vps: move to trivionomicon soju config

sys/platforms/vps/default.nix

@@ -17,6 +17,12 @@ with lib; {
     ./networkMap.nix
   ];
 
+  
+  local.soju = {
+    enable = true;
+    fullyQualifiedDomain = "soju.posixlycorrect.com";
+  };
+
   local.sys = {
     baseline.enable = true;
 

sys/platforms/vps/srv/default.nix

@@ -18,6 +18,5 @@ with lib; {
     ./immich.nix
     ./mealie.nix
     ./dufs.nix
-    ./soju.nix
   ];
 }

sys/platforms/vps/srv/soju.nix

@@ -1,45 +0,0 @@
-{
-  lib,
-  pkgs,
-  config,
-  ...
-}:
-with lib; {
-  security.acme.certs."soju.posixlycorrect.com" = {
-    reloadServices = ["soju.service"];
-    group = "soju";
-  };
-
-  networking.firewall.allowedTCPPorts = [6697];
-
-  services.soju = let
-    sojuCertDir = config.security.acme.certs."soju.posixlycorrect.com".directory;
-  in {
-    enable = true;
-    hostName = "soju.posixlycorrect.com";
-    listen = ["ircs://[::]:6697"];
-    tlsCertificate = "${sojuCertDir}/fullchain.pem";
-    tlsCertificateKey = "${sojuCertDir}/key.pem";
-  };
-
-  systemd.services.soju = {
-    after = ["acme-soju.posixlycorrect.com.service"];
-    serviceConfig = {
-      DynamicUser = mkForce false; # fuck dynamic users
-      User = "soju";
-      Group = "soju";
-      ProtectSystem = "strict";
-      ProtectHome = "read-only";
-      PrivateTmp = true;
-      RemoveIPC = true;
-    };
-  };
-
-  users = {
-    users.soju = {
-      isSystemUser = true;
-      group = "soju";
-    };
-    groups.soju = {};
-  };
-}