diff options
Diffstat (limited to 'hosts')
24 files changed, 0 insertions, 1003 deletions
diff --git a/hosts/atlas/default.nix b/hosts/atlas/default.nix deleted file mode 100644 index 24cb139..0000000 --- a/hosts/atlas/default.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ - config, - pkgs, - ... -}: { - imports = [ - ./hardware-configuration.nix - ./miniflux.nix - ./nginx.nix - ]; - - _module.args.nixinate = { - host = "atlas"; - sshUser = "root"; - buildOn = "remote"; - substituteOnTarget = true; - hermetic = false; - }; - - boot = { - loader.systemd-boot.enable = true; - loader.efi.canTouchEfiVariables = true; - tmp.cleanOnBoot = true; - }; - - networking = { - domain = "mydadleft.me"; - hostName = "atlas"; - }; - - services = { - guzzle-api = { - enable = true; - domain = "api.${config.networking.domain}"; - nginx = { - enableACME = true; - acmeRoot = null; - addSSL = true; - }; - }; - }; - - users.users.atlas = { - isNormalUser = true; - shell = pkgs.bash; - passwordFile = config.age.secrets.userPassword.path; - }; - - zramSwap.enable = true; -} diff --git a/hosts/atlas/hardware-configuration.nix b/hosts/atlas/hardware-configuration.nix deleted file mode 100644 index 00c6cd8..0000000 --- a/hosts/atlas/hardware-configuration.nix +++ /dev/null @@ -1,29 +0,0 @@ -{modulesPath, ...}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot = { - extraModulePackages = []; - kernelModules = []; - - initrd = { - availableKernelModules = ["virtio_pci" "usbhid"]; - kernelModules = []; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/f0c84809-83f5-414b-a973-496d25d74c6d"; - fsType = "ext4"; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/A253-0826"; - fsType = "vfat"; - }; - }; - - swapDevices = []; -} diff --git a/hosts/atlas/miniflux.nix b/hosts/atlas/miniflux.nix deleted file mode 100644 index a7886e6..0000000 --- a/hosts/atlas/miniflux.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - self, - ... -}: { - config = { - age.secrets = { - miniflux.file = "${self}/secrets/hosts/${config.networking.hostName}/miniflux.age"; - }; - - services.miniflux = { - enable = true; - adminCredentialsFile = config.age.secrets.miniflux.path; - config = { - BASE_URL = "https://miniflux.${config.networking.domain}"; - LISTEN_ADDR = "localhost:7000"; - }; - }; - }; -} diff --git a/hosts/atlas/nginx.nix b/hosts/atlas/nginx.nix deleted file mode 100644 index cdf483d..0000000 --- a/hosts/atlas/nginx.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - self, - ... -}: let - inherit (config.networking) domain; - inherit (self.lib.utils.nginx) mkVHosts mkProxy; -in { - server = { - acme.enable = true; - services.cloudflared.enable = true; - }; - - services.nginx = { - enable = true; - - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - virtualHosts = mkVHosts { - "miniflux.${domain}" = { - locations = mkProxy "/" "7000"; - }; - - "msix.${domain}" = { - root = "/var/www/msix"; - }; - }; - }; -} diff --git a/hosts/caroline/default.nix b/hosts/caroline/default.nix deleted file mode 100644 index 43dc82f..0000000 --- a/hosts/caroline/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -_: { - desktop = { - homebrew.enable = true; - gpg.enable = true; - }; - - homebrew.casks = ["arc"]; - - networking = rec { - computerName = "caroline"; - hostName = computerName; - }; - - nix.settings.trusted-users = ["seth"]; - - services.tailscale.enable = true; -} diff --git a/hosts/default.nix b/hosts/default.nix deleted file mode 100644 index e9ef9ba..0000000 --- a/hosts/default.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - inputs, - self, - withSystem, - ... -}: { - flake = let - inherit (self.lib.configs) mapSystems; - profiles = import ./profiles.nix {inherit self inputs;}; - in { - darwinConfigurations = mapSystems { - caroline = { - system = "x86_64-darwin"; - profile = profiles.personal-darwin; - }; - }; - - nixosConfigurations = mapSystems { - glados = { - modules = with inputs; [ - lanzaboote.nixosModules.lanzaboote - ]; - profile = profiles.personal; - }; - - glados-wsl = { - modules = [inputs.nixos-wsl.nixosModules.wsl]; - profile = profiles.personal; - }; - - atlas = { - modules = [inputs.guzzle_api.nixosModules.default]; - system = "aarch64-linux"; - profile = profiles.server; - }; - }; - - openwrtConfigurations.turret = withSystem "x86_64-linux" ({pkgs, ...}: - pkgs.callPackage ./turret { - inherit (inputs) openwrt-imagebuilder; - }); - }; - - perSystem = {system, ...}: { - apps = (inputs.nixinate.nixinate.${system} self).nixinate; - }; -} diff --git a/hosts/glados-wsl/default.nix b/hosts/glados-wsl/default.nix deleted file mode 100644 index 98b57ed..0000000 --- a/hosts/glados-wsl/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ - modulesPath, - pkgs, - ... -}: { - imports = [ - (modulesPath + "/profiles/minimal.nix") - ../../modules/nixos/features/tailscale.nix - ]; - - environment.systemPackages = with pkgs; [ - wslu - ]; - - base.networking.enable = false; - features.tailscale.enable = true; - - wsl = { - enable = true; - defaultUser = "seth"; - nativeSystemd = true; - wslConf.network = { - hostname = "glados-wsl"; - generateResolvConf = true; - }; - startMenuLaunchers = false; - interop.includePath = false; - }; - - services.dbus.apparmor = "disabled"; - - networking.hostName = "glados-wsl"; - - security = { - apparmor.enable = false; - audit.enable = false; - auditd.enable = false; - }; -} diff --git a/hosts/glados/boot.nix b/hosts/glados/boot.nix deleted file mode 100644 index 4a9af4e..0000000 --- a/hosts/glados/boot.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - environment.systemPackages = with pkgs; [ - sbctl - tpm2-tss - ]; - - boot = { - initrd.systemd.enable = true; - kernelPackages = pkgs.linuxPackages_latest; - - bootspec.enable = true; - loader.systemd-boot.enable = lib.mkForce false; - - lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; - }; - - supportedFilesystems = ["btrfs" "ntfs"]; - }; -} diff --git a/hosts/glados/default.nix b/hosts/glados/default.nix deleted file mode 100644 index de2c1d5..0000000 --- a/hosts/glados/default.nix +++ /dev/null @@ -1,61 +0,0 @@ -{lib, ...}: { - imports = [ - ./boot.nix - ./hardware-configuration.nix - ../../modules/nixos/features/tailscale.nix - ../../modules/nixos/features/virtualisation.nix - ]; - - boot = { - kernelParams = ["amd_pstate=active"]; - kernel.sysctl = { - "vm.swappiness" = 100; - "vm.vfs_cache_pressure" = 500; - "vm.dirty_background_ratio" = 1; - "vm.dirty_ratio" = 50; - }; - }; - - desktop.gnome.enable = true; - - features = { - tailscale.enable = true; - virtualisation.enable = true; - }; - - hardware = { - nvidia.enable = true; - ssd.enable = true; - }; - - networking.hostName = "glados"; - - security.tpm2 = { - enable = true; - abrmd.enable = true; - }; - - services = { - flatpak.enable = true; - fwupd.enable = true; - }; - - systemd = { - services."prepare-kexec".wantedBy = ["multi-user.target"]; - tmpfiles.rules = let - nproc = 12; - in - builtins.map - (n: "w /sys/devices/system/cpu/cpu${builtins.toString n}/cpufreq/energy_performance_preference - - - - ${"balance_performance"}") - (lib.range 0 (nproc - 1)); - }; - - powerManagement.cpuFreqGovernor = "powersave"; - - zramSwap = { - enable = true; - algorithm = "zstd"; - swapDevices = 1; - memoryPercent = 50; - }; -} diff --git a/hosts/glados/hardware-configuration.nix b/hosts/glados/hardware-configuration.nix deleted file mode 100644 index a7ff9e9..0000000 --- a/hosts/glados/hardware-configuration.nix +++ /dev/null @@ -1,72 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot = { - extraModulePackages = []; - kernelModules = ["kvm-amd"]; - - initrd = { - availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"]; - kernelModules = []; - - luks.devices."cryptroot" = { - device = "/dev/disk/by-uuid/bbbc1f37-53f5-4776-a70e-f2779179de50"; - allowDiscards = true; - crypttabExtraOpts = ["tpm2-device=auto"]; - }; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/mapper/cryptroot"; - fsType = "btrfs"; - options = ["subvol=root" "compress=zstd" "noatime"]; - }; - - "/var/log" = { - device = "/dev/mapper/cryptroot"; - fsType = "btrfs"; - options = ["subvol=var_log" "compress=zstd" "noatime"]; - }; - - "/nix" = { - device = "/dev/mapper/cryptroot"; - fsType = "btrfs"; - options = ["subvol=nix" "compress=zstd" "noatime" "nodatacow"]; - }; - - "/home" = { - device = "/dev/mapper/cryptroot"; - fsType = "btrfs"; - options = ["subvol=home" "compress=zstd" "noatime"]; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/B95B-9412"; - fsType = "vfat"; - }; - }; - - swapDevices = []; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/profiles.nix b/hosts/profiles.nix deleted file mode 100644 index 9bf9d9f..0000000 --- a/hosts/profiles.nix +++ /dev/null @@ -1,88 +0,0 @@ -{ - inputs, - self, -}: let - specialArgs = inputs // {inherit inputs;}; -in { - personal = { - system = "x86_64-linux"; - builder = inputs.nixpkgs.lib.nixosSystem; - inherit specialArgs; - - modules = with inputs; [ - agenix.nixosModules.default - hm.nixosModules.home-manager - nur.nixosModules.nur - - self.nixosModules.default - ../users/seth - - { - age = { - identityPaths = ["/etc/age/key"]; - secrets = let - baseDir = "${self}/secrets/shared"; - in { - rootPassword.file = "${baseDir}/rootPassword.age"; - sethPassword.file = "${baseDir}/sethPassword.age"; - }; - }; - - base.enable = true; - system.stateVersion = "23.11"; - } - ]; - }; - - personal-darwin = { - builder = inputs.darwin.lib.darwinSystem; - inherit specialArgs; - modules = with inputs; [ - hm.darwinModules.home-manager - - ../users/seth - self.darwinModules.default - - { - base.enable = true; - desktop.enable = true; - system.stateVersion = 4; - - home-manager.users.seth = { - imports = [ - ../users/seth/darwin.nix - ]; - - getchoo.desktop.enable = false; - }; - } - ]; - }; - - server = { - builder = inputs.nixpkgs-stable.lib.nixosSystem; - inherit specialArgs; - - modules = with inputs; [ - agenix.nixosModules.default - ../modules/nixos/base - ../modules/nixos/server - ../modules/nixos/features/tailscale.nix - - { - features.tailscale = { - enable = true; - ssh.enable = true; - }; - - server = { - enable = true; - secrets.enable = true; - }; - - nix.registry.n.flake = nixpkgs-stable; - system.stateVersion = "23.05"; - } - ]; - }; -} diff --git a/hosts/turret/default.nix b/hosts/turret/default.nix deleted file mode 100644 index faac3d2..0000000 --- a/hosts/turret/default.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - pkgs, - openwrt-imagebuilder, - ... -}: let - inherit (pkgs) runCommand; - inherit (pkgs.stdenv) mkDerivation; - inherit (openwrt-imagebuilder.lib) build profiles; - wrtProfiles = profiles { - inherit pkgs; - release = "22.03.3"; - }; - config = mkDerivation { - name = "openwrt-config-files"; - src = ./files; - installPhase = '' - mkdir -p $out - cp -r * $out/ - ''; - }; - image = - wrtProfiles.identifyProfile "netgear_wac104" - // { - packages = ["https-dns-proxy"]; - - files = runCommand "image-files" {} '' - mkdir -p $out/etc/uci-defaults - cat > $out/etc/uci-defaults/99-custom <<EOF - uci -q batch << EOI - set system.@system[0].hostname='turret' - commit - EOI - EOF - cp -fr ${config}/etc/* $out/etc/ - ''; - }; -in - build image diff --git a/hosts/turret/files/etc/config/dhcp b/hosts/turret/files/etc/config/dhcp deleted file mode 100644 index 4a471cf..0000000 --- a/hosts/turret/files/etc/config/dhcp +++ /dev/null @@ -1,55 +0,0 @@ - -config dnsmasq - option domainneeded '1' - option boguspriv '1' - option filterwin2k '0' - option localise_queries '1' - option rebind_protection '1' - option rebind_localhost '1' - option local '/lan/' - option domain 'lan' - option expandhosts '1' - option nonegcache '0' - option authoritative '1' - option readethers '1' - option leasefile '/tmp/dhcp.leases' - option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto' - option nonwildcard '1' - option localservice '1' - option ednspacket_max '1232' - option doh_backup_noresolv '-1' - option noresolv '1' - list doh_backup_server '' - list doh_backup_server '/mask.icloud.com/' - list doh_backup_server '/mask-h2.icloud.com/' - list doh_backup_server '/use-application-dns.net/' - list doh_backup_server '127.0.0.1#5054' - list doh_backup_server '127.0.0.1#5053' - list server '/mask.icloud.com/' - list server '/mask-h2.icloud.com/' - list server '/use-application-dns.net/' - list server '127.0.0.1#5054' - list server '127.0.0.1#5053' - -config dhcp 'lan' - option interface 'lan' - option start '100' - option limit '150' - option leasetime '12h' - option dhcpv4 'server' - option dhcpv6 'server' - option ra 'server' - option ra_slaac '1' - list ra_flags 'managed-config' - list ra_flags 'other-config' - -config dhcp 'wan' - option interface 'wan' - option ignore '1' - -config odhcpd 'odhcpd' - option maindhcp '0' - option leasefile '/tmp/hosts/odhcpd' - option leasetrigger '/usr/sbin/odhcpd-update' - option loglevel '4' - diff --git a/hosts/turret/files/etc/config/dropbear b/hosts/turret/files/etc/config/dropbear deleted file mode 100644 index 2139ba0..0000000 --- a/hosts/turret/files/etc/config/dropbear +++ /dev/null @@ -1,5 +0,0 @@ -config dropbear - option PasswordAuth 'on' - option RootPasswordAuth 'on' - option Port '22' -# option BannerFile '/etc/banner' diff --git a/hosts/turret/files/etc/config/firewall b/hosts/turret/files/etc/config/firewall deleted file mode 100644 index b9a4647..0000000 --- a/hosts/turret/files/etc/config/firewall +++ /dev/null @@ -1,189 +0,0 @@ -config defaults - option syn_flood 1 - option input ACCEPT - option output ACCEPT - option forward REJECT -# Uncomment this line to disable ipv6 rules -# option disable_ipv6 1 - -config zone - option name lan - list network 'lan' - option input ACCEPT - option output ACCEPT - option forward ACCEPT - -config zone - option name wan - list network 'wan' - list network 'wan6' - option input REJECT - option output ACCEPT - option forward REJECT - option masq 1 - option mtu_fix 1 - -config forwarding - option src lan - option dest wan - -# We need to accept udp packets on port 68, -# see https://dev.openwrt.org/ticket/4108 -config rule - option name Allow-DHCP-Renew - option src wan - option proto udp - option dest_port 68 - option target ACCEPT - option family ipv4 - -# Allow IPv4 ping -config rule - option name Allow-Ping - option src wan - option proto icmp - option icmp_type echo-request - option family ipv4 - option target ACCEPT - -config rule - option name Allow-IGMP - option src wan - option proto igmp - option family ipv4 - option target ACCEPT - -# Allow DHCPv6 replies -# see https://github.com/openwrt/openwrt/issues/5066 -config rule - option name Allow-DHCPv6 - option src wan - option proto udp - option dest_port 546 - option family ipv6 - option target ACCEPT - -config rule - option name Allow-MLD - option src wan - option proto icmp - option src_ip fe80::/10 - list icmp_type '130/0' - list icmp_type '131/0' - list icmp_type '132/0' - list icmp_type '143/0' - option family ipv6 - option target ACCEPT - -# Allow essential incoming IPv6 ICMP traffic -config rule - option name Allow-ICMPv6-Input - option src wan - option proto icmp - list icmp_type echo-request - list icmp_type echo-reply - list icmp_type destination-unreachable - list icmp_type packet-too-big - list icmp_type time-exceeded - list icmp_type bad-header - list icmp_type unknown-header-type - list icmp_type router-solicitation - list icmp_type neighbour-solicitation - list icmp_type router-advertisement - list icmp_type neighbour-advertisement - option limit 1000/sec - option family ipv6 - option target ACCEPT - -# Allow essential forwarded IPv6 ICMP traffic -config rule - option name Allow-ICMPv6-Forward - option src wan - option dest * - option proto icmp - list icmp_type echo-request - list icmp_type echo-reply - list icmp_type destination-unreachable - list icmp_type packet-too-big - list icmp_type time-exceeded - list icmp_type bad-header - list icmp_type unknown-header-type - option limit 1000/sec - option family ipv6 - option target ACCEPT - -config rule - option name Allow-IPSec-ESP - option src wan - option dest lan - option proto esp - option target ACCEPT - -config rule - option name Allow-ISAKMP - option src wan - option dest lan - option dest_port 500 - option proto udp - option target ACCEPT - - -### EXAMPLE CONFIG SECTIONS -# do not allow a specific ip to access wan -#config rule -# option src lan -# option src_ip 192.168.45.2 -# option dest wan -# option proto tcp -# option target REJECT - -# block a specific mac on wan -#config rule -# option dest wan -# option src_mac 00:11:22:33:44:66 -# option target REJECT - -# block incoming ICMP traffic on a zone -#config rule -# option src lan -# option proto ICMP -# option target DROP - -# port redirect port coming in on wan to lan -#config redirect -# option src wan -# option src_dport 80 -# option dest lan -# option dest_ip 192.168.16.235 -# option dest_port 80 -# option proto tcp - -# port redirect of remapped ssh port (22001) on wan -#config redirect -# option src wan -# option src_dport 22001 -# option dest lan -# option dest_port 22 -# option proto tcp - -### FULL CONFIG SECTIONS -#config rule -# option src lan -# option src_ip 192.168.45.2 -# option src_mac 00:11:22:33:44:55 -# option src_port 80 -# option dest wan -# option dest_ip 194.25.2.129 -# option dest_port 120 -# option proto tcp -# option target REJECT - -#config redirect -# option src lan -# option src_ip 192.168.45.2 -# option src_mac 00:11:22:33:44:55 -# option src_port 1024 -# option src_dport 80 -# option dest_ip 194.25.2.129 -# option dest_port 120 -# option proto tcp diff --git a/hosts/turret/files/etc/config/https-dns-proxy b/hosts/turret/files/etc/config/https-dns-proxy deleted file mode 100644 index e5623ad..0000000 --- a/hosts/turret/files/etc/config/https-dns-proxy +++ /dev/null @@ -1,18 +0,0 @@ - -config main 'config' - option dnsmasq_config_update '*' - list force_dns_port '53' - list force_dns_port '853' - option procd_trigger_wan6 '0' - option canary_domains_icloud '0' - option canary_domains_mozilla '0' - option force_dns '0' - -config https-dns-proxy - option bootstrap_dns '1.1.1.1,1.0.0.1' - option resolver_url 'https://cloudflare-dns.com/dns-query' - option listen_addr '127.0.0.1' - option listen_port '5054' - option user 'nobody' - option group 'nogroup' - diff --git a/hosts/turret/files/etc/config/luci b/hosts/turret/files/etc/config/luci deleted file mode 100644 index 8eb8a9b..0000000 --- a/hosts/turret/files/etc/config/luci +++ /dev/null @@ -1,41 +0,0 @@ - -config core 'main' - option lang 'auto' - option mediaurlbase '/luci-static/bootstrap' - option resourcebase '/luci-static/resources' - option ubuspath '/ubus/' - -config extern 'flash_keep' - option uci '/etc/config/' - option dropbear '/etc/dropbear/' - option openvpn '/etc/openvpn/' - option passwd '/etc/passwd' - option opkg '/etc/opkg.conf' - option firewall '/etc/firewall.user' - option uploads '/lib/uci/upload/' - -config internal 'languages' - -config internal 'sauth' - option sessionpath '/tmp/luci-sessions' - option sessiontime '3600' - -config internal 'ccache' - option enable '1' - -config internal 'themes' - option Bootstrap '/luci-static/bootstrap' - option BootstrapDark '/luci-static/bootstrap-dark' - option BootstrapLight '/luci-static/bootstrap-light' - -config internal 'apply' - option rollback '90' - option holdoff '4' - option timeout '5' - option display '1.5' - -config internal 'diag' - option dns 'openwrt.org' - option ping 'openwrt.org' - option route 'openwrt.org' - diff --git a/hosts/turret/files/etc/config/network b/hosts/turret/files/etc/config/network deleted file mode 100644 index c71cf98..0000000 --- a/hosts/turret/files/etc/config/network +++ /dev/null @@ -1,29 +0,0 @@ - -config interface 'loopback' - option device 'lo' - option proto 'static' - option ipaddr '127.0.0.1' - option netmask '255.0.0.0' - -config globals 'globals' - option packet_steering '1' - option ula_prefix 'fd26:3166:dece::/48' - -config device - option name 'br-lan' - option type 'bridge' - list ports 'lan2' - list ports 'lan3' - list ports 'lan4' - -config interface 'lan' - option device 'br-lan' - option proto 'static' - option ipaddr '192.168.1.1' - option netmask '255.255.255.0' - option ip6assign '60' - -config interface 'wan' - option device 'lan1' - option proto 'dhcp' - diff --git a/hosts/turret/files/etc/config/rpcd b/hosts/turret/files/etc/config/rpcd deleted file mode 100644 index 176c643..0000000 --- a/hosts/turret/files/etc/config/rpcd +++ /dev/null @@ -1,10 +0,0 @@ -config rpcd - option socket /var/run/ubus/ubus.sock - option timeout 30 - -config login - option username 'root' - option password '$p$root' - list read '*' - list write '*' - diff --git a/hosts/turret/files/etc/config/system b/hosts/turret/files/etc/config/system deleted file mode 100644 index ee3415f..0000000 --- a/hosts/turret/files/etc/config/system +++ /dev/null @@ -1,16 +0,0 @@ - -config system - option hostname 'turret' - option timezone 'UTC' - option ttylogin '0' - option log_size '64' - option urandom_seed '0' - option compat_version '1.1' - -config timeserver 'ntp' - option enabled '1' - option enable_server '0' - list server '0.openwrt.pool.ntp.org' - list server '1.openwrt.pool.ntp.org' - list server '2.openwrt.pool.ntp.org' - list server '3.openwrt.pool.ntp.org' diff --git a/hosts/turret/files/etc/config/ucitrack b/hosts/turret/files/etc/config/ucitrack deleted file mode 100644 index bb4cdbc..0000000 --- a/hosts/turret/files/etc/config/ucitrack +++ /dev/null @@ -1,56 +0,0 @@ -config network - option init network - list affects dhcp - -config wireless - list affects network - -config firewall - option init firewall - list affects luci-splash - list affects qos - list affects miniupnpd - -config olsr - option init olsrd - -config dhcp - option init dnsmasq - list affects odhcpd - -config odhcpd - option init odhcpd - -config dropbear - option init dropbear - -config httpd - option init httpd - -config fstab - option exec '/sbin/block mount' - -config qos - option init qos - -config system - option init led - option exec '/etc/init.d/log reload' - list affects luci_statistics - list affects dhcp - -config luci_splash - option init luci_splash - -config upnpd - option init miniupnpd - -config ntpclient - option init ntpclient - -config samba - option init samba - -config tinyproxy - option init tinyproxy - diff --git a/hosts/turret/files/etc/config/uhttpd b/hosts/turret/files/etc/config/uhttpd deleted file mode 100644 index cb2ff71..0000000 --- a/hosts/turret/files/etc/config/uhttpd +++ /dev/null @@ -1,31 +0,0 @@ - -config uhttpd 'main' - list listen_http '0.0.0.0:80' - list listen_http '[::]:80' - list listen_https '0.0.0.0:443' - list listen_https '[::]:443' - option redirect_https '0' - option home '/www' - option rfc1918_filter '1' - option max_requests '3' - option max_connections '100' - option cert '/etc/uhttpd.crt' - option key '/etc/uhttpd.key' - option cgi_prefix '/cgi-bin' - list lua_prefix '/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua' - option script_timeout '60' - option network_timeout '30' - option http_keepalive '20' - option tcp_keepalive '1' - option ubus_prefix '/ubus' - -config cert 'defaults' - option days '730' - option key_type 'ec' - option bits '2048' - option ec_curve 'P-256' - option country 'ZZ' - option state 'Somewhere' - option location 'Unknown' - option commonname 'OpenWrt' - diff --git a/hosts/turret/files/etc/config/wireless b/hosts/turret/files/etc/config/wireless deleted file mode 100644 index c8bb9d7..0000000 --- a/hosts/turret/files/etc/config/wireless +++ /dev/null @@ -1,34 +0,0 @@ - -config wifi-device 'radio0' - option type 'mac80211' - option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0' - option band '2g' - option disabled '0' - option htmode 'HT40' - option channel '1' - option cell_density '0' - -config wifi-iface 'default_radio0' - option device 'radio0' - option network 'lan' - option mode 'ap' - option ssid 'Box-2.4G' - option encryption 'psk2' - option key 'REPLACEME' - -config wifi-device 'radio1' - option type 'mac80211' - option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0' - option band '5g' - option disabled '0' - option htmode 'VHT40' - option channel '36' - option cell_density '0' - -config wifi-iface 'default_radio1' - option device 'radio1' - option network 'lan' - option mode 'ap' - option ssid 'Box-5G' - option key 'REPLACEME' - option encryption 'psk2' diff --git a/hosts/turret/files/etc/dropbear/authorized_keys b/hosts/turret/files/etc/dropbear/authorized_keys deleted file mode 100644 index 495c605..0000000 --- a/hosts/turret/files/etc/dropbear/authorized_keys +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERx0I8DKtALZ9VrYnY1iBEpwl2pBlRiS8oJQvZwpl5e seth@glados
|