chore(ops): remove nixery-01 VM completely

This is no longer needed; Nixery is now served by bugry. Change-Id: Idd072505c4da1e6af636224e092b6fb21eff9250 Reviewed-on: https://cl.tvl.fyi/c/depot/+/13001 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2025-01-15 00:16:50 +03:00 · 2025-01-15 00:16:50 +03:00 · de8ffb723c
commit de8ffb723c
parent 98aee9f84a
5 changed files with 1 additions and 55 deletions
--- a/ops/glesys/dns-tvl-fyi.tf
+++ b/ops/glesys/dns-tvl-fyi.tf
@ -81,13 +81,6 @@ resource "glesys_dnsdomain_record" "tvl_fyi_bugry_AAAA" {
  data   = var.bugry_ipv6
 }
 resource "glesys_dnsdomain_record" "tvl_fyi_nixery-01_A" {
  domain = glesys_dnsdomain.tvl_fyi.id
  host   = "nixery-01"
  type   = "A"
  data   = "51.250.51.78"
 }
 # Explicit records for all services running on whitby
 resource "glesys_dnsdomain_record" "tvl_fyi_whitby_services" {
  domain   = glesys_dnsdomain.tvl_fyi.id
--- a/ops/machines/all-systems.nix
+++ b/ops/machines/all-systems.nix
@ -5,7 +5,6 @@
  whitby
  bugry
  nevsky
  nixery-01
 ]) ++
 (with depot.users.tazjin.nixos; [
--- a/ops/machines/nixery-01/default.nix
+++ b/ops/machines/nixery-01/default.nix
@ -1,40 +0,0 @@
 # nixery.dev backing host in ru-central1-b
 { depot, lib, pkgs, ... }: # readTree options
 { config, ... }: # passed by module system
 let
  mod = name: depot.path.origSrc + ("/ops/modules/" + name);
 in
 {
  imports = [
    (mod "known-hosts.nix")
    (mod "nixery.nix")
    (mod "tvl-users.nix")
    (mod "www/nixery.dev.nix")
    (mod "yandex-cloud.nix")
    (depot.third_party.agenix.src + "/modules/age.nix")
  ];
  networking = {
    hostName = "nixery-01";
    domain = "tvl.fyi";
    firewall.allowedTCPPorts = [ 22 80 443 ];
  };
  security.sudo.extraRules = lib.singleton {
    groups = [ "wheel" ];
    commands = [{ command = "ALL"; options = [ "NOPASSWD" ]; }];
  };
  services.depot.nixery.enable = true;
  # Automatically collect garbage from the Nix store.
  services.depot.automatic-gc = {
    enable = true;
    interval = "1 hour";
    diskThreshold = 25; # GiB
    maxFreed = 150; # GiB
    preserveGenerations = "30d";
  };
 }
--- a/ops/modules/www/nixery.dev.nix
+++ b/ops/modules/www/nixery.dev.nix
@ -11,11 +11,6 @@
      enableACME = true;
      forceSSL = true;
      acmeFallbackHost = {
        "nixery-01" = "bugry.tvl.fyi";
        "bugry" = "nixery-01.tvl.fyi";
      }."${config.networking.hostName}";
      extraConfig = ''
        location / {
          proxy_pass http://localhost:${toString config.services.depot.nixery.port};
--- a/ops/nixos.nix
+++ b/ops/nixos.nix
@ -64,6 +64,5 @@ in rec {
  sandunySystem = (nixosFor depot.ops.machines.sanduny).system;
  bugrySystem = (nixosFor depot.ops.machines.bugry).system;
  nevskySystem = (nixosFor depot.ops.machines.nevsky).system;
-  nixeryDev01System = (nixosFor depot.ops.machines.nixery-01).system;
+  meta.ci.targets = [ "sandunySystem" "whitbySystem" "bugrySystem" "nevskySystem" ];
  meta.ci.targets = [ "sandunySystem" "whitbySystem" "bugrySystem" "nevskySystem" "nixeryDev01System" ];
 }