Merge pull request 'remove RAD references' (#74) from feature/resync-hydra into main

Reviewed-on: #74

README.md

@@ -14,9 +14,7 @@ to onboard a new user or system.
 
 Although we are not actively looking for new members to join in on this repo,
 we are not strictly opposed. Please reach out to
-[@ahuston-0](https://github.com/ahuston-0) or
+[@ahuston-0](https://nayeonie.com/ahuston-0) for further information.
-[@RichieCahill](https://github.com/RichieCahill)
-for further information.
 
 ## Repo Structure
 

disko/hetzner.nix

@@ -1,47 +0,0 @@
-# USAGE in your configuration.nix.
-# Update devices to match your hardware.
-# {
-#  imports = [ ./disko-config.nix ];
-#  disko.devices.disk.main.device = "/dev/sda";
-# }
-{
-  disko.devices = {
-    disk = {
-      main = {
-        type = "disk";
-        content = {
-          type = "gpt";
-          partitions = {
-            ESP = {
-              type = "EF00";
-              size = "500M";
-              content = {
-                type = "filesystem";
-                format = "vfat";
-                mountpoint = "/boot";
-                mountOptions = [ "umask=0077" ];
-              };
-              priority = 1;
-            };
-            root = {
-              end = "-1G";
-              content = {
-                type = "filesystem";
-                format = "ext4";
-                mountpoint = "/";
-              };
-            };
-            encryptedSwap = {
-              size = "1G";
-              content = {
-                type = "swap";
-                randomEncryption = true;
-                priority = 100; # prefer to encrypt as long as we have space for it
-              };
-            };
-          };
-        };
-      };
-    };
-  };
-}

docs/CONTRIBUTING.md

@@ -107,8 +107,7 @@ rules.
 We allow secrets to be embedded in the repository using `sops-nix`. As part of
 the process everything is encrypted, however adding a new user is a change
 that every existing SOPS user needs to participate in. Please reach out to
-[@ahuston-0](https://github.com/ahuston-0) or
+[@ahuston-0](https://nayeonie.com/ahuston-0) or if you are interested
-[@RichieCahill](https://github.com/RichieCahill) if you are interested
 in using secrets on your machines.
 
 ## CI/CD

flake.lock

@@ -67,27 +67,6 @@
         "type": "github"
       }
     },
-    "disko": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1736864502,
-        "narHash": "sha256-ItkIZyebGvNH2dK9jVGzJHGPtb6BSWLN8Gmef16NeY0=",
-        "owner": "nix-community",
-        "repo": "disko",
-        "rev": "0141aabed359f063de7413f80d906e1d98c0c123",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "ref": "latest",
-        "repo": "disko",
-        "type": "github"
-      }
-    },
     "firefox-addons": {
       "inputs": {
         "flake-utils": [
@@ -646,7 +625,6 @@
     },
     "root": {
       "inputs": {
-        "disko": "disko",
         "firefox-addons": "firefox-addons",
         "flake-compat": "flake-compat",
         "flake-parts": "flake-parts",

flake.nix

@@ -40,12 +40,6 @@
     #     flake-parts.follows = "flake-parts";
     #   };
     # };
-    disko = {
-      url = "github:nix-community/disko/latest";
-      inputs = {
-        nixpkgs.follows = "nixpkgs";
-      };
-    };
 
     firefox-addons = {
       url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
@@ -142,7 +136,7 @@
       systems = [
         "x86_64-linux"
         # disable arm for now as hydra isn't set up for it
-        # "aarch64-linux"
+        # "aarch64-linuxa
       ];
 
       forEachSystem = lib.genAttrs systems;
@@ -158,7 +152,7 @@
           lib = self;
         }
       );
-      inherit (lib.rad-dev.systems) genSystems getImages;
+      inherit (lib.adev.systems) genSystems getImages;
       inherit (self) outputs; # for hydra
     in
     rec {

lib/default.nix

@@ -1,7 +1,7 @@
 { lib, ... }:
 {
-  # create rad-dev namespace for lib
+  # create adev namespace for lib
-  rad-dev = rec {
+  adev = rec {
     systems = import ./systems.nix { inherit lib; };
     container-utils = import ./container-utils.nix { inherit lib; };
 

lib/systems.nix

@@ -176,7 +176,7 @@ rec {
           (configPath + "/configuration.nix")
         ]
         ++ modules
-        ++ (lib.rad-dev.fileList (src + "/modules"))
+        ++ (lib.adev.fileList (src + "/modules"))
         ++ genWrapper sops genSops args
         ++ genWrapper home genHome args
         ++ genWrapper true genUsers args
@@ -222,7 +222,7 @@ rec {
             // import configPath { inherit inputs; }
           );
         }
-      ) (lib.rad-dev.lsdir path)
+      ) (lib.adev.lsdir path)
     );
 
   # gets all the images of a specified format

modules/autopull.nix

@@ -61,7 +61,7 @@ in
     lib.mkIf cfg.enable {
       environment.systemPackages =
         [ pkgs.git ]
-        ++ lib.optionals (lib.any (ssh-key: ssh-key != "") (lib.rad-dev.mapGetAttr "ssh-key" repos)) [
+        ++ lib.optionals (lib.any (ssh-key: ssh-key != "") (lib.adev.mapGetAttr "ssh-key" repos)) [
           pkgs.openssh
         ];
 

modules/kub_net.nix

@@ -1,10 +1,10 @@
 { lib, config, ... }:
 let
-  cfg = config.services.rad-dev.k3s-net;
+  cfg = config.services.adev.k3s-net;
 in
 {
   options = {
-    services.rad-dev.k3s-net = {
+    services.adev.k3s-net = {
       enable = lib.mkOption {
         default = false;
         example = true;

modules/yubikey.nix

@@ -5,11 +5,11 @@
   ...
 }:
 let
-  cfg = config.services.rad-dev.yubikey;
+  cfg = config.services.adev.yubikey;
 in
 {
   options = {
-    services.rad-dev.yubikey = {
+    services.adev.yubikey = {
       enable = lib.mkEnableOption "enable yubikey defaults";
       enable-desktop-app = lib.mkEnableOption "installs desktop application";
     };

shell.nix

@@ -38,7 +38,7 @@ forEachSystem (
     };
 
     # constructs a custom shell with commonly used utilities
-    rad-dev = pkgs.mkShell {
+    adev = pkgs.mkShell {
       packages = with pkgs; [
         deadnix
         pre-commit
@@ -56,7 +56,7 @@ forEachSystem (
     default = pkgs.mkShell {
       inputsFrom = [
         pre-commit
-        rad-dev
+        adev
         sops
       ];
     };

systems/artemision/configuration.nix

@@ -75,7 +75,7 @@
     fprintd.enable = lib.mkForce false;
     openssh.enable = lib.mkForce false;
 
-    rad-dev.yubikey = {
+    adev.yubikey = {
       enable = true;
       enable-desktop-app = true;
     };

systems/hetzner-bridge/configuration.nix

@@ -1,28 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-
-{
-  imports = [
-    ../../disko/hetzner.nix
-    ./networking.nix
-  ];
-  disko.devices.disk.main.device = "scsi-0QEMU_QEMU_HARDDISK_55513992";
-
-  boot = {
-    useSystemdBoot = true;
-  };
-
-  virtualisation.docker.enable = false;
-  services = {
-    locate.enable = false;
-    endlessh-go.enable = false;
-  };
-
-  #hardware.enableAllFirmware = true;
-
-  system.stateVersion = "24.05";
-}

systems/hetzner-bridge/default.nix

@@ -1,8 +0,0 @@
-{ inputs, ... }:
-{
-  users = [ "alice" ];
-  modules = [
-    # inputs.attic.nixosModules.atticd
-    inputs.disko.nixosModules.disko
-  ];
-}

systems/hetzner-bridge/hardware.nix

@@ -1,39 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}:
-
-{
-  imports = [
-    (modulesPath + "/profiles/qemu-guest.nix")
-  ];
-
-  boot = {
-    initrd.availableKernelModules = [
-      "ahci"
-      "xhci_pci"
-      "virtio_pci"
-      "virtio_scsi"
-      "sd_mod"
-      "sr_mod"
-    ];
-    initrd.kernelModules = [ ];
-    kernelModules = [ ];
-    extraModulePackages = [ ];
-  };
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  # networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-}

systems/hetzner-bridge/networking.nix

@@ -1,19 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-
-{
-  networking.useDHCP = false;
-
-  systemd.network = {
-    enable = true;
-    networks."10-wan" = {
-      #matchConfig.Name = "enp1s0"; # either ens3 or enp1s0 depending on system, check 'ip addr'
-      matchConfig.Name = "ether";
-      networkConfig.DHCP = "ipv4";
-    };
-  };
-}

systems/palatine-hill/docker/archiveteam.nix

@@ -122,7 +122,7 @@ let
     cmd = lib.splitString " " "--concurrent 6 AmAnd0";
 
   };
-  inherit (lib.rad-dev.container-utils) createTemplatedContainers;
+  inherit (lib.adev.container-utils) createTemplatedContainers;
 
   vars = import ../vars.nix;
   at_path = vars.primary_archiveteam;

systems/palatine-hill/docker/minecraft.nix

@@ -46,7 +46,7 @@ in
       cmd = [
         (
           "--mapping=mc.alicehuston.xyz=${defaultServer}:25565"
-          + (lib.rad-dev.mapAttrsToString (hostname: url: "," + url + "=" + hostname + ":25565") servers)
+          + (lib.adev.mapAttrsToString (hostname: url: "," + url + "=" + hostname + ":25565") servers)
         )
       ];
     };

utils/hetzner-install.sh

@@ -1,27 +0,0 @@
-#!/usr/bin/env nix
-#! nix shell nixpkgs#bash nixpkgs#git --command bash
-
-set -o errexit   # abort on nonzero exitstatus
-set -o nounset   # abort on unbound variable
-set -o pipefail  # don't hide errors within pipes
-
-MACHINENAME="hetzner-bridge"
-
-sudo mkdir /root/.ssh
-sudo chmod 700 /root/.ssh
-sudo ssh-keygen -t ed25519 -o -a 100 -f "/root/.ssh/id_ed25519_giteadeploy" -q -N "" -C "$MACHINENAME" || echo "key already exists"
-
-sudo cat /root/.ssh/id_ed25519_giteadeploy.pub
-
-sudo ssh-keygen -A
-
-nix --extra-experimental-features 'flakes nix-command' shell nixpkgs#git
-nix --extra-experimental-features 'flakes nix-command' store gc
-FLAKE="git+ssh://gitea@nayeonie.com:2222/ahuston-0/nix-dotfiles?ref=feature/hetzner-bridge#hetzner-bridge"
-DISK_DEVICE=/dev/sda
-sudo nix \
-    --extra-experimental-features 'flakes nix-command' \
-    run github:nix-community/disko#disko-install -- \
-    --flake "$FLAKE" \
-    --write-efi-boot-entries \
-    --disk main "$DISK_DEVICE"

utils/hetzner-nixos-anywhere.sh

@@ -1,35 +0,0 @@
-#!/usr/bin/env nix
-#! nix shell nixpkgs#bash nixpkgs#mktemp nixpkgs#openssh nixpkgs#nixos-anywhere nixpkgs#sops --command bash
-
-echoerr() { printf "%s\n" "$*" >&2; }
-
-if (( $# != 1 )); then
-    echoerr "usage: $0 <hostname>"
-fi
-
-HOSTNAME=$1
-
-# Create a temporary directory
-temp=$(mktemp -d)
-
-# Function to cleanup temporary directory on exit
-cleanup() {
-  rm -rf "$temp"
-}
-trap cleanup EXIT
-
-# Create the directory where sshd expects to find the host keys
-install -d -m755 "$temp/etc/ssh"
-
-# Create host keys
-ssh-keygen -A -f "$temp/etc/ssh/"
-
-# Set the correct permissions so sshd will accept the key
-chmod 600 "$temp/etc/ssh/ssh_host_ed25519_key"
-
-AGEKEY=$(ssh-to-age < "$temp/etc/ssh/ssh_host_ed25519_key.pub")
-
-echo "$AGEKEY" | tee "./$HOSTNAME.age"
-
-# Install NixOS to the host system with our secrets
-nixos-anywhere --extra-files "$temp" --flake '.#your-host' root@yourip