remove nixpkgs-unstable

the current version of woodpecker-server in stable now has the features this was original used for, not other usages of unstable are in tree left so removing it.

LICENSE

@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) CCCHH
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

README.md

@@ -73,7 +73,3 @@ Build a new NixOS Proxmox VE Template for the chaosknoten:
 ```shell
 nix build .#proxmox-chaosknoten-nixos-template
 ```
-
-## License
-
-This CCCHH nix-infra repository is licensed under the [MIT License](./LICENSE).

config/common/users.nix

@@ -9,10 +9,10 @@
 { config, pkgs, lib, ... }:
 
 let
-  authorizedKeysRepo = builtins.fetchGit {
+  authorizedKeysRepo = pkgs.fetchgit {
-    url = "forgejo@git.hamburg.ccc.de:CCCHH/infrastructure-authorized-keys.git"; 
+    url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys";
-    ref = "trunk";
     rev = "686a6af22f6696f0c0595c56f463c078550049fc";
+    hash = "sha256-plTYjM6zPzoBE/dp6EUrk9mCqmab278p8FqBCTX8Grc=";
   };
   authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys"));
 in

config/hosts/public-web-static/virtualHosts/c3cat.de.nix

@@ -1,19 +1,10 @@
 { pkgs, ... }:
 
-let
+{
-  domain = "c3cat.de";
-  dataDir = "/var/www/${domain}";
-  deployUser = "c3cat-website-deploy";
-in {
-  security.acme.certs."${domain}".extraDomainNames = [ "www.${domain}" ];
-
   services.nginx.virtualHosts = {
-    "acme-${domain}" = {
+    "acme-c3cat.de" = {
       enableACME = true;
-      serverName = "${domain}";
+      serverName = "c3cat.de";
-      serverAliases = [
-        "www.${domain}"
-      ];
 
       listen = [
         {
@@ -23,9 +14,9 @@ in {
       ];
     };
 
-    "$www.${domain}" = {
+    "c3cat.de" = {
       forceSSL = true;
-      useACMEHost = "${domain}";
+      useACMEHost = "c3cat.de";
 
       listen = [
         {
@@ -37,7 +28,7 @@ in {
       ];
 
       locations."/" = {
-        return = "302 https://c3cat.de$request_uri";
+        return = "302 https://wiki.hamburg.ccc.de/club:c3cat:start";
       };
 
       extraConfig = ''
@@ -51,45 +42,5 @@ in {
         real_ip_header proxy_protocol;
       '';
     };
-
+  };
-    "${domain}" = {
-      forceSSL = true;
-      useACMEHost = "${domain}";
-
-      listen = [
-        {
-          addr = "0.0.0.0";
-          port = 8443;
-          ssl = true;
-          proxyProtocol = true;
-        }
-      ];
-
-      root = "${dataDir}";
-
-      extraConfig = ''
-        # Make use of the ngx_http_realip_module to set the $remote_addr and
-        # $remote_port to the client address and client port, when using proxy
-        # protocol.
-        # First set our proxy protocol proxy as trusted.
-        set_real_ip_from 172.31.17.140;
-        # Then tell the realip_module to get the addreses from the proxy protocol
-        # header.
-        real_ip_header proxy_protocol;
-      '';
-    };
-  };
-
-  systemd.tmpfiles.rules = [
-    "d ${dataDir} 0755 ${deployUser} ${deployUser}"
-  ];
-
-  users.users."${deployUser}" = {
-    isNormalUser = true;
-    group = "${deployUser}";
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcZJzQO4RYinJm6YDUgCELe8OJA/DYOss+8xp7TtxM0 deploy key for c3cat.de"
-    ];
-  };
-  users.groups."${deployUser}" = { };
 }

config/hosts/public-web-static/virtualHosts/default.nix

@@ -9,7 +9,6 @@
     ./hackertours.hamburg.ccc.de.nix
     ./hamburg.ccc.de.nix
     ./spaceapi.hamburg.ccc.de.nix
-    ./staging.c3cat.de.nix
     ./staging.hacker.tours.nix
     ./staging.hackertours.hamburg.ccc.de.nix
     ./staging.hamburg.ccc.de.nix

config/hosts/public-web-static/virtualHosts/staging.c3cat.de.nix

@@ -1,60 +0,0 @@
-{ pkgs, ... }:
-
-let
-  domain = "staging.c3cat.de";
-  dataDir = "/var/www/${domain}";
-  deployUser = "c3cat-website-deploy";
-in {
-  services.nginx.virtualHosts = {
-    "acme-${domain}" = {
-      enableACME = true;
-      serverName = "${domain}";
-
-      listen = [
-        {
-          addr = "0.0.0.0";
-          port = 31820;
-        }
-      ];
-    };
-
-    "${domain}" = {
-      forceSSL = true;
-      useACMEHost = "${domain}";
-
-      listen = [
-        {
-          addr = "0.0.0.0";
-          port = 8443;
-          ssl = true;
-          proxyProtocol = true;
-        }
-      ];
-
-      root = "${dataDir}";
-
-      # Disallow *, since this is staging and doesn't need to be in any search
-      # results.
-      locations."/robots.txt" = {
-        return = "200 \"User-agent: *\\nDisallow: *\\n\"";
-      };
-
-      extraConfig = ''
-        # Make use of the ngx_http_realip_module to set the $remote_addr and
-        # $remote_port to the client address and client port, when using proxy
-        # protocol.
-        # First set our proxy protocol proxy as trusted.
-        set_real_ip_from 172.31.17.140;
-        # Then tell the realip_module to get the addreses from the proxy protocol
-        # header.
-        real_ip_header proxy_protocol;
-      '';
-    };
-  };
-
-  systemd.tmpfiles.rules = [
-    "d ${dataDir} 0755 ${deployUser} ${deployUser}"
-  ];
-
-  # c3cat deploy user already defined in c3cat.de.nix.
-}