diff options
author | lassulus <lass@lassul.us> | 2017-02-12 21:41:48 +0100 |
---|---|---|
committer | lassulus <lass@lassul.us> | 2017-02-12 21:41:48 +0100 |
commit | c4d70a28b421217c2a5ec252fea36e650f19a452 (patch) | |
tree | 291515339894b386fa28801c38786b3d7c3aee3a | |
parent | bf8a886c20887d39d856854b1e9186657543c400 (diff) | |
parent | a3e7e4f2baa1cc8d8180c50fd530ff0ea2cc0086 (diff) |
Merge remote-tracking branch 'prism/makefu'
-rw-r--r-- | krebs/3modules/lass/default.nix | 10 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 262 | ||||
-rw-r--r-- | makefu/1systems/gum.nix | 3 | ||||
-rw-r--r-- | makefu/1systems/wry.nix | 1 | ||||
-rw-r--r-- | makefu/1systems/x.nix | 6 | ||||
-rw-r--r-- | makefu/2configs/dnscrypt.nix | 6 | ||||
-rw-r--r-- | makefu/5pkgs/awesomecfg/full.cfg | 84 |
7 files changed, 201 insertions, 171 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 0b67abd11..6ab8ede56 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -73,13 +73,21 @@ with import <stockholm/lib>; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL21QDOEFdODFh6WAfNp6odrXo15pEsDQuGJfMu/cKzK"; }; - prism = { + prism = rec { cores = 4; + extraZones = { + "krebsco.de" = '' + prism IN A ${nets.internet.ip4.addr} + paste IN A ${nets.internet.ip4.addr} + ''; + }; nets = rec { internet = { ip4.addr = "213.239.205.240"; aliases = [ "prism.internet" + "paste.i" + "paste.internet" ]; ssh.port = 45621; }; diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 1e63a26e2..489f62b65 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -5,50 +5,50 @@ with import <stockholm/lib>; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { drop = rec { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.177.9"; - ip6.addr = "42:f63:ddf8:7520:cfec:9b61:d807:1dce"; - aliases = [ - "drop.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA1QxukdeDqI47nm7/gd5Y9dZZbJULA02ak0A2cB4lmysJjgMFAfbl - 6qpH7HCZk6s+4eI7H+UHUF177W7Z1qq3bqGLmlgdMMAzuDNz9UvNLhrthZMp3tCI - GIFD28O1bKgDAYgsF/X21CRqEvgk3vRDp9yqIVIzQDmerOrZUx62Rx9Fssl/7ooW - 0319fxcTw6GZEp7RXNzgIobnWPydakh+/I0inP0rC6It/vM5Hi2bV71QPZUyJ78C - Szh4S8TznW7yMzTQaOENeaUKfqEyN+CW2OomVdWIBOvTJVpvfAut/kg1dyUGgHlT - F8OlAoNAyxCSxqbM0fY0wtqKD7FaYY9cbQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.177.9"; + ip6.addr = "42:f63:ddf8:7520:cfec:9b61:d807:1dce"; + aliases = [ + "drop.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA1QxukdeDqI47nm7/gd5Y9dZZbJULA02ak0A2cB4lmysJjgMFAfbl + 6qpH7HCZk6s+4eI7H+UHUF177W7Z1qq3bqGLmlgdMMAzuDNz9UvNLhrthZMp3tCI + GIFD28O1bKgDAYgsF/X21CRqEvgk3vRDp9yqIVIzQDmerOrZUx62Rx9Fssl/7ooW + 0319fxcTw6GZEp7RXNzgIobnWPydakh+/I0inP0rC6It/vM5Hi2bV71QPZUyJ78C + Szh4S8TznW7yMzTQaOENeaUKfqEyN+CW2OomVdWIBOvTJVpvfAut/kg1dyUGgHlT + F8OlAoNAyxCSxqbM0fY0wtqKD7FaYY9cbQIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; + }; }; fileleech = rec { - cores = 4; - ssh.privkey.path = <secrets/ssh_host_ed25519_key>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; - nets = { - retiolum = { - ip4.addr = "10.243.113.98"; - ip6.addr = "42:5cf1:e7f2:3fd:cd4c:a1ee:ec71:7096"; - aliases = [ - "fileleech.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF - 8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K - YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait - nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z - e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V - UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; + cores = 4; + ssh.privkey.path = <secrets/ssh_host_ed25519_key>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; + nets = { + retiolum = { + ip4.addr = "10.243.113.98"; + ip6.addr = "42:5cf1:e7f2:3fd:cd4c:a1ee:ec71:7096"; + aliases = [ + "fileleech.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF + 8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K + YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait + nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z + e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V + UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; + }; }; pnp = { @@ -123,16 +123,16 @@ with import <stockholm/lib>; aliases = [ "ossim.siem" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAv5qv9R3E1AHJOhTnHJ2E5zWjItRdXSw/inpz/W+KcBeM/HSG0XEl - RyGAwty7VP4CiLp7CagWmtVsz/5ytnXJzLDeRLn5t+KzO6am0aOpvAt6ZggZXPhL - cQkn4IGi1TJE5tw+lzabBkUZm3zD1KEXpqJeZ6spA4e9lB/+T3Tx23g9WDEOKand - mAJrsdsvTCIiVJefidOAmgeZVVOV3ltBonNP1nqEy+5v4B3EBT/Uj7ImL2aRj/pd - dPs6dGV2LqSQvnrSbFZzuKVXKpD1M+wgT/5NQk/hVJJxBQC6rxvpg1XyQkepcLWL - WjvogOl4NjXStmKDX2+gPPFx6XTmwDenOwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAv5qv9R3E1AHJOhTnHJ2E5zWjItRdXSw/inpz/W+KcBeM/HSG0XEl + RyGAwty7VP4CiLp7CagWmtVsz/5ytnXJzLDeRLn5t+KzO6am0aOpvAt6ZggZXPhL + cQkn4IGi1TJE5tw+lzabBkUZm3zD1KEXpqJeZ6spA4e9lB/+T3Tx23g9WDEOKand + mAJrsdsvTCIiVJefidOAmgeZVVOV3ltBonNP1nqEy+5v4B3EBT/Uj7ImL2aRj/pd + dPs6dGV2LqSQvnrSbFZzuKVXKpD1M+wgT/5NQk/hVJJxBQC6rxvpg1XyQkepcLWL + WjvogOl4NjXStmKDX2+gPPFx6XTmwDenOwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; }; @@ -169,7 +169,7 @@ with import <stockholm/lib>; XGzTT4TJpBGnq0jfhFwhVjfCjLuGj29MCkvg0nqObQ07qYrjdQI4W1GnGOuyXkvQ teyxjUXYbp0doTGxKvQaTWp+JapeEaJPN2MDOhrRFjPrzgo3aW9+97UCAwEAAQ== -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -228,16 +228,15 @@ with import <stockholm/lib>; "vbob.retiolum" ]; tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+0TIo0dS9LtSdrmH0ClPHLO7dHtV9Dj7gaBAsbyuwxAI5cQgYKwr - 4G6t7IcJW+Gu2bh+LKtPP91+zYXq4Qr1nAaKw4ajsify6kpxsCBzknmwi6ibIJMI - AK114dr/XSk/Pc6hOSA8kqDP4c0MZXwitRBiNjrWbTrQh6GJ3CXhmpZ2lJkoAyNP - hjdPerbTUrhQlNW8FanyQQzOgN5I7/PXsZShmb3iNKz1Ban5yWKFCVpn8fjWQs5o - Un2AKowH4Y+/g8faGemL8uy/k5xrHSrn05L92TPDUpAXrcZXzo6ao1OBiwJJVl7s - AVduOY18FU82GUw7edR0e/b2UC6hUONflwIDAQAB - -----END RSA PUBLIC KEY----- - - ''; + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA+0TIo0dS9LtSdrmH0ClPHLO7dHtV9Dj7gaBAsbyuwxAI5cQgYKwr + 4G6t7IcJW+Gu2bh+LKtPP91+zYXq4Qr1nAaKw4ajsify6kpxsCBzknmwi6ibIJMI + AK114dr/XSk/Pc6hOSA8kqDP4c0MZXwitRBiNjrWbTrQh6GJ3CXhmpZ2lJkoAyNP + hjdPerbTUrhQlNW8FanyQQzOgN5I7/PXsZShmb3iNKz1Ban5yWKFCVpn8fjWQs5o + Un2AKowH4Y+/g8faGemL8uy/k5xrHSrn05L92TPDUpAXrcZXzo6ao1OBiwJJVl7s + AVduOY18FU82GUw7edR0e/b2UC6hUONflwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; ssh.privkey.path = <secrets/ssh_host_ed25519_key>; @@ -278,7 +277,7 @@ with import <stockholm/lib>; DdJadpzOcEgFatzXP3SoKVV9loRHz5HhV4WtAqBIkDvgjj2j+NnXolAUY25Ix+kv sfqfIw5aNLoIX4kDhuDEVBIyoc7/ofSbkQIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -291,7 +290,6 @@ with import <stockholm/lib>; wry IN A ${nets.internet.ip4.addr} io IN NS wry.krebsco.de. graphs IN A ${nets.internet.ip4.addr} - paste 60 IN A ${nets.internet.ip4.addr} tinc IN A ${nets.internet.ip4.addr} ''; }; @@ -300,9 +298,7 @@ with import <stockholm/lib>; ip4.addr = "104.233.87.86"; aliases = [ "wry.i" - "paste.i" "wry.internet" - "paste.internet" ]; }; retiolum = { @@ -353,7 +349,7 @@ with import <stockholm/lib>; ip6.addr = "42:4b0b:d990:55ba:8da8:630f:dc0e:aae0"; aliases = [ "filepimp.retiolum" - "filepimp.r" + "filepimp.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -364,7 +360,7 @@ with import <stockholm/lib>; UN0duBz/faRcl6IRytZOuHaIp30eJ4850ZK8RPz/Dqqj+USMFq60i0oMsuAi/ljB 8b+eQBt6OXu4MSntxoR8Ja7ht+EOTDnBOwIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -389,15 +385,15 @@ with import <stockholm/lib>; "stats.makefu.r" ]; tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAuHQEeowvxRkoHJUw6cUp431pnoIy4MVv7kTLgWEK46nzgZtld9LM - ZdNMJB9CuOVVMHEaiY6Q5YchUmapGxwEObc0y+8zQxTPw3I4q0GkSJqKLPrsTpkn - sgEkHPfs2GVdtIBXDn9I8i5JsY2+U8QF8fbIQSOO08/Vpa3nknDAMege9yEa3NFm - s/+x+2pS+xV6uzf/H21XNv0oufInXwZH1NCNXAy5I2V6pz7BmAHilVOGCT7g2zn6 - GasmofiYEnro4V5s8gDlQkb7bCZEIA9EgX/HP6fZJQezSUHcDCQFI0vg26xywbr6 - 5+9tTn8fN2mWS5+Pdmx3haX1qFcBP5HglwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAuHQEeowvxRkoHJUw6cUp431pnoIy4MVv7kTLgWEK46nzgZtld9LM + ZdNMJB9CuOVVMHEaiY6Q5YchUmapGxwEObc0y+8zQxTPw3I4q0GkSJqKLPrsTpkn + sgEkHPfs2GVdtIBXDn9I8i5JsY2+U8QF8fbIQSOO08/Vpa3nknDAMege9yEa3NFm + s/+x+2pS+xV6uzf/H21XNv0oufInXwZH1NCNXAy5I2V6pz7BmAHilVOGCT7g2zn6 + GasmofiYEnro4V5s8gDlQkb7bCZEIA9EgX/HP6fZJQezSUHcDCQFI0vg26xywbr6 + 5+9tTn8fN2mWS5+Pdmx3haX1qFcBP5HglwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; ssh.privkey.path = <secrets/ssh.id_ed25519>; @@ -428,18 +424,18 @@ with import <stockholm/lib>; ip4.addr = "10.243.214.15"; ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; aliases = [ - "wbob.retiolum" + "wbob.retiolum" ]; tinc.pubkey = '' ------BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e -QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal -cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 -khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs -rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 -TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB ------END RSA PUBLIC KEY----- -''; + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e + QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal + cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 + khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs + rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 + TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; }; @@ -487,7 +483,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB u5l+G8wX+UbDI85VSDAtOP4QaSFzLL+U0aaDAmq0NO1QiODJoCo0iPhULZQTFZUa OMDYHHfqzluEI7n8ENI4WwchDXH+MstsgwIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; ssh.privkey.path = <secrets/ssh_host_ed25519_key>; @@ -538,7 +534,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB +DAH8t1YusYi7ICHcYt5J1p0ZGizcs8oEnZLBy4D+bJX86g7zbix1lZ37LxDCpQ5 uCoAYFes7QqLVDYhucZ5ElRWdATM2mBtZwIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -551,8 +547,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB ip4.addr = "10.243.83.237"; ip6.addr = "42:af50:99cf:c185:f1a8:14d5:acb:8101"; aliases = [ - "sdev.retiolum" - "sdev.r" + "sdev.retiolum" + "sdev.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -569,7 +565,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB }; - # non-stockholm +# non-stockholm flap = rec { cores = 1; @@ -602,7 +598,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB hGgQMjHFOdKaLyatZOx6Pq4jAna+kiJoq3mVDsB4rcjLuz8XkAUZmVpe5fXAG4hr Ig8l/SI6ilu0zCWNSJ/v3wUzksm0P9AJkwIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -819,32 +815,30 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB }; }; tcac-0-1 = rec { - cores = 1; - ssh.privkey.path = <secrets/ssh_host_ed25519_key>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcX7rlGmGp1zCStrERXZ3XuT/j69FDBXV4ceLn9RXsG tcac-0-1 - "; - nets = { - retiolum = { - ip4.addr = "10.243.144.142"; - ip6.addr = "42:4bf8:94b:eec5:69e2:c837:686e:f278"; - aliases = [ - "tcac-0-1.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+3zuZa8FhFBcUNdNGyTQph6Jes0WDQB4CDcEcnK9okP60Z0ONq8j - 7sKmxzQ43WFm04fd992Aa/KLbYBbXmGtYuu68DQwQGwk3HVNksp6ha7uVK1ibgNs - zJIKizpFqK4NAYit0OfAy7ugVSvtyIxg9CDhnASDZ5NRq8/OLhvo5M4c3r3lGOlO - Hv1nf4Tl2IYRln3c+AJEiw2369K46mRlt28yHeKUw1ur6hrbahnkYW+bjeliROIs - QLp8J8Jl6evtPOyZpgyGHLQ/WPsQRK5svVA9ou17R//m4KNL1kBjTfxs7GaJWHLl - HpSZTqRKsuK6K9R6kzu7NU81Wz0HXxw/qwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; + cores = 1; + ssh.privkey.path = <secrets/ssh_host_ed25519_key>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcX7rlGmGp1zCStrERXZ3XuT/j69FDBXV4ceLn9RXsG tcac-0-1 + "; + nets = { + retiolum = { + ip4.addr = "10.243.144.142"; + ip6.addr = "42:4bf8:94b:eec5:69e2:c837:686e:f278"; + aliases = [ + "tcac-0-1.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA+3zuZa8FhFBcUNdNGyTQph6Jes0WDQB4CDcEcnK9okP60Z0ONq8j + 7sKmxzQ43WFm04fd992Aa/KLbYBbXmGtYuu68DQwQGwk3HVNksp6ha7uVK1ibgNs + zJIKizpFqK4NAYit0OfAy7ugVSvtyIxg9CDhnASDZ5NRq8/OLhvo5M4c3r3lGOlO + Hv1nf4Tl2IYRln3c+AJEiw2369K46mRlt28yHeKUw1ur6hrbahnkYW+bjeliROIs + QLp8J8Jl6evtPOyZpgyGHLQ/WPsQRK5svVA9ou17R//m4KNL1kBjTfxs7GaJWHLl + HpSZTqRKsuK6K9R6kzu7NU81Wz0HXxw/qwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; + }; }; - - } // { # hosts only maintained in stockholm, not owned by me muhbaasu = rec { owner = config.krebs.users.root; @@ -878,23 +872,23 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB tpsw = { cores = 2; owner = config.krebs.users.ciko; # main laptop - nets = { - retiolum = { - ip4.addr = "10.243.183.236"; - ip6.addr = "42:8ca8:d2e4:adf6:5c0f:38cb:e9ef:eb3c"; - aliases = [ "tpsw.r" "tpsw.retiolum" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ - Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML - WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl - OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM - 0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd - pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB - -----END RSA PUBLIC KEY----- - ''; + nets = { + retiolum = { + ip4.addr = "10.243.183.236"; + ip6.addr = "42:8ca8:d2e4:adf6:5c0f:38cb:e9ef:eb3c"; + aliases = [ "tpsw.r" "tpsw.retiolum" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ + Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML + WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl + OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM + 0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd + pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; }; - }; }; }; users = rec { @@ -920,6 +914,10 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB inherit (makefu) mail pgp; pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOXG6iwvm6zUVk+OE9ZviO+WNosAHSZw4ku0RxWbXSlSG0RfzvV4IfByF3Dw+4a8yZQmjwNkQalUURh2fEqhBLBI9XNEIL7qIu17zheguyXzpE3Smy4pbI+fjdsnfFrw+WE2n/IO8N6ojdH6sMmnWwfkFZYqqofWyLB3WUN9wy2b2z0w/jc56+HxxyTl3rD7CttTs9ak67HqIn3/pNeHoOM+JQ/te8t4ageIlPi8yJJpqZgww1RUWCgPPwZ9DP6gQjo85he76x0h9jvhnFd7m9N1aGdRDcK55QyoY/9x07R24GRutohAB/KDWSkDWQv5BW7M1LCawpJcF3DDslD1i7 makefu@gum"; }; + makefu-bob = { + inherit (makefu) mail pgp; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD"; + }; ciko = { mail = "wieczorek.stefan@googlemail.com"; }; diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 18dc644fd..910493026 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -35,6 +35,7 @@ in { # ../2configs/opentracker.nix ../2configs/logging/central-stats-client.nix + ../2configs/logging/central-logging-client.nix ]; services.smartd.devices = [ { device = "/dev/sda";} ]; @@ -64,7 +65,7 @@ in { # access users.users = { root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-omo.pubkey ]; - makefu.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ]; + makefu.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey config.krebs.users.makefu-bob.pubkey ]; }; # Chat diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 9fd329d10..2457ab92e 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -25,6 +25,7 @@ in { # collectd ../2configs/logging/central-stats-client.nix + ../2configs/logging/central-logging-client.nix ../2configs/tinc/retiolum.nix # ../2configs/torrent.nix diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index adbf372ab..08da92068 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -10,9 +10,10 @@ ../2configs/main-laptop.nix ../2configs/laptop-utils.nix ../2configs/laptop-backup.nix + ../2configs/dnscrypt.nix # testing - ../2configs/openvpn/vpngate.nix + # ../2configs/openvpn/vpngate.nix #../2configs/temp/share-samba.nix # ../2configs/mediawiki.nix # ../2configs/wordpress.nix @@ -26,7 +27,6 @@ #../2configs/elchos/stats.nix #../2configs/elchos/test/ftpservers.nix - ../2configs/laptop-backup.nix # ../2configs/tinc/siem.nix #../2configs/torrent.nix # temporary modules @@ -59,7 +59,7 @@ # hardware specifics are in here ../2configs/hw/tp-x230.nix ../2configs/hw/rtl8812au.nix - ../2configs/hw/bcm4352.nix + # mount points ../2configs/fs/sda-crypto-root-home.nix diff --git a/makefu/2configs/dnscrypt.nix b/makefu/2configs/dnscrypt.nix new file mode 100644 index 000000000..d810456f3 --- /dev/null +++ b/makefu/2configs/dnscrypt.nix @@ -0,0 +1,6 @@ +{ + services.dnscrypt-proxy.enable = true; + networking.extraResolvconfConf = '' + name_servers='127.0.0.1' + ''; +} diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg index d780e2a03..8036e5765 100644 --- a/makefu/5pkgs/awesomecfg/full.cfg +++ b/makefu/5pkgs/awesomecfg/full.cfg @@ -101,6 +101,7 @@ browser = "firefox" -- I suggest you to remap Mod4 to another key using xmodmap or other tools. -- However, you can use another modifier like Mod1, but it may interact with others. modkey = "@modkey@" +-- modkey = "Mod4" -- Table of layouts to cover with awful.layout.inc, order matters. awful.layout.layouts = @@ -116,10 +117,24 @@ awful.layout.layouts = -- awful.layout.suit.spiral.dwindle, awful.layout.suit.max, awful.layout.suit.max.fullscreen, --- awful.layout.suit.magnifier, + awful.layout.suit.magnifier, awful.layout.suit.corner.nw } -- }}} +-- {{{ Helper Functions +local function client_menu_toggle_fn() + local instance = nil + + return function () + if instance and instance.wibox.visible then + instance:hide() + instance = nil + else + instance = awful.menu.clients({ theme = { width = 250 } }) + end + end +end +-- }}} -- {{{ Wallpaper if beautiful.wallpaper then @@ -166,50 +181,51 @@ mytextclock = wibox.widget.textclock() -- Create a wibox for each screen and add it mywibox = {} mylayoutbox = {} -mytaglist = {} -mytaglist.buttons = awful.util.table.join( - awful.button({ }, 1, awful.tag.viewonly), - awful.button({ modkey }, 1, awful.client.movetotag), - awful.button({ }, 3, awful.tag.viewtoggle), - awful.button({ modkey }, 3, awful.client.toggletag), - awful.button({ }, 4, function(t) awful.tag.viewnext(awful.tag.getscreen(t)) end), - awful.button({ }, 5, function(t) awful.tag.viewprev(awful.tag.getscreen(t)) end) - ) -mytasklist = {} -mytasklist.buttons = awful.util.table.join( - awful.button({ }, 1, function (c) - if c == client.focus then - c.minimized = true - else - -- Without this, the following - -- :isvisible() makes no sense - c.minimized = false - if not c:isvisible() then - awful.tag.viewonly(c:tags()[1]) - end - -- This will also un-minimize - -- the client, if needed - client.focus = c - c:raise() + +-- Create a wibox for each screen and add it +local taglist_buttons = awful.util.table.join( + awful.button({ }, 1, function(t) t:view_only() end), + awful.button({ modkey }, 1, function(t) + if client.focus then + client.focus:move_to_tag(t) end end), - awful.button({ }, 3, function () - if instance then - instance:hide() - instance = nil - else - instance = awful.menu.clients({ width=250 }) + awful.button({ }, 3, awful.tag.viewtoggle), + awful.button({ modkey }, 3, function(t) + if client.focus then + client.focus:toggle_tag(t) end end), + awful.button({ }, 4, function(t) awful.tag.viewnext(t.screen) end), + awful.button({ }, 5, function(t) awful.tag.viewprev(t.screen) end) + ) + +local tasklist_buttons = awful.util.table.join( + awful.button({ }, 1, function (c) + if c == client.focus then + c.minimized = true + else + -- Without this, the following + -- :isvisible() makes no sense + c.minimized = false + if not c:isvisible() and c.first_tag then + c.first_tag:view_only() + end + -- This will also un-minimize + -- the client, if needed + client.focus = c + c:raise() + end + end), + awful.button({ }, 3, client_menu_toggle_fn()), awful.button({ }, 4, function () awful.client.focus.byidx(1) - if client.focus then client.focus:raise() end end), awful.button({ }, 5, function () awful.client.focus.byidx(-1) - if client.focus then client.focus:raise() end end)) + local function set_wallpaper(s) -- Wallpaper if beautiful.wallpaper then |