move gunpowder to infra

machines/gunpowder/default.nix

@@ -1,133 +0,0 @@
-{ pkgs, ... }:
-let
-  username = "jolheiser";
-  key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJh5aUDN/KN28+4tbayXRQliLyKFZaCZtUMEBNaJfHYj";
-in
-{
-  imports = [ ./hardware.nix ];
-
-  boot = {
-    kernelPackages = pkgs.linuxPackages_latest;
-    kernelParams = [
-      "quiet"
-      "splash"
-    ];
-    loader.grub = {
-      enable = true;
-      device = "/dev/sda";
-      useOSProber = true;
-      enableCryptodisk = true;
-    };
-  };
-
-  boot.initrd.secrets = {
-    "/crypto_keyfile.bin" = null;
-  };
-
-  boot.initrd.luks.devices = {
-    "luks-1f9bde68-9c4c-423c-a95f-17aa170dd2b4".keyFile = "/crypto_keyfile.bin";
-    "luks-a2ca1842-1ce0-437e-ba5e-8864a41e81cb" = {
-      device = "/dev/disk/by-uuid/a2ca1842-1ce0-437e-ba5e-8864a41e81cb";
-      keyFile = "/crypto_keyfile.bin";
-    };
-  };
-
-  networking = {
-    hostName = "gunpowder";
-    networkmanager.enable = true;
-    firewall.enable = true;
-  };
-
-  services = {
-    xserver = {
-      enable = true;
-      displayManager.lightdm.enable = true;
-      desktopManager.xfce.enable = true;
-    };
-    openssh.enable = true;
-    tailscale.enable = true;
-    mullvad-vpn = {
-      enable = true;
-      package = pkgs.mullvad-vpn;
-    };
-    resolved.enable = true;
-
-    # media
-    jellyfin = {
-      enable = true;
-      openFirewall = true;
-    };
-    tailproxy.jellyfin = {
-      enable = true;
-      hostname = "jellyfin";
-      port = 8096;
-      authKey = "tskey-auth-khZwt3ASDX11CNTRL-jYDAVuX7VVLCebLUGdvnVLLoUkeEevXEV"; # One-time key
-    };
-    sonarr = {
-      enable = true;
-      openFirewall = true;
-    };
-    tailproxy.sonarr = {
-      enable = true;
-      hostname = "sonarr";
-      port = 8989;
-      authKey = "tskey-auth-k1mZ4587A511CNTRL-uxq54KBAvb6YuhvZbxscb6rf7x8UwNiP"; # One-time key
-    };
-    radarr = {
-      enable = true;
-      openFirewall = true;
-    };
-    tailproxy.radarr = {
-      enable = true;
-      hostname = "radarr";
-      port = 7878;
-      authKey = "tskey-auth-kjuWphWmFp11CNTRL-dcpVCTbdPTAAiqQHaKVhTA27uNQeHxmq5"; # One-time key
-    };
-    bazarr = {
-      enable = true;
-      openFirewall = true;
-    };
-    tailproxy.bazarr = {
-      enable = true;
-      hostname = "bazarr";
-      port = 6767;
-      authKey = "tskey-auth-kydeAt7KDA21CNTRL-bLfZMG4ip4i4a91DX1b85ipjnZi9KgoN9"; # One-time key
-    };
-    prowlarr = {
-      enable = true;
-      openFirewall = true;
-    };
-    tailproxy.prowlarr = {
-      enable = true;
-      hostname = "prowlarr";
-      port = 9696;
-      authKey = "tskey-auth-koCbGEVEvh11CNTRL-7pxqVBdP4v5xNvsPP5mMv5oW8PrgVQmb"; # One-time key
-    };
-  };
-
-  users = {
-    users = {
-      "${username}" = {
-        extraGroups = [
-          "wheel"
-          "docker"
-          "storage"
-        ];
-        isNormalUser = true;
-        openssh.authorizedKeys.keys = [ key ];
-      };
-      "root".openssh.authorizedKeys.keys = [ key ];
-    };
-    groups.media.members = [
-      "jolheiser"
-      "olheiser"
-      "jellyfin"
-      "radarr"
-      "sonarr"
-    ];
-  };
-
-  environment.systemPackages = with pkgs; [ qbittorrent ];
-
-  system.stateVersion = "22.11";
-}

machines/gunpowder/hardware.nix

@@ -1,55 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{
-  config,
-  lib,
-  modulesPath,
-  ...
-}:
-{
-  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-
-  boot.initrd.availableKernelModules = [
-    "xhci_pci"
-    "ehci_pci"
-    "ahci"
-    "usb_storage"
-    "usbhid"
-    "sd_mod"
-    "rtsx_pci_sdmmc"
-  ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/a3e3e496-9497-4340-9750-2104e2ab22ab";
-    fsType = "ext4";
-  };
-
-  fileSystems."/mnt/hdd" = {
-    device = "/dev/disk/by-uuid/eb8ad2da-12cf-454b-aa20-e497c4550b7c";
-    fsType = "ext4";
-    options = [
-      "users"
-      "nofail"
-      "gid=users"
-    ];
-  };
-
-  boot.initrd.luks.devices."luks-1f9bde68-9c4c-423c-a95f-17aa170dd2b4".device = "/dev/disk/by-uuid/1f9bde68-9c4c-423c-a95f-17aa170dd2b4";
-
-  swapDevices = [ { device = "/dev/disk/by-uuid/7e84d904-b00a-4c6c-aba4-ec1dde2dff85"; } ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}