Remove initrd-network, never finished that

2024-09-21 16:49:23 -07:00 · 2024-09-21 16:49:23 -07:00 · c49b3e8259
commit c49b3e8259
parent 39c9dc8376
2 changed files with 0 additions and 87 deletions
--- a/lib/fudo/default.nix
+++ b/lib/fudo/default.nix
@ -22,7 +22,6 @@ with lib; {
    ./grafana.nix
    ./hosts.nix
    ./host-filesystems.nix
    ./initrd-network.nix
    ./ipfs.nix
    ./jabber.nix
    # ./kdc.nix
--- a/lib/fudo/initrd-network.nix
+++ b/lib/fudo/initrd-network.nix
@ -1,86 +0,0 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  hostname = config.instance.hostname;
  initrd-cfg = config.fudo.hosts.${hostname}.initrd-network;
  read-lines = filename: splitString "\n" (fileContents filename);
  concatLists = lsts: concatMap (i: i) lsts;
  gen-sshfp-records-pkg = hostname: pubkey: let
    pubkey-file = builtins.toFile "${hostname}-initrd-ssh-pubkey" pubkey;
  in pkgs.stdenv.mkDerivation {
    name = "${hostname}-initrd-ssh-firngerprint";
    phases = [ "installPhase" ];
    buildInputs = with pkgs; [ openssh ];
    installPhase = ''
      mkdir $out
      ssh-keygen -r REMOVEME -f "${pubkey-file}" | sed 's/^REMOVEME IN SSHFP //' >> $out/initrd-ssh-pubkey.sshfp
    '';
  };
  gen-sshfp-records = hostname: pubkey: let
    sshfp-record-pkg = gen-sshfp-records-pkg hostname pubkey;
  in read-lines "${sshfp-record-pkg}/initrd-ssh-pubkey.sshfp";
 in {
  config = {
    boot = mkIf (initrd-cfg != null) {
      kernelParams = let
        site-name = config.instance.local-site;
        site = config.fudo.sites.${site-name};
        site-gateway = pkgs.lib.network.site-gateway config site-name;
        netmask =
          pkgs.lib.ip.maskFromV32Network site.network;
      in [
        "ip=${initrd-cfg.ip}:${site-gateway}:${netmask}:${hostname}:${initrd-cfg.interface}"
      ];
      initrd = {
        network = {
          enable = true;
          ssh = let
            admin-ssh-keys =
              concatMap (admin: config.fudo.users.${admin}.ssh-authorized-keys)
                config.instance.local-admins;
          in {
            enable = true;
            port = 22;
            authorizedKeys = admin-ssh-keys;
            hostKeys = [
              initrd-cfg.keypair.private-key-file
            ];
          };
        };
      };
    };
    fudo = {
      local-network = let
        initrd-network-hosts =
          filterAttrs
            (hostname: hostOpts: hostOpts.initrd-network != null)
            config.instance.local-hosts;
      in {
        zone-definition.hosts = mapAttrs'
          (hostname: hostOpts: nameValuePair "${hostname}-recovery" {
            ipv4-address = hostOpts.initrd-network.ip;
            description = "${hostname} initrd host";
          }) initrd-network-hosts;
        extra-records = let
          recs = (mapAttrsToList
            (hostname: hostOpts: map
              (sshfp: "${hostname} IN SSHFP ${sshfp}")
              (gen-sshfp-records hostname hostOpts.initrd-network.keypair.public-key))
            initrd-network-hosts);
        in concatLists recs;
      };
    };
  };
 }