diff --git a/README.md b/README.md index 9ea6276..e062d86 100755 --- a/README.md +++ b/README.md @@ -51,7 +51,7 @@ This contains encrypted secrets and credentials using `sops-nix`. This is a secu ### `systems/` -This defines the system configurations for different machines. Each machine has similar configuration structure but with specific customizations. The system naming schema follows a celestial convention, with desktops being named after planets, laptops after moons, and servers after dwarf planets. The `fileSystems` configurations include helper functions for easily configuring mounts for internal storage, Synology, and samba drives. +This defines the system configurations for different machines. Each machine has similar configuration structure but with specific customizations. The system naming schema follows a celestial convention, with desktops being named after planets, laptops after moons, and servers after dwarf planets. The `fileSystems` configurations include helper functions for easily configuring mounts for internal storage, and samba drives. ### `templates/` diff --git a/modules/config/default.nix b/modules/config/default.nix index e049275..b5ab4aa 100755 --- a/modules/config/default.nix +++ b/modules/config/default.nix @@ -236,7 +236,6 @@ in marsIP = "192.168.50.218"; phoneIP = "192.168.50.243"; phobosIP = "192.168.50.180"; - synologyIP = "10.0.0.122"; brotherIP = "192.168.50.195"; externalIP = "24.76.173.0"; @@ -251,8 +250,6 @@ in laptopLabel = "Deimos"; laptop2 = "phobos"; laptop2Label = "Phobos"; - nas = "synology"; - nasLabel = "Synology"; phone = "pixel"; phoneLabel = "Pixel"; iso = "iso"; @@ -268,7 +265,6 @@ in sopsPath = "/var/lib/secrets"; sslPath = "/var/lib/acme"; varLib = "/var/lib"; - synologyName = "synology"; dummy = ""; }; diff --git a/modules/config/devices/config/synology.nix b/modules/config/devices/config/synology.nix deleted file mode 100755 index b6fae7d..0000000 --- a/modules/config/devices/config/synology.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ moduleFunctions }: -let - inherit (moduleFunctions.devicesFunctions) - sambaPermissions - userIdForUser0 - synologyIP - deviceNames - ; - inherit (moduleFunctions.usersFunctions) user0 user0Label; - synologyName = deviceNames.nas; -in -{ - label = deviceNames.nasLabel; - sync = { - address0 = "MWRGX2V-F5XKE5E-REP6ECT-OOPFBMF-22NHSMW-YFBU6MB-PLFUN63-R3MW2QX"; # User0 - }; - name = synologyName; - ip = { - address0 = synologyIP; - }; - # Nick Home Folder - folder0 = { - mount = "/mnt/media/${synologyName}/${user0}"; - device = "//${synologyIP}/homes/${user0Label}"; - options = sambaPermissions ++ userIdForUser0; - }; -} diff --git a/modules/config/instances/config/syncthing.nix b/modules/config/instances/config/syncthing.nix index 25644ff..8ba84fb 100755 --- a/modules/config/instances/config/syncthing.nix +++ b/modules/config/instances/config/syncthing.nix @@ -5,7 +5,6 @@ let varLib sslPath sopsPath - synologyName ; label = "Syncthing"; @@ -29,7 +28,6 @@ in subdomain = name; tags = [ name - synologyName "sync" "thing" ]; diff --git a/modules/config/instances/config/synology.nix b/modules/config/instances/config/synology.nix deleted file mode 100755 index 6a4370e..0000000 --- a/modules/config/instances/config/synology.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ moduleFunctions }: -let - inherit (moduleFunctions.instancesFunctions) - sopsPath - synologyName - ; - - label = "Synology"; - name = synologyName; -in -{ - label = label; - name = name; - short = "Nas"; - tags = [ - name - "dsm" - "cloud" - ]; - sops = { - path0 = "${sopsPath}/${name}"; - }; - ports = { - port0 = 5000; # Synology HTTP - port1 = 5001; # Synology HTTPS - }; -} diff --git a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix index 403c0ba..bf17c0e 100755 --- a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix +++ b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix @@ -1,7 +1,6 @@ { flake, ... }: let inherit (flake.config.machines.devices) - synology ceres mars ; @@ -59,15 +58,6 @@ let instances.firefly-iii.name ]; } - { - suffix = "(Synology)"; - urlTemplate = - name: "http://${synology.ip.address0}:${builtins.toString instances.${name}.ports.port0}"; - services = [ - instances.syncthing.name - instances.synology.name - ]; - } ]; generatedBookmarks = builtins.concatLists (builtins.map makeBookmarks bookmarkConfigs); diff --git a/modules/nixos/services/syncthing/default.nix b/modules/nixos/services/syncthing/default.nix index 9ff1220..c468eb0 100755 --- a/modules/nixos/services/syncthing/default.nix +++ b/modules/nixos/services/syncthing/default.nix @@ -1,7 +1,6 @@ { flake, config, ... }: let inherit (flake.config.machines.devices) - synology phone mars ceres @@ -19,17 +18,6 @@ let backupPath = "${service.paths.path1}"; syncDevices = { - synologySync = { - ${synology.name} = { - autoAcceptFolders = true; - name = synology.name; - addresses = [ - "tcp://${synology.ip.address0}:${toString service.ports.port2}" - ]; - id = synology.sync.address0; - }; - }; - phoneSync = { ${phone.name} = { autoAcceptFolders = true; @@ -52,13 +40,7 @@ in systemService = true; guiAddress = "${localhost}:${toString service.ports.port0}"; settings = { - devices = - if hostname == mars.name then - syncDevices.phoneSync // syncDevices.synologySync - else if hostname == ceres.name then - syncDevices.synologySync - else - { }; + devices = if hostname == mars.name then syncDevices.phoneSync else { }; }; }; }; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index d33fe20..3b15ea5 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -3,7 +3,6 @@ ssh: public: ENC[AES256_GCM,data:Cn4hutHHeptbefHOKK7zv5TmveGOqfHAwGHogDq9sRmeb+b1lzHwj7qvg8lcnlJtIo4qS+TrKtSj5ZCsPNXOhWG1rkk97gTfPMbcxj5f1O3WJigL2wsrB2cQgc5UsA==,iv:ID4zRdr/efClOAHbXzxG1bNuJR0A2qbydzGlMhvEcRE=,tag:qbIoaGb+RXxRRkkQtuX7/A==,type:str] hosts: ENC[AES256_GCM,data:Wx9jzofbCiPP4hDZFysVjJs8icaAv0BoGj4AenSbZMI2o6YuAaLQ0F8xaLwmUGuBVEualsRLGhlUu0Q7Qu0WKmOpb7XREOZjiV1YA0OoEwJgWid/Y7QSgceBF2e4tVCclT9+P4V16dA5sHXzKNjCelKfWc34EoIwwUJL+DjtD1mAfZzXE2hVIbAx4uY/KZaSNdNmk2QvMe5S1MXZE+066j1bV9fclcaCNytv+9de8NhiIys3qqJitz41GPz1V5h8XxxivKpKMpDe90YC2MM/sqAP8Ig4DkexSEWbFGF79K1PAbRTNQR7ccImncgYyHZy3U1fHsJZ6qfpdJIV5RKJX5lXYRF2hwNG4jpE1pAO3G2XHcEnYxEtaepfDWH84rck2KHPgSUhNoGtq0u+3AtaiO6jNIXRMcgKe2BViqT88hWGopdU6J4rYJXl9S4Za8k/zDtDvkTfTTK6XsSX/8eWnMXgTtCX8DXHhO0+Xv3owG2bbjBqSewZK8GrHMzS8i7QLauCAeczD7DQrHJ1qwQ6tgmd8KWRQniO8vWEHz51Zc7fRPKcerAS1yznNwrdPiQBAWtQhIfsm/0IJ/KGNK4Oefr+RguNDDZyrf45wL1yUIVeeOeVhitTT+aGRwLwpmIWAJtuPq14XWoZx1vaDqMqvK9h0qgze2XeQFx+uUw/GcfHjUU90dsRz6RMxBgj2S3tV0JMHrVhdcnzNTMdzOQ9YvVQATVX//XlQoWqf7e5bkUeQjQnODGGUy3c0b+oCkS7ImBc2EyT3DF+BaAlzKzsHSVXGn/kCGwxc2e8zCZcYv6fipIm/vE1jfcyzUdDQPSYBUAv9c/GEpyyW+vVS/7L6D9pgkJkVpj15zbqZFAvotZiCH9xs/RPJu1P4Vz9F9aJ2cwh3/2mkS1wa0jg/cNnQ7QLGXcs+5jYGwz9lqXsnz68jegxVvPd0HRSyTEcE4lKFtAy8E7A8G/wUfLbDrgvwezH+DsQn8agmmVo0Lao8LmHIEdqxaE4HDp+pmYhSSuJnlSaTEANKd37bdbUoxOKOsYJlOLir1eRoH0EA2eM+DJ2Bqwubz6zYJapDDnKH6gsBv3/0ix7PGnzrTIl35UnOpTidJJmoCLhEMvoj4s8ebkhCIU6FlenmwvD3o3lErOHs4S8wrNNMdNZdJ/VVhYRo0Br+i8mDAJjG8AOJJLKkTp6p4tP7Fdr1/HqAwTyDlRUWLF9DpJOIVsIzgaIr+gEuY32oLpWq47Kg1xUWT8c384bLv9wWVDXm47bMbjGo4AppY4HxdB8oLnLgbfmL1zhJKYPCDnCYVq2WQaQiBBRj7Vbd0oD1HBE+6IOGnchi3LB14GmDiBJPLFwbQIM8+8/l1/Uh57XKZMqHx217RLATkvllC7i7wbVXEjLZlUfbtgwiXfiyRqsNTxI3oUF63FSrDKA9yffMxUAe+FmSTPaAlrZw2by4rfO/ijL4/E6sm0/thwV9ULuyQtWr+pgdpv7aDpQi2lFTfa7jP+7Ioa4UWJMO3A1cKHL6Zd6vyMI+3XQOcBTV/i0KMVpU9Rr+kiBMkDvZSoK4Xru5gJUxNJ1m8BoaM0GlYW9ga4eVkUWM26RxaDgGdaCzFL1JuuhMmEpqpN27sTOVGAvQvDsfzGUdIWHuwCpbV1h0RH3FOuTiz8B76EYxgFigXxrAQWxJm+qYpdX4Xb98hg4OHS6duJY0UCwJbB9FjAFHLiKgXuqo9cVEum0EjqVKCQyfU70jq8TxcxzUPUIfvw+B3oRQxUUbut6lcVJ+iLk/pYjXM0I+JGsnvHCMWCX5BXbZXHyVPtpxLQJBZQDJMqj9veh4lCfgbXELifawcFf7Z1HR9pttmj08+DfOICDhgbcaEeWpZ8gvLvWZJQZ9S7ARn6VXJV0XXSDO4CMjE4r1diSFjLAz2DC895z1r9PHjv96ltsiClQV8Y0o7Eas+yP+N8tKDnxz3lzdgDnnwlX+VYuA99sRuBs16I61lwYn5caKQ/R2FB8g/PvIh6TnzB5PSJ8qsqicqJ0laX19t2pCTUxYi3DW6G0irUMqHtue+S62tiiL0Moyopt5wMRdsViFapMjF1vF78fAYAoVANVlLeZ65IGXIINkWff5/qjx/oqPrmdwWQWPktQt2OU4gk9OC7RUDAOhdftEzdVn1tznxErTcPotHqvAUfszCk4AyQlr6RW0EQ5qse3vnrCP1SZ9x3wN40T9taFcR3RLmJtFTqD+lp6WYyD/jUMZPSpon4f7g5V/SZ0m+dAzyIUEtrenswJKyfN3jRUEM0fnecS4LEqx0RfYyE4SzL6cR8hv/scezKOlfhIKJmyRpU1X7BCUJ4iQl+dJvaE9ZFGFzDBaDpDJrMTJGuynzjBh2C5Llz6KyTgfLaASaR7wb65oxCn2rW9D+FYuRcU1QzmHyaCuywurAsHbQRHxRWxObZNVBI1QIDWbcE/Uew0FDLNEFHliJDHOm02uvGXVWiWiF1A6hCagNQNFzDvQqA8rbF2nZWxTyIJzIgh6XsZDEUdT+SkMCnYoWdbz77r2GXx9CT418DsEUc=,iv:Q5cuA9NatrgXuOH+Bd0Pv7RP2EFswX4VcXsaqwVcbsw=,tag:5CyJaLGCIMwoVSvvpsK7Vg==,type:str] network: - synology: ENC[AES256_GCM,data:r0Aor25K6IuywAq5Px9JasWpnYzAA87ffA1k/97GEqMRkb6V6VYW1Q1EoEGNnBoa5o6KBtHk0WY=,iv:IeZMBwKGOevgB3bgnSsF6JJ6ntcJa5fe5irVUuMOGwY=,tag:9JWqeKa0g7YzqpKy1VLFEA==,type:str] server: ENC[AES256_GCM,data:EFsmXNkuf5OAMh8hjfZTixmmdjqBNIME9JjQC8azeCwcMVInm8bWdxE4OqFmxOk9MAU=,iv:pI6WeM2aQC+7vx1Xmp5O2rikqNLgzuEOg+Lo7TqFQxU=,tag:ElcA8mn9dx+IjIf38nKT5A==,type:str] fallaryn: ENC[AES256_GCM,data:O77hH3STB6zpl0b9iXsVu9OOrlLKUwfs2qI9hdqX4kMuBs3XgT/xsQ==,iv:RDKsuJoy+LIyADMc3bgOEmLKdXtu6kad2aeVetuZdJI=,tag:MrpCZ+iJUnGIjeHMgcYG6Q==,type:str] garnet: ENC[AES256_GCM,data:N8sAdjTAiubQihKrtdCkaJQBKkz6/kNdeATiaZXRhlP/HLg7zg==,iv:8QP1HnGSUGHpkwBwQY2Z0gZ6tYaK7XzMuxXexY6QQaU=,tag:fHzPh9lvqB2BmuSkVH5Ojg==,type:str] @@ -66,7 +65,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-25T09:30:00Z" - mac: ENC[AES256_GCM,data:JA3RXs+AuOTOXFTqpwb5R2xT1Ia4mIO7pGHOqSVzNIZIrKdGStYZW1aBffanrMeAkHOPF0IXMNYv27bW0Z8Qo1AuijSn1daRtNAxBp5vYAaepV3DfYaZPTS35IqOklt7y0gLf9WEBKjaw9iwqNt+DD0DR3qGcSZe14IFdDIjbPU=,iv:emfH8TxrJVrrwsLcp74kN7NM0zQ4ROWQQkeuwMKPIYo=,tag:v302aJTdCAw/eJ3SWF63oA==,type:str] + lastmodified: "2025-10-31T03:30:15Z" + mac: ENC[AES256_GCM,data:o4mUJ0kqiTnepp3ujQo+71ldWjCW0r0U4d0vM8bzJEFZMH108fyAqhhw8BWOa7AlAOp7/x0ggm9/YHwf1ikmQJBfOc7+hneImmsGGd4xluu5tfC70AxjmEUBlku1z3IA9RzSBRtw3Gny3ggCknZa2bt8t2tcVOKNwkz32uQqlBo=,iv:bGmqmlMsHVP8ACgGDtjN1RAd/TzuqO1tn8R1XWQXMbY=,tag:eRXMQzay+Lv/rEhkjtpcKA==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0 diff --git a/systems/deimos/config/filesystem.nix b/systems/deimos/config/filesystem.nix index 386c839..8377a05 100755 --- a/systems/deimos/config/filesystem.nix +++ b/systems/deimos/config/filesystem.nix @@ -5,18 +5,14 @@ }: let inherit (flake.config.people) user0; - inherit (flake.config.machines.devices) deimos synology ceres; + inherit (flake.config.machines.devices) deimos ceres; inherit (flake.config.services) instances; - synologySecrets = config.sops.secrets."network/synology".path; ceresSecrets = config.sops.secrets."network/server".path; in { fileSystems = let - synologyDrives = [ - "folder0" - ]; sambaDrives = [ "samba0" @@ -33,17 +29,6 @@ in # instances.opencloud.name ]; - synologyMounts = synologyDrive: { - name = "${synology.${synologyDrive}.mount}"; - value = { - device = synology.${synologyDrive}.device; - fsType = "cifs"; - options = synology.${synologyDrive}.options ++ [ - "credentials=${synologySecrets}" - ]; - }; - }; - sambaMounts = sambaDrive: folder: { name = "${ceres.${sambaDrive}.mount}/${folder}"; value = { @@ -75,7 +60,6 @@ in options = deimos.boot.options; }; } - // (builtins.listToAttrs (map synologyMounts synologyDrives)) // (builtins.listToAttrs ( builtins.concatMap (drive: map (folder: sambaMounts drive folder) remoteFolders) sambaDrives )) diff --git a/systems/deimos/config/sops.nix b/systems/deimos/config/sops.nix index 90298ee..1437f5b 100755 --- a/systems/deimos/config/sops.nix +++ b/systems/deimos/config/sops.nix @@ -1,11 +1,6 @@ { sops = { secrets = { - "network/synology" = { - path = "/var/lib/secrets/synology"; - owner = "root"; - mode = "600"; - }; "network/server" = { path = "/var/lib/secrets/server"; owner = "root"; diff --git a/systems/mars/config/filesystem.nix b/systems/mars/config/filesystem.nix index 7a03cd0..13a3a87 100755 --- a/systems/mars/config/filesystem.nix +++ b/systems/mars/config/filesystem.nix @@ -5,17 +5,13 @@ }: let inherit (flake.config.people) user0; - inherit (flake.config.machines.devices) mars ceres synology; + inherit (flake.config.machines.devices) mars ceres; inherit (flake.config.services) instances; - synologySecrets = config.sops.secrets."network/synology".path; ceresSecrets = config.sops.secrets."network/server".path; in { fileSystems = let - synologyDrives = [ - "folder0" - ]; storageDrives = [ "storage0" @@ -33,17 +29,6 @@ in # instances.opencloud.name ]; - synologyMounts = synologyDrive: { - name = "${synology.${synologyDrive}.mount}"; - value = { - device = synology.${synologyDrive}.device; - fsType = "cifs"; - options = synology.${synologyDrive}.options ++ [ - "credentials=${synologySecrets}" - ]; - }; - }; - storageMounts = storageDrive: { name = "${mars.${storageDrive}.mount}"; value = { @@ -75,7 +60,6 @@ in options = mars.boot.options; }; } - // (builtins.listToAttrs (map synologyMounts synologyDrives)) // (builtins.listToAttrs (map storageMounts storageDrives)) // (builtins.listToAttrs ( builtins.concatMap (drive: map (folder: sambaMounts drive folder) sambaFolders) sambaDrives diff --git a/systems/mars/config/sops.nix b/systems/mars/config/sops.nix index 90298ee..1437f5b 100755 --- a/systems/mars/config/sops.nix +++ b/systems/mars/config/sops.nix @@ -1,11 +1,6 @@ { sops = { secrets = { - "network/synology" = { - path = "/var/lib/secrets/synology"; - owner = "root"; - mode = "600"; - }; "network/server" = { path = "/var/lib/secrets/server"; owner = "root"; diff --git a/systems/phobos/config/sops.nix b/systems/phobos/config/sops.nix index 90298ee..1437f5b 100755 --- a/systems/phobos/config/sops.nix +++ b/systems/phobos/config/sops.nix @@ -1,11 +1,6 @@ { sops = { secrets = { - "network/synology" = { - path = "/var/lib/secrets/synology"; - owner = "root"; - mode = "600"; - }; "network/server" = { path = "/var/lib/secrets/server"; owner = "root";