remove raspberry ext drive

data/drives/raspberryExternalDrive.nix

@@ -1,16 +0,0 @@
-rec {
-  encryptedLabel = "raspberry_encrypted";
-  unencryptedLabel = "raspberry_drive";
-
-  mapperName = "raspberry_external_drive";
-
-  mountpoint = "/external_drive";
-
-  encryptedPath = "/dev/disk/by-label/${encryptedLabel}";
-  unencryptedPath = "/dev/disk/by-label/${unencryptedLabel}";
-  mapperPath = "/dev/mapper/${mapperName}";
-
-  backupsPath = "${mountpoint}/backups";
-  storagePath = "${mountpoint}/storage";
-  extrasPath = "${mountpoint}/extras";
-}

extras/mk-raspberry-ext-drive.nix

@@ -1,68 +0,0 @@
-{
-  util-linux,
-  cryptsetup,
-  btrfs-progs,
-  writeShellApplication,
-}: let
-  externalDriveData = import ../data/drives/raspberryExternalDrive.nix;
-in
-  writeShellApplication {
-    name = "mk-raspberry-ext-drive";
-    runtimeInputs = [
-      util-linux
-      cryptsetup
-      btrfs-progs
-    ];
-    text = ''
-      if [ -z "''${1-}" ]; then
-        echo "Please specify a path to device as first argument"
-        exit 1
-      fi
-
-      DRIVE_PATH=$1
-
-      if [ -z "''${2-}" ]; then
-        echo "Please specify a key file to use"
-        exit 1
-      fi
-
-      KEY_FILE=$2
-
-      if [ -z "''${3-}" ]; then
-        echo "Please specify a temp mountpoint to use"
-        exit 1
-      fi
-
-      TEMP_MOUNTPOINT=$3
-
-      if [ "$EUID" -ne 0 ]; then
-        echo "Please run as root"
-        exit
-      fi
-      echo "Wiping Partitions..."
-      wipefs --all "$DRIVE_PATH"
-
-      echo "Creating Encrypted Partition"
-      cryptsetup luksFormat "$DRIVE_PATH" --key-file "$KEY_FILE" --label "${externalDriveData.encryptedLabel}"
-
-      echo "Opening Encrypted Partition"
-      cryptsetup open "$DRIVE_PATH" "mk-raspberry-ext-drive" --key-file "$KEY_FILE"
-
-      echo "Formatting Encrypted Filesystem"
-      mkfs.btrfs -L "${externalDriveData.unencryptedLabel}" /dev/mapper/mk-raspberry-ext-drive
-
-      echo "Mounting Partition"
-      mount -t btrfs /dev/mapper/mk-raspberry-ext-drive "$TEMP_MOUNTPOINT"
-
-      echo "Creating Folders"
-      mkdir "$TEMP_MOUNTPOINT/backups"
-      mkdir "$TEMP_MOUNTPOINT/storage"
-      mkdir "$TEMP_MOUNTPOINT/extras"
-
-      echo "Unmounting"
-      umount "$TEMP_MOUNTPOINT"
-
-      echo "Closing mapper device"
-      cryptsetup close "mk-raspberry-ext-drive"
-    '';
-  }

home/dev/all/extra.nix

@@ -20,6 +20,5 @@
 
     mk-enc-usb
     mk-encrypted-drive
-    mk-raspberry-ext-drive
   ];
 }

hosts/hetzner-arm/hetzner-arm.nix

@@ -21,7 +21,6 @@ in {
       "storage"
       "mail"
       "jellyfin"
-      "vault"
     ] (name: ./containers + "/${name}"))
     ++ (with hosts.hetzner-arm.profiles; [
       staticSites

hosts/raspberry/data/rclone_config.template

@@ -1,17 +0,0 @@
-[StorageBox-Remote]
-type = webdav
-vendor = other
-host = u323231.your-storagebox.de
-url = https://u323231.your-storagebox.de
-user = u323231
-pass = STORAGEBOX_PASSWORD
-
-[StorageBox-Hasher]
-type = hasher
-remote = StorageBox-Remote:
-hashes = sha1,md5
-max_age = off
-
-[StorageBox]
-type = alias
-remote = StorageBox-Hasher:

hosts/raspberry/profiles/autoStorageBackups.nix

@@ -1,2 +0,0 @@
-{...}: {
-}

hosts/raspberry/profiles/externalDrive.nix

@@ -1,48 +0,0 @@
-{
-  self,
-  pkgs,
-  ...
-}: let
-  externalDriveData = import "${self}/data/drives/raspberryExternalDrive.nix";
-
-  mountExternalDrive = let
-    jq = "${pkgs.jq}/bin/jq";
-    vault = "${pkgs.vault}/bin/vault";
-    cryptsetup = "${pkgs.cryptsetup}/bin/cryptsetup";
-  in
-    pkgs.writeShellScriptBin "mount_external_drive" ''
-      ${unmountExternalDrive}/bin/unmount_external_drive
-
-      vault-login
-
-      ${vault} kv get -format json "/private-public-keys/cryptsetup/raspberry-ext-drive" \
-        | ${jq} -r ".data.data.key" \
-        | base64 -d \
-        | ${cryptsetup} open ${externalDriveData.encryptedPath} ${externalDriveData.mapperName} --key-file=/dev/stdin
-      mount ${externalDriveData.mapperPath} -o rw,compress=zstd ${externalDriveData.mountpoint}
-    '';
-
-  unmountExternalDrive = let
-    cryptsetup = "${pkgs.cryptsetup}/bin/cryptsetup";
-  in
-    pkgs.writeShellScriptBin "unmount_external_drive" ''
-      umount -flR ${externalDriveData.mountpoint} || true
-      ${cryptsetup} close ${externalDriveData.mapperName} || true
-    '';
-in {
-  environment.systemPackages =
-    (with pkgs; [
-      cryptsetup
-    ])
-    ++ [
-      mountExternalDrive
-      unmountExternalDrive
-    ];
-
-  systemd.tmpfiles.rules = ["d ${externalDriveData.mountpoint} - root root"];
-
-  #services.udev.extraRules = ''
-  #  ACTION=="add", ENV{PARTLABEL}=="${externalDriveData.encryptedLabel}", ENV{SYSTEMD_WANTS}="mount-external-drive.service"
-  #  ACTION=="remove", ENV{PARTLABEL}=="${externalDriveData.encryptedLabel}", ENV{SYSTEMD_WANTS}="unmount-external-drive.service"
-  #'';
-}

hosts/raspberry/profiles/rclone.nix

@@ -1,28 +0,0 @@
-{pkgs, ...}: let
-  rclone-raspberry = pkgs.writeShellScriptBin "rclone-raspberry" (let
-    vault = "${pkgs.vault}/bin/vault";
-    jq = "${pkgs.jq}/bin/jq";
-    rclone = "${pkgs.rclone}/bin/rclone";
-  in ''
-    TMP_DIR="$(mktemp -d)"
-
-    cp ${../data/rclone_config.template} "$TMP_DIR/rclone.conf"
-
-    vault-login 2>&1
-
-    STORAGEBOX_PASSWORD=$(${vault} kv get -format json "/api-keys/hetzner/storagebox" \
-      | ${jq} -r ".data.data.password")
-    STORAGEBOX_PASSWORD=$(rclone obscure "$STORAGEBOX_PASSWORD")
-
-    sed -i "s/STORAGEBOX_PASSWORD/$STORAGEBOX_PASSWORD/" "$TMP_DIR/rclone.conf"
-
-    ${rclone} --config "$TMP_DIR/rclone.conf" "$@"
-    returnVal=$?
-
-    rm -rf "$TMP_DIR"
-
-    return returnVal
-  '');
-in {
-  environment.systemPackages = with pkgs; [rclone rclone-raspberry];
-}

hosts/raspberry/raspberry.nix

@@ -3,17 +3,10 @@
     [
       presets.nixos.serverBase
 
-      profiles.nginx
-      profiles.firewallAllow.httpCommon
-
       ./secrets.nix
       ./boot.nix
     ]
-    ++ (with hosts.raspberry.profiles; [
+    ++ (with hosts.raspberry.profiles; []);
-      externalDrive
-      autoStorageBackups
-      rclone
-    ]);
 
   networking.enableIPv6 = true;
   networking.useDHCP = true;

outputs.nix

@@ -38,22 +38,19 @@ in
               (with pkgs; [
                 git
                 nano
-                bat
                 nix
-                vault
                 nix-tree
                 nix-output-monitor
               ])
               ++ (with self.packages."${system}"; [
                 mk-enc-usb
                 mk-encrypted-drive
-                mk-raspberry-ext-drive
               ]);
           };
 
           packages = {
             inherit (pkgs) comic-code comic-sans;
-            inherit (pkgs) mk-enc-usb mk-encrypted-drive mk-raspberry-ext-drive;
+            inherit (pkgs) mk-enc-usb mk-encrypted-drive;
             inherit (pkgs) gotosocial mpd-headless;
             inherit (pkgs) kitty-terminfo;
           };

overlay/default.nix

@@ -6,7 +6,6 @@ final: prev: rec {
 
   mk-enc-usb = final.callPackage ../extras/mk-enc-usb.nix {};
   mk-encrypted-drive = final.callPackage ../extras/mk-encrypted-drive.nix {};
-  mk-raspberry-ext-drive = final.callPackage ../extras/mk-raspberry-ext-drive.nix {};
 
   kitty-terminfo = final.runCommand "kitty-terminfo" {} ''
     mkdir -p $out/share