2025-12-07 05:27:13 -06:00
5 changed files with 21 additions and 191 deletions
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -16,8 +16,7 @@ in
          sddm
          wireguard
          microvm
-          defenseio
-          # midnight
+          midnight
          ;
      };
    };
@ -32,8 +31,7 @@ in
          plymouth
          wireguard
          microvm
-          defenseio
-          # midnight
+          midnight
          ;
      };
    };
@ -42,8 +40,7 @@ in
      imports = builtins.attrValues {
        inherit (modules)
          microvm
-          defenseio
-          # midnight
+          midnight
          ;
      };
    };
@ -63,7 +60,7 @@ in
          # logrotate
          mastodon
          microvm
-          # midnight
+          midnight
          minecraft
          # ollamaCeres
          ceresOpenCloud
@ -75,7 +72,6 @@ in
          vaultwarden
          website
          zookeeper
-          defenseio
          ;
      };
    };
@ -87,11 +83,10 @@ in
          caddy
          logrotate
          microvm
-          # midnight
+          midnight
          # opencloud
          sambaEris
          postgresEris
-          defenseio
          ;
      };
    };
--- a/modules/nixos/guests/defenseio/default.nix
+++ b/modules/nixos/guests/defenseio/default.nix
@ -1,174 +0,0 @@
-{
-  flake,
-  pkgs,
-  config,
-  ...
-}:
-let
-  inherit (flake.config.people) user0;
-  inherit (flake.config.machines) devices;
-
-  mars = devices.mars.name;
-  ceres = devices.ceres.name;
-  eris = devices.eris.name;
-  deimos = devices.deimos.name;
-  phobos = devices.phobos.name;
-
-  hostname = config.networking.hostName;
-
-  deviceLogic =
-    var0: var1: var2: var3: var4:
-    if hostname == ceres then
-      var0
-    else if hostname == eris then
-      var1
-    else if hostname == mars then
-      var2
-    else if hostname == deimos then
-      var3
-    else if hostname == phobos then
-      var4
-    else
-      var0;
-
-  macOctet = deviceLogic "57" "58" "59" "60" "61";
-in
-
-{
-  microvm = {
-    vms = {
-      defenseio = {
-        autostart = true;
-        config =
-          let
-            macAddress = "02:00:00:00:00:${macOctet}";
-            workers = deviceLogic 35 4 18 5 6;
-          in
-          {
-            environment.systemPackages = [
-              pkgs.git
-              pkgs.ncurses
-              pkgs.python313
-            ];
-
-            microvm = {
-              forwardPorts = [
-                {
-                  from = "host";
-                  host.port = 2058;
-                  guest.port = 22;
-                }
-              ];
-              hypervisor = "qemu";
-              interfaces = [
-                {
-                  type = "user";
-                  id = "uservm-dfo";
-                  mac = macAddress;
-                }
-              ];
-              mem = deviceLogic 45000 5120 22000 6144 7168;
-              shares = [
-                {
-                  mountPoint = "/nix/.ro-store";
-                  proto = "virtiofs";
-                  source = "/nix/store";
-                  tag = "read_only_nix_store";
-                }
-                {
-                  mountPoint = "/var/lib/defenseio-data";
-                  proto = "virtiofs";
-                  source = "/var/lib/defenseio-data";
-                  tag = "defenseio_data";
-                }
-              ];
-              vcpu = workers;
-            };
-
-            networking.firewall.allowedTCPPorts = [
-              22
-            ];
-
-            services = {
-              openssh = {
-                enable = true;
-                settings.PasswordAuthentication = false;
-              };
-            };
-
-            system.stateVersion = "25.05";
-
-            systemd = {
-              network = {
-                enable = true;
-                networks."20-user" = {
-                  matchConfig.MACAddress = macAddress;
-                  networkConfig = {
-                    DHCP = "yes";
-                  };
-                };
-              };
-
-              tmpfiles.rules = [
-                "d /var/lib/defenseio-data 0755 root root - -"
-              ];
-
-              services = {
-                defenseio-miner = {
-                  after = [ "network-online.target" ];
-                  description = "DefenseIOMiner - DFO token miner";
-                  serviceConfig = {
-                    Environment = [
-                      "PATH=/run/current-system/sw/bin"
-                      "TERM=xterm-256color"
-                    ];
-                    ExecStartPre = pkgs.writeShellScript "setup-miner" ''
-                      # Create venv if not already present (persists on virtiofs mount)
-                      if [ ! -d /var/lib/defenseio-data/venv ]; then
-                        ${pkgs.python313}/bin/python -m venv /var/lib/defenseio-data/venv
-                      fi
-
-                      # Install/upgrade dependencies
-                      /var/lib/defenseio-data/venv/bin/pip install --upgrade pip
-                      /var/lib/defenseio-data/venv/bin/pip install requests pycardano cbor2 portalocker
-
-                      # Clone repo if not already present
-                      if [ ! -d /var/lib/defenseio-data/MidnightMiner ]; then
-                        cd /var/lib/defenseio-data
-                        ${pkgs.git}/bin/git clone https://github.com/djeanql/MidnightMiner.git
-                      else
-                        cd /var/lib/defenseio-data/MidnightMiner
-                        ${pkgs.git}/bin/git pull
-                      fi
-
-                      # Show current commit
-                      cd /var/lib/defenseio-data/MidnightMiner
-                      echo "Current commit: $(${pkgs.git}/bin/git log -1 --format='%h - %s')"
-                    '';
-                    ExecStart = pkgs.writeShellScript "run-miner" ''
-                      export PATH=/run/current-system/sw/bin:$PATH
-                      cd /var/lib/defenseio-data/MidnightMiner
-                      /var/lib/defenseio-data/venv/bin/python miner.py --defensio --workers ${toString workers} --no-donation
-                    '';
-                    Restart = "always";
-                    RestartSec = 10;
-                  };
-                  wants = [ "network-online.target" ];
-                  wantedBy = [ "multi-user.target" ];
-                };
-              };
-            };
-
-            time.timeZone = "America/Winnipeg";
-
-            users.users.root.openssh.authorizedKeys.keys = flake.config.people.users.${user0}.sshKeys;
-
-          };
-      };
-    };
-  };
-  systemd.tmpfiles.rules = [
-    "d /var/lib/defenseio-data 0751 microvm wheel - -"
-  ];
-
-}
--- a/modules/nixos/guests/jellyfin/default.nix
+++ b/modules/nixos/guests/jellyfin/default.nix
@ -82,7 +82,7 @@ in
        systemd.services.systemd-networkd.wantedBy = [ "multi-user.target" ];

        microvm = {
-          vcpu = 8;
+          vcpu = 6;
          mem = 8192;
          hypervisor = "qemu";
          interfaces = [
--- a/modules/nixos/guests/projectSite/default.nix
+++ b/modules/nixos/guests/projectSite/default.nix
@ -78,6 +78,7 @@ in
    };
  };

+  # Host Caddy
  services.caddy = {
    enable = true;
    virtualHosts.${host}.extraConfig = ''
@ -85,6 +86,7 @@ in
    '';
  };

+  # ACME cert
  security.acme.certs.${host} = {
    dnsProvider = instances.web.dns.provider1;
    environmentFile = config.sops.secrets."dns/${instances.web.dns.provider1}".path;
--- a/profiles/user0/files/misc/justfile.nix
+++ b/profiles/user0/files/misc/justfile.nix
@ -9,16 +9,16 @@ let
  inherit (flake.config.services) instances;
  hostname = config.networking.hostName;
  dotPath = "~/projects/dotfiles";
-  mkLocalRebuild = ''
-    rebuild:
-      nixos-rebuild switch --sudo --flake ${dotPath}#${hostname} --show-trace
+  mkLocalRebuild = type: ''
+    ${type}-rebuild:
+      nixos-rebuild ${type} --sudo --flake ${dotPath}#${hostname} --show-trace
  '';
  mkRemoteRebuild = name: ip: ''
-    rebuild-${name}:
+    ${name}-rebuild:
       nixos-rebuild switch --flake ${dotPath}#${name} --target-host ${ip} --sudo --ask-sudo-password --show-trace
  '';
  mkSshCommands = name: ip: ''
-    ${name}:
+    ${name}-ssh:
      ssh ${ip}
  '';
  mkMicrVMSshCommands = name: ssh: ''
@ -43,7 +43,14 @@ let
      (command instances.firefly-iii.name instances.firefly-iii.interface.ssh)
      (command instances.mastodon.name instances.mastodon.interface.ssh)
    ];
-  localRebuild = mkLocalRebuild;
+  typeLabels =
+    type:
+    lib.concatStrings [
+      (type "switch")
+      (type "build")
+      (type "boot")
+    ];
+  localRebuild = typeLabels mkLocalRebuild;
  remoteRebuild = systemRecords mkRemoteRebuild;
  sshCommand = systemRecords mkSshCommands;
  microVMSshCommand = instanceRecords mkMicrVMSshCommands;