistic";
-    llmnr = "true";
-  };
-
-  services.xserver.xkb = {
-    layout = "us";
-    variant = "";
-  };
-
-  users.users.jras = {
-    isNormalUser = true;
-    description = "Jasper Ras";
-    extraGroups = [ "networkmanager" "wheel" "docker" ];
-    packages = with pkgs; [ git ];
-  };
-
-  home-manager.useGlobalPkgs = true;
-  home-manager.useUserPackages = true;
-  home-manager.users.jras = import ../home-manager/entrypoints/work.nix;
-  home-manager.extraSpecialArgs = { inherit inputs; monitor-names = ["eDP-1" "HDMI-A-1" "DP-10"]; };
-
-  system.stateVersion = "24.05"; # Do NOT change before reading configuration.nix
-}
author	Jasper Ras <jras@hostnet.nl>	2025-02-03 22:04:02 +0100
committer	Jasper Ras <jras@hostnet.nl>	2025-02-03 22:04:02 +0100
commit	574da5b3416e2376c4ffe20a53ddb1dc2c02b6ce (patch)
tree	f52234097940d6e3b3018d777f6ecbd14384392a /hosts/work.nix
parent	fa83bdc5067417e3407241b17116a560c9d86b61 (diff)