Remove obsolete DNS resolver

nixos/machines/bragi/configuration.nix

@@ -1,4 +1,4 @@
-{
+{config, ...}: {
   imports = [
     ./hardware-configuration.nix
     ../../roles
@@ -12,4 +12,11 @@
   # System configuration here
   networking.hostName = "bragi";
   system.stateVersion = "23.11";
+
+  sops.secrets.backupKey = {
+    sopsFile = ./backupKey.yaml;
+    owner = config.users.users.fsaccount.name;
+    inherit (config.users.users.fsaccount) group;
+    mode = "0400";
+  };
 }

nixos/machines/bragi/network.nix

@@ -10,6 +10,7 @@
       }
     ];
     defaultGateway = "192.168.1.137";
-    nameservers = ["130.83.2.22" "130.83.56.60" "130.83.22.60" "130.82.22.63"];
+    # https://www.hrz.tu-darmstadt.de/services/it_services/nameserver_dns/index.de.jsp
+    nameservers = ["130.83.22.63" "130.83.22.60" "130.83.56.60"];
   };
 }

nixos/machines/ghatanothoa/configuration.nix

@@ -4,7 +4,7 @@
     ../../modules/jitsi.nix
     ../../roles
     ../../roles/vm.nix
-    ./network.nix
+    ../../modules/vmNetwork.nix
   ];
 
   services.mathebau-jitsi = {
@@ -14,5 +14,6 @@
 
   # System configuration here
   networking.hostName = "ghatanothoa";
+  vmNetwork.ipv4 = "192.168.0.25";
   system.stateVersion = "23.11";
 }

nixos/machines/ghatanothoa/network.nix

@@ -1,16 +0,0 @@
-# We sohuld put that config somewhere in roles and give it a parameter or something,
-# everyone gets the same nameserver and the same prefixLength and address vs defaultGateway alsways
-# depend on the same thing
-{
-  imports = [];
-  networking = {
-    interfaces.enX0.ipv4.addresses = [
-      {
-        address = "192.168.0.25";
-        prefixLength = 16;
-      }
-    ];
-    defaultGateway = "192.168.0.152";
-    nameservers = ["130.83.2.22" "130.83.56.60" "130.83.22.60" "130.82.22.63"];
-  };
-}

nixos/modules/borgbackup.nix

@@ -121,7 +121,7 @@ in {
       jobs.fsaccount = {
         preHook = ''
           mkdir -p /home/fsaccount/sicherung # Create if it does not exist
-          ${pkgs.rsync}/bin/rsync -e 'ssh -i /run/secrets/backupKey' -r fachschaft@gw1.mathematik.tu-darmstadt.de:/home/fachschaft/* /home/fsaccount/sicherung
+          ${pkgs.rsync}/bin/rsync --rsh='ssh -i /run/secrets/backupKey' --recursive --delete fachschaft@gw1.mathematik.tu-darmstadt.de:/home/fachschaft/* /home/fsaccount/sicherung
         '';
         paths = "/home/fsaccount/sicherung";
         encryption.mode = "none"; # Otherwise the key is next to the backup or we have human interaction.
@@ -161,11 +161,5 @@ in {
         }
       ];
     };
-    sops.secrets.backupKey = {
-      sopsFile = ../machines/bragi/backupKey.yaml;
-      owner = config.users.users.fsaccount.name;
-      inherit (config.users.users.fsaccount) group;
-      mode = "0400";
-    };
   };
 }

nixos/modules/vmNetwork.nix

@@ -0,0 +1,48 @@
+{
+  lib,
+  config,
+  ...
+}: let
+  inherit
+    (lib)
+    mkOption
+    types
+    last
+    init
+    ;
+  inherit
+    (lib.strings)
+    splitString
+    concatStringsSep
+    toInt
+    ;
+  cfg = config.vmNetwork;
+in {
+  imports = [];
+
+  options.vmNetwork = {
+    ipv4 = mkOption {
+      type = types.str;
+      description = "the ipv4 adress of this machine";
+    };
+  };
+
+  config = {
+    networking = {
+      interfaces.enX0.ipv4.addresses = [
+        {
+          address = cfg.ipv4;
+          prefixLength = 16;
+        }
+      ];
+      defaultGateway = let
+        addr = splitString "." cfg.ipv4;
+        addrInit = init addr;
+        addrLastInt = builtins.toString (toInt (last addr) + 127);
+      in
+        concatStringsSep "." (addrInit ++ [addrLastInt]);
+      # https://www.hrz.tu-darmstadt.de/services/it_services/nameserver_dns/index.de.jsp
+      nameservers = ["130.83.22.63" "130.83.22.60" "130.83.56.60"];
+    };
+  };
+}