From 74b049e56a4f4db463376d29c438372dcb9b8f35 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sat, 31 May 2025 19:15:46 +0200
Subject: [PATCH] Remove old Longhorn and backup code

---
 machines/lewis/configuration.nix |  2 -
 nixos/backups.nix                | 93 --------------------------------
 nixos/data-sharing.nix           | 39 --------------
 nixos/default.nix                |  4 +-
 nixos/kubernetes/k3s/default.nix | 18 +------
 5 files changed, 2 insertions(+), 154 deletions(-)
 delete mode 100644 nixos/backups.nix
 delete mode 100644 nixos/data-sharing.nix

diff --git a/machines/lewis/configuration.nix b/machines/lewis/configuration.nix
index 557550c..4d54d24 100644
--- a/machines/lewis/configuration.nix
+++ b/machines/lewis/configuration.nix
@@ -20,8 +20,6 @@
 
     pim = {
       k3s.serverAddr = "https://jefke.dmz:6443";
-      data-sharing.enable = true;
-      backups.enable = true;
 
       backups.borgBackups = {
         bazarr = {
diff --git a/nixos/backups.nix b/nixos/backups.nix
deleted file mode 100644
index 3a502ee..0000000
--- a/nixos/backups.nix
+++ /dev/null
@@ -1,93 +0,0 @@
-{
-  pkgs,
-  lib,
-  config,
-  ...
-}: let
-  cfg = config.pim.backups;
-
-  borgmaticConfig = pkgs.writeTextFile {
-    name = "borgmatic-config.yaml";
-
-    text = lib.generators.toYAML {} {
-      source_directories = ["/mnt/longhorn/persistent/longhorn-backup"];
-
-      repositories = [
-        {
-          path = cfg.repoLocation;
-          label = "nfs";
-        }
-        {
-          path = "ssh://s6969ym3@s6969ym3.repo.borgbase.com/./repo";
-          label = "borgbase";
-        }
-      ];
-
-      ssh_command = "${pkgs.openssh}/bin/ssh -i ${config.sops.secrets."borg/borgbasePrivateKey".path} -o StrictHostKeychecking=no";
-      keep_daily = 7;
-      keep_weekly = 4;
-      keep_monthly = 6;
-      encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/borgPassphrase".path}";
-    };
-  };
-in {
-  options.pim.backups = {
-    enable = lib.mkOption {
-      default = false;
-      type = lib.types.bool;
-      description = ''
-        Whether to enable backups of persistent data on this machine.
-      '';
-    };
-
-    repoLocation = lib.mkOption {
-      default = "/mnt/longhorn/persistent/nfs.borg";
-      type = lib.types.str;
-      description = ''
-        Location of the Borg repository to back up to.
-      '';
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    environment.systemPackages = with pkgs; [borgbackup];
-    # Converted from:
-    # https://github.com/borgmatic-collective/borgmatic/tree/84823dfb912db650936e3492f6ead7e0e0d32a0f/sample/systemd
-    systemd.services.borgmatic = {
-      description = "borgmatic backup";
-      wants = ["network-online.target"];
-      after = ["network-online.target"];
-      unitConfig.ConditionACPower = true;
-      preStart = "${pkgs.coreutils}/bin/sleep 10s";
-
-      serviceConfig = {
-        Type = "oneshot";
-        Nice = 19;
-        CPUSchedulingPolicy = "batch";
-        IOSchedulingClass = "best-effort";
-        IOSchedulingPriority = 7;
-        IOWeight = 100;
-        Restart = "no";
-        LogRateLimitIntervalSec = 0;
-        Environment = "BORG_PASSPHRASE_FILE=${config.sops.secrets."borg/borgPassphrase".path}";
-      };
-
-      script = "${pkgs.systemd}/bin/systemd-inhibit --who=\"borgmatic\" --what=\"sleep:shutdown\" --why=\"Prevent interrupting scheduled backup\" ${pkgs.borgmatic}/bin/borgmatic --verbosity -2 --syslog-verbosity 1 -c ${borgmaticConfig}";
-    };
-
-    systemd.timers.borgmatic = {
-      description = "Run borgmatic backup";
-      wantedBy = ["timers.target"];
-      timerConfig = {
-        OnCalendar = "*-*-* 3:00:00";
-        Persistent = true;
-        RandomizedDelaySec = "1h";
-      };
-    };
-
-    sops.secrets = {
-      "borg/borgPassphrase" = {};
-      "borg/borgbasePrivateKey" = {};
-    };
-  };
-}
diff --git a/nixos/data-sharing.nix b/nixos/data-sharing.nix
deleted file mode 100644
index 0f2d6af..0000000
--- a/nixos/data-sharing.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{
-  lib,
-  config,
-  ...
-}: let
-  cfg = config.pim.data-sharing;
-  nfsShares = ["/mnt/longhorn/persistent/longhorn-backup"];
-
-  nfsExports = lib.strings.concatLines (
-    builtins.map
-    (
-      share: "${share} 192.168.30.0/16(rw,sync,no_subtree_check,no_root_squash) 127.0.0.1/8(rw,sync,no_subtree_check,no_root_squash) 10.0.0.0/8(rw,sync,no_subtree_check,no_root_squash)"
-    )
-    nfsShares
-  );
-in {
-  options.pim.data-sharing = {
-    enable = lib.mkOption {
-      default = false;
-      type = lib.types.bool;
-      description = ''
-        Configure this server to serve our data using NFS.
-      '';
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    networking.firewall.allowedTCPPorts = [
-      2049 # NFS
-      111 # NFS
-      20048 # NFS
-    ];
-
-    services.nfs.server = {
-      enable = true;
-      exports = nfsExports;
-    };
-  };
-}
diff --git a/nixos/default.nix b/nixos/default.nix
index dfb422f..108368d 100644
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -24,8 +24,6 @@
     ./server.nix
     ./prometheus.nix
     ./kubernetes
-    ./data-sharing.nix
-    ./backups.nix
     ./backups-ng.nix
   ];
 
@@ -190,7 +188,7 @@
       overlays = [
         inputs.nur.overlays.default
         (_final: _prev: {
-          containerd = inputs.nixpkgs-oldstable.legacyPackages.x86_64-linux.containerd;
+          inherit (inputs.nixpkgs-oldstable.legacyPackages.x86_64-linux) containerd;
           unstable = import inputs.nixpkgs-unstable {
             inherit (pkgs) system;
             config.allowUnfree = true;
diff --git a/nixos/kubernetes/k3s/default.nix b/nixos/kubernetes/k3s/default.nix
index 5964f7d..1ed7b0f 100644
--- a/nixos/kubernetes/k3s/default.nix
+++ b/nixos/kubernetes/k3s/default.nix
@@ -46,8 +46,6 @@ in {
   config = lib.mkIf cfg.enable {
     environment.systemPackages = with pkgs; [
       k3s
-      openiscsi # Required for Longhorn
-      nfs-utils # Required for Longhorn
     ];
 
     # TODO!!!!!
@@ -121,27 +119,13 @@ in {
         serverFlags = builtins.concatStringsSep " " serverFlagList;
       in {
         enable = true;
-        role = cfg.role;
+        inherit (cfg) role clusterInit;
         tokenFile = config.sops.secrets."k3s/serverToken".path;
         extraFlags = lib.mkIf (cfg.role == "server") (lib.mkForce serverFlags);
-        clusterInit = cfg.clusterInit;
         serverAddr = lib.mkIf (! (cfg.serverAddr == null)) cfg.serverAddr;
       };
-
-      # Required for Longhorn
-      openiscsi = {
-        enable = true;
-        name = "iqn.2016-04.com.open-iscsi:${config.networking.fqdn}";
-      };
     };
 
-    # HACK: Symlink binaries to /usr/local/bin such that Longhorn can find them
-    # when they use nsenter.
-    # https://github.com/longhorn/longhorn/issues/2166#issuecomment-1740179416
-    systemd.tmpfiles.rules = [
-      "L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
-    ];
-
     system.activationScripts = {
       k3s-bootstrap = lib.mkIf (cfg.role == "server") {
         text = (