rm authelia, wraspi acme

Author: buurro

hosts/blender/configuration.nix

@@ -1,7 +1,4 @@
 { config, pkgs, inputs, ... }:
-let
-  authelia = import ../../modules/nixos/authelia/stuff.nix;
-in
 {
   imports = [
     ./hardware-configuration.nix
@@ -96,10 +93,8 @@ in
   services.nginx.virtualHosts."torrent.pine.marco.ooo" = {
     forceSSL = true;
     useACMEHost = "pine.marco.ooo";
-    extraConfig = authelia.nginx.enableVhost;
     locations."/" = {
       proxyPass = "http://127.0.0.1:9091";
-      extraConfig = authelia.nginx.enableLocation;
     };
   };
 
@@ -124,24 +119,6 @@ in
     clientMaxBodySize = "200m";
   };
 
-  age.secrets."authelia.jwtSecretFile" = {
-    file = ../../secrets/authelia.jwtSecretFile.age;
-    owner = config.services.authelia.instances.main.user;
-    group = config.services.authelia.instances.main.group;
-  };
-  age.secrets."authelia.storageEncryptionKeyFile" = {
-    file = ../../secrets/authelia.storageEncryptionKeyFile.age;
-    owner = config.services.authelia.instances.main.user;
-    group = config.services.authelia.instances.main.group;
-  };
-
-  modules.authelia = {
-    enable = true;
-    domain = "pine.marco.ooo";
-    jwtSecretFile = config.age.secrets."authelia.jwtSecretFile".path;
-    storageEncryptionKeyFile = config.age.secrets."authelia.storageEncryptionKeyFile".path;
-  };
-
   services.sonarr = {
     enable = true;
     user = "nas";

hosts/wraspi/configuration.nix

@@ -5,24 +5,8 @@
 
   modules.home-manager.enable = true;
 
-  age.secrets."risaro.la" = {
-    file = ../../secrets/risaro.la.age;
-  };
-
   users.groups."sslcerts" = { };
 
-  security.acme.acceptTerms = true;
-  security.acme.defaults = {
-    email = inputs.self.users.marco.email;
-    server = "https://acme-staging-v02.api.letsencrypt.org/directory";
-    group = "sslcerts";
-    dnsProvider = "cloudflare";
-    credentialsFile = config.age.secrets."risaro.la".path;
-  };
-  security.acme.certs."risaro.la" = {
-    domain = "*.risaro.la";
-  };
-
   fileSystems."/" = {
     device = "/dev/disk/by-label/NIXOS_SD";
     fsType = "ext4";

modules/nixos/authelia/authelia-authrequest.conf

@@ -19,7 +19,6 @@ in
     ../network-stuff.nix
     ../desktop.nix
     ../home-manager.nix
-    ../authelia
     ../hyprland
   ];
 

modules/nixos/authelia/authelia-location.conf

@@ -1,11 +1,9 @@
 age-encryption.org/v1
--> ssh-ed25519 +zi6VA o6S27FfE9LZHFPcjTDw0vt/koYYe6hJSnIvbgfvLDmM
-Ctm0jv45RbzgVAhzXSWKHkgDoIPWqtZ2TGYW0XuGxf4
--> ssh-ed25519 bZ4Dwg jUYzcxqVAp5BHO5AfIyHae0Q1DHKOyiFLKNJgRo2Nhc
-DSM0PX0TD5OQy8iBxITPJbRbF8klIVnBzdADjHNehpE
--> ssh-ed25519 nTQHAw tpiCXGfgQBeDjsaSyD5aK3RbkWCcSHNsSeohNuPDmGQ
-YVhsSHpWRSmNMEe+jTmj7hWzfAYzgVtuHZNbMO9tBhA
--> ssh-ed25519 nVBvsw LOL04reoenIUdfTDOe/vcgFO3rMaqyAfsiagUdtO7Ag
-c00OQUicMiiPr3C/3R5hZeIEsA7UeGpU7N6uSJEe6/M
---- yTQAqOmUQJuBVkTI/PPc88SSCpbP31St2ky/PKU2BV0
-����T�-�<2ă$�\��3�����Q�~(<�k0���ac�F�{+7�T �1菋��F�TM7�–,���7W�ݴ�A� �h�
+-> ssh-ed25519 +zi6VA K9ZD4CeixZyRpUTP4w4woodgN4kEn0xHMiNEv8SX8V0
+jvTm1JAwuqcxN+lov4s6W4t/VLyUt5vwzUTMl0mD0kw
+-> ssh-ed25519 nTQHAw rdHZQkfVwlinXtJlYTTBtVz+Oiy2r1LCEmqCgCoN0VQ
+Bd8S+9e1wNJScN7815dibyeGF0dpDsYhDqja45CSj2I
+-> ssh-ed25519 nVBvsw yX85FYBckXNW9PRzkzJ0CWU/2usUXcjshEP7aKtcsyM
+6GPWQth6nBEG8pqqjBFsZHqslAGDjnJLMPdyVBxLE/U
+--- 7f3GCair1ZhL17p4XDrC2Ym80ruQU3gVcX/ZcQ+XE+c
+`1y<�Tk�}�����LiKki�ڂ���a��K��Ҏ!}�'Y�^�_�l�5�eQ�^s��Z]�}=Mn^��˂t�ѪF��GwZS�2

modules/nixos/authelia/default.nix

@@ -1,16 +1,12 @@
 let
-  blender = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJI74ZGq82VySA5AS5OCvafmhVwARDRlYow+mKXq6eIE";
   qraspi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILUnZQFo+GMqhnNUfzExwZvZRPmOy8+bZyABQCsSyqT0";
   mixer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBWCTtXHe/Zpr9qyWhDVY+pKX/b/VA3DFiUrDpOQFCl4";
   toaster = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIwYNiDUMF/rOBh929JDGXtr5371osQkgHAa7pmiuTwr";
   other = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIR/Dqd+UXeEQovChEHgDhIIaXcrpa+i2/KwECTbkp5q";
   github-runner = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFtY5AcmCumRiR3YDnMfNU7Ye1EPTKO6Lf9V0jphOCay";
-  wraspi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL7U4YkBp3TyEZNETH0kFlyjTBTRPy74LqMs43TuwslO";
 in
 {
-  "authelia.jwtSecretFile.age".publicKeys = [ blender ];
-  "authelia.storageEncryptionKeyFile.age".publicKeys = [ blender ];
-  "risaro.la.age".publicKeys = [ qraspi wraspi toaster other ];
+  "risaro.la.age".publicKeys = [ qraspi toaster other ];
   "somefile.zip.age".publicKeys = [ mixer toaster other ];
   "github-runner-ncc-1.age".publicKeys = [ github-runner toaster other ];
 }