machines/kotys/default.nix

@@ -1,95 +0,0 @@
-{
-  config,
-  pkgs,
-  inputs,
-  nixos-hardware,
-  ...
-}: {
-  imports = [
-    ../../common/users.nix
-    ./hardware-configuration.nix
-  ];
-
-  elss = {
-    # base system
-    base.enable = true;
-    # setup locale and font settings
-    locale.enable = true;
-    # setup sshd
-    sshd.enable = true;
-    # configure zsh
-    zsh.enable = true;
-    # enable X11 with lightdm and i3
-    graphical = {
-      enable = false;
-      # set dpi if used in mobile applications
-      #      dpi = 180;
-    };
-
-    # enable deamon to generate nix-index-db
-    nix-index-db-update.enable = false;
-
-    # add TUD vpn
-    openvpn.enable = false;
-
-    # enable sops
-    sops = {
-      enable = false;
-    };
-
-    # enable server services
-    server = {
-      enable = false;
-      acme.staging = false;
-    };
-
-    # enable wireguard
-    wireguard.enable = false;
-
-    # enable podman
-    container.podman.enable = true;
-
-    # user setup
-    users = {
-      enable = true;
-      admins = ["ellmau"];
-      users = [];
-
-      meta = {
-        ellmau.git = {
-          signDefault = false;
-        };
-      };
-    };
-  };
-  fileSystems."/".options = ["noatime"];
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking = {
-    interfaces.ens3 = {
-      ipv4.addresses = [
-        {
-          address = "213.109.163.8";
-          prefixLength = 22;
-        }
-      ];
-      ipv6.addresses = [
-        {
-          address = "2a03:4000:35:11::";
-          prefixLength = 64;
-        }
-      ];
-    };
-    enableIPv6 = false;
-    defaultGateway = "213.109.160.1";
-    defaultGateway6 = {
-      address = "fe80::1";
-      interface = "ens3";
-    };
-    nameservers = ["8.8.8.8"];
-    # port for a podman container
-    firewall.allowedTCPPorts = [8888];
-  };
-  system.stateVersion = "23.11";
-}

machines/kotys/hardware-configuration.nix

@@ -1,38 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/profiles/qemu-guest.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/d56cbded-5e03-4fa2-bcfd-3a284bdae664";
-      fsType = "xfs";
-    };
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/12CE-A600";
-      fsType = "vfat";
-    };
-
-  swapDevices =
-    [ { device = "/dev/disk/by-uuid/e9ec410f-8e92-4daf-a0b8-90828df6f96f"; }
-    ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-}

machines/metis/default.nix

@@ -46,6 +46,9 @@
     # enable wireguard
     wireguard.enable = true;
 
+    # enable podman
+    container.podman.enable = true;
+
     # user setup
     users = {
       enable = true;
@@ -89,6 +92,9 @@
       externalInterface = "ens3";
       internalInterfaces = ["wg-stelnet"];
     };
+
+    # port for podman container
+    firewall.allowedTCPPorts = [8888];
   };
   system.stateVersion = "22.05";
 }