flake.lock

@@ -42,11 +42,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1668784520,
-        "narHash": "sha256-gGgVAMwYPPmrfnvnoRi6OkEB5KRsNTb9uYzEceLdO/g=",
+        "lastModified": 1667419884,
+        "narHash": "sha256-oLNw87ZI5NxTMlNQBv1wG2N27CUzo9admaFlnmavpiY=",
         "owner": "LnL7",
         "repo": "nix-darwin",
-        "rev": "6349b99bc2b96ded34d068a88c7c5ced406b7f7f",
+        "rev": "cfc0125eafadc9569d3d6a16ee928375b77e3100",
         "type": "github"
       },
       "original": {
@@ -85,11 +85,11 @@
         "utils": "utils"
       },
       "locked": {
-        "lastModified": 1668797197,
-        "narHash": "sha256-0w6iD3GSSQbIeSFVDzAAQZB+hDq670ZTms3d9XI+BtM=",
+        "lastModified": 1659725433,
+        "narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=",
         "owner": "serokell",
         "repo": "deploy-rs",
-        "rev": "2a3c5f70eee04a465aa534d8bd4fcc9bb3c4a8ce",
+        "rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb",
         "type": "github"
       },
       "original": {
@@ -120,31 +120,6 @@
         "type": "github"
       }
     },
-    "devshell_2": {
-      "inputs": {
-        "flake-utils": [
-          "keycloak-theme-pub-solar",
-          "flake-utils"
-        ],
-        "nixpkgs": [
-          "keycloak-theme-pub-solar",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1667210711,
-        "narHash": "sha256-IoErjXZAkzYWHEpQqwu/DeRNJGFdR7X2OGbkhMqMrpw=",
-        "owner": "numtide",
-        "repo": "devshell",
-        "rev": "96a9dd12b8a447840cc246e17a47b81a4268bba7",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "devshell",
-        "type": "github"
-      }
-    },
     "digga": {
       "inputs": {
         "blank": "blank",
@@ -217,11 +192,11 @@
     "flake-compat_3": {
       "flake": false,
       "locked": {
-        "lastModified": 1668681692,
-        "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
+        "lastModified": 1650374568,
+        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "009399224d5e398d03b22badca40a37ac85412a1",
+        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
         "type": "github"
       },
       "original": {
@@ -296,21 +271,6 @@
       }
     },
     "flake-utils_3": {
-      "locked": {
-        "lastModified": 1667395993,
-        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_4": {
       "locked": {
         "lastModified": 1667077288,
         "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=",
@@ -325,80 +285,25 @@
         "type": "github"
       }
     },
-    "flake-utils_5": {
-      "locked": {
-        "lastModified": 1653893745,
-        "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "fork": {
-      "locked": {
-        "lastModified": 1669557692,
-        "narHash": "sha256-UgaVtppJ2CVtdQibM4wp0vr6hp/H+zVa8CwdgPr814w=",
-        "owner": "teutat3s",
-        "repo": "nixpkgs",
-        "rev": "6033e4e5ed285759726050faaf6f75fbdbb33b20",
-        "type": "github"
-      },
-      "original": {
-        "owner": "teutat3s",
-        "ref": "fix/gitea-needs-gpg-in-path",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
     "home": {
       "inputs": {
-        "nixpkgs": [
-          "nixos"
-        ],
-        "utils": "utils_2"
-      },
-      "locked": {
-        "lastModified": 1669071065,
-        "narHash": "sha256-KBpgj3JkvlPsJ3duOZqFJe6tgr+wc75t8sFmgRbBSbw=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "f7641a3ff398ccce952e19a199d775934e518c1d",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "ref": "release-22.11",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
-    "keycloak-theme-pub-solar": {
-      "inputs": {
-        "devshell": "devshell_2",
-        "flake-utils": "flake-utils_3",
         "nixpkgs": [
           "nixos"
         ]
       },
       "locked": {
-        "lastModified": 1669645736,
-        "narHash": "sha256-u1yK1fyh1UEX3BITfk6ROenWbP3aznZRplwCE+FVtHE=",
-        "ref": "main",
-        "rev": "b488fe24a27bf76e0b777202bf13a68660121305",
-        "revCount": 17,
-        "type": "git",
-        "url": "https://git.pub.solar/pub-solar/keycloak-theme"
+        "lastModified": 1667677389,
+        "narHash": "sha256-y9Zdq8vtsn0T5TO1iTvWA7JndYIAGjzCjbYVi/hOSmA=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "87d55517f6f36aa1afbd7a4a064869d5a1d405b8",
+        "type": "github"
       },
       "original": {
-        "ref": "main",
-        "type": "git",
-        "url": "https://git.pub.solar/pub-solar/keycloak-theme"
+        "owner": "nix-community",
+        "ref": "release-22.05",
+        "repo": "home-manager",
+        "type": "github"
       }
     },
     "latest": {
@@ -419,11 +324,11 @@
     },
     "latest_2": {
       "locked": {
-        "lastModified": 1669542132,
-        "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=",
+        "lastModified": 1667629849,
+        "narHash": "sha256-P+v+nDOFWicM4wziFK9S/ajF2lc0N2Rg9p6Y35uMoZI=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "a115bb9bd56831941be3776c8a94005867f316a7",
+        "rev": "3bacde6273b09a21a8ccfba15586fb165078fb62",
         "type": "github"
       },
       "original": {
@@ -470,16 +375,16 @@
     },
     "nixos": {
       "locked": {
-        "lastModified": 1669558522,
-        "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
+        "lastModified": 1667653703,
+        "narHash": "sha256-Xow4vx52/g5zkhlgZnMEm/TEXsj+13jTPCc2jIhW1xU=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
+        "rev": "f09ad462c5a121d0239fde645aacb2221553a217",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-22.11",
+        "ref": "nixos-22.05",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -490,11 +395,11 @@
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "lastModified": 1669065280,
-        "narHash": "sha256-3+pq1oJWjGDLfd8G/vR3IIFZ+EQ/aglukA0bTiMlf3o=",
+        "lastModified": 1666812839,
+        "narHash": "sha256-0nBDgjPU+iDsvz89W+cDEyhnFGSwCJmwDl/gMGqYiU0=",
         "owner": "nix-community",
         "repo": "nixos-generators",
-        "rev": "50aeec40f2072d2ab267c8ec8a345573704ec110",
+        "rev": "41f3518bc194389df22a3d198215eae75e6b5ab9",
         "type": "github"
       },
       "original": {
@@ -505,11 +410,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1669650994,
-        "narHash": "sha256-uwASLUfedIQ5q01TtMwZDEV2HCZr5nVPZjzVgCG+D5I=",
+        "lastModified": 1667768008,
+        "narHash": "sha256-PGbX0s2hhXGnZDFVE6UIhPSOf5YegpWs5dUXpT/14F0=",
         "owner": "nixos",
         "repo": "nixos-hardware",
-        "rev": "7883883d135ce5b7eae5dce4bfa12262b85c1c46",
+        "rev": "f6483e0def85efb9c1e884efbaff45a5e7aabb34",
         "type": "github"
       },
       "original": {
@@ -565,7 +470,7 @@
     "nvfetcher": {
       "inputs": {
         "flake-compat": "flake-compat_4",
-        "flake-utils": "flake-utils_4",
+        "flake-utils": "flake-utils_3",
         "nixpkgs": [
           "nixos"
         ]
@@ -591,41 +496,14 @@
         "deploy": "deploy",
         "digga": "digga",
         "flake-compat": "flake-compat_3",
-        "fork": "fork",
         "home": "home",
-        "keycloak-theme-pub-solar": "keycloak-theme-pub-solar",
         "latest": "latest_2",
         "naersk": "naersk",
         "nixos": "nixos",
         "nixos-generators": "nixos-generators",
         "nixos-hardware": "nixos-hardware",
         "nur": "nur",
-        "nvfetcher": "nvfetcher",
-        "triton-vmtools": "triton-vmtools"
-      }
-    },
-    "triton-vmtools": {
-      "inputs": {
-        "flake-utils": "flake-utils_5",
-        "nixpkgs": [
-          "nixos"
-        ]
-      },
-      "locked": {
-        "dir": "vmtools",
-        "lastModified": 1669648111,
-        "narHash": "sha256-EKh7iM4fCyZ7L6+HmGn3QkZ1HuG9zMEkziOH3K13SbY=",
-        "ref": "main",
-        "rev": "d78c4afe040440437949ce581ae0dcdc5893553c",
-        "revCount": 28,
-        "type": "git",
-        "url": "https://git.b12f.io/pub-solar/infra?dir=vmtools"
-      },
-      "original": {
-        "dir": "vmtools",
-        "ref": "main",
-        "type": "git",
-        "url": "https://git.b12f.io/pub-solar/infra?dir=vmtools"
+        "nvfetcher": "nvfetcher"
       }
     },
     "utils": {
@@ -642,21 +520,6 @@
         "repo": "flake-utils",
         "type": "github"
       }
-    },
-    "utils_2": {
-      "locked": {
-        "lastModified": 1667395993,
-        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
     }
   },
   "root": "root",

flake.nix

@@ -8,9 +8,8 @@
   inputs =
     {
       # Track channels with commits tested and built by hydra
-      nixos.url = "github:nixos/nixpkgs/nixos-22.11";
+      nixos.url = "github:nixos/nixpkgs/nixos-22.05";
       latest.url = "github:nixos/nixpkgs/nixos-unstable";
-      fork.url = "github:teutat3s/nixpkgs/fix/gitea-needs-gpg-in-path";
 
       flake-compat.url = "github:edolstra/flake-compat";
       flake-compat.flake = false;
@@ -21,7 +20,7 @@
       digga.inputs.home-manager.follows = "home";
       digga.inputs.deploy.follows = "deploy";
 
-      home.url = "github:nix-community/home-manager/release-22.11";
+      home.url = "github:nix-community/home-manager/release-22.05";
       home.inputs.nixpkgs.follows = "nixos";
 
       darwin.url = "github:LnL7/nix-darwin";
@@ -42,12 +41,6 @@
       nixos-hardware.url = "github:nixos/nixos-hardware";
 
       nixos-generators.url = "github:nix-community/nixos-generators";
-
-      triton-vmtools.url = "git+https://git.b12f.io/pub-solar/infra?ref=main&dir=vmtools";
-      triton-vmtools.inputs.nixpkgs.follows = "nixos";
-
-      keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main";
-      keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixos";
     };
 
   outputs =
@@ -60,8 +53,6 @@
     , agenix
     , nvfetcher
     , deploy
-    , triton-vmtools
-    , keycloak-theme-pub-solar
     , ...
     } @ inputs:
     digga.lib.mkFlake
@@ -80,7 +71,6 @@
             overlays = [ ];
           };
           latest = { };
-          fork = { };
         };
 
         lib = import ./lib { lib = digga.lib // nixos.lib; };
@@ -153,7 +143,6 @@
           };
           users = {
             pub-solar = { suites, ... }: { imports = suites.base; };
-            barkeeper = { suites, ... }: { imports = suites.base; };
           }; # digga.lib.importers.rakeLeaves ./users/hm;
         };
 
@@ -161,11 +150,6 @@
 
         homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
 
-        deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {
-          flora-6 = {
-            sshUser = "barkeeper";
-            hostname = "flora-6.pub.solar";
-          };
-        };
+        deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { };
       };
 }

hosts/flora-6/caddy.nix

@@ -1,42 +0,0 @@
-{ config
-, lib
-, pkgs
-, self
-, ...
-}:
-{
-  services.caddy = {
-    enable = lib.mkForce true;
-    email = "admins@pub.solar";
-    globalConfig = lib.mkForce "";
-    virtualHosts = {
-      "auth.pub.solar" = {
-        logFormat = lib.mkForce ''
-          output discard
-        '';
-        extraConfig = ''
-          redir / /realms/pub.solar/account temporary
-          reverse_proxy :8080
-        '';
-      };
-      "git.pub.solar" = {
-        logFormat = lib.mkForce ''
-          output discard
-        '';
-        extraConfig = ''
-          redir /user/login /user/oauth2/keycloak temporary
-          reverse_proxy :3000
-        '';
-      };
-      "obs-portal.pub.solar" = {
-        logFormat = lib.mkForce ''
-          output discard
-        '';
-        extraConfig = ''
-          reverse_proxy obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone:3000
-        '';
-      };
-    };
-  };
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
-}

hosts/flora-6/default.nix

@@ -1,6 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ./flora-6.nix
-  ];
-}

hosts/flora-6/flora-6.nix

@@ -1,133 +0,0 @@
-{ config
-, forkModulesPath
-, latestModulesPath
-, lib
-, inputs
-, pkgs
-, profiles
-, self
-, ...
-}:
-let
-  psCfg = config.pub-solar;
-in
-{
-  imports = [
-    # Include the results of the hardware scan.
-    ./hardware-configuration.nix
-    ./triton-vmtools.nix
-
-    ./caddy.nix
-    ./keycloak.nix
-    ./gitea.nix
-
-    profiles.base-user
-    profiles.users.root # make sure to configure ssh keys
-    profiles.users.barkeeper
-
-    "${latestModulesPath}/services/web-apps/keycloak.nix"
-    "${forkModulesPath}/services/misc/gitea.nix"
-  ];
-  disabledModules = [
-    "services/web-apps/keycloak.nix"
-    "services/misc/gitea.nix"
-  ];
-
-  config = {
-    # # #
-    # # # pub.solar options
-    # # #
-    pub-solar.core = {
-      disk-encryption-active = false;
-      iso-options.enable = true;
-      lite = true;
-    };
-
-    # Allow sudo without a password for the barkeeper user
-    security.sudo.extraRules = [
-      {
-        users = [ "${psCfg.user.name}" ];
-        commands = [
-          {
-            command = "ALL";
-            options = [ "NOPASSWD" ];
-          }
-        ];
-      }
-    ];
-
-    # # #
-    # # # Triton host specific options
-    # # # DO NOT ALTER below this line, changes might render system unbootable
-    # # #
-
-    # Use the systemd-boot EFI boot loader.
-    boot.loader.systemd-boot.enable = true;
-    boot.loader.efi.canTouchEfiVariables = true;
-
-    # Force getting the hostname from cloud-init
-    networking.hostName = lib.mkDefault "";
-
-    # Set your time zone.
-    time.timeZone = "Europe/Berlin";
-
-    # Select internationalisation properties.
-    console = {
-      font = "Lat2-Terminus16";
-      keyMap = "us";
-    };
-
-    # List packages installed in system profile. To search, run:
-    # $ nix search wget
-    environment.systemPackages = with pkgs; [
-      git
-      vim
-      wget
-    ];
-
-    # Some programs need SUID wrappers, can be configured further or are
-    # started in user sessions.
-    # programs.mtr.enable = true;
-    # programs.gnupg.agent = {
-    #   enable = true;
-    #   enableSSHSupport = true;
-    # };
-
-    # List services that you want to enable:
-    services.cloud-init.enable = true;
-    services.cloud-init.ext4.enable = true;
-    services.cloud-init.network.enable = true;
-    # use the default NixOS cloud-init config, but add some SmartOS customization to it
-    environment.etc."cloud/cloud.cfg.d/90_smartos.cfg".text = ''
-      datasource_list: [ SmartOS ]
-
-      # Do not create the centos/ubuntu/debian user
-      users: [ ]
-
-      # mount second disk with label ephemeral0, gets formated by cloud-init
-      # this will fail to get added to /etc/fstab as it's read-only, but should
-      # mount at boot anyway
-      mounts:
-      - [ vdb, /data, auto, "defaults,nofail" ]
-    '';
-
-    # Enable the OpenSSH daemon.
-    services.openssh = {
-      enable = true;
-      passwordAuthentication = false;
-      permitRootLogin = "no";
-    };
-
-    # We manage the firewall with nix, too
-    # altough triton can also manage firewall rules via the triton fwrule subcommand
-    networking.firewall.enable = true;
-
-    # This value determines the NixOS release from which the default
-    # settings for stateful data, like file locations and database versions
-    # on your system were taken. It‘s perfectly fine and recommended to leave
-    # this value at the release version of the first install of this system.
-    # Before changing this value read the documentation for this option
-    # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-    system.stateVersion = "22.05"; # Did you read the comment?
-  };
-}

hosts/flora-6/gitea.nix

@@ -1,72 +0,0 @@
-{ config
-, lib
-, pkgs
-, self
-, ...
-}:
-{
-  age.secrets.gitea-database-password = {
-    file = "${self}/secrets/gitea-database-password.age";
-    mode = "700";
-    owner = "gitea";
-  };
-  age.secrets.gitea-mailer-password = {
-    file = "${self}/secrets/gitea-mailer-password.age";
-    mode = "700";
-    owner = "gitea";
-  };
-
-  # gitea
-  services.gitea = {
-    enable = true;
-    appName = "pub.solar git server";
-    database = {
-      type = "postgres";
-      passwordFile = config.age.secrets.gitea-database-password.path;
-    };
-    domain = "git.pub.solar";
-    httpAddress = "127.0.0.1";
-    httpPort = 3000;
-    lfs.enable = true;
-    mailerPasswordFile = config.age.secrets.gitea-mailer-password.path;
-    rootUrl = "https://git.pub.solar";
-    settings = {
-      mailer = {
-        ENABLED = true;
-        MAILER_TYPE = "smtp";
-        HOST = "mail.greenbaum.cloud:465";
-        FROM = ''"pub.solar git server" <gitea@pub.solar>'';
-        USER = "admins@pub.solar";
-      };
-      "repository.signing" = {
-        SIGNING_KEY = "default";
-        MERGES = "always";
-      };
-      openid = {
-        ENABLE_OPENID_SIGNIN = true;
-        ENABLE_OPENID_SIGNUP = true;
-      };
-      # uncomment after initial deployment, first user is admin user
-      # required to setup SSO (oauth openid-connect, keycloak auth provider)
-      service.ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
-      session.COOKIE_SECURE = lib.mkForce true;
-    };
-  };
-
-  # Required for gitea server side gpg signatures
-  # configured / setup manually in
-  # /var/lib/gitea/data/home/.gitconfig and
-  # /var/lib/gitea/data/home/.gnupg/
-  programs.gnupg.agent = {
-    enable = true;
-    pinentryFlavor = "curses";
-  };
-  # Required to make gpg work without a graphical environment?
-  # otherwise generating a new gpg key fails with this error:
-  # gpg: agent_genkey failed: No pinentry
-  # see: https://github.com/NixOS/nixpkgs/issues/97861#issuecomment-827951675
-  environment.variables = {
-    GPG_TTY = "$(tty)";
-  };
-
-}

hosts/flora-6/hardware-configuration.nix

@@ -1,42 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports = [ ];
-
-  boot.initrd.availableKernelModules = [ "ahci" "virtio_pci" "xhci_pci" "sr_mod" "virtio_blk" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    {
-      device = "/dev/disk/by-label/nixos";
-      autoResize = true;
-      fsType = "ext4";
-    };
-
-  fileSystems."/boot" =
-    {
-      device = "/dev/disk/by-label/boot";
-      fsType = "vfat";
-    };
-
-  fileSystems."/data" =
-    {
-      device = "/dev/disk/by-label/ephemeral0";
-      fsType = "ext4";
-      options = [
-        "defaults"
-        "nofail"
-      ];
-    };
-
-  swapDevices = [ ];
-
-  networking.useDHCP = lib.mkDefault false;
-
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}

hosts/flora-6/keycloak.nix

@@ -1,29 +0,0 @@
-{ config
-, lib
-, inputs
-, pkgs
-, self
-, ...
-}:
-{
-  age.secrets.keycloak-database-password = {
-    file = "${self}/secrets/keycloak-database-password.age";
-    mode = "700";
-    #owner = "keycloak";
-  };
-
-  # keycloak
-  services.keycloak = {
-    enable = true;
-    database.passwordFile = config.age.secrets.keycloak-database-password.path;
-    settings = {
-      hostname = "auth.pub.solar";
-      http-host = "127.0.0.1";
-      http-port = 8080;
-      proxy = "edge";
-    };
-    themes = {
-      "pub.solar" = inputs.keycloak-theme-pub-solar.legacyPackages.${pkgs.system}.keycloak-theme-pub-solar;
-    };
-  };
-}

hosts/flora-6/triton-vmtools.nix

@@ -1,6 +0,0 @@
-{ pkgs, inputs, ... }:
-{
-  environment.systemPackages = with pkgs; [
-    inputs.triton-vmtools.packages.${pkgs.system}.default
-  ];
-}

modules/compat/default.nix

@@ -2,5 +2,5 @@
   # Both things below are for
   # https://github.com/NixOS/nixpkgs/issues/124215
   documentation.info.enable = lib.mkForce false;
-  nix.settings.extra-sandbox-paths = [ "/bin/sh=${pkgs.bash}/bin/sh" ];
+  nix.sandboxPaths = [ "/bin/sh=${pkgs.bash}/bin/sh" ];
 }

modules/core/networking.nix

@@ -1,10 +1,8 @@
-{ config
-, pkgs
-, lib
-, ...
-}:
-with lib; let
-  cfg = config.pub-solar.core;
+{ config, pkgs, lib, ... }:
+
+with lib;
+
+let cfg = config.pub-solar.core;
 in
 {
   options.pub-solar.core = {
@@ -41,13 +39,12 @@ in
     networking.firewall.enable = true;
 
     # Customized binary caches list (with fallback to official binary cache)
-    nix.settings.substituters = cfg.binaryCaches;
-    nix.settings.trusted-public-keys = cfg.publicKeys;
+    nix.binaryCaches = cfg.binaryCaches;
+    nix.binaryCachePublicKeys = cfg.publicKeys;
 
     # These entries get added to /etc/hosts
     networking.hosts = {
-      "127.0.0.1" =
-        [ ]
+      "127.0.0.1" = [ ]
         ++ lib.optionals cfg.enableCaddy [ "caddy.local" ]
         ++ lib.optionals config.pub-solar.printing.enable [ "cups.local" ]
         ++ lib.optionals cfg.enableHelp [ "help.local" ];

modules/core/nix.nix

@@ -1,24 +1,19 @@
-{ config
-, pkgs
-, lib
-, inputs
-, ...
-}: {
+{ config, pkgs, lib, inputs, ... }:
+
+{
   nix = {
     # Use default version alias for nix package
     package = pkgs.nix;
+    # Improve nix store disk usage
+    autoOptimiseStore = true;
     gc.automatic = true;
     optimise.automatic = true;
-    settings = {
-      # Improve nix store disk usage
-      auto-optimise-store = true;
-      # Prevents impurities in builds
-      sandbox = true;
-      # give root and @wheel special privileges with nix
-      trusted-users = [ "root" "@wheel" ];
-      # This is just a representation of the nix default
-      system-features = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
-    };
+    # Prevents impurities in builds
+    useSandbox = true;
+    # give root and @wheel special privileges with nix
+    trustedUsers = [ "root" "@wheel" ];
+    # This is just a representation of the nix default
+    systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
     # Generally useful nix option defaults
     extraOptions = ''
       min-free = 536870912

modules/devops/default.nix

@@ -19,7 +19,7 @@ in
         ansible-lint
         restic
         shellcheck
-        terraform
+        terraform_0_15
       ];
     };
   };

modules/docker/default.nix

@@ -1,9 +1,6 @@
-{ lib
-, config
-, pkgs
-, ...
-}:
-with lib; let
+{ lib, config, pkgs, ... }:
+with lib;
+let
   psCfg = config.pub-solar;
   cfg = config.pub-solar.docker;
 in
@@ -14,10 +11,9 @@ in
 
   config = mkIf cfg.enable {
     virtualisation.docker.enable = true;
-    users.users = with pkgs;
-      pkgs.lib.setAttrByPath [ psCfg.user.name ] {
-        extraGroups = [ "docker" ];
-      };
+    users.users = with pkgs; pkgs.lib.setAttrByPath [ psCfg.user.name ] {
+      extraGroups = [ "docker" ];
+    };
 
     environment.systemPackages = with pkgs; [
       docker-compose

modules/graphical/alacritty.nix

@@ -66,97 +66,29 @@
       x = 0;
       y = 0;
     };
+
+    use_thin_strokes = true;
   };
 
   key_bindings = [
-    {
-      key = "V";
-      mods = "Control|Alt";
-      action = "Paste";
-    }
-    {
-      key = "C";
-      mods = "Control|Alt";
-      action = "Copy";
-    }
-    {
-      key = "Paste";
-      action = "Paste";
-    }
-    {
-      key = "Copy";
-      action = "Copy";
-    }
-    {
-      key = "Q";
-      mods = "Command";
-      action = "Quit";
-    }
-    {
-      key = "W";
-      mods = "Command";
-      action = "Quit";
-    }
-    {
-      key = "Insert";
-      mods = "Shift";
-      action = "PasteSelection";
-    }
-    {
-      key = "Key0";
-      mods = "Control";
-      action = "ResetFontSize";
-    }
-    {
-      key = "Equals";
-      mods = "Control";
-      action = "IncreaseFontSize";
-    }
-    {
-      key = "PageUp";
-      mods = "Shift";
-      action = "ScrollPageUp";
-    }
-    {
-      key = "PageDown";
-      mods = "Shift";
-      action = "ScrollPageDown";
-    }
-    {
-      key = "Minus";
-      mods = "Control";
-      action = "DecreaseFontSize";
-    }
-    {
-      key = "H";
-      mode = "Vi|~Search";
-      action = "ScrollToBottom";
-    }
-    {
-      key = "H";
-      mode = "Vi|~Search";
-      action = "ToggleViMode";
-    }
-    {
-      key = "I";
-      mode = "Vi|~Search";
-      action = "Up";
-    }
-    {
-      key = "K";
-      mode = "Vi|~Search";
-      action = "Down";
-    }
-    {
-      key = "J";
-      mode = "Vi|~Search";
-      action = "Left";
-    }
-    {
-      key = "L";
-      mode = "Vi|~Search";
-      action = "Right";
-    }
+    { key = "V"; mods = "Control|Alt"; action = "Paste"; }
+    { key = "C"; mods = "Control|Alt"; action = "Copy"; }
+    { key = "Paste"; action = "Paste"; }
+    { key = "Copy"; action = "Copy"; }
+    { key = "Q"; mods = "Command"; action = "Quit"; }
+    { key = "W"; mods = "Command"; action = "Quit"; }
+    { key = "Insert"; mods = "Shift"; action = "PasteSelection"; }
+    { key = "Key0"; mods = "Control"; action = "ResetFontSize"; }
+    { key = "Equals"; mods = "Control"; action = "IncreaseFontSize"; }
+    { key = "PageUp"; mods = "Shift"; action = "ScrollPageUp"; }
+    { key = "PageDown"; mods = "Shift"; action = "ScrollPageDown"; }
+    { key = "Minus"; mods = "Control"; action = "DecreaseFontSize"; }
+    { key = "H"; mode = "Vi|~Search"; action = "ScrollToBottom"; }
+    { key = "H"; mode = "Vi|~Search"; action = "ToggleViMode"; }
+    { key = "I"; mode = "Vi|~Search"; action = "Up"; }
+    { key = "K"; mode = "Vi|~Search"; action = "Down"; }
+    { key = "J"; mode = "Vi|~Search"; action = "Left"; }
+    { key = "L"; mode = "Vi|~Search"; action = "Right"; }
   ];
 
   # Base16 Burn 256 - alacritty color config
@@ -232,30 +164,12 @@
     };
 
     indexed_colors = [
-      {
-        index = 16;
-        color = "0xdf5923";
-      }
-      {
-        index = 17;
-        color = "0xd70000";
-      }
-      {
-        index = 18;
-        color = "0x2d2a2e";
-      }
-      {
-        index = 19;
-        color = "0x303030";
-      }
-      {
-        index = 20;
-        color = "0xd3d1d4";
-      }
-      {
-        index = 21;
-        color = "0x303030";
-      }
+      { index = 16; color = "0xdf5923"; }
+      { index = 17; color = "0xd70000"; }
+      { index = 18; color = "0x2d2a2e"; }
+      { index = 19; color = "0x303030"; }
+      { index = 20; color = "0xd3d1d4"; }
+      { index = 21; color = "0x303030"; }
     ];
   };
 }

modules/sway/default.nix

@@ -1,9 +1,6 @@
-{ lib
-, config
-, pkgs
-, ...
-}:
-with lib; let
+{ lib, config, pkgs, ... }:
+with lib;
+let
   psCfg = config.pub-solar;
 in
 {
@@ -32,7 +29,7 @@ in
       '';
     })
 
-    {
+    ({
       environment.systemPackages = with pkgs; [
         linuxPackages.v4l2loopback
       ];
@@ -52,59 +49,59 @@ in
           };
         };
         extraPortals = with pkgs; [ xdg-desktop-portal-gtk ];
+        gtkUsePortal = true;
       };
 
       services.pipewire.enable = true;
 
-      home-manager = with pkgs;
-        pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
-          home.packages = with pkgs; [
-            sway
-            grim
-            kanshi
-            mako
-            slurp
-            swayidle
-            swaylock
-            swaybg
-            xwayland
+      home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
+        home.packages = with pkgs; [
+          sway
+          grim
+          kanshi
+          mako
+          slurp
+          swayidle
+          swaylock
+          swaybg
+          xwayland
 
-            libappindicator-gtk3
+          libappindicator-gtk3
 
-            wl-clipboard
-            wf-recorder
-            brightnessctl
-            gammastep
-            geoclue2
-            xsettingsd
-            ydotool
+          wl-clipboard
+          wf-recorder
+          brightnessctl
+          gammastep
+          geoclue2
+          xsettingsd
+          ydotool
 
-            sway-launcher
-            record-screen
-            import-gtk-settings
-            s
-            wcwd
-          ];
+          sway-launcher
+          record-screen
+          import-gtk-settings
+          s
+          wcwd
+        ];
 
-          programs.waybar.enable = true;
-          #programs.waybar.systemd.enable = true;
+        programs.waybar.enable = true;
+        #programs.waybar.systemd.enable = true;
 
-          systemd.user.services.mako = import ./mako.service.nix { inherit pkgs psCfg; };
-          systemd.user.services.sway = import ./sway.service.nix { inherit pkgs psCfg; };
-          systemd.user.services.swayidle = import ./swayidle.service.nix { inherit pkgs psCfg; };
-          systemd.user.services.xsettingsd = import ./xsettingsd.service.nix { inherit pkgs psCfg; };
-          systemd.user.services.waybar = import ./waybar.service.nix { inherit pkgs psCfg; };
-          systemd.user.targets.sway-session = import ./sway-session.target.nix { inherit pkgs psCfg; };
+        systemd.user.services.mako = import ./mako.service.nix { inherit pkgs psCfg; };
+        systemd.user.services.sway = import ./sway.service.nix { inherit pkgs psCfg; };
+        systemd.user.services.swayidle = import ./swayidle.service.nix { inherit pkgs psCfg; };
+        systemd.user.services.xsettingsd = import ./xsettingsd.service.nix { inherit pkgs psCfg; };
+        systemd.user.services.waybar = import ./waybar.service.nix { inherit pkgs psCfg; };
+        systemd.user.targets.sway-session = import ./sway-session.target.nix { inherit pkgs psCfg; };
 
-          xdg.configFile."sway/config".text = import ./config/config.nix { inherit config pkgs; };
-          xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf;
-          xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf;
-          xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf;
-          xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
-          xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix { inherit pkgs psCfg; };
-          xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
-          xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
-        };
-    }
+        xdg.configFile."sway/config".text = import ./config/config.nix { inherit config pkgs; };
+        xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf;
+        xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf;
+        xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf;
+        xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
+        xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix { inherit pkgs psCfg; };
+        xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
+        xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
+      };
+    })
   ]);
 }

modules/terminal-life/default.nix

@@ -28,17 +28,16 @@ in
     ];
 
     environment.systemPackages = with pkgs; [
-      ack
-      bat
-      exa
-      fd
-      neovim
       screen
     ];
 
     home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
       home.packages = [
+        ack
         asciinema
+        bat
+        exa
+        fd
         gh
         glow
         nnn

modules/terminal-life/nvim/init.vim

@@ -13,7 +13,6 @@ set expandtab
 set shiftwidth=2
 set number
 set relativenumber
-set mouse=
 
 set undolevels=1000
 set undoreload=10000

modules/terminal-life/nvim/lsp.vim

@@ -73,7 +73,8 @@ lua <<EOF
   end
 
   -- Add additional capabilities supported by nvim-cmp
-  local capabilities = require('cmp_nvim_lsp').default_capabilities()
+  local capabilities = vim.lsp.protocol.make_client_capabilities()
+  capabilities = require('cmp_nvim_lsp').update_capabilities(capabilities)
 
   -- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
   capabilities.textDocument.completion.completionItem.snippetSupport = true

overlays/overrides.nix

@@ -19,8 +19,6 @@ channels: final: prev: {
     tdesktop
     arduino
     arduino-cli
-    keycloak
-    gitea
     ;
 
 

profiles/base-user/session-variables.nix

@@ -3,14 +3,7 @@ let
   psCfg = config.pub-solar;
   wlroots = psCfg.graphical.wayland;
   xdg = config.home-manager.users."${psCfg.user.name}".xdg;
-  globalVariables = {
-    EDITOR = "/run/current-system/sw/bin/nvim";
-    VISUAL = "/run/current-system/sw/bin/nvim";
-
-    # Make sure virsh runs without root
-    LIBVIRT_DEFAULT_URI = "qemu:///system";
-  };
-  userVariables = {
+  variables = {
     XDG_CONFIG_HOME = xdg.configHome;
     XDG_CACHE_HOME = xdg.cacheHome;
     XDG_DATA_HOME = xdg.dataHome;
@@ -25,8 +18,11 @@ let
     SDL_VIDEODRIVER = "wayland";
     WLR_RENDERER = if wlroots.software-renderer.enable then "pixman" else "gles2";
 
+    EDITOR = "/etc/profiles/per-user/${psCfg.user.name}/bin/nvim";
+    VISUAL = "/etc/profiles/per-user/${psCfg.user.name}/bin/nvim";
+
     # fix "xdg-open fork-bomb" your preferred browser from here
-    BROWSER = "firefox";
+    BROWSER = "${pkgs.firefox-wayland}/bin/firefox";
 
     # node
     NODE_REPL_HISTORY = "${xdg.dataHome}/node_repl_history";
@@ -38,6 +34,9 @@ let
     NPM_CONFIG_CACHE = "${xdg.configHome}/npm";
     # TODO: used to be XDG_RUNTIME_DIR NPM_CONFIG_TMP = "/tmp/npm";
 
+    # Make sure virsh runs without root
+    LIBVIRT_DEFAULT_URI = "qemu:///system";
+
     # wine
     WINEPREFIX = "${xdg.dataHome}/wineprefixes/default";
 
@@ -79,21 +78,21 @@ let
     VUEDX_TELEMETRY = "off";
   };
 
-  envListNames = lib.attrsets.mapAttrsToList (name: value: name) userVariables;
+  envListNames = lib.attrsets.mapAttrsToList (name: value: name) variables;
 
   # Here we merge an extra variable into the attrset called FULL_ENV_LIST.
   # It's a list of the variable names defined above.
   # We can use this to tell `systemctl import-environment` to import the full list above.
-  userVariablesWithMeta = lib.attrsets.zipAttrsWith (name: values: builtins.head values) [
-    userVariables
+  variablesWithMeta = lib.attrsets.zipAttrsWith (name: values: builtins.head values) [
+    variables
     { IMPORT_ENVIRONMENT_ENV_LIST = lib.lists.foldl (a: b: a + " " + b) "IMPORT_ENVIRONMENT_ENV_LIST" envListNames; }
   ];
 in
 {
   home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
-    home.sessionVariables = userVariablesWithMeta;
-    systemd.user.sessionVariables = userVariablesWithMeta;
+    home.sessionVariables = variablesWithMeta;
+    systemd.user.sessionVariables = variablesWithMeta;
   };
 
-  environment.variables = globalVariables;
+  environment.variables = variablesWithMeta;
 }

profiles/cachix/default.nix

@@ -1,7 +1,4 @@
-{ pkgs
-, lib
-, ...
-}:
+{ pkgs, lib, ... }:
 let
   folder = ./.;
   toImport = name: value: folder + ("/" + name);
@@ -10,5 +7,5 @@ let
 in
 {
   inherit imports;
-  nix.settings.substituters = [ "https://cache.nixos.org/" ];
+  nix.binaryCaches = [ "https://cache.nixos.org/" ];
 }

profiles/cachix/nix-community.nix

@@ -1,9 +1,9 @@
 {
-  nix.settings = {
-    substituters = [
+  nix = {
+    binaryCaches = [
       "https://nix-community.cachix.org"
     ];
-    trusted-public-keys = [
+    binaryCachePublicKeys = [
       "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
     ];
   };

profiles/cachix/nrdxp.nix

@@ -1,9 +1,9 @@
 {
-  nix.settings = {
-    substituters = [
+  nix = {
+    binaryCaches = [
       "https://nrdxp.cachix.org"
     ];
-    trusted-public-keys = [
+    binaryCachePublicKeys = [
       "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4="
     ];
   };

secrets/gitea-mailer-password.age

@@ -1,10 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 Y0ZZaw YmqgCC6jO8dbKdRtOcwMJmFVH5fXvb5aRQbNwhEMCR4
-ZbvRe+jdAmZzsJ719ClYjKOPb2fdM48Q/U+pDb9X69Y
--> ssh-ed25519 BVsyTA YATHo0THjUnU4xBE/UpW1lvuXlL8x2d8i9K98OGCaxU
-01u0QrGjXiPwTy8eMf0X0o6uv+0DJD7EWejzekLjVbI
--> e@>+!e-grease ]2Kg}7m u2DZ:
-3GCB1HAwQBuQ81UJGa9XwnNx7+Fqz+939SZ93yTT7c5ri5qXiGvSJ/ILgrAVerkI
-7QzVT5vUiucVCbrVp72ZHAWdOwlVXNQtvFdY
---- MkgkToekZHF+bxtIJA8vnbyAj1E6VSrqbnJ1rWUFc/E
-¶.,K“<>óôgܾÂcø¤¯Â‘¬~.‘L—kˆ¢åEä525«t1øÅåuûÙ

secrets/secrets.nix

@@ -1,12 +1,9 @@
 let
   # set ssh public keys here for your system and user
-  teutat3s = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms";
-  flora-6 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP1InpTBN4AlF/4V8HHumAMLJzeO8DpzjUv9Co/+J09 root@pub-solar-infra-vm-1";
-  allKeys = [ flora-6 teutat3s ];
-  deployKeys = [ flora-6 teutat3s ];
+  system = "";
+  user = "";
+  allKeys = [ system user ];
 in
 {
-  "gitea-database-password.age".publicKeys = deployKeys;
-  "gitea-mailer-password.age".publicKeys = deployKeys;
-  "keycloak-database-password.age".publicKeys = deployKeys;
+  "secret.age".publicKeys = allKeys;
 }

users/barkeeper/default.nix

@@ -1,35 +0,0 @@
-{ config, hmUsers, pkgs, lib, ... }:
-let
-  psCfg = config.pub-solar;
-in
-{
-  config = {
-    home-manager.users = { inherit (hmUsers) barkeeper; };
-
-    pub-solar = {
-      # These are your personal settings
-      # The only required settings are `name` and `password`,
-      # The rest is used for programs like git
-      user = {
-        name = "barkeeper";
-        description = "pub.solar infra user";
-        password = "$6$pHMaL9DfxhvnLGy5$ka9bRU5p1lPTF0YHPZDM9Miq79iXuaXb6GLeALM1eX5djdsHYnpvVWjrmImWmcghGXsrDwpmXZPSJUU.gFpuA1";
-        fullName = "pub.solar infra barkeeper";
-        email = "admins@pub.solar";
-        gpgKeyId = "";
-        publicKeys = [
-          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmiF8ndGhnx2YAWbPDq14fftAwcJ0xnjJIVTotI12OO4SPX/SwH5Yp8C8Kf002qN9FbFmaONzq3s8TYpej13JubhfsQywNuFKZuZvJeHzmOwxsANW86RVrWT0WZmYx9a/a1TF9rPQpibDVt60wX8yLdExaJc5F1SvIIuyz1kxYpz36wItfR6hcwoLGh1emFCmfCpebJmp3hsrMDTTtTW/YNhyeSZW74ckyvZyjCYtRCJ8uF0ZmOSKRdillv4Ztg8MsUubGn+vaMl6V6x/QuDuehEPoM/3wBx9o22nf+QVbk7S1PC8EdT/K5vskn4/pfR7mDCyQOq1hB4w4Oyn0dsfX pi@ssrtc"
-
-          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHx4A8rLYmFgTOp1fDGbbONN8SOT0l5wWrUSYFUcVzMPTyfdT23ZVIdVD5yZCySgi/7PSh5mVmyLIZVIXlNrZJg= @b12f Yubi Main"
-          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEST9eyAY3nzGYNnqDYfWHu+89LZsOjyKHMqCFvtP7vrgB7F7JbbECjdjAXEOfPDSCVwtMMpq8JJXeRMjpsD0rw= @b12f Yubi Backup"
-
-          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFro/k4Mgqyh8yV/7Zwjc0dv60ZM7bROBU9JNd99P/4co6fxPt1pJiU/pEz2Dax/HODxgcO+jFZfvPEuLMCeAl0= YubiKey #10593996 PIV Slot 9a @teutat3s"
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/58A18EtxnLYHu63c/+AyTSkJQSso/VVdHUFGp1CTk cardno:FFFE34353135 @hensoko"
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work"
-
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKa5elEXgBc2luVBOHVWZisJgt0epFQOercPi0tZzPU root@cloud.pub.solar"
-        ];
-      };
-    };
-  };
-}