Removed proxy config

Don't need this since my source of truth is my private gitea instance
now.

systems/x86_64-do/proxy/README.md

@@ -1,5 +0,0 @@
-- Log in (SSH key should already be configured)
-- Change password with `passwd`
-- Set up tailscale with `sudo tailscale up --accept-routes --ssh`
-- Write cloudflare creds to `/var/acme/creds`
-  - Ensure permissions `sudo chmod -R 700 /var/acme/creds`

systems/x86_64-do/proxy/default.nix

@@ -1,110 +0,0 @@
-{
-  config,
-  pkgs,
-  lib,
-  namespace,
-  ...
-}: {
-  aa = {
-    nix.enable = true;
-    nix.useSelfhostedCache = true;
-
-    security.acme = {
-      enable = true;
-      domainName = "proxy.kilonull.com";
-      isWildcard = false;
-      # TODO: Use a different cert with more targetted permissions (this one
-      # can make wildcard certs)
-      # TODO: Add machine public key in secrets/secrets.nix
-      dnsCredentialsFile = "/var/acme/creds";
-    };
-
-    services = {
-      openssh.enable = true;
-      # NOTE: Need to run `tailscale login` on first boot
-      tailscale = {
-        enable = true;
-        configureClientRouting = true;
-      };
-    };
-  };
-
-  # Workaround for broken digital ocean image builds
-  # See: https://github.com/NixOS/nixpkgs/issues/308404
-  boot.loader.grub.devices = lib.mkForce ["/dev/vda"];
-  boot.loader.grub.device = "/dev/vda";
-
-  services.nginx = {
-    enable = true;
-    appendHttpConfig = ''
-      log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
-      access_log  /var/log/nginx/access.log upstreamlog;
-    '';
-    virtualHosts."proxy.kilonull.com" = let
-      commonConfig = pkgs.writeText "common_config.conf" ''
-        proxy_redirect off;
-        proxy_set_header Host "hydra.kilonull.com";
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header X-Forwarded-Host $host;
-        proxy_set_header X-Forwarded-Server $host;
-
-        allow 127.0.0.1;
-        allow 100.0.0.0/8;
-        allow 192.168.113.0/24;
-      '';
-    in {
-      forceSSL = true;
-      useACMEHost = "proxy.kilonull.com";
-      locations = {
-        "/" = {
-          extraConfig = ''
-            deny all;
-          '';
-        };
-        "/hydra" = {
-          proxyPass = "https://hydra.kilonull.com";
-          extraConfig = ''
-            rewrite /hydra(.*) /$1 break;
-            include ${commonConfig};
-            deny all;
-          '';
-        };
-        "/hydra/api/push-github" = {
-          proxyPass = "https://hydra.kilonull.com/api/push-github";
-          extraConfig = ''
-            include ${commonConfig};
-            # GitHub webhook IPs
-            allow 192.30.252.0/22;
-            allow 185.199.108.0/22;
-            allow 140.82.112.0/20;
-            allow 143.55.64.0/20;
-            allow 2a0a:a440::/29;
-            allow 2606:50c0::/3;
-            deny all;
-          '';
-        };
-      };
-    };
-  };
-
-  users.users.${config.aa.user.name} = {
-    initialHashedPassword = "$y$j9T$/AuWXo5argOeEi1hwlu161$bvB.V5tfB.acWAvr6mV9lVucdGzQc16UVffMdPbqWD0";
-  };
-  networking.firewall.allowedTCPPorts = [
-    # SSH
-    22
-
-    # HTTP(S)
-    # 80
-    443
-  ];
-
-  virtualisation.digitalOcean = {
-    setRootPassword = true;
-    setSshKeys = true;
-  };
-
-  system.stateVersion = "24.05";
-}