1 files changed, 0 insertions, 63 deletions
diff --git a/lass/2configs/riot.nix b/lass/2configs/riot.nix
deleted file mode 100644
index 6aacec5b6..000000000
--- a/lass/2configs/riot.nix
+++ /dev/null
@@ -1,63 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-  containers.riot = {
-    config = {
-      environment.systemPackages = [
-        pkgs.dhcpcd
-        pkgs.git
-        pkgs.jq
-      ];
-      services.openssh.enable = true;
-      users.users.root.openssh.authorizedKeys.keys = [
-        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6o6sdTu/CX1LW2Ff5bNDqGEAGwAsjf0iIe5DCdC7YikCct+7x4LTXxY+nDlPMeGcOF88X9/qFwdyh+9E4g0nUAZaeL14Uc14QDqDt/aiKjIXXTepxE/i4JD9YbTqStAnA/HYAExU15yqgUdj2dnHu7OZcGxk0ZR1OY18yclXq7Rq0Fd3pN3lPP1T4QHM9w66r83yJdFV9szvu5ral3/QuxQnCNohTkR6LoJ4Ny2RbMPTRtb+jPbTQYTWUWwV69mB8ot5nRTP4MRM9pu7vnoPF4I2S5DvSnx4C5zdKzsb7zmIvD4AmptZLrXj4UXUf00Xf7Js5W100Ne2yhYyhq+35 riot@lagrange"
-      ];
-      networking.defaultGateway = "10.233.1.1";
-      systemd.services.autoswitch = {
-        environment = {
-          NIX_REMOTE = "daemon";
-        };
-        wantedBy = [ "multi-user.target" ];
-        serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" ''
-          set -efu
-          if test -e /var/src/nixos-config; then
-            /run/current-system/sw/bin/nixos-rebuild -I /var/src switch || :
-          fi
-        '';
-        unitConfig.X-StopOnRemoval = false;
-      };
-    };
-    autoStart = true;
-    enableTun = true;
-    privateNetwork = true;
-    hostAddress = "10.233.1.1";
-    localAddress = "10.233.1.2";
-  };
-
-  systemd.network.networks."50-ve-riot" = {
-    matchConfig.Name = "ve-riot";
-
-    networkConfig = {
-      # weirdly we have to use POSTROUTING MASQUERADE here
-      # and set ip_forward manually
-      # IPForward = "yes";
-      # IPMasquerade = "both";
-      LinkLocalAddressing = "no";
-      KeepConfiguration = "static";
-    };
-  };
-
-  boot.kernel.sysctl."net.ipv4.ip_forward" = lib.mkDefault 1;
-
-  krebs.iptables.tables.nat.POSTROUTING.rules = [
-    { v6 = false; predicate = "-s ${config.containers.riot.localAddress}"; target = "MASQUERADE"; }
-  ];
-
-  # networking.nat can be used instead of this
-  krebs.iptables.tables.nat.PREROUTING.rules = [
-    { predicate = "-p tcp --dport 45622"; target = "DNAT --to-destination ${config.containers.riot.localAddress}:22"; v6 = false; }
-  ];
-  krebs.iptables.tables.filter.FORWARD.rules = [
-    { predicate = "-i ve-riot"; target = "ACCEPT"; }
-    { predicate = "-o ve-riot"; target = "ACCEPT"; }
-  ];
-}