Reorganize and comment some of the nix code

11 files changed, 44 insertions, 49 deletions

diff --git a/Com/Simatime/chat.nix b/Com/Simatime/Cloud/chat.nix
index e23b73e..e23b73e 100644
--- a/Com/Simatime/chat.nix
+++ b/Com/Simatime/Cloud/chat.nix
diff --git a/Com/Simatime/git.nix b/Com/Simatime/Cloud/git.nix
index 51e46b6..4cdaa28 100644
--- a/Com/Simatime/git.nix
+++ b/Com/Simatime/Cloud/git.nix
@@ -12,7 +12,7 @@
       extraGitoliteRc = ''
         $RC{SITE_INFO} = 'a computer is a bicycle for the mind.';
       '';
-      adminPubkey = builtins.readFile ./keys/ben.pub;
+      adminPubkey = builtins.readFile ../keys/ben.pub;
     };
   };
 }
diff --git a/Com/Simatime/hardware.nix b/Com/Simatime/Cloud/hardware.nix
index 8c88cb7..8c88cb7 100644
--- a/Com/Simatime/hardware.nix
+++ b/Com/Simatime/Cloud/hardware.nix
diff --git a/Com/Simatime/mail.nix b/Com/Simatime/Cloud/mail.nix
index 81bddc2..81bddc2 100644
--- a/Com/Simatime/mail.nix
+++ b/Com/Simatime/Cloud/mail.nix
diff --git a/Com/Simatime/networking.nix b/Com/Simatime/Cloud/networking.nix
index 60d8ebf..0df42e3 100644
--- a/Com/Simatime/networking.nix
+++ b/Com/Simatime/Cloud/networking.nix
@@ -2,8 +2,7 @@
 
 {
   networking = {
-    hostName = "simatime";
-    domain = "simatime.com";
+
     firewall = {
       allowedTCPPorts = [ 22 80 443 ];
       allowPing = true;
diff --git a/Com/Simatime/web.nix b/Com/Simatime/Cloud/web.nix
index 22d7199..22d7199 100644
--- a/Com/Simatime/web.nix
+++ b/Com/Simatime/Cloud/web.nix
diff --git a/Com/Simatime/znc.nix b/Com/Simatime/Cloud/znc.nix
index 9b1a28d..9b1a28d 100644
--- a/Com/Simatime/znc.nix
+++ b/Com/Simatime/Cloud/znc.nix
diff --git a/Com/Simatime/dev/configuration.nix b/Com/Simatime/Dev/configuration.nix
index 3b69f6f..1322de7 100644
--- a/Com/Simatime/dev/configuration.nix
+++ b/Com/Simatime/Dev/configuration.nix
@@ -2,28 +2,28 @@
 
 let
   murmurPort = 64738;
+  torrents = { from = 6000; to = 6999; }
 in {
   networking = {
-    hostName = "lithium";
     hosts = {
       "::1" = [ "localhost" "ipv6-localhost" "ipv6-loopback" ];
     };
 
     firewall = {
       allowedTCPPorts = [
-        22 8000 8443 443 8080 8081 # std
+        22 8000 8443 443 8080 8081 # standard ports
         500 10000 # no idea
-        8096 # emby
+        8096 # emby/jellyfin
         8112 # deluge
         murmurPort
       ];
       allowedTCPPortRanges = [
         { from = 3000; to = 3100; } # dev stuff
-        { from = 6000; to = 6999; } # torrents
+        torrents
       ];
       allowedUDPPorts = [ murmurPort ];
       allowedUDPPortRanges = [
-        { from = 6000; to = 6999; } # torrents
+        torrents
       ];
       checkReversePath = false;
     };
@@ -97,9 +97,6 @@ in {
     };
   };
 
-  # https://github.com/NixOS/nixpkgs/issues/53985
-  systemd.services.gitlab-runner.path = ["/run/wrappers"];
-
   services = {
     pcscd.enable = true;
     logind = {
@@ -107,15 +104,6 @@ in {
       extraConfig = "IdleAction=ignore";
     };
 
-    # runner for hero ci
-    gitlab-runner = {
-      packages = [ pkgs.bash pkgs.git pkgs.python3 ];
-      enable = true;
-      gracefulTimeout = "2min";
-      gracefulTermination = true;
-      configFile = "/home/ben/gitlab-runner.toml";
-    };
-
     deluge = {
       enable = true;
       openFilesLimit = 10240;
diff --git a/Com/Simatime/dev/hardware.nix b/Com/Simatime/Dev/hardware.nix
index fc0e7a0..fc0e7a0 100644
--- a/Com/Simatime/dev/hardware.nix
+++ b/Com/Simatime/Dev/hardware.nix
diff --git a/Com/Simatime/buildOS.nix b/Com/Simatime/buildOS.nix
index 52aa51a..b2fc928 100644
--- a/Com/Simatime/buildOS.nix
+++ b/Com/Simatime/buildOS.nix
@@ -29,6 +29,8 @@ let
     nix.optimise.automatic = true;
     nix.optimise.dates = [ "Sunday 02:30" ];
     nixpkgs.overlays = [ bizpkgs ];
+    programs.mosh.enable = true;
+    programs.mosh.withUtempter = true;
     security.acme.email = "ben@bsima.me";
     security.acme.acceptTerms = true;
     security.sudo.wheelNeedsPassword = false;
@@ -44,9 +46,6 @@ let
     #services.tinc.networks.simatime-vpn.interfaceType = "tap";
     #services.tinc.networks.simatime-vpn.hosts = import ./vpnHosts.nix;
     system.autoUpgrade.enable = false; # 'true' breaks our nixpkgs pin
-    users.motd = "\n\n\twelcome to the simatime network\n\n\n";
-    users.users =  import ./users.nix;
-    users.mutableUsers = false;
   };
   os = nixos {
     system = "x86_64-linux";
diff --git a/Com/Simatime/users.nix b/Com/Simatime/users.nix
index c951c8e..ea2ef74 100644
--- a/Com/Simatime/users.nix
+++ b/Com/Simatime/users.nix
@@ -1,28 +1,37 @@
-{ #
-  # bots
-  #
-  deploy = {
-    isNormalUser = true;
-    home = "/home/deploy";
-    openssh.authorizedKeys.keyFiles = [ ./keys/deploy.pub ];
-    extraGroups = [ "wheel" ];
-  };
-  #
-  # humans
-  #
-  root.openssh.authorizedKeys.keyFiles = [ ./keys/ben.pub ];
-  ben = {
-    description = "Ben Sima";
-    isNormalUser = true;
-    home = "/home/ben";
-    openssh.authorizedKeys.keyFiles = [ ./keys/ben.pub ];
-    extraGroups = [ "wheel" "networkmanager" "docker" ];
-  };
-  nick = {
-    description = "Nick Sima";
-    isNormalUser = true;
-    home = "/home/nick";
-    openssh.authorizedKeys.keyFiles = [ ./keys/nick.pub ];
-    extraGroups = [ "docker" ];
+{ config, ... }:
+
+{
+  users.motd = '''
+    welcome to the simatime network
+    ${config.networking.hostName}
+  '';
+  users.mutableUsers = false;
+  users.users = { #
+    # bots
+    #
+    deploy = {
+      isNormalUser = true;
+      home = "/home/deploy";
+      openssh.authorizedKeys.keyFiles = [ ./keys/deploy.pub ];
+      extraGroups = [ "wheel" ];
+    };
+    #
+    # humans
+    #
+    root.openssh.authorizedKeys.keyFiles = [ ./keys/ben.pub ];
+    ben = {
+      description = "Ben Sima";
+      isNormalUser = true;
+      home = "/home/ben";
+      openssh.authorizedKeys.keyFiles = [ ./keys/ben.pub ];
+      extraGroups = [ "wheel" "networkmanager" "docker" ];
+    };
+    nick = {
+      description = "Nick Sima";
+      isNormalUser = true;
+      home = "/home/nick";
+      openssh.authorizedKeys.keyFiles = [ ./keys/nick.pub ];
+      extraGroups = [ "docker" ];
+    };
   };
 }