ciapa
/
infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Decommission mirrors
ci / test (push) Successful in 46s Details
ci / deploy (push) Successful in 1m48s Details

This commit is contained in:
Ciapa 2024-02-11 22:53:18 +01:00
parent 6215a962e4
commit f84e17d062
16 changed files with 0 additions and 406 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
flake.nix
View File

@ -9,37 +9,6 @@
outputs = { self, nixpkgs, deploy-rs, utils, sops-nix, ... }@inputs:
{
nixosConfigurations = {
"fsn1-1.mirror.lewd.wtf" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs self; };
modules = [
sops-nix.nixosModules.sops
./default.nix
./hosts/fsn1-1.mirror.lewd.wtf/configuration.nix
./deployments/mirror/default.nix
];
};
"master.mirror.lewd.wtf" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs self; };
modules = [
sops-nix.nixosModules.sops
./default.nix
./hosts/master.mirror.lewd.wtf/configuration.nix
];
};
"mirror.lewd.wtf" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs self; };
modules = [
sops-nix.nixosModules.sops
./default.nix
./hosts/mirror.lewd.wtf/configuration.nix
];
};
"phoenix.lewd.wtf" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs self; };
@ -92,32 +61,6 @@
};
deploy.nodes = {
"master.mirror.lewd.wtf" = {
sshOpts = [ "-p" "222" "-o" "StrictHostKeyChecking=no" ];
hostname = "master.mirror.lewd.wtf";
fastConnection = true;
profiles.system = {
sshUser = "root";
path =
deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations."master.mirror.lewd.wtf";
user = "root";
};
};
"mirror.lewd.wtf" = {
sshOpts = [ "-p" "222" "-o" "StrictHostKeyChecking=no" ];
hostname = "new.mirror.lewd.wtf";
fastConnection = true;
profiles.system = {
sshUser = "root";
path =
deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations."mirror.lewd.wtf";
user = "root";
};
};
"phoenix.lewd.wtf" = {
sshOpts = [ "-p" "22" "-o" "StrictHostKeyChecking=no" ];
hostname = "phoenix.lewd.wtf";

25
hosts/master.mirror.lewd.wtf/configuration.nix
View File

@ -1,25 +0,0 @@
{ self, config, pkgs, lib, ... }:
let
utils = import ../../util/include.nix { lib = lib; };
imports =
(utils.includeDir ./mirror_users) ++
[
./hardware-configuration.nix
./networking.nix
./sftp_jail.nix
];
in
{
inherit imports;
networking.hostName = "master";
networking.domain = "mirror.lewd.wtf";
boot.loader.grub = {
enable = true;
efiSupport = false;
devices = [ "/dev/sda" ];
};
system.stateVersion = "22.11";
}

18
hosts/master.mirror.lewd.wtf/hardware-configuration.nix
View File

@ -1,18 +0,0 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.kernelModules = [ "kvm-intel" ];
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/mnt/data" = {
device = "/dev/disk/by-label/data";
fsType = "ext4";
};
services.qemuGuest.enable = true;
}

16
hosts/master.mirror.lewd.wtf/mirror_users/abdulsalam.nix
View File

@ -1,16 +0,0 @@
{
users.users.abdulsalam = {
group = "sftponly";
isNormalUser = true;
home = "/sftp_jail/abdulsalam";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERtfY26/h5xl+bzZm2htR4+Wd879DvZRPHsosFaEqIW gaming@DESKTOP-4ACM3JU"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE387jL1I99Ws/6BTS/lbiAlDXpyB9zaf08+KWx9U8kd abdulsalam"
];
};
fileSystems."/sftp_jail/abdulsalam/mirror/saves" = {
device = "/mnt/data/private/nintendo/switch/savegames";
options = [ "bind" ];
};
}

16
hosts/master.mirror.lewd.wtf/mirror_users/archbox.nix
View File

@ -1,16 +0,0 @@
{
users.users.archbox = {
group = "sftponly";
isNormalUser = true;
home = "/sftp_jail/archbox";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERtfY26/h5xl+bzZm2htR4+Wd879DvZRPHsosFaEqIW gaming@DESKTOP-4ACM3JU"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTWN+J6qFf60b58AIEXW/yuDwb7bwoyONKvM10kolWU archbox"
];
};
fileSystems."/sftp_jail/archbox/mirror/saves" = {
device = "/mnt/data/private/nintendo/switch/savegames";
options = [ "bind" ];
};
}

20
hosts/master.mirror.lewd.wtf/mirror_users/ecks.nix
View File

@ -1,20 +0,0 @@
{
users.users.ecks = {
group = "sftponly";
isNormalUser = true;
home = "/sftp_jail/ecks";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERtfY26/h5xl+bzZm2htR4+Wd879DvZRPHsosFaEqIW gaming@DESKTOP-4ACM3JU"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINczWfNkdndU9bqB2PI1D3glO2CiIaEngXY5FnsodZjt ryusak"
];
};
fileSystems."/sftp_jail/ecks/mirror/ryusak" = {
device = "/mnt/data/mirror/archive/nintendo/switch/ryusak";
options = [ "bind" ];
};
fileSystems."/sftp_jail/ecks/mirror/shaders" = {
device = "/mnt/data/mirror/archive/nintendo/switch/shaders";
options = [ "bind" ];
};
}

14
hosts/master.mirror.lewd.wtf/mirror_users/mirror.nix
View File

@ -1,14 +0,0 @@
{
users.users.mirror = {
group = "mirror";
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBGCcaz+17IbyUC/bbhG+m1yYiPa15Uut8GBywVREo1w root@fsn1-1"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOceXaCKbLpRq2LwS3Su6gZjqeIrCzBZfuA7rsKYa4BZ root@ash1-1"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMTUV7UVCWsv0xgLM7rQhGJhCWGX2bgHRG8pHuVEqImZ root@hil1-1"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbd+qkj1A99nW71Ldip59KI6yNOao0A1l7Mv3GcXaA8 root@hel1-1"
];
};
users.groups.mirror = {};
}

18
hosts/master.mirror.lewd.wtf/mirror_users/void.nix
View File

@ -1,18 +0,0 @@
{
users.groups.void = {};
users.users.void = {
group = "void";
isNormalUser = true;
home = "/home/void";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERtfY26/h5xl+bzZm2htR4+Wd879DvZRPHsosFaEqIW gaming@DESKTOP-4ACM3JU"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC+zfpUS+6gukPJ2WmU8ZFq7h7WRO9aGcze/gPd2TldyTB9tS/0T/5aDfKXzgE121lTmKX3bQru4bdJI1OIIT1YB8CsHFoKaLXrA+grl5GfIUxdgSKtkgJg1n8jH4qL43Zy/J4m1VrAyJBT6CnneDZEa88PizL0K74XGwxQx4zq6J66Csb+lEZfYly8oxNjoTDPNuXKYAX7ko44F5guv92/3XBtZ0wcRFE0IIaWzAOFMnUNrOjEWDiOjUMLNt18eNidsZFLrqdLc24EdZdztrKDIuuzIbx1H1ir9NUQxCIHd1wdqq8ndpkRdhNyOCjPuO2bgB6+eh6gLsFA+7f5CUOCgQ2wDTQdxi0EuA3Qn3hJhiISYe+og1UjhV5942nwH33qWuAg1fE1Sa0unRPCxoYnFbDddSR1d5SBkoqakgFEW0zjEaqIb4H0TeyV/gDs949lganC55wt2YZfXD41Kbi2qTF5KFS722rgObLZ2/3+2iCgJLjAD4qg2SFbi6sLUsc= master@Project-Kratos"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC614pP9wU/s+u2dFSV/DqpWqo9ngntZ9JpVMUikWc+9UYlq9SpOfr8MM10MOLJiolSeMNMi6NmNQ7Ge5C9O4d0MFQbA87NbGvmQzKYnTsQkRLrQlaDbkTYn8mirqV+vZLBF4ignF2JO0YlbfGXR2dBpdj/zk1WER5w3hIXx6H3ITVxBaOrUpd3gKuHg2YQ7j7whQq/kpoM3PVcdPZUDFB81NttKmyB4vbEmZOYSHx8p53pS8KH3D1kooVTHOuhzILzDPcXrlnFOhtQ5wkknBawq6Tf+1POlQ9TvsSaC79UbExdLOc+776rpGkE1iZ02XWDsAE1E0udDKiX+PhAN+lAXVHX34Jh+THmO36BTxFhSAR35pePL14c6XX+/kta7FEM4O/pl1eIAFnuObHDoL0yF9ruATNJuJWzPfieTBll3DpYH92gENmdT3Rg9sz6yxcY7ubmvZMVAC8R/8QJvlh3pPQC6BckOvOsMHVMdZrI6yBg1veKoZNCqyRl449QGJU= master@DESKTOP-V6SN4JP"
];
};
fileSystems."/home/void/mirror/pico" = {
device = "/mnt/data/mirror/archive/picoxr";
options = [ "bind" ];
};
}

11
hosts/master.mirror.lewd.wtf/networking.nix
View File

@ -1,11 +0,0 @@
{ ... }:
{
networking.defaultGateway = "192.168.11.1";
networking.nameservers = [ "1.1.1.1" ];
networking.interfaces.ens18.ipv4.addresses = [
{
address = "192.168.11.110";
prefixLength = 24;
}
];
}

10
hosts/master.mirror.lewd.wtf/sftp_jail.nix
View File

@ -1,10 +0,0 @@
{
services.openssh.extraConfig = ''
Match Group sftponly
ChrootDirectory /sftp_jail
ForceCommand internal-sftp
AllowTcpForwarding no
'';
users.groups.sftponly = {};
}

22
hosts/mirror.lewd.wtf/configuration.nix
View File

@ -1,22 +0,0 @@
{ self, config, pkgs, ... }:
{
imports = [
./hardware-configuration.nix
./networking.nix
./mirror/default.nix
];
variables.hostName = "new";
variables.domain = "mirror.lewd.wtf";
networking.hostName = "${config.variables.hostName}";
networking.domain = "${config.variables.domain}";
boot.loader.grub = {
enable = true;
efiSupport = false;
devices = [ "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0" ];
};
system.stateVersion = "22.11";
}

18
hosts/mirror.lewd.wtf/hardware-configuration.nix
View File

@ -1,18 +0,0 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.kernelModules = [ "kvm-intel" ];
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/var/www/mirror" = {
device = "/dev/disk/by-label/data";
fsType = "ext4";
};
services.qemuGuest.enable = true;
}

45
hosts/mirror.lewd.wtf/mirror/default.nix
View File

@ -1,45 +0,0 @@
{ config, ... }:
{
imports = [
./xslt_template.nix
];
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx = {
enable = true;
virtualHosts."mirror.lewd.wtf" = {
serverName = "${config.variables.hostName}.${config.variables.domain}";
enableACME = true;
forceSSL = true;
root = "/var/www/mirror/mirror/";
locations = {
"/" = {
extraConfig = ''
if ($arg_format = "json") {
rewrite ^ /json$request_uri last;
}
autoindex on;
autoindex_format xml;
xslt_stylesheet /etc/nginx/mirror.xslt dirname='$1';
'';
};
"/json/" = {
alias = "/var/www/mirror/mirror/";
extraConfig = ''
autoindex on;
autoindex_format json;
'';
};
"/private/" = {
alias = "/var/www/mirror/private/";
extraConfig = ''
autoindex off;
'';
};
"~ \.xml$" = {
};
};
};
};
}

8
hosts/mirror.lewd.wtf/mirror/xslt_template.nix
View File

@ -1,8 +0,0 @@
{
environment.etc = {
"nginx/mirror.xslt" = {
source = ./xslt_template.xslt;
mode = "0444";
};
};
}

97
hosts/mirror.lewd.wtf/mirror/xslt_template.xslt
View File

@ -1,97 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:template name="string-replace-all">
<xsl:param name="text" />
<xsl:param name="replace" />
<xsl:param name="by" />
<xsl:choose>
<xsl:when test="$text = '' or $replace = ''or not($replace)" >
<!-- Prevent this routine from hanging -->
<xsl:value-of select="$text" />
</xsl:when>
<xsl:when test="contains($text, $replace)">
<xsl:value-of select="substring-before($text,$replace)" />
<xsl:value-of select="$by" />
<xsl:call-template name="string-replace-all">
<xsl:with-param name="text" select="substring-after($text,$replace)" />
<xsl:with-param name="replace" select="$replace" />
<xsl:with-param name="by" select="$by" />
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="$text" />
</xsl:otherwise>
</xsl:choose>
</xsl:template>
<xsl:template match="/">
<html>
<head>
<link href="/private/asset/icons.css" rel="stylesheet" />
<link href="/private/asset/style.css" rel="stylesheet" />
</head>
<body>
<header>
<h3>Lewd.wtf Mirror Service</h3>
<p>Welcome to the mirror service of lewd.wtf! I provide this service free of charge to projects that could benefit from it.</p>
<p>Want to get your files hosted here? Please contact me at <b>mirror_request@lewd.wtf</b> and provide details regarding your projects.</p>
<h1>Proud Sineater and Sin's Cove Hater!</h1>
<p>If you come here from Sin's Cove, please close this page. This site is hosted by Ecchibitionist, the person you constantly harass.</p>
<p>You claim I bullied the original developer of EmuSAK, even though that's a blatant lie (and you know it).</p>
</header>
<main>
<h4>
<xsl:value-of select="$dirname"/>
</h4>
<table>
<tr>
<th>Name</th>
<th>Size</th>
</tr>
<tr>
<td><a href=".."><span class="material-icons back_folder_icon">drive_file_move_rtl</span>../</a></td>
<td align="right"></td>
</tr>
<xsl:for-each select="list/*">
<xsl:sort select="@name"/>
<xsl:variable name="name">
<xsl:call-template name="string-replace-all">
<xsl:with-param name="text" select="." />
<xsl:with-param name="replace" select="'%'" />
<xsl:with-param name="by" select="'%25'" />
</xsl:call-template>
</xsl:variable>
<xsl:variable name="size">
<xsl:if test="string-length(@size) &gt; 0">
<xsl:if test="number(@size) &gt; 0">
<xsl:choose>
<xsl:when test="round(@size div 1024) &lt; 1"><xsl:value-of select="@size" />B</xsl:when>
<xsl:when test="round(@size div 1048576) &lt; 1"><xsl:value-of select="format-number((@size div 1024), '0.0')" />KiB</xsl:when>
<xsl:otherwise><xsl:value-of select="format-number((@size div 1048576), '0.00')" />MiB</xsl:otherwise>
</xsl:choose>
</xsl:if>
</xsl:if>
</xsl:variable>
<tr>
<td>
<a href="{$name}">
<xsl:choose>
<xsl:when test="string-length(@size)=0"><span class="material-icons folder">folder</span></xsl:when>
<xsl:when test="'.zip' = substring($name, string-length($name) - 3)"><span class="material-icons folder_zip"> folder_zip </span></xsl:when>
<xsl:when test="'.rar' = substring($name, string-length($name) - 3)"><span class="material-icons folder_zip"> folder_zip </span></xsl:when>
<xsl:otherwise><span class="material-icons file"> insert_drive_file </span></xsl:otherwise>
</xsl:choose>
<xsl:value-of select="."/>
</a>
</td>
<td align="right"><xsl:value-of select="$size"/></td>
</tr>
</xsl:for-each>
</table>
</main>
<footer>
<p>In case this mirror is hosting files that you believe shouldn't be here, please send a message to <a href="mailto:abuse@lewd.wtf">abuse@lewd.wtf</a> and we'll remove it as soon as possible.</p>
</footer>
</body>
</html>
</xsl:template>
</xsl:stylesheet>

11
hosts/mirror.lewd.wtf/networking.nix
View File

@ -1,11 +0,0 @@
{ ... }:
{
networking.defaultGateway = "192.168.11.1";
networking.nameservers = [ "1.1.1.1" ];
networking.interfaces.ens18.ipv4.addresses = [
{
address = "192.168.11.107";
prefixLength = 24;
}
];
}