Add ACME cert-store

machine-confs/cert-store.nix

@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+{
+  networking.hostName = "cert-store";
+
+  imports = [
+    ../base.nix
+    ../services/acme-cert-store.nix
+  ];
+
+  #Many installs will need this, and it won't hurt either way
+  services.qemuGuest.enable = true;
+
+  #Prevent user from being locked out of the system before switching to proper config
+  users.mutableUsers = pkgs.lib.mkForce true;
+}

machine-confs/honeypot.nix

@@ -1,31 +0,0 @@
-{ ... }:
-{
-  networking.hostName = "honeypot";
-
-  imports = [
-    ../base.nix
-  ];
-
-  networking.firewall.allowedTCPPorts = [
-    80
-  ];
-
-  services = {
-    nginx = {
-      enable = true;
-      recommendedGzipSettings = true;
-
-      virtualHosts.localhost = {
-        locations."/" = {
-          return = "200 '<html><body>It works</body></html>'";
-          extraConfig = ''
-            default_type text/html;
-          '';
-        };
-      };
-    };
-  };
-
-  # HARDWARE SPECIFIC
-  services.qemuGuest.enable = true;
-}

machine-confs/ntfy.nix

@@ -1,22 +0,0 @@
-{ pkgs, ... }:
-{
-  networking.hostName = "ntfy";
-
-  imports = [
-    ../base.nix
-    ../services/ntfy.nix
-  ];
-
-  # HARDWARE SPECIFIC
-  services.qemuGuest.enable = true;
-
-  # Make sure this service updates later than the rest, to capture any notifs from the others
-  system.autoUpgrade = {
-    dates = pkgs.lib.mkForce "05:00";
-    rebootWindow = pkgs.lib.mkForce {
-      lower = "04:30";
-      upper = "06:00";
-    };
-  };
-
-}