From 9020b3e6d5838ad1bede83056a04c16bea82b681 Mon Sep 17 00:00:00 2001
From: Eli Ribble <eli@theribbles.org>
Date: Mon, 29 Sep 2025 22:09:00 +0000
Subject: [PATCH] Remove old commented-out authentik logic

This has been replaced with a separate authentik flake
---
 README.md                    | 10 +++++++++
 modules/system/authentik.nix | 41 ------------------------------------
 2 files changed, 10 insertions(+), 41 deletions(-)

diff --git a/README.md b/README.md
index bfc0e12..b37019b 100644
--- a/README.md
+++ b/README.md
@@ -44,6 +44,16 @@ $ digitalocean/create-droplet.sh
 
 ### Convert to NixOS with nixos-anywhere
 
+First log in to the host using regular credentials. Set up an ssh key for root access.
+
+Get the disk layout using `/sbin/fdisk -l`. You're looking to figure out which disk is the boot disk and which isn't. Then update the `disk-config.nix` file for the matching provider to ensure that the boot disk gets written.
+
+Then check the network configuration via `ip route` and `ip addr` or `/etc/network/interfaces`. Update the network configuration at `network.nix` to match.
+
+Generate the hardware configuration
+```
+$ cd nixos-anywhere
+$ nix run github:nix-community/nixos-anywhere -- --flake ./#digitalocean --generate-hardware-config nixos-generate-config ./nocix/hardware-configuration --target-host root@1.2.3.4
 ```
 $ cd nixos-anywhere
 $ nix run github:nix-community/nixos-anywhere -- --flake ./#digitalocean --target-host root@1.2.3.4
diff --git a/modules/system/authentik.nix b/modules/system/authentik.nix
index 893155d..6d87aa3 100644
--- a/modules/system/authentik.nix
+++ b/modules/system/authentik.nix
@@ -53,16 +53,6 @@ with lib;
 			restartUnits = ["authentik" "authentik-migrate" "authentik-worker"];
 			sopsFile = ../../secrets/authentik.env;
 		};
-# 		systemd.services.podman-create-authentik-pod = with config.virtualisation.oci-containers; {
-# 			serviceConfig.Type = "oneshot";
-# 			wantedBy = [ "${backend}-authentik-server.service" "${backend}-authentik-worker.service"];
-# 			script = ''
-# 				${pkgs.podman}/bin/podman pod exists authentik || \
-# 				  ${pkgs.podman}/bin/podman pod create \
-# 				    --name authentik \
-# 				    -p 127.0.0.1:10000:9000
-# 			'';
-# 		};
 		systemd.tmpfiles.rules = [
 			"d /opt/authentik/certs 0755 authentik authentik"
 			"d /opt/authentik/media 0755 authentik authentik"
@@ -74,36 +64,5 @@ with lib;
 			isNormalUser = false;
 			isSystemUser = true;
 		};
-		# virtualisation.oci-containers.containers = {
-		# 	authentik-redis = {
-		# 		extraOptions = [ "--pod=authentik" ];
-		# 		image = "docker.io/redis:8.0.3-alpine";
-		# 	};
-		# 	authentik-server = {
-		# 		cmd = ["server"];
-		# 		environmentFiles = [
-		# 			"/var/run/secrets/authentik-env"
-		# 		];
-		# 		extraOptions = [ "--pod=authentik" ];
-		# 		image = "ghcr.io/goauthentik/server:2025.4";
-		# 		volumes = [
-		# 			"/opt/authentik/media:/media"
-		# 			"/opt/authentik/templates:/templates"
-		# 		];
-		# 	};
-		# 	authentik-worker = {
-		# 		cmd = ["worker"];
-		# 		environmentFiles = [
-		# 			"/var/run/secrets/authentik-env"
-		# 		];
-		# 		extraOptions = [ "--pod=authentik" ];
-		# 		image = "ghcr.io/goauthentik/server:2025.4";
-		# 		volumes = [
-		# 			"/opt/authentik/certs:/certs"
-		# 			"/opt/authentik/media:/media"
-		# 			"/opt/authentik/templates:/templates"
-		# 		];
-		# 	};
-		# };
 	};
 }