diff --git a/boxes/copernicus/services/default.nix b/boxes/copernicus/services/default.nix
index 2b461cb..a04d751 100644
--- a/boxes/copernicus/services/default.nix
+++ b/boxes/copernicus/services/default.nix
@@ -3,9 +3,6 @@
{
imports = [
./wireguard.nix
- ./grafana.nix
./nextcloud.nix
- ./paperless.nix
- ./guacamole
];
}
diff --git a/boxes/copernicus/services/grafana.nix b/boxes/copernicus/services/grafana.nix
deleted file mode 100644
index e3957f4..0000000
--- a/boxes/copernicus/services/grafana.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-{ lib, config, pkgs, ...}:
-
-{
- services.grafana = {
- enable = true;
- settings = {
- server = {
- http_addr = "10.100.0.2";
- http_port = 9802;
- domain = "grafana.beepboop.systems";
- };
- };
- };
-
- services.prometheus = {
- enable = true;
- listenAddress = "10.100.0.2";
- port = 9001;
-
- exporters = {
- node = {
- enable = true;
- enabledCollectors = [ "systemd" ];
- listenAddress = "10.100.0.2";
- port = 9002;
- };
- };
-
- scrapeConfigs = [
- {
- job_name = "copernicus";
- static_configs = [{
- targets = [ "10.100.0.2:9002" ];
- }];
- }
- {
- job_name = "netbox";
- static_configs = [{
- targets = [ "10.100.0.1:9002" ];
- }];
- }
- ];
- };
-}
diff --git a/boxes/copernicus/services/guacamole/default.nix b/boxes/copernicus/services/guacamole/default.nix
deleted file mode 100644
index ef6568f..0000000
--- a/boxes/copernicus/services/guacamole/default.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{ lib, config, pkgs, ...}:
-
-{
- services = {
- guacamole-server = {
- enable = true;
- host = "127.0.0.1";
- port = 4823;
- userMappingXml = (
- builtins.toFile "mapping.xml" (
- builtins.replaceStrings
- [ "hashedUserPassword" ]
- [(
- lib.removeSuffix
- "\n"
- # echo -n PASSWORD | openssl dgst -sha256 | awk -F' ' '{print $2}'
- ( builtins.readFile /home/usr/wg-keys/guacamole-server-credentials )
- )]
- ( builtins.readFile ./mapping.xml )
- )
- );
- };
-
- guacamole-client = {
- enable = true;
- enableWebserver = true;
- settings = {
- guacd-port = 4823;
- guacd-hostname = "127.0.0.1";
- };
- };
-
- tomcat.serverXml = builtins.readFile ./server.xml;
-
- openssh = {
- enable = true;
- listenAddresses = [
- {
- addr = "127.0.0.1";
- port = 22;
- }
- ];
- };
- };
-}
diff --git a/boxes/copernicus/services/guacamole/mapping.xml b/boxes/copernicus/services/guacamole/mapping.xml
deleted file mode 100644
index f2976e7..0000000
--- a/boxes/copernicus/services/guacamole/mapping.xml
+++ /dev/null
@@ -1,51 +0,0 @@
-
-
-
-
-
- ssh
- 127.0.0.1
- 22
-
-
-
- vnc
- 127.0.0.1
- 5900
-
-
-
- vnc
- 127.0.0.1
- 5901
-
-
-
- vnc
- 127.0.0.1
- 5902
-
-
-
- vnc
- 127.0.0.1
- 5903
-
-
-
- vnc
- 127.0.0.1
- 5904
-
-
-
- vnc
- 127.0.0.1
- 5905
-
-
-
-
diff --git a/boxes/copernicus/services/guacamole/server.xml b/boxes/copernicus/services/guacamole/server.xml
deleted file mode 100644
index d1d615b..0000000
--- a/boxes/copernicus/services/guacamole/server.xml
+++ /dev/null
@@ -1,188 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/boxes/copernicus/services/paperless.nix b/boxes/copernicus/services/paperless.nix
deleted file mode 100644
index 880bce4..0000000
--- a/boxes/copernicus/services/paperless.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ lib, config, pkgs, ...}:
-
-{
- services.paperless = {
- enable = true;
- passwordFile = "/home/usr/wg-keys/paperless";
- address = "10.100.0.2";
- port = 6230;
- settings = {
- PAPERLESS_URL = "https://paperless.beepboop.systems";
- };
- };
-}
diff --git a/boxes/copernicus/services/photoprism.nix b/boxes/copernicus/services/photoprism.nix
deleted file mode 100644
index dc9e91f..0000000
--- a/boxes/copernicus/services/photoprism.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{ lib, config, pkgs, ...}:
-
-{
- services.photoprism = {
- enable = true;
- originalsPath = "/var/lib/photoprism/originals";
- address = "10.100.0.2";
- settings = {
- PHOTOPRISM_ADMIN_USER = "usr";
- PHOTOPRISM_ADMIN_PASSWORD = "testing"; # THIS IS AN INITIAL PASSWORD -- changed later
- PHOTOPRISM_SITE_TITLE = "photos.beepboop.systems";
- PHOTOPRISM_SITE_URL = "https://photos.beepboop.systems";
- PHOTOPRISM_DEFAULT_LOCALE = "en";
- };
- };
-}
diff --git a/boxes/netbox/default.nix b/boxes/netbox/default.nix
index 3684b05..4331d02 100644
--- a/boxes/netbox/default.nix
+++ b/boxes/netbox/default.nix
@@ -12,18 +12,12 @@
./radicale.nix
./vaultwarden.nix
./sslh.nix
- ./rss2email.nix
./fail2ban.nix
./nginx.nix
./franklincce.nix
./wireguard.nix
- ./prometheus.nix
- ./socks.nix
./nextcloud-bridge.nix
- ./grafana-bridge.nix
- ./guacamole-bridge.nix
- ./paperless-bridge.nix
];
nix = {
diff --git a/boxes/netbox/fail2ban.nix b/boxes/netbox/fail2ban.nix
deleted file mode 100644
index b23a151..0000000
--- a/boxes/netbox/fail2ban.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- services.fail2ban = {
- enable = true;
- ignoreIP = [
- "192.168.1.0/24"
- ];
- extraPackages = [pkgs.ipset];
- banaction = "iptables-ipset-proto6-allports";
-
- jails = {
- "nginx-bruteforce" = ''
- enabled = true
- filter = nginx-bruteforce
- logpath = /var/log/nginx/access.log
- backend = auto
- maxretry = 6
- findtime = 600
- '';
-
- "postfix-bruteforce" = ''
- enabled = true
- filter = postfix-bruteforce
- maxretry = 6
- findtime = 600
- '';
- };
- };
-
- environment.etc = {
- "fail2ban/filter.d/nginx-bruteforce.conf".text = ''
- [Definition]
- failregex = ^.*GET.*(matrix/server|\.php|admin|wp\-).* HTTP/\d.\d\" 404.*$
- '';
-
- "fail2ban/filter.d/postfix-bruteforce.conf".text = ''
- [Definition]
- failregex = warning: [\w\.\-]+\[\]: SASL LOGIN authentication failed.*$
- journalmatch = _SYSTEMD_UNIT=postfix.service
- '';
- };
-}
diff --git a/boxes/netbox/grafana-bridge.nix b/boxes/netbox/grafana-bridge.nix
deleted file mode 100644
index 83ce201..0000000
--- a/boxes/netbox/grafana-bridge.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- services.nginx.virtualHosts."grafana.beepboop.systems" = {
- forceSSL = true;
- enableACME = true;
- locations."/" = {
- proxyPass = "http://10.100.0.2:9802";
- proxyWebsockets = true;
- extraConfig = ''
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host $host;
- proxy_buffering off;
- '';
- };
- };
-}
diff --git a/boxes/netbox/guacamole-bridge.nix b/boxes/netbox/guacamole-bridge.nix
deleted file mode 100644
index bf04084..0000000
--- a/boxes/netbox/guacamole-bridge.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- services.nginx.virtualHosts."rcon.beepboop.systems" = {
- forceSSL = true;
- enableACME = true;
- locations."/" = {
- proxyPass = "http://10.100.0.2:6733";
- proxyWebsockets = true;
- extraConfig = ''
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host $host;
- proxy_buffering off;
-
- port_in_redirect off;
- absolute_redirect off;
-
- location = / {
- return 301 /guacamole/;
- }
- '';
- };
- };
-}
diff --git a/boxes/netbox/paperless-bridge.nix b/boxes/netbox/paperless-bridge.nix
deleted file mode 100644
index fda0c4c..0000000
--- a/boxes/netbox/paperless-bridge.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- services.nginx.virtualHosts."paperless.beepboop.systems" = {
- forceSSL = true;
- enableACME = true;
- locations."/" = {
- proxyPass = "http://10.100.0.2:6230";
- extraConfig = ''
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host $host;
- proxy_buffering off;
- '';
- };
- };
-}
diff --git a/boxes/netbox/prometheus.nix b/boxes/netbox/prometheus.nix
deleted file mode 100644
index 32d5e01..0000000
--- a/boxes/netbox/prometheus.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- services.prometheus = {
- exporters = {
- node = {
- enable = true;
- enabledCollectors = [ "systemd" ];
- listenAddress = "10.100.0.1";
- port = 9002;
- };
- };
- };
-}
diff --git a/boxes/netbox/rss2email.nix b/boxes/netbox/rss2email.nix
deleted file mode 100644
index 0fc2304..0000000
--- a/boxes/netbox/rss2email.nix
+++ /dev/null
@@ -1,24 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- services.rss2email = {
- enable = true;
- to = "ryan@beepboop.systems";
- feeds = {
- "eff" = {
- url = "https://www.eff.org/rss/updates.xml";
- };
- "nixos" = {
- url = "https://nixos.org/blog/announcements-rss.xml";
- };
- "drewdevault" = {
- url = "https://drewdevault.com/blog/index.xml";
- };
- "nullprogram" = {
- url = "https://nullprogram.com/feed/";
- };
- "computersarebad" = {
- url = "https://computer.rip/rss.xml";
- };
- };
- };
-}
diff --git a/boxes/netbox/socks.nix b/boxes/netbox/socks.nix
deleted file mode 100644
index a55d938..0000000
--- a/boxes/netbox/socks.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- services._3proxy = {
- enable = true;
- services = [
- {
- type = "socks";
- auth = [ "none" ];
- bindAddress = "10.100.0.1";
- bindPort = 3128;
- }
- ];
- };
-}