zaatar died, move hass and restic to tahina

systems/zaatar/atuin.nix

@@ -1,16 +0,0 @@
-{pkgs, ...}: {
-  services.postgresqlBackup = {
-    enable = true;
-    databases = ["atuin"];
-  };
-
-  services.postgresql.package = pkgs.postgresql_14;
-
-  services.atuin = {
-    host = "0.0.0.0";
-    openFirewall = true;
-    openRegistration = true;
-    port = 8888;
-    enable = true;
-  };
-}

systems/zaatar/backup.nix

@@ -1,61 +0,0 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}: let
-  niveumLib = import ../../lib;
-  inherit (niveumLib) retiolumAddresses restic;
-  firewall = niveumLib.firewall lib;
-  dataDir = "/backup/restic";
-in {
-  services.restic.server = {
-    enable = true;
-    appendOnly = true;
-    inherit dataDir;
-    prometheus = true;
-    extraFlags = ["--no-auth"]; # auth is done via firewall
-    listenAddress = toString restic.port;
-  };
-
-  environment.systemPackages = [
-    (pkgs.writers.writeDashBin "restic-niveum" ''
-      exec ${pkgs.util-linux}/bin/runuser -u restic -g restic -- ${pkgs.restic}/bin/restic -r ${toString dataDir} -p ${config.age.secrets.restic.path} "$@"
-    '')
-  ];
-
-  fileSystems."/backup" = {
-    device = "/dev/disk/by-id/ata-WDC_WD10JPVX-22JC3T0_WD-WXD1E5510MKW";
-    fsType = "ext4";
-  };
-
-  networking.firewall = let
-    dport = restic.port;
-    protocol = "tcp";
-    rules = [
-      (firewall.accept {
-        inherit dport protocol;
-        source = retiolumAddresses.kabsa.ipv4;
-      })
-      (firewall.accept {
-        inherit dport protocol;
-        source = retiolumAddresses.manakish.ipv4;
-      })
-      (firewall.accept {
-        inherit dport protocol;
-        source = retiolumAddresses.makanek.ipv4;
-      })
-      (firewall.accept {
-        inherit dport protocol;
-        source = retiolumAddresses.fatteh.ipv4;
-      })
-      (firewall.accept {
-        inherit dport protocol;
-        source = retiolumAddresses.ful.ipv4;
-      })
-    ];
-  in {
-    extraCommands = firewall.addRules rules;
-    extraStopCommands = firewall.removeRules rules;
-  };
-}

systems/zaatar/home-assistant.nix

@@ -1,40 +0,0 @@
-{config, ...}: let
-  port = 8123;
-  inherit (import ../../lib) restic;
-  influxPort = 9100;
-  volumeName = "home-assistant.bak";
-in {
-  networking.firewall.allowedTCPPorts = [port influxPort];
-
-  services.nginx.virtualHosts."home.kmein.r" = {
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:${toString port}";
-    };
-  };
-
-  services.restic.backups.niveum = {
-    initialize = true;
-    inherit (restic) repository;
-    timerConfig = {
-      OnCalendar = "daily";
-      RandomizedDelaySec = "1h";
-    };
-    passwordFile = config.age.secrets.restic.path;
-    paths = [
-      "/var/lib/containers/storage/volumes/${volumeName}"
-    ];
-  };
-
-  virtualisation.oci-containers = {
-    backend = "podman";
-    containers.homeassistant = {
-      volumes = ["${volumeName}:/config"];
-      environment.TZ = "Europe/Berlin";
-      image = "ghcr.io/home-assistant/home-assistant:stable";
-      extraOptions = [
-        "--network=host"
-        "--device=/dev/ttyACM0:/dev/ttyACM0" # Example, change this to match your own hardware
-      ];
-    };
-  };
-}