add git.cloonar.com, remove old stuff

hosts/git.cloonar.com/configuration.nix

@@ -0,0 +1,49 @@
+{ config, pkgs, ... }:
+{ 
+  imports = [
+    ./utils/modules/sops.nix
+    ./utils/modules/lego/lego.nix
+    # ./modules/gogs.nix
+    ./utils/modules/gitea.nix
+    ./utils/modules/drone/server.nix
+    ./utils/modules/drone/runner.nix
+    ./utils/modules/borgbackup.nix
+    ./utils/modules/netdata.nix
+    ./utils/modules/tang.nix
+
+    ./fleet.nix
+
+    ./utils/modules/autoupgrade.nix
+
+    ./hardware-configuration.nix
+  ];
+
+  nixpkgs.overlays = [ (import ./utils/overlays/packages.nix) ];
+
+  sops.defaultSopsFile = ./secrets.yaml;
+  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+
+  boot.loader.grub.device = "/dev/sda";
+
+  networking.hostName = "git";
+
+  services.openssh.enable = true;
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN/2SAFm50kraB1fepAizox/QRXxB7WbqVbH+5OPalDT47VIJGNKOKhixQoqhABHxEoLxdf/C83wxlCVlPV9poLfDgVkA3Lyt5r3tSFQ6QjjOJAgchWamMsxxyGBedhKvhiEzcr/Lxytnoz3kjDG8fqQJwEpdqMmJoMUfyL2Rqp16u+FQ7d5aJtwO8EUqovhMaNO7rggjPpV/uMOg+tBxxmscliN7DLuP4EMTA/FwXVzcFNbOx3K9BdpMRAaSJt4SWcJO2cS2KHA5n/H+PQI7nz5KN3Yr/upJN5fROhi/SHvK39QOx12Pv7FCuWlc+oR68vLaoCKYhnkl3DnCfc7A7"
+  ];
+
+  environment.systemPackages = with pkgs; [
+    bento
+    vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+  ];
+
+  # backups
+  borgbackup.repo = "u149513-sub3@u149513-sub3.your-backup.de:borg";
+
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [ 22 80 443 8000 ];
+  };
+
+  system.stateVersion = "23.05";
+}

hosts/git.cloonar.com/fleet.nix

@@ -0,0 +1 @@
+../../fleet.nix

hosts/git.cloonar.com/hardware-configuration.nix

@@ -0,0 +1,30 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/4973f85d-da13-4094-8c71-936c275e24d0";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/049162b7-81f0-4f2d-a440-5956a0958337"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens18.useDHCP = lib.mkDefault true;
+
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/git.cloonar.com/secrets.yaml

@@ -0,0 +1,31 @@
+borg-passphrase: ENC[AES256_GCM,data:Rlb6pyuZjcR7qYt/O4o5AVjfZixKRWbdiHhR4wiwjLIKpPhgjO2ea2WaMP+XVcy5tDFA3Z30BxBloVIwK9rD6w==,iv:Jm9TIfxI7Tae3KN60VPrnIXvYpOCuquKB0Jf6wmp1oE=,tag:Ca/0FerPFn4+7WWhht1irw==,type:str]
+borg-ssh-key: ENC[AES256_GCM,data:KsgiBHWDVFj7s1ueP6r/U0r2s/4aq+NmhGKMDd0rOgpkwn2SnkKCc3c5qsRp57AcDqyF2Vt9fsDCYNNg2mhBLmSbZ9VNy2EawounD5FINJ8gPI0EW9NgQHHEAdmGviH7eMRSoSTAAzPNM9T4I92iVYOjogdSTaHU/uSmJnxNOwVTdb8RGrHfXrj1bAvEYF3teNpdRsPh0Q+bNCCAp7aas9fSuV4NPyiCTwlXkLhM8P5hfCtNuFtpLvzLxMaLv2Z/OZAKjd6Kf/wNKyMdccUtGS/wdOn7fYTNlpmMB8cYprn37fqBmvbQhGOGG6ea6HTVrU6hrOaoDsOP/tXI7xGQW7YVrq6w5/bXQyf1xXbKp+QuVWwamERbh/NZUyJLBoS9rV8JG3vJyjn829mhm7F+UfGS5nBoY8dskKdHT86OBf3+K12mQWU4fS17hc4ugm3SGXMpv1/X8nB/Tv2ok65W+5kehx4Dk1NHu+gaEJ2j3KNZPupX5HOHK/SIkjU9ybUdDxzTQOCsb6kud1D18SZQV/14z8H1dMjxMY9tnqhNX37+yNhjTkFjoYHTbj4Tg4afhvMXWFIAw6dck6tVEMIAJ3L73MlfzaDjvSSxrbNPlfMu9B45FR27YMwBc57pHZ90lvROnEBdJ3NY3inYMNuC9EVAnFPDfGixG61qA54xGJuRF+hUPx5lF1cKxlMC4QDR3lW2oAt4x19irUKa/3ayEcIKj49lfv++pSlj+cP1/2z1/1+kJgxxmSoSanycLPIc8bvcn+RGnaoRkATR27WTGQ18Ga1kGlS106wIBsaxoZvOWghET/OPt1Xm6Y7n/x5vJTeeizFBe36vv1MqtER8oedcfn51vjVuCDVwndi0iyvm4qvlKKfl+DCz4JKOpCDc0uvdpHddQsXjiysZ8z2YVhgpj1ceaWQwU/MlIwK6pIra/mUYpdYXVMODgWNl8Mhtw9CA1BfPqTpUcDuO+sEC2CdgG7T/0GFVAfBiSl6LX4nBElaWQccjWQlxzDotW8xuBXlKvWoGKe9VztLwoJ1LN870mA+btESnIExiGQS2BAQoEWlqyfSB/y6RXuLHvIjuR6tCmkSawDrnS+GtXhPIcacRmSZGG+OsJAhE2JPOct9YSHInepyyn9cOEBsIlsBfDP+bI+cnRsMkYeQkwqQsWJVxRtXMmtj+qJUqU9Bznp3twLqvZIbfK/pE1nVf8lkYExxWrZzp62Rxplbil5UuBTYtaDHeKaSJSFxTSYat4Ap4jcL682h2Ubdssnw0u14u+CGliea3L5Tik09+3R/hKaOPU+zjWLd5GiPLhqoFADSu7NtbTqH/4yphq5tlpaIc9FVD5cheaX5oxVSnXeX3Bb8r/JWL2duNfRaUr+sjJtn5afinCxAR8xJJBFvRDQq5kG3V0iXlbh4KjUr0sridkjjZAq1dNc2zA0w/Y/2+SCGAs8y5IbwqjEBuOCklwlWxjV//3K/vanZIg/qX3mKDBOtVwyoecAzoekdgRhC4A6NSMDzuloQIaLWlwsvcYIvRr7g00BDUBLkwzlCxT+T8xLp3aXKZK8ZHniVdtniHKT52uHsPG5erMr272Bf67rxficStoRRW+h4bqz5DQ7PvGjBQil5DujeckjgIcyqaqNxq7iHaTUUutDQ6oa4UmCEyxzazS+IB89UyjdgQZL+8C4ho+ETFmqnDp7kFsl+qfuesgzaRsj/wb3fECMfUzQo0TBiE41/yiKKoz3Dq6yrESTw6BHBfp2518JUP3Jk21+ZOr0BjRVoZ0PRqFk3nw0QlBcb7eowysC+n/20ysnQ8TOYDfbFsa3//gnyMrv8/VBd004olvq5Om4BYZoOlkpzpwshsZz7ysZyKZlbb/Uxf4aDNVsFUcUdJHqIZE4bzResj0j2OrN3r5s51dm8vJLc8POTkWkCJ8oRmebjfqEwrXi98+LygB+jYUvJzMnrf02X9aBZy+QWDRCeOIyuCRkgnt3v5JS2k4v+vKphs7yg7iy6RbI7X/5QaOZlfBdd2zzOLlID3sRfz7QOXKNvZFFxADGmr2Eek2xUEF+TFfnJYxDVYl1OIQ2Rm3/908nWsLqUWhMhvcsTA/7kzlWDXHxEilvDMQcBsoEdEUoKREwEUJSi4Uxv+RmVG7QbfAjpuVe3QwvjRKntFvRZIinDUgWeqcifVr2A0P+9hnXGJDZzA+f6HRNbyieI9t1CLODU91tyoTXCpS3SmLmwUEx+F2M+Vu4ZLj/hmCiQg5s5380zBAd4wZx+EJ1MutK+VHAfK5yZ2F4HTAIoKW77vXbM998IH4CaH4X+lN0/1PdPqtsj+VvAhP3NP7G2xG4GsCTE1Xf+xgW4Oin+MiEwgPDXBaG6g/1ByqqgAo5iIVZ4tWVaHO9UF18GEu+O+XFGE39YUkEvo9GlLj4oZKRe50W7w5R9fr3DSIrsBj2XWF2Jhhui2KQ7oLrwdrQfuHbz7aS8i3PUTwQacCilLdbxc1joe+mYYQ+Y5Y3GPLebCwzaIWxrMHxIO1WtjDzpZTwj/i1PrwQsK+P9iUlJIo69awfnX6I6J2RNgipdECvLIVFi+gTaZ+XwbbV8WzYNo55fRAaSAEgaCsvUgFlyIlgajKkVVHJNwvffeg8p0hQ/cInBf3QPUBnb5MbYD7UO0p7VnWLGwcsWj1Yd+IuGy89gPzVBTyQcxpVZi0CYxAJ58JZ/8K/HzHKXa2bSOb0RM3C/6Z3HFW80AY20nwq+l0clh8BVbDCov1JwlxKuF6Ri21II2JRj7++ZQ2/9/Jl3Pk2e5DRU/ZQ6LWHAoYZ8zOb5pQxFJa1Mj++TYZhw7pNgIXui2o2ZCvKEVacz3wGND69EUZsxv+xLPH1tJFS/SPCFPBzNQDuVj7jMypFbNqlk8kzuasjUg9zFNcJ8+Uy3xaVOsekJnkjz/xfcwh+0/mjWBAaDxyLQK8AryuQFLfk1/MhY/MqrKcu1K0w7ttgXMdciMwGDJMwOrtHzTt1mf7ZLUgQBu/0cLrKp6Lo8KMKjWj9M52yVY3OKOdcrVxy95Fcu4iAkoAcxa526dcOrH0wtxVeRFJbqpuXhcq7tTstmgDenpzjjAa9mVUhOAX6x7h1oa2ku9p48xTGAMz2TsdAZmoKfruKFhVC0Exp7/4plxWFxl53u40e5cbmvXntFfqHR6/WUv8YTPH+bKyEYCgUbs1wyg9gjjmnGekPYx8ebnr+P91vAsR8VWEqgK4qWrv3NFoUFcttvns0iwTYiT0wrLVHT3l8xtrITKG39JxYruq69SfApQrsfyHi3Hj+bkyBw7+b4IA9L0ndt0K0iF93SmiO+HVk1Z8mw7CvmiJaCaZ8164X66MnVJny5wmlk+vO9hoQ1K8Tnh65q4jPLNQeiDykLFvuZN7tGUDW0SQRnjON+e6IGAxAxmYyd5uO587qC7xTfoBSQS0tYP56DvTULR5LfZDXEIdbtBglwmmQgZ7A==,iv:D+umppfFfO+t0h4Eq4gP+gVd4n1yKxegnELWqsvQVuQ=,tag:018/WLt77v80jG1wZ5RL7g==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkdVh1RmFlUlh2cGFIWmR4
+            WlVmaGlDcmNWVXBRTE9JbEhKZ3AxSzQ5OVdZCnhEcnp3OEZ0Nm53OWU2Q2RNUS9W
+            ZmFKZnpxTGpDbDRwMWhrd2xlMWRoejAKLS0tIFc0TE5Zc25rWEhzcW5ETGRGRTBN
+            NFlxOGtuREE2amdKL0RMWjlTcXRuWVUKuOA6ZUfypwdqtm1JEa/OgxZWLFGawzS0
+            FxhhIZdb6Ha3VUEnDPjZhImZfVI23JCrT3ljCe/+/XLiIk5zoH9m1g==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age106n5n3rrrss45eqqzz8pq90la3kqdtnw63uw0sfa2mahk5xpe30sxs5x58
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTenZjaUNPd1VUcXhRVzI2
+            bTYzbHJvUUZlNUFwNytIWFRUanJTYzkxSVdjCmtCTTFoRDNPNXpMdHFlSzBQaEd2
+            WGtvSTBGV0gxSit4aG9uNGZtKzFkRHMKLS0tIFNyaDRITDRuZi9GbVRDRUZDVFNE
+            ZUlvdU9scDZoUDF0VE1QSVlsMFViTDgK130O3XsnwEu05b7mS5Uf8aLBtsjHfOaH
+            +VaLk/0tEGxtIn4U9WFBtfvIQ3us6b3tD6D9WRS0ElyONId7j/5sQA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2022-11-12T17:45:33Z"
+    mac: ENC[AES256_GCM,data:grOUX0hyU+F717M6Y86jnHKEInjRlwDB96G6IxB0E45hNy9kT2nYfDwnevu+swhgYb0GYTqJvLbmvhNPFXtL9x3Uc8aecW96a043YhQPUvUSa0dluCYGTInL6tsiuzAqpS2UgLRdF15lx8otvnCs2Gi+77SS8U7MoaIeKaFKN5s=,iv:MYpxbmM23soEd3t5uieLuMt6hpjiRmAn1sRPeHt50/0=,tag:9GFBtyAt3DxMMJunQlLHvg==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.7.3

hosts/git.cloonar.com/utils

@@ -0,0 +1 @@
+../../utils