1 files changed, 0 insertions, 208 deletions

diff --git a/ops/nixos/tvl-slapd/default.nix b/ops/nixos/tvl-slapd/default.nix
deleted file mode 100644
index 57559e0962..0000000000
--- a/ops/nixos/tvl-slapd/default.nix
+++ /dev/null
@@ -1,208 +0,0 @@
-# Configures an OpenLDAP instance for TVL
-#
-# TODO(tazjin): Configure ldaps://
-{ config, lib, pkgs, ... }:
-
-with config.depot.nix.yants;
-
-let
-  user = struct {
-    username = string;
-    email = string;
-    password = string;
-    displayName = option string;
-  };
-
-  toLdif = defun [ user string ] (u: ''
-    dn: cn=${u.username},ou=users,dc=tvl,dc=fyi
-    objectClass: organizationalPerson
-    objectClass: inetOrgPerson
-    sn: ${u.username}
-    cn: ${u.username}
-    displayName: ${u.displayName or u.username}
-    mail: ${u.email}
-    userPassword: ${u.password}
-  '');
-
-  users = [
-    {
-      username = "andi";
-      email = "andi@notmuch.email";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$8lefg7+8UPAEh9Ott8zH0A$7YuLRraTC1IgxTNTxFJF03AWmqBS3GX2+vfD4XVTrb0";
-    }
-    {
-      username = "artemist";
-      email = "me@artem.ist";
-      password = "{SSHA}N6Tl/txGQwlmVa7xVJCXpGcD1U4bJaI+";
-    }
-    {
-      username = "camsbury";
-      email = "camsbury7@gmail.com";
-      password = "{SSHA}r6/I/zefrAb1jWTdhuqWik0CXT8E+/E5";
-    }
-    {
-      username = "cynthia";
-      email = "cynthia@tvl.fyi";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=4,p=1$TxjbMGenhEmkyYLrg5uGhbr60THB86YeRZg5bPdiTJo$k9gbRlAPjmxwdUwzbavvsAVkckgQZ0jS2oTtvZBPysk";
-    }
-    {
-      username = "edef";
-      email = "edef@edef.eu";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$OORx4ERbkgvTmuYCJA8cIw$i5qaBzHkRVw7Tl+wZsTFTDqJwF0vuZqhW3VpknMYMc0";
-    }
-    {
-      username = "ericvolp12";
-      email = "ericvolp12@gmail.com";
-      password = "{SSHA}pSepaQ+/5KBLfJtRR5rfxGU8goAsXgvk";
-    }
-    {
-      username = "eta";
-      email = "eta@theta.eu.org";
-      password = "{SSHA}sOR5xzi7Lfv376XGQA8Hf6jyhTvo0XYc";
-    }
-    {
-      username = "etu";
-      email = "etu@failar.nu";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$RUrW8C9mWAkBSlkwSTH5dw$n3FXTeu41nDQfvJPI7TT3tcgwPmPJl8hPtaZ58qLq9A";
-    }
-    {
-      username = "firefly";
-      email = "firefly@firefly.nu";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$RYVVkFoi3A1yYkI8J2zUwg$GUERvgHvU8SGjQmilDJGZu50hYRAHw+ejtuL+Skygs8";
-    }
-    {
-      username = "glittershark";
-      email = "grfn@gws.fyi";
-      password = "{SSHA}i7PSAsXwJT3jjmmvU77aar/tU/YPDCEO";
-    }
-    {
-      username = "htbf";
-      email = "h-tvl@htbf.dev";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$2iVXQQfd26icaIguHJg/CQ$hA9ziqn7kQ06AV6uQxJCGXoG8f+LWmH+nVlk00a1n/c";
-    }
-    {
-      username = "isomer";
-      email = "isomer@tvl.fyi";
-      password = "{SSHA}OhWQkPJgH1rRJqYIaMUbbKC4iLEzvCev";
-    }
-    {
-      username = "lukegb";
-      email = "lukegb@tvl.fyi";
-      password = "{SSHA}7a85VNhpFElFw+N5xcjgGmt4HnBsaGp4";
-    }
-    {
-      username = "multi";
-      email = "depot@in-addr.xyz";
-      password = "{ARGON2}$argon2i$v=19$m=4096,t=3,p=1$qCfXhZUVft1YVPx7H4x7rw$dhtwtCrEMSpZfWQJbw2wpo5XHqiJqoZkiKeEbE6AdX0";
-    }
-    {
-      username = "nyanotech";
-      email = "nyanotechnology@gmail.com";
-      password = "{SSHA}NIJ2RCRb1+Q4Bs63cyE91VZyiN47DG6y";
-    }
-    {
-      username = "Profpatsch";
-      email = "mail@profpatsch.de";
-      password = "{SSHA}jcFXxRplMFxH4gpa0X5VdUzW64T95TwQ";
-    }
-    {
-      username = "q3k";
-      email = "q3k@q3k.org";
-      password = "{SSHA}BEccJdtnhVLDzOn+pxNfayNi3QFcEABE";
-    }
-    {
-      username = "qyliss";
-      displayName = "Alyssa Ross";
-      email = "hi@alyssa.is";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$+uTpAKrN452D8wa7OFqPnw$GYi9/zns5iJCXDp1VuTPPsa35M5vkD6+rC8riT8cEHI";
-    }
-    {
-      username = "riking";
-      displayName = "kanepyork";
-      email = "rikingcoding@gmail.com";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$o2OcfhfKOry+UrcmODyQCw$qloaQgoIRDESwaA3yqPxxy8sgLk3mrjYFBbF41elVrM";
-    }
-    {
-      username = "tazjin";
-      email = "mail@tazj.in";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$wOPEl9D3kSke//oLtbvqrg$j0npwwXgaXQ/emefKUwL59tH8hdmtzbgH2rQzWSmE2Y";
-    }
-    {
-      username = "implr";
-      email = "implr@hackerspace.pl";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$SHRFps5sVgyUXYdmqGPw9g$tEx9DwKK1RjWlw52GLwOZ/iHep+QJboaZE83f1pXSwQ";
-    }
-    {
-      username = "v";
-      displayName = "V";
-      email = "v@anomalous.eu";
-      password = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$Wa11vk3gQKhJr1uzvtRTRQ$RHfvcC2j6rDUgWfezm05N03LeGIEezeKtmFmt+rfvM4";
-    }
-    {
-      username = "ben";
-      email = "tvl@benjojo.co.uk";
-      password = "{SSHA}Zi48mSPsRMEPhff44w4RHi0SjjyhjWk1";
-    }
-  ];
-in {
-  # Use our patched OpenLDAP derivation which enables stronger password hashing.
-  #
-  # Unfortunately the module for OpenLDAP has no package option, so we
-  # need to override it system-wide. Be aware that this triggers a
-  # *large* number of rebuilds of packages such as GPG and Python.
-  nixpkgs.overlays = [
-    (_: _: {
-      inherit (config.depot.third_party) openldap;
-    })
-  ];
-
-  services.openldap = {
-    enable = true;
-    dataDir = "/var/lib/openldap";
-    suffix = "dc=tvl,dc=fyi";
-    rootdn = "cn=admin,dc=tvl,dc=fyi";
-    rootpw = "{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$OfcgkOQ96VQ3aJj7NfA9vQ$oS6HQOkYl/bUYg4SejpltQYy7kvqx/RUxvoR4zo1vXU";
-
-    # ACL configuration
-    extraDatabaseConfig = ''
-      # Allow users to change their own password
-      access to attrs=userPassword
-        by self write
-        by anonymous auth
-        by users none
-
-      # Allow default read access to other directory elements
-      access to * by * read
-    '';
-
-    extraConfig = ''
-      moduleload pw-argon2
-    '';
-
-    # Contents are immutable at runtime, and adding user accounts etc.
-    # is done statically in the LDIF-formatted contents in this folder.
-    declarativeContents = ''
-      dn: dc=tvl,dc=fyi
-      dc: tvl
-      o: TVL LDAP server
-      description: Root entry for tvl.fyi
-      objectClass: top
-      objectClass: dcObject
-      objectClass: organization
-
-      dn: ou=users,dc=tvl,dc=fyi
-      ou: users
-      description: All users in TVL
-      objectClass: top
-      objectClass: organizationalUnit
-
-      dn: ou=groups,dc=tvl,dc=fyi
-      ou: groups
-      description: All groups in TVL
-      objectClass: top
-      objectClass: organizationalUnit
-
-      ${lib.concatStringsSep "\n" (map toLdif users)}
-    '';
-  };
-}