tree-wide: better separate/name some things

author: seth <[email protected]> 2024-02-04 16:40:38 -0500
committer: seth <[email protected]> 2024-02-04 16:41:47 -0500
commit: 5f848623dff7cbcd21911032e5fd4c77bcf7d413 (patch)
tree: 7462ae7abec5beee71443702b330e3eeca1a407f /terranix
parent: 371235663a4e8d783dfc4294bb0b10cd3206c9c6 (diff)
13 files changed, 0 insertions, 288 deletions
diff --git a/terranix/cloud.nix b/terranix/cloud.nix
deleted file mode 100644
index 5ee0113..0000000
--- a/terranix/cloud.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-  terraform.cloud = {
-    hostname = "app.terraform.io";
-    organization = "getchoo";
-    workspaces.name = "flake";
-  };
-}
diff --git a/terranix/cloudflare/default.nix b/terranix/cloudflare/default.nix
deleted file mode 100644
index 80e8e39..0000000
--- a/terranix/cloudflare/default.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{lib, ...}: {
-  imports = [
-    ./dns.nix
-    ./ruleset.nix
-    ./tunnels.nix
-  ];
-
-  resource = {
-    cloudflare_url_normalization_settings.incoming = {
-      scope = "incoming";
-      type = "cloudflare";
-      zone_id = lib.tfRef "var.zone_id";
-    };
-
-    cloudflare_bot_management.bots = {
-      enable_js = false;
-      fight_mode = false;
-      zone_id = lib.tfRef "var.zone_id";
-    };
-  };
-}
diff --git a/terranix/cloudflare/dns.nix b/terranix/cloudflare/dns.nix
deleted file mode 100644
index 9618019..0000000
--- a/terranix/cloudflare/dns.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-{lib, ...}: let
-  mkRecord = name: {
-    value,
-    type,
-    ...
-  } @ args:
-    {
-      name = args.name or name;
-      zone_id = lib.tfRef "var.zone_id";
-      ttl = 1;
-      inherit value type;
-    }
-    // lib.optionalAttrs (type != "TXT") {proxied = true;};
-
-  atlas_tunnel = lib.tfRef "data.cloudflare_tunnel.atlas-nginx.id" + ".cfargotunnel.com";
-in {
-  resource.cloudflare_record = builtins.mapAttrs mkRecord {
-    website = {
-      name = "@";
-      value = "website-86j.pages.dev";
-      type = "CNAME";
-    };
-
-    www = {
-      value = "mydadleft.me";
-      type = "CNAME";
-    };
-
-    api = {
-      value = "teawieapi.pages.dev";
-      type = "CNAME";
-    };
-
-    miniflux = {
-      value = atlas_tunnel;
-      type = "CNAME";
-    };
-
-    msix = {
-      value = atlas_tunnel;
-      type = "CNAME";
-    };
-
-    # prevent email spoofing
-
-    dmarc = {
-      name = "_dmarc";
-      value = "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s;";
-      type = "TXT";
-    };
-
-    domainkey = {
-      name = "*._domainkey";
-      value = "v=DKIM1; p=";
-      type = "TXT";
-    };
-
-    email = {
-      name = "mydadleft.me";
-      value = "v=spf1 -all";
-      type = "TXT";
-    };
-  };
-}
diff --git a/terranix/cloudflare/ruleset.nix b/terranix/cloudflare/ruleset.nix
deleted file mode 100644
index 1be98aa..0000000
--- a/terranix/cloudflare/ruleset.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-{lib, ...}: {
-  resource.cloudflare_ruleset = {
-    default = {
-      kind = "zone";
-      name = "default";
-      phase = "http_config_settings";
-      zone_id = lib.tfRef "var.zone_id";
-
-      rules = [
-        {
-          action = "set_config";
-          action_parameters = {
-            automatic_https_rewrites = true;
-            email_obfuscation = true;
-            opportunistic_encryption = false;
-          };
-          description = "base redirects";
-          enabled = true;
-          expression = "true";
-        }
-      ];
-    };
-
-    redirect = {
-      kind = "zone";
-      name = "default";
-      phase = "http_request_dynamic_redirect";
-      zone_id = lib.tfRef "var.zone_id";
-
-      rules = [
-        {
-          action = "redirect";
-          action_parameters = {
-            from_value = {
-              preserve_query_string = false;
-              status_code = 301;
-              target_url = {
-                value = "https://www.youtube.com/watch?v=RvVdFXOFcjw";
-              };
-            };
-          };
-          description = "funny";
-          enabled = true;
-          expression = "(http.request.uri.path eq \"/hacks\" and http.host eq \"mydadleft.me\")";
-        }
-        {
-          action = "redirect";
-          action_parameters = {
-            from_value = {
-              preserve_query_string = false;
-              status_code = 301;
-              target_url = {
-                value = "https://www.youtube.com/watch?v=RvVdFXOFcjw";
-              };
-            };
-          };
-          description = "onlyfriends";
-          enabled = true;
-          expression = "(http.request.uri.path eq \"/onlyfriends\" and http.host eq \"mydadleft.me\")";
-        }
-      ];
-    };
-  };
-}
diff --git a/terranix/cloudflare/tunnels.nix b/terranix/cloudflare/tunnels.nix
deleted file mode 100644
index bea9811..0000000
--- a/terranix/cloudflare/tunnels.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{lib, ...}: {
-  data.cloudflare_tunnel =
-    lib.genAttrs
-    [
-      "atlas-nginx"
-    ]
-    (name: {
-      inherit name;
-      account_id = lib.tfRef "var.account_id";
-    });
-}
diff --git a/terranix/default.nix b/terranix/default.nix
deleted file mode 100644
index b27e23d..0000000
--- a/terranix/default.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{inputs, ...}: {
-  perSystem = {pkgs, ...}: {
-    terranix = {
-      builder = inputs.terranix.lib.terranixConfiguration;
-
-      package = pkgs.opentofu.withPlugins (plugins: [
-        plugins.cloudflare
-        plugins.tailscale
-      ]);
-
-      modules = [
-        ./cloudflare
-        ./tailscale
-        ./cloud.nix
-        ./vars.nix
-        ./versions.nix
-      ];
-    };
-  };
-}
diff --git a/terranix/tailscale/acl.nix b/terranix/tailscale/acl.nix
deleted file mode 100644
index d27d3e1..0000000
--- a/terranix/tailscale/acl.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{lib, ...}: {
-  resource.tailscale_acl.default = {
-    acl = toString (builtins.toJSON {
-      tagOwners = let
-        me = ["getchoo@github"];
-        tags = map (name: "tag:${name}") ["server" "personal" "gha"];
-      in
-        lib.genAttrs tags (_: me);
-
-      acls = let
-        mkAcl = action: src: dst: {inherit action src dst;};
-      in [
-        (mkAcl "accept" ["tag:personal"] ["*:*"])
-        (mkAcl "accept" ["tag:server" "tag:gha"] ["tag:server:*"])
-      ];
-
-      ssh = let
-        mkSshAcl = action: src: dst: users: {inherit action src dst users;};
-      in [
-        (mkSshAcl "accept" ["tag:personal"] ["tag:server" "tag:personal"] ["autogroup:nonroot" "root"])
-        (mkSshAcl "accept" ["tag:gha"] ["tag:server"] ["root"])
-      ];
-    });
-  };
-}
diff --git a/terranix/tailscale/default.nix b/terranix/tailscale/default.nix
deleted file mode 100644
index 2225fd5..0000000
--- a/terranix/tailscale/default.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{lib, ...}: {
-  imports = [
-    ./acl.nix
-    ./devices.nix
-    ./dns.nix
-    ./tags.nix
-  ];
-
-  provider.tailscale = {
-    tailnet = lib.tfRef "var.tailnet";
-  };
-}
diff --git a/terranix/tailscale/devices.nix b/terranix/tailscale/devices.nix
deleted file mode 100644
index 44ee3f1..0000000
--- a/terranix/tailscale/devices.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{lib, ...}: {
-  data.tailscale_device = let
-    toDevices = devices:
-      lib.genAttrs devices (name: {
-        name = "${name}.tailc59d6.ts.net";
-        wait_for = "60s";
-      });
-  in
-    toDevices [
-      "atlas"
-      "caroline"
-      "glados"
-      "glados-wsl"
-      "glados-windows"
-      "iphone-14"
-    ];
-}
diff --git a/terranix/tailscale/dns.nix b/terranix/tailscale/dns.nix
deleted file mode 100644
index 320a24b..0000000
--- a/terranix/tailscale/dns.nix
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-  resource.tailscale_dns_preferences.default = {
-    magic_dns = true;
-  };
-}
diff --git a/terranix/tailscale/tags.nix b/terranix/tailscale/tags.nix
deleted file mode 100644
index a776756..0000000
--- a/terranix/tailscale/tags.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{lib, ...}: {
-  resource.tailscale_device_tags = let
-    getDeviceID = device: lib.tfRef "data.tailscale_device.${device}.id";
-    toTags = n: v: {device_id = getDeviceID n;} // v;
-
-    tags = lib.genAttrs ["server" "personal" "gha"] (n: ["tag:${n}"]);
-  in
-    builtins.mapAttrs toTags {
-      atlas.tags = tags.server;
-      caroline.tags = tags.personal;
-      glados.tags = tags.personal;
-      glados-wsl.tags = tags.personal;
-      glados-windows.tags = tags.personal;
-      iphone-14.tags = tags.personal;
-    };
-}
diff --git a/terranix/vars.nix b/terranix/vars.nix
deleted file mode 100644
index 2f640c2..0000000
--- a/terranix/vars.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-  variable = {
-    # cloudflare
-    zone_id.default = "53286ae07c44ed39e4b1249a2adb6d4d";
-    account_id.default = "44c47ae2d55db34c1bf2f378ea8202f1";
-    cf_domain.default = "mydadleft.me";
-
-    # tailscale
-    tailnet.default = "getchoo.github";
-  };
-}
diff --git a/terranix/versions.nix b/terranix/versions.nix
deleted file mode 100644
index 53bb5c6..0000000
--- a/terranix/versions.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{lib, ...}: {
-  terraform.required_providers = let
-    registry = "registry.terraform.io";
-
-    fmtSource = _: value:
-      lib.recursiveUpdate value {
-        source = "${registry}/${value.source}";
-      };
-  in
-    lib.mapAttrs fmtSource {
-      cloudflare.source = "cloudflare/cloudflare";
-
-      tailscale.source = "tailscale/tailscale";
-    };
-}
author	seth <[email protected]>	2024-02-04 16:40:38 -0500
committer	seth <[email protected]>	2024-02-04 16:41:47 -0500
commit	5f848623dff7cbcd21911032e5fd4c77bcf7d413 (patch)
tree	7462ae7abec5beee71443702b330e3eeca1a407f /terranix
parent	371235663a4e8d783dfc4294bb0b10cd3206c9c6 (diff)