From 6ab50cff3606245f6aad5937174cb07cfac68fe2 Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Sat, 30 Aug 2025 01:28:58 +0200 Subject: [PATCH] Delete unused server stuff --- environments/server/default.nix | 135 ---------------- environments/server/guesspath.sh | 21 --- environments/server/home.nix | 50 ------ environments/server/mirror.sh | 255 ------------------------------- 4 files changed, 461 deletions(-) delete mode 100644 environments/server/default.nix delete mode 100644 environments/server/guesspath.sh delete mode 100644 environments/server/home.nix delete mode 100644 environments/server/mirror.sh diff --git a/environments/server/default.nix b/environments/server/default.nix deleted file mode 100644 index 40bbf90..0000000 --- a/environments/server/default.nix +++ /dev/null @@ -1,135 +0,0 @@ -{...}: { - imports = [ - ./otel.nix - ]; - - # Make it use predictable interface names starting with eth0 - boot.kernelParams = ["net.ifnames=0"]; - - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - }; - }; - programs.mosh.enable = true; - - services.fail2ban = { - enable = true; - bantime = "5w"; - ignoreIP = [ - "192.168.0.0/16" - ]; - maxretry = 5; - }; - - networking.firewall.allowedTCPPorts = [80 443]; - services.nginx = { - enable = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - virtualHosts."kyoo.sdg.moe" = { - enableACME = true; - forceSSL = true; - - locations."/robots.txt" = { - extraConfig = '' - rewrite ^/(.*) $1; - return 200 "User-agent: *\nDisallow: /"; - ''; - }; - - locations."/" = { - proxyPass = "http://localhost:8901"; - proxyWebsockets = true; - extraConfig = "proxy_pass_header Authorization;"; - }; - }; - - virtualHosts."flood.sdg.moe" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:3000"; - proxyWebsockets = true; - extraConfig = "proxy_pass_header Authorization;"; - }; - }; - - virtualHosts."git.sdg.moe" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:4789"; - proxyWebsockets = true; - extraConfig = "proxy_pass_header Authorization;"; - }; - }; - - virtualHosts."reader.sdg.moe" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:2345"; - proxyWebsockets = true; - extraConfig = "proxy_pass_header Authorization;"; - }; - }; - - virtualHosts."proxy.sdg.moe" = { - enableACME = true; - addSSL = true; - locations."/" = { - proxyPass = "http://localhost:5000"; - proxyWebsockets = true; - extraConfig = '' - proxy_pass_header Authorization; - add_header Access-Control-Allow-Origin *; - ''; - }; - }; - - virtualHosts."otel.sdg.moe" = { - enableACME = true; - addSSL = true; - locations."/" = { - proxyPass = "http://localhost:4318"; - proxyWebsockets = true; - extraConfig = "proxy_pass_header Authorization;"; - }; - }; - # virtualHosts."otel-grpc.sdg.moe" = { - # enableACME = true; - # addSSL = true; - # locations."/" = { - # grpcPass = "http://localhost:4317"; - # }; - # }; - - virtualHosts."grafana.sdg.moe" = { - enableACME = true; - addSSL = true; - locations."/" = { - proxyPass = "http://localhost:1892"; - proxyWebsockets = true; - recommendedProxySettings = true; - }; - }; - }; - security.acme = { - acceptTerms = true; - defaults.email = "zoe.roux@zoriya.dev"; - }; - - services.gitea = { - enable = true; - settings.server = rec { - DOMAIN = "sdg.moe"; - ROOT_URL = "https://git.${DOMAIN}/"; - HTTP_PORT = 4789; - DISABLE_SSH = true; - }; - }; -} diff --git a/environments/server/guesspath.sh b/environments/server/guesspath.sh deleted file mode 100644 index 6c4f3b8..0000000 --- a/environments/server/guesspath.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/env bash - -set -e - -OUT=/mnt/kyoo/shows - -if [[ -n "$TR_TORRENT_LABELS" ]]; then - echo "Ignoring $TR_TORRENT_NAME since it has labels $TR_TORRENT_LABELS" - exit -fi -if [[ "$TR_TORRENT_DIR" != "/mnt/kyoo/downloads" ]]; then - echo "Ignoring $TR_TORRENT_NAME since it already has a dir set: $TR_TORRENT_DIR" - exit -fi -echo "Running with $TR_TORRENT_NAME $TR_TORRENT_ID" - -name=$TR_TORRENT_NAME -dir=$(guessit "$name" -P "title") -echo "Guessed '$dir' for torrent '$name'" - -transmission-remote -t "$TR_TORRENT_ID" --move "$OUT/$dir" diff --git a/environments/server/home.nix b/environments/server/home.nix deleted file mode 100644 index 00875e6..0000000 --- a/environments/server/home.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ - pkgs, - lib, - ... -}: let - gitea-mirror = pkgs.stdenv.mkDerivation rec { - name = "gitea-mirror"; - nativeBuildInputs = with pkgs; [makeWrapper]; - propagatedBuildInputs = with pkgs; [ - curl - jq - coreutils - ]; - dontUnpack = true; - installPhase = " - install -Dm755 ${./mirror.sh} $out/bin/gitea-mirror - wrapProgram $out/bin/gitea-mirror --prefix PATH : '${lib.makeBinPath propagatedBuildInputs}' - "; - }; -in { - systemd.user.timers."gitea-mirror" = { - Unit = { - Description = "Mirror github repo to gitea"; - }; - Install = { - WantedBy = ["timers.target"]; - }; - Timer = { - OnCalendar = "daily"; - Persistent = true; - Unit = "gitea-mirror.service"; - }; - }; - systemd.user.services."gitea-mirror" = { - Unit = { - Description = "Mirror github repo to gitea"; - After = ["network.target"]; - }; - Service = { - Type = "oneshot"; - ExecStart = toString (pkgs.writeShellScript "gitea-sync" '' - set -eou pipefail - export GITEA_URL="https://git.sdg.moe" - export ACCESS_TOKEN=$(< ~/stuff/gitea-access-token) - export GITHUB_TOKEN=$(${pkgs.gh}/bin/gh auth token) - exec ${gitea-mirror}/bin/gitea-mirror -m user -u zoriya - ''); - }; - }; -} diff --git a/environments/server/mirror.sh b/environments/server/mirror.sh deleted file mode 100644 index 3cff9f8..0000000 --- a/environments/server/mirror.sh +++ /dev/null @@ -1,255 +0,0 @@ -#!/usr/bin/env bash - -# Stollen from https://github.com/maxkratz/github2gitea-mirror -# License: https://github.com/maxkratz/github2gitea-mirror/blob/master/LICENSE - -# Script to mirror GitHub repos to a Gitea instance. -# -# Modes: -# - Mirror a public/private repo -# - Mirror all public/private repos of a user -# - Mirror all starred repos by a user -# - Mirror all public/private repos of an organization -# -# Heavily inspired by: -# https://github.com/juergenhoetzel/github2gitea-mirror -# - -# ENVs: -# ACCESS_TOKEN = Gitea token -# GITERA_URL = Gitea URL -# GITHUB_TOKEN = GitHub personal access token - -# Displays the given input including "=> " on the console. -log () { - echo "=> $1" -} - -CURL="curl -f -S -s" - -# Check for correctly set ENVs -# ACCESS_TOKEN and GITEA_URL are always necessary -if [[ -z "${ACCESS_TOKEN}" || -z "${GITEA_URL}" ]]; then - echo -e "Please set the Gitea access token and URL in environment:\nexport ACCESS_TOKEN=abc\nexport GITEA_URL=http://gitea:3000\n" >&2 - echo -e "Don't use a trailing slash in URL!" - exit 1 -fi - -# Parse input arguments -if [[ -z "$1" ]]; then - log "No parameter(s) given. Exit." - exit 1 -fi -while [[ "$#" -gt 0 ]]; do - case $1 in - -m|--mode) mode="$2"; shift ;; - -o|--org) gitea_organization="$2"; shift ;; - -u|--user) github_user="$2"; shift ;; - -v|--visibility) visibility="$2"; shift ;; - -r|--repo) repo="$2"; shift ;; - *) log "Unknown parameter passed: $1"; exit 1 ;; - esac - shift -done - -# Prints a message on how to use the script with exit 1 -fail_print_usage () { - echo -e "Usage: $0" - echo -e " -m, --mode {org,star,repo,user} Mode to use; either mirror an organization or mirror all starred repositories." - echo -e " -o, --org \$organization GitHub organization to mirror and/or the target organization in Gitea." - echo -e " -u, --user \$github_user GitHub user to gather the starred repositories from." - echo -e " -v, --visibility {public,private} Visibility for the created Gitea organization." - echo -e " -r, --repo \$repo_url GitHub URL of a single repo to create a mirror for." - echo "" >&2 - exit 1; -} - -# Check if mode is set -if [[ -z "${mode}" ]]; then - fail_print_usage -fi - -# Check required parameters per mode -if [ "${mode}" == "org" ]; then - if [[ -z "${gitea_organization}" ]]; then - echo -e "Organization not set." - fail_print_usage - fi - - if [[ -z "${visibility}" ]]; then - echo -e "Visibility not set." - fail_print_usage - fi -elif [ "${mode}" == "star" ]; then - if [[ -z "${gitea_organization}" || -z "${github_user}" ]]; then - echo -e "Organization or GitHub user not set." - fail_print_usage - fi -elif [ "${mode}" == "repo" ]; then - if [[ -z "${repo}" || -z "${github_user}" ]]; then - echo -e "Repo URL or GitHub user not set." - fail_print_usage - fi -elif [ "${mode}" == "user" ]; then - if [[ -z "${github_user}" ]]; then - echo -e "GitHub user not set." - fail_print_usage - fi -else - echo -e "Mode not found." - fail_print_usage -fi - -# TODO: -#set -euo pipefail -set -eu pipefail - -header_options=(-H "Authorization: Bearer ${ACCESS_TOKEN}" -H "accept: application/json" -H "Content-Type: application/json") -jsonoutput=$(mktemp -d -t github-repos-XXXXXXXX) - -trap "rm -rf ${jsonoutput}" EXIT - -# Sets the uid to the specified Gitea organization -set_uid() { - uid=$($CURL "${header_options[@]}" $GITEA_URL/api/v1/orgs/${gitea_organization} | jq .id) -} - -# Sets the uid to the specified Gitea user -set_uid_user() { - uid=$($CURL "${header_options[@]}" $GITEA_URL/api/v1/users/${github_user} | jq .id) -} - -# Fetches all starred repos of the given user to JSON files -fetch_starred_repos() { - log "Fetch starred repos." - i=1 - # GitHub API just returns empty arrays instead of 404 - while $CURL "https://api.github.com/users/${github_user}/starred?page=${i}&per_page=100" >${jsonoutput}/${i}.json \ - && (( $(jq <${jsonoutput}/${i}.json '. | length') > 0 )) ; do - (( i++ )) - done -} - -# Fetches all public/private repos of the given GitHub organization to JSON files -fetch_orga_repos() { - log "Fetch organization repos." - i=1 - # GitHub API just returns empty arrays instead of 404 - while $CURL "https://api.github.com/orgs/${gitea_organization}/repos?page=${i}&per_page=100" -u "username:${GITHUB_TOKEN}" >${jsonoutput}/${i}.json \ - && (( $(jq <${jsonoutput}/${i}.json '. | length') > 0 )) ; do - (( i++ )) - done -} - -# Fetches all public/private repos of the given GitHub user to JSON files -fetch_user_repos() { - log "Fetch user repos." - i=1 - # GitHub API just returns empty arrays instead of 404 - while $CURL "https://api.github.com/user/repos?affiliation=owner&page=${i}&per_page=100" -u "${github_user}:${GITHUB_TOKEN}" >${jsonoutput}/${i}.json \ - && (( $(jq <${jsonoutput}/${i}.json '. | length') > 0 )) ; do - (( i++ )) - done -} - -# Fetches one public/private GitHub repo to a JSON file -fetch_one_repo() { - log "Fetch one repo." - # Remove URL prefix - repo=$(echo $repo | sed "s/https:\/\/github.com\///g" | sed "s/.git//g") - $CURL "https://api.github.com/repos/$repo" -u "username:${GITHUB_TOKEN}" >${jsonoutput}/1.json -} - -# Creates a specific migration repo on Gitea -create_migration_repo() { - log "Create migration repo." - if ! $CURL -w "%{http_code}\n" "${header_options[@]}" -d @- -X POST $GITEA_URL/api/v1/repos/migrate > ${jsonoutput}/result.txt 2>${jsonoutput}/stderr.txt; then - local code=$(<${jsonoutput}/result.txt) - if (( code != 409 ));then # 409 == repo already exits - cat ${jsonoutput}/stderr.txt >&2 - fi - fi -} - -# Creates a specific public/private organization on Gitea -create_migration_orga() { - visibility="${1:-}" - log "Create migration orga with name: ${gitea_organization}" - if ! $CURL -X POST $GITEA_URL/api/v1/orgs "${header_options[@]}" --data '{"username": "'"${gitea_organization}"'", "visibility": "'"${visibility}"'"}' > ${jsonoutput}/result.txt 2>${jsonoutput}/stderr.txt; then - local code=$(<${jsonoutput}/result.txt) - if (( code != 422 ));then # 422 == orga already exits - cat ${jsonoutput}/stderr.txt >&2 - fi - fi -} - -# Creates a migration repo on Gitea for each GitHub repo in the JSON files -repos_to_migration() { - log "Repos to migration started." - for f in ${jsonoutput}/*.json; do - n=$(jq '. | length'<$f) - if [[ "${n}" -gt "0" ]]; then - (( n-- )) # last element - else - continue; - fi - for i in $(seq 0 $n); do - mig_data=$(jq ".[$i] | .uid=${uid} | \ - if(.visibility==\"private\") then .private=true else .private=false end |\ - if(.visibility==\"private\") then .auth_username=\"${github_user}\" else . end | \ - if(.visibility==\"private\") then .auth_password=\"${GITHUB_TOKEN}\" else . end | \ - .mirror=true | \ - .clone_addr=.clone_url | \ - .description=.description[0:255] | \ - .repo_name=.name | \ - {uid,repo_name,clone_addr,description,mirror,private,auth_username,auth_password}" <$f) - echo "Migrating repo" $(jq ".[$i] | .uid=${uid} | .name" <$f) - echo $mig_data | create_migration_repo - done - done -} - -# Creates one migration repo on Gitea for the one GitHub repo in '1.json' -one_repo_to_migration() { - log "One repo to migration started." - # There should only be one JSON file - for f in ${jsonoutput}/*.json; do - mig_data=$(jq ".repo_owner=\"${github_user}\" | \ - if(.visibility==\"private\") then .private=true else .private=false end |\ - if(.visibility==\"private\") then .auth_username=\"${github_user}\" else . end | \ - if(.visibility==\"private\") then .auth_password=\"${GITHUB_TOKEN}\" else . end | \ - .mirror=true | \ - .clone_addr=.clone_url | \ - .description=.description[0:255] | \ - .repo_name=.name | \ - {repo_owner,repo_name,clone_addr,description,mirror,private,auth_username,auth_password}" <$f) - echo "Migrating repo" $(jq ".name" <$f) - echo $mig_data | create_migration_repo - done -} - -# Actual run the script -if [ "${mode}" == "org" ]; then - log "Mode = organization" - fetch_orga_repos - create_migration_orga ${visibility} - set_uid - repos_to_migration -elif [ "${mode}" == "repo" ]; then - log "Mode = single repo" - fetch_one_repo - one_repo_to_migration -elif [ "${mode}" == "star" ]; then - log "Mode = starred repos" - set_uid - fetch_starred_repos - repos_to_migration -elif [ "${mode}" == "user" ]; then - log "Mode = user" - set_uid_user - fetch_user_repos - repos_to_migration -fi - -log "Finished." -