srv0-dmz0: update and comment out nomad&holochain specifics

nix/os/devices/srv0-dmz0/configuration.nix

@@ -6,7 +6,7 @@
   config,
   ...
 }: let
-  disk = "/dev/disk/by-id/ata-Corsair_Voyager_GTX_21488170000126002051";
+  disk = "/dev/disk/by-id/ata-INTEL_SSDSC2BW240A4_PHDA435602332403GN";
 in {
   disabledModules = [];
   imports = [
@@ -124,90 +124,90 @@ in {
   containers = {
   };
 
-  sops.secrets.holochain-nomad-agent-ca = {
-    sopsFile = ../../../../secrets/holochain-infra/nomad.yaml;
-    owner = config.users.extraUsers.nomad.name;
-    group = config.users.groups.nomad.name;
-  };
-  sops.secrets.holochain-global-nomad-client-cert = {
-    sopsFile = ../../../../secrets/holochain-infra/nomad.yaml;
-    owner = config.users.extraUsers.nomad.name;
-    group = config.users.groups.nomad.name;
-  };
-  sops.secrets.holochain-global-client-nomad-key = {
-    sopsFile = ../../../../secrets/holochain-infra/nomad.yaml;
-    owner = config.users.extraUsers.nomad.name;
-    group = config.users.groups.nomad.name;
-  };
+  # sops.secrets.holochain-nomad-agent-ca = {
+  #   sopsFile = ../../../../secrets/holochain-infra/nomad.yaml;
+  #   owner = config.users.extraUsers.nomad.name;
+  #   group = config.users.groups.nomad.name;
+  # };
+  # sops.secrets.holochain-global-nomad-client-cert = {
+  #   sopsFile = ../../../../secrets/holochain-infra/nomad.yaml;
+  #   owner = config.users.extraUsers.nomad.name;
+  #   group = config.users.groups.nomad.name;
+  # };
+  # sops.secrets.holochain-global-client-nomad-key = {
+  #   sopsFile = ../../../../secrets/holochain-infra/nomad.yaml;
+  #   owner = config.users.extraUsers.nomad.name;
+  #   group = config.users.groups.nomad.name;
+  # };
 
-  services.nomad = {
-    enable = true;
-    package = packages'.nomad;
-    enableDocker = false;
-    dropPrivileges = false;
+  # services.nomad = {
+  #   enable = true;
+  #   package = packages'.nomad;
+  #   enableDocker = false;
+  #   dropPrivileges = false;
 
-    extraPackages = [
-      pkgs.coreutils
-      pkgs.nix
-      pkgs.bash
-      pkgs.gitFull
-      pkgs.cacert
-    ];
+  #   extraPackages = [
+  #     pkgs.coreutils
+  #     pkgs.nix
+  #     pkgs.bash
+  #     pkgs.gitFull
+  #     pkgs.cacert
+  #   ];
 
-    settings = {
-      server.enabled = false;
+  #   settings = {
+  #     server.enabled = false;
 
-      client = {
-        enabled = true;
-        server_join = {
-          retry_join = [
-            "infra.holochain.org"
-          ];
-          retry_interval = "60s";
-        };
+  #     client = {
+  #       enabled = true;
+  #       server_join = {
+  #         retry_join = [
+  #           "infra.holochain.org"
+  #         ];
+  #         retry_interval = "60s";
+  #       };
 
-        node_class = "testing";
+  #       node_class = "testing";
 
-        meta = {
-          inherit (pkgs.targetPlatform) system;
+  #       meta = {
+  #         inherit (pkgs.targetPlatform) system;
 
-          features = builtins.concatStringsSep "," [
-            "poc-1"
-            "poc-2"
-            "ipv4-nat"
-            "nix"
-            "nixos"
-            "holoport"
-          ];
+  #         features = builtins.concatStringsSep "," [
+  #           "poc-1"
+  #           "poc-2"
+  #           "ipv4-nat"
+  #           "nix"
+  #           "nixos"
+  #           "holoport"
+  #         ];
 
-          machine_type = "baremetal";
-        };
-      };
+  #         machine_type = "baremetal";
+  #       };
+  #     };
 
-      tls = {
-        http = true;
-        rpc = true;
-        ca_file = config.sops.secrets.holochain-nomad-agent-ca.path;
-        cert_file = config.sops.secrets.holochain-global-nomad-client-cert.path;
-        key_file = config.sops.secrets.holochain-global-client-nomad-key.path;
+  #     tls = {
+  #       http = true;
+  #       rpc = true;
+  #       ca_file = config.sops.secrets.holochain-nomad-agent-ca.path;
+  #       cert_file = config.sops.secrets.holochain-global-nomad-client-cert.path;
+  #       key_file = config.sops.secrets.holochain-global-client-nomad-key.path;
 
-        verify_server_hostname = true;
-        verify_https_client = true;
-      };
+  #       verify_server_hostname = true;
+  #       verify_https_client = true;
+  #     };
 
-      plugin.raw_exec.config.enabled = true;
-    };
-  };
+  #     plugin.raw_exec.config.enabled = true;
+  #   };
+  # };
 
-  users.extraUsers.nomad.isNormalUser = true;
-  users.extraUsers.nomad.isSystemUser = false;
-  users.extraUsers.nomad.group = "nomad";
-  users.extraUsers.nomad.home = config.services.nomad.settings.data_dir;
-  users.extraUsers.nomad.createHome = true;
-  users.groups.nomad.members = ["nomad"];
+  # users.extraUsers.nomad.isNormalUser = true;
+  # users.extraUsers.nomad.isSystemUser = false;
+  # users.extraUsers.nomad.group = "nomad";
+  # users.extraUsers.nomad.home = config.services.nomad.settings.data_dir;
+  # users.extraUsers.nomad.createHome = true;
+  # users.groups.nomad.members = ["nomad"];
 
-  systemd.services.nomad.serviceConfig.User = "nomad";
-  systemd.services.nomad.serviceConfig.Group = "nomad";
+  # systemd.services.nomad.serviceConfig.User = "nomad";
+  # systemd.services.nomad.serviceConfig.Group = "nomad";
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
@@ -215,5 +215,5 @@ in {
   # this value at the release version of the first install of this system.
   # Before changing this value read the documentation for this option
   # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.05"; # Did you read the comment?
+  system.stateVersion = "23.11"; # Did you read the comment?
 }