From cf4fba09360b016ce5ac012deab4462cac28ea3e Mon Sep 17 00:00:00 2001
From: Charlotte Van Petegem <charlotte@vanpetegem.be>
Date: Sun, 10 Nov 2024 18:35:31 +0100
Subject: [PATCH] mastodon: decomission

---
 machines/lasting-integrity/default.nix        |   7 --
 machines/lasting-integrity/hardware.nix       |   4 -
 modules/nixos/services/default.nix            |   1 -
 modules/nixos/services/mastodon/default.nix   |  78 ------------------
 secrets.nix                                   |   6 --
 secrets/passwords/services/mastodon/key.age   | Bin 561 -> 0 bytes
 secrets/passwords/services/mastodon/otp.age   | Bin 561 -> 0 bytes
 .../services/mastodon/vapid-private.age       |   9 --
 .../services/mastodon/vapid-public.age        | Bin 521 -> 0 bytes
 9 files changed, 105 deletions(-)
 delete mode 100644 modules/nixos/services/mastodon/default.nix
 delete mode 100644 secrets/passwords/services/mastodon/key.age
 delete mode 100644 secrets/passwords/services/mastodon/otp.age
 delete mode 100644 secrets/passwords/services/mastodon/vapid-private.age
 delete mode 100644 secrets/passwords/services/mastodon/vapid-public.age

diff --git a/machines/lasting-integrity/default.nix b/machines/lasting-integrity/default.nix
index 8ea8b01c..bb331c65 100644
--- a/machines/lasting-integrity/default.nix
+++ b/machines/lasting-integrity/default.nix
@@ -54,12 +54,6 @@
             fast = true;
             location = "192.168.0.1";
           }
-          {
-            path = "zdata/big-apps/mastodon";
-            remotePath = "zdata/recv/lasting-integrity/big-apps/mastodon";
-            fast = true;
-            location = "192.168.0.1";
-          }
           {
             path = "zdata/big-apps/nextcloud";
             remotePath = "zdata/recv/lasting-integrity/big-apps/nextcloud";
@@ -74,7 +68,6 @@
     services = {
       git.enable = true;
       mail.enable = true;
-      mastodon.enable = true;
       matrix.enable = true;
       nginx.hosts = [
         {
diff --git a/machines/lasting-integrity/hardware.nix b/machines/lasting-integrity/hardware.nix
index 6516bd2f..40c39855 100644
--- a/machines/lasting-integrity/hardware.nix
+++ b/machines/lasting-integrity/hardware.nix
@@ -54,10 +54,6 @@
       device = "zdata/big-apps/influxdb2";
       fsType = "zfs";
     };
-    "/var/lib/mastodon/public-system" = {
-      device = "zdata/big-apps/mastodon";
-      fsType = "zfs";
-    };
     "/var/lib/git" = {
       device = "zdata/big-apps/git";
       fsType = "zfs";
diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix
index 70ef7c54..b038b76b 100644
--- a/modules/nixos/services/default.nix
+++ b/modules/nixos/services/default.nix
@@ -7,7 +7,6 @@
     ./data-access
     ./git
     ./mail
-    ./mastodon
     ./matrix
     ./nextcloud
     ./nginx
diff --git a/modules/nixos/services/mastodon/default.nix b/modules/nixos/services/mastodon/default.nix
deleted file mode 100644
index b2751801..00000000
--- a/modules/nixos/services/mastodon/default.nix
+++ /dev/null
@@ -1,78 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  options.chvp.services.mastodon.enable = lib.mkOption {
-    default = false;
-    example = true;
-  };
-
-  config = lib.mkIf config.chvp.services.mastodon.enable {
-    chvp = {
-      base.zfs.systemLinks = [{ path = "/var/lib/redis-mastodon"; type = "cache"; }];
-      services.nginx.hosts = [{
-        fqdn = "social.chvp.be";
-        options = {
-          root = "${pkgs.mastodon}/public/";
-          locations = {
-            "/system/".alias = "/var/lib/mastodon/public-system/";
-            "/".tryFiles = "$uri @proxy";
-            "@proxy" = {
-              proxyPass = "http://unix:/run/mastodon-web/web.socket";
-              proxyWebsockets = true;
-            };
-            "/api/v1/streaming" = {
-              proxyPass = "http://unix:/run/mastodon-streaming/streaming.socket";
-              proxyWebsockets = true;
-            };
-          };
-        };
-      }];
-    };
-    users = {
-      users = {
-        mastodon.uid = 989;
-        nginx.extraGroups = [ "mastodon" ];
-      };
-      groups.mastodon.gid = 985;
-    };
-    services.mastodon = {
-      enable = true;
-      configureNginx = false;
-      localDomain = "social.chvp.be";
-      enableUnixSocket = true;
-      streamingProcesses = 4;
-
-      database.createLocally = true;
-      redis.createLocally = true;
-      smtp = {
-        fromAddress = "social@chvp.be";
-        createLocally = false;
-      };
-      extraConfig = {
-        SMTP_OPENSSL_VERIFY_MODE = "none";
-      };
-
-      otpSecretFile = config.age.secrets."passwords/services/mastodon/otp".path;
-      secretKeyBaseFile = config.age.secrets."passwords/services/mastodon/key".path;
-      vapidPublicKeyFile = config.age.secrets."passwords/services/mastodon/vapid-public".path;
-      vapidPrivateKeyFile = config.age.secrets."passwords/services/mastodon/vapid-private".path;
-    };
-
-    age.secrets."passwords/services/mastodon/vapid-public" = {
-      file = ../../../../secrets/passwords/services/mastodon/vapid-public.age;
-      owner = "mastodon";
-    };
-    age.secrets."passwords/services/mastodon/vapid-private" = {
-      file = ../../../../secrets/passwords/services/mastodon/vapid-private.age;
-      owner = "mastodon";
-    };
-    age.secrets."passwords/services/mastodon/key" = {
-      file = ../../../../secrets/passwords/services/mastodon/key.age;
-      owner = "mastodon";
-    };
-    age.secrets."passwords/services/mastodon/otp" = {
-      file = ../../../../secrets/passwords/services/mastodon/otp.age;
-      owner = "mastodon";
-    };
-  };
-}
diff --git a/secrets.nix b/secrets.nix
index 6d147444..0f01afbc 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -77,12 +77,6 @@ in
   "secrets/passwords/services/git/secret.age".publicKeys = [ lasting-integrity ] ++ users;
   "secrets/passwords/services/gitlab-runner/registration.age".publicKeys = [ urithiru ] ++ users;
 
-  "secrets/passwords/services/mastodon/otp.age".publicKeys = [ lasting-integrity ] ++ users;
-  "secrets/passwords/services/mastodon/key.age".publicKeys = [ lasting-integrity ] ++ users;
-  "secrets/passwords/services/mastodon/vapid-public.age".publicKeys = [ lasting-integrity ] ++ users;
-  "secrets/passwords/services/mastodon/vapid-private.age".publicKeys = [ lasting-integrity ] ++ users;
-
-  "secrets/passwords/services/garmin2influx-env.age".publicKeys = [ lasting-integrity ] ++ users;
   "secrets/passwords/services/grafana/smtp.age".publicKeys = [ lasting-integrity ] ++ users;
   "secrets/passwords/services/grafana/admin-password.age".publicKeys = [ lasting-integrity ] ++ users;
   "secrets/passwords/services/grafana/secret-key.age".publicKeys = [ lasting-integrity ] ++ users;
diff --git a/secrets/passwords/services/mastodon/key.age b/secrets/passwords/services/mastodon/key.age
deleted file mode 100644
index a40cd7bba33c67532cc5d7af6a9a2c6eacbec3ea..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 561
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7@OE@73si84DmE#}
z&`<OZG;qz!PBpN|tqAbROw2DzODo9n%JGWIGqwmTE-5a|aOBEOH?S;p^a$|G5BJaX
zPj>dpF)r}UHuN$rOfPW@)GrH+^o%I4a`v+Hc0{+W*s>_eB3;3|Fs~>$CEr-zv9dfh
zt-v$OrNAUN%q%R=zqB;jBwXLo%O}#UBvCse!;{O{)7>P)+&S6RDKFb8B{d|u#49}|
zBFZV)KhGl2IXx&mJf+yDEFdB{$rar;?TQN5ia-Uo$aF`GLNlj8GfTgcP{V@2e7C^h
zqO!7dOGD3s9QPnM|9}X`jEEqkjC`)#vXaWm{6OQ#oQ!O<Y>PY--_WX@Jd2Fd)F@|@
z60_v=%D})v*Id_9vwSXHU0nqyZC^)Azl<`=5Vvq&eY1!h3w@`&#L!GHi^6;ZgOrk>
zh&1DpDp%L6Fbgg##%}J*>rIa3y?wM;Wz}S>`bq!9Zlp0+7Z^-jv+Y>X`q1)Af$o#{
zOh1wK{ry#+dFGd1cs5Luf6?{fsJ7UFXMx^zdkUiO|4rGtke7FEZc6pHu(y{P)6=b`
zvjy*D|NFO%NxD<PUbHG=%H2GM*{2po{=HW?IY2JZNMYxFJ1>>zNhcRHXZB`Z-K%gc
d;i=av4wml^CePCP7FF%q$NP~>ka6NcE&x*%(XRji

diff --git a/secrets/passwords/services/mastodon/otp.age b/secrets/passwords/services/mastodon/otp.age
deleted file mode 100644
index 330c342d2493877cc05a132df7dab9bb0e18b243..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 561
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7@OE@73si7(^3BZf
z%yqU5D)%c$j>t3!4|FR@vWRdqF1JX{N-jt#E(>(B2+i_z4dp8FO$#-OGRQJd4he89
zOf`rMDU9^23Uf~Nh)Bsv4X8*n)y_`yD@xBV2t>E7*s>_eB3&V{pv2eIHPYF?tg@sy
z(mW%{G&d)!RKM6V(KXCHASW-|$357nvfM4##gi+{GcU`{%)`jV%-qvA+c&$YqRO!_
zGE&<t(lpY@Hz=jZ%|F*G#WW)=DjVH4?TQN5ia>>mTtla1Z{rY)<Qy|+Cx3q*_srrH
z=cEGdjIu!I<O&1F!T|TufHcQEmt?Lgv&u9NKka0%BGW8yV?TfAU{7PmTz7+vK$k#I
zXVa3Dl8{u_GQV)6ka8|vU0nrNPe0!h3!~i3;IQEG62DB7^3<w~O6Np<$ABEO$SAYG
zq+Fw{yi$vtjBKunjCLI?j5!w{b?kdKKlI+#v<~&jNB=EXJF0L!+CB5l(ZBPr_O4(n
zcp888(`@gv7Zmjyt+HOs&pk6EH(*2Q9DBy5%M7LwOaENx$(d4-esjsLKddd4?Xi;F
z%a@&7aXq=_gb8oDS%x+9xg`td@2ZHHbK#EZop<_M_ZQy&slW75=Z~4*y-Cx2U1W+P
e&ODp*PxVhtHwRnxUZL8_Pm4F3?UsGSmjwW|q1A%`

diff --git a/secrets/passwords/services/mastodon/vapid-private.age b/secrets/passwords/services/mastodon/vapid-private.age
deleted file mode 100644
index 85637c74..00000000
--- a/secrets/passwords/services/mastodon/vapid-private.age
+++ /dev/null
@@ -1,9 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 hKAFvQ MOJSN3hq4H+2R84i4w/zLxlR1AU4y080IrCfcpyCnS8
-Gs3vTYjkNUe4WvVhg6TWRzEsyYMyeIYGwHAg7CqKwnE
--> ssh-ed25519 s9rb8g mfSwXNjit2EG8HKjeszxeM6FcccRppnonKLlIWWoAHg
-JfoY4D3VmRba4YtlpVJC+1kL9IeLGsyQ06My/74/Fc0
--> ssh-ed25519 +xxExQ aYnjsl9l+Vb4tLPqpElHcMzcHdXYkQsapDYGDDSMlxs
-klVSSRh52RwT51wI51N3kGyWOiBUa7UXdXre7+579n8
---- M859YQAcXUn2JFJ/xZOGtGl4qomYoucqufTNpd4uKlQ
-ÌM»Œ ?_bÑNwˆp]YM¢®^VV®ç¥ÖNª[HV‰­ÃÂéW¤_@á])-N»+È§è2ƒûE«{P¦¶˜AxyZÞ'Þ
\ No newline at end of file
diff --git a/secrets/passwords/services/mastodon/vapid-public.age b/secrets/passwords/services/mastodon/vapid-public.age
deleted file mode 100644
index 5243b7a47804f3f73d3093c4d7e0e92138f40500..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 521
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7@OE@73si754k%6v
z^mPi+cJ+4+@X)r%@YBvM^p41}bapokbqn^(a`rFIG;uC*i{#Qas3^(w_bqkT&nfcO
zF9^wY*Dk9{EH}^b%m_^h%Wy7ps?18vNlXd%%|^Ga*s>_eB3;4BvZ&bE(m5a}C{@3t
z$kW{|)id4AGpW$hF(lN@-6FEgB&5jA)w{H)yqwFzx7a`2+bcCc*u~dB%gDDdG(1Dw
z!#6L@*d$lGSUc3PJS?&@+rOyT+!5V2?TQN5ia-TVkI3?jjM8w&Fkg!xFEgjgpmbl?
zNcW1W$O?DAEH~FO-^%jvkg(J&M*}W1Z4--(AVdGK)C#X$<FwE;uR<f=KxdPb^gNfa
zwA4U9)4U?{^2&fbzd$ZsU0sFj0^bU^;&4a5s50Y3$H2&Z*DU9hLUXs`oRWxAeaGUQ
zT(@NNva;;pVn?oIxi{DHXHB1aNdJ?C%aW(XCv2yjnx=U&`fS+83$0dWIU0*1e}4SX
z#rq{A_xau5%j$jk`DXpiJydL2#j(xTt#%KOni)T{+19|hhgL>21X!Ke$yac*XZ^=B
nPaiPv4BM>uc$aFBXcnu?sS?kHN9LCOkZI}<znGSx*7X<wwKKht