From 9db5b156ddd4b1eb2dc4210545109cb01e594045 Mon Sep 17 00:00:00 2001
From: Fabian Montero <fabian@posixlycorrect.com>
Date: Thu, 23 Jan 2025 07:40:49 -0600
Subject: [PATCH] vps: remove unused modues

authentik
bepasty
firefly
jellyfin
jitsi
kuma
roundcube
---
 sys/platforms/vps/srv/authentik.nix | 110 ----------------------------
 sys/platforms/vps/srv/bepasty.nix   |  40 ----------
 sys/platforms/vps/srv/default.nix   |   7 --
 sys/platforms/vps/srv/firefly.nix   |  33 ---------
 sys/platforms/vps/srv/jellyfin.nix  |  30 --------
 sys/platforms/vps/srv/jitsi.nix     |  35 ---------
 sys/platforms/vps/srv/kuma.nix      |  29 --------
 sys/platforms/vps/srv/roundcube.nix |  62 ----------------
 8 files changed, 346 deletions(-)
 delete mode 100644 sys/platforms/vps/srv/authentik.nix
 delete mode 100644 sys/platforms/vps/srv/bepasty.nix
 delete mode 100644 sys/platforms/vps/srv/firefly.nix
 delete mode 100644 sys/platforms/vps/srv/jellyfin.nix
 delete mode 100644 sys/platforms/vps/srv/jitsi.nix
 delete mode 100644 sys/platforms/vps/srv/kuma.nix
 delete mode 100644 sys/platforms/vps/srv/roundcube.nix

diff --git a/sys/platforms/vps/srv/authentik.nix b/sys/platforms/vps/srv/authentik.nix
deleted file mode 100644
index 8b68fe3..0000000
--- a/sys/platforms/vps/srv/authentik.nix
+++ /dev/null
@@ -1,110 +0,0 @@
-{
-  lib,
-  pkgs,
-  flakes,
-  ...
-}:
-with lib; {
-  imports = [flakes.authentik-nix.nixosModules.default];
-
-  options = {
-    services.nginx.virtualHosts = mkOption {
-      type = with lib.types;
-        attrsOf (
-          submodule
-          (
-            {config, ...}: {
-              options = {
-                enableAuthentik = mkOption {
-                  default = false;
-                  type = bool;
-                };
-                locations = mkOption {
-                  type = attrsOf (
-                    submodule {
-                      config = mkIf config.enableAuthentik {
-                        extraConfig = ''
-                          auth_request        /outpost.goauthentik.io/auth/nginx;
-                          error_page          401 = @goauthentik_proxy_signin;
-                          auth_request_set $auth_cookie $upstream_http_set_cookie;
-                          add_header Set-Cookie $auth_cookie;
-
-                          # translate headers from the outposts back to the actual upstream
-                          auth_request_set $authentik_username $upstream_http_x_authentik_username;
-                          auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
-                          auth_request_set $authentik_email $upstream_http_x_authentik_email;
-                          auth_request_set $authentik_name $upstream_http_x_authentik_name;
-                          auth_request_set $authentik_uid $upstream_http_x_authentik_uid;
-
-                          proxy_set_header X-authentik-username $authentik_username;
-                          proxy_set_header X-authentik-groups $authentik_groups;
-                          proxy_set_header X-authentik-email $authentik_email;
-                          proxy_set_header X-authentik-name $authentik_name;
-                          proxy_set_header X-authentik-uid $authentik_uid;
-                        '';
-                      };
-                    }
-                  );
-                };
-              };
-              config = mkIf config.enableAuthentik {
-                extraConfig = ''
-                  proxy_buffers 8 16k;
-                  proxy_buffer_size 32k;
-
-                  location /outpost.goauthentik.io {
-                    proxy_pass          http://localhost:9000/outpost.goauthentik.io;
-                    # ensure the host of this vserver matches your external URL you've configured
-                    # in authentik
-                    proxy_set_header    Host $host;
-                    proxy_redirect      http://localhost:9000 https://auth.posixlycorrect.com;
-                    proxy_set_header    X-Original-URL $scheme://$http_host$request_uri;
-                    add_header          Set-Cookie $auth_cookie;
-                    auth_request_set    $auth_cookie $upstream_http_set_cookie;
-
-                    # required for POST requests to work
-                    proxy_pass_request_body off;
-                    proxy_set_header Content-Length "";
-                  }
-
-                  location @goauthentik_proxy_signin {
-                    internal;
-                    add_header Set-Cookie $auth_cookie;
-                    return 302 /outpost.goauthentik.io/start?rd=$scheme://$http_host$request_uri;
-                    # For domain level, use the below error_page to redirect to your authentik server with the full redirect path
-                    # return 302 https://authentik.company/outpost.goauthentik.io/start?rd=$scheme://$http_host$request_uri;
-                  }
-                '';
-              };
-            }
-          )
-        );
-    };
-  };
-
-  config = {
-    services = {
-      authentik = {
-        enable = true;
-        environmentFile = "/var/trust/authentik/authentik-env";
-        nginx = {
-          enable = true;
-          enableACME = true;
-          host = "auth.posixlycorrect.com";
-        };
-        settings = {
-          email = {
-            host = "smtp.fastmail.com";
-            port = 587;
-            username = "fabianmontero@fastmail.com";
-            use_tls = true;
-            use_ssl = false;
-            from = "auth@posixlycorrect.com";
-          };
-          disable_startup_analytics = true;
-          avatars = "initials";
-        };
-      };
-    };
-  };
-}
diff --git a/sys/platforms/vps/srv/bepasty.nix b/sys/platforms/vps/srv/bepasty.nix
deleted file mode 100644
index 964dbec..0000000
--- a/sys/platforms/vps/srv/bepasty.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{
-  lib,
-  pkgs,
-  ...
-}:
-with lib; {
-  services = {
-    nginx = {
-      virtualHosts."send.posixlycorrect.com" = {
-        enableACME = true;
-        forceSSL = true;
-        extraConfig = ''
-          proxy_headers_hash_max_size 512;
-          proxy_headers_hash_bucket_size 128;
-        '';
-        locations."/" = {
-          proxyPass = "http://127.0.0.1:8989";
-        };
-      };
-    };
-
-    bepasty = {
-      enable = true;
-      servers = {
-        "send" = {
-          bind = "127.0.0.1:8989";
-          secretKeyFile = "/var/trust/bepasty/secretKeyFile";
-          dataDir = "/mnt/export2011/data";
-          defaultPermissions = "read,create,delete";
-          extraConfig = ''
-            SITENAME = 'send.posixlycorrect.com'
-            MAX_ALLOWED_FILE_SIZE = 4 * 1000 * 1000 * 1000
-            SESSION_COOKIE_SECURE = True
-            ASCIINEMA_THEME = 'asciinema'
-          '';
-        };
-      };
-    };
-  };
-}
diff --git a/sys/platforms/vps/srv/default.nix b/sys/platforms/vps/srv/default.nix
index 5fedff9..9a43916 100644
--- a/sys/platforms/vps/srv/default.nix
+++ b/sys/platforms/vps/srv/default.nix
@@ -9,18 +9,11 @@ with lib; {
   imports = [
     ./net.nix
     ./mediawiki.nix
-    # ./jitsi.nix
     ./forgejo.nix
     ./vaultwarden.nix
-    # ./bepasty.nix
-    # ./jellyfin.nix
     ./msmtp.nix
-    ./kuma.nix
-    # ./authentik.nix  consumes too much RAM and serves no purpose for now
     ./paperless.nix
     ./trilium.nix
-    # ./firefly.nix gnucash is better
-    ./roundcube.nix
     ./syncthing.nix
   ];
 }
diff --git a/sys/platforms/vps/srv/firefly.nix b/sys/platforms/vps/srv/firefly.nix
deleted file mode 100644
index e187e3c..0000000
--- a/sys/platforms/vps/srv/firefly.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{
-  lib,
-  pkgs,
-  ...
-}:
-with lib; {
-  services = {
-    nginx = {
-      virtualHosts."firefly.posixlycorrect.com" = {
-        enableACME = true;
-        forceSSL = true;
-        extraConfig = ''
-          proxy_headers_hash_max_size 512;
-          proxy_headers_hash_bucket_size 128;
-        '';
-      };
-    };
-
-    firefly-iii = {
-      enable = true;
-      user = "firefly-iii";
-      dataDir = "/var/lib/firefly-iii";
-      enableNginx = true;
-      virtualHost = "firefly.posixlycorrect.com";
-      settings = {
-        SITE_OWNER = "fabian@posixlycorrect.com";
-        DB_CONNECTION = "sqlite";
-        APP_ENV = "local";
-        APP_KEY_FILE = "/var/trust/firefly/key_file";
-      };
-    };
-  };
-}
diff --git a/sys/platforms/vps/srv/jellyfin.nix b/sys/platforms/vps/srv/jellyfin.nix
deleted file mode 100644
index 07c8896..0000000
--- a/sys/platforms/vps/srv/jellyfin.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-  lib,
-  pkgs,
-  ...
-}:
-with lib; {
-  services = {
-    nginx = {
-      virtualHosts."stream.posixlycorrect.com" = {
-        enableACME = true;
-        forceSSL = true;
-        extraConfig = ''
-          proxy_headers_hash_max_size 512;
-          proxy_headers_hash_bucket_size 128;
-        '';
-        locations."/" = {
-          proxyPass = "http://localhost:8096";
-        };
-      };
-    };
-
-    jellyfin = {
-      enable = true;
-      user = "jellyfin";
-      group = "jellyfin";
-      dataDir = "/mnt/export2008/jellyfin/dataDir";
-      cacheDir = "/mnt/export2008/jellyfin/cacheDir";
-    };
-  };
-}
diff --git a/sys/platforms/vps/srv/jitsi.nix b/sys/platforms/vps/srv/jitsi.nix
deleted file mode 100644
index 8fa1ccb..0000000
--- a/sys/platforms/vps/srv/jitsi.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{
-  lib,
-  pkgs,
-  ...
-}:
-with lib; {
-  services = {
-    nginx = {
-      virtualHosts."meet.posixlycorrect.com" = {
-        enableACME = true;
-        forceSSL = true;
-        extraConfig = ''
-          proxy_headers_hash_max_size 512;
-          proxy_headers_hash_bucket_size 128;
-        '';
-      };
-    };
-
-    jitsi-meet = {
-      enable = true;
-      hostName = "meet.posixlycorrect.com";
-      nginx.enable = true;
-      config = {
-        enableWelcomePage = true;
-        prejoinPageEnabled = true;
-        defaultLang = "en";
-      };
-      interfaceConfig = {
-        SHOW_JITSI_WATERMARK = false;
-        SHOW_WATERMARK_FOR_GUESTS = false;
-      };
-    };
-    jitsi-videobridge.openFirewall = true;
-  };
-}
diff --git a/sys/platforms/vps/srv/kuma.nix b/sys/platforms/vps/srv/kuma.nix
deleted file mode 100644
index e698c04..0000000
--- a/sys/platforms/vps/srv/kuma.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{
-  lib,
-  pkgs,
-  ...
-}:
-with lib; {
-  services = {
-    nginx = {
-      virtualHosts."status.posixlycorrect.com" = {
-        enableACME = true;
-        forceSSL = true;
-        extraConfig = ''
-          proxy_headers_hash_max_size 512;
-          proxy_headers_hash_bucket_size 128;
-        '';
-        locations."/" = {
-          proxyPass = "http://127.0.0.1:4456";
-        };
-      };
-    };
-    uptime-kuma = {
-      enable = true;
-      settings = {
-        HOST = "127.0.0.1";
-        PORT = "4456";
-      };
-    };
-  };
-}
diff --git a/sys/platforms/vps/srv/roundcube.nix b/sys/platforms/vps/srv/roundcube.nix
deleted file mode 100644
index db156bb..0000000
--- a/sys/platforms/vps/srv/roundcube.nix
+++ /dev/null
@@ -1,62 +0,0 @@
-{
-  lib,
-  pkgs,
-  ...
-}:
-with lib; {
-  services = {
-    nginx = {
-      virtualHosts."mail.posixlycorrect.com" = {
-        enableACME = true;
-        forceSSL = true;
-        extraConfig = ''
-          proxy_headers_hash_max_size 512;
-          proxy_headers_hash_bucket_size 128;
-        '';
-      };
-    };
-
-    roundcube = {
-      enable = true;
-      hostName = "mail.posixlycorrect.com";
-      configureNginx = true;
-      maxAttachmentSize = 2048; #MB
-      package = pkgs.roundcube.withPlugins (plugins: [
-        #plugins.carddav
-        plugins.contextmenu
-        plugins.custom_from
-        plugins.persistent_login
-      ]);
-      plugins = [
-        "archive"
-        "attachment_reminder"
-        #"carddav"
-        "contextmenu"
-        "custom_from"
-        "emoticons"
-        #"enigma"
-        "hide_blockquote"
-        "managesieve"
-        "markasjunk"
-        "newmail_notifier"
-        "password"
-        "persistent_login"
-        "reconnect"
-        "show_additional_headers"
-        "userinfo"
-        "vcard_attachments"
-        "zipdownload"
-      ];
-      dicts = with pkgs.aspellDicts; [
-        es
-        en
-      ];
-      extraConfig = ''
-        $config['smtp_host'] = "ssl://smtp.fastmail.com:465";
-        $config['smtp_user'] = "%u";
-        $config['smtp_pass'] = "%p";
-        $config['imap_host'] = "ssl://imap.fastmail.com:993";
-      '';
-    };
-  };
-}