summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-06-23 16:45:44 +0200
committermakefu <github@syntax-fehler.de>2016-06-23 16:45:44 +0200
commit5894ecc94233b72003ac859fab8b12c8ade7766a (patch)
tree701475db282c4ab00e35a39eb0860d1f7ba06989
parenta7310f526d611cb13f2f98ac46da1ab98d37ee24 (diff)
add siem internal network
-rw-r--r--krebs/3modules/makefu/default.nix51
-rw-r--r--makefu/2configs/default.nix2
2 files changed, 49 insertions, 4 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 14cee8e12..0b58c75cb 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -48,6 +48,12 @@ with config.krebs.lib;
-----END RSA PUBLIC KEY-----
'';
};
+ siem = {
+ ip4.addr = "10.8.10.2";
+ aliases = [
+ "darth.siem"
+ ];
+ };
};
};
tsp = {
@@ -98,6 +104,12 @@ with config.krebs.lib;
-----END RSA PUBLIC KEY-----
'';
};
+ siem = {
+ ip4.addr = "10.8.10.4";
+ aliases = [
+ "arch.siem"
+ ];
+ };
};
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@pornocauster";
@@ -184,6 +196,8 @@ with config.krebs.lib;
internet = {
ip4.addr = "104.233.87.86";
aliases = [
+ "wry.i"
+ "paste.i"
"wry.internet"
"paste.internet"
];
@@ -194,10 +208,10 @@ with config.krebs.lib;
ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad";
aliases = [
"graphs.wry.retiolum"
- "graphs.retiolum"
+ "graphs.r" "graphs.retiolum"
"paste.wry.retiolum"
- "paste.retiolum"
- "wry.retiolum"
+ "paste.r" "paste.retiolum"
+ "wry.r" "wry.retiolum"
"wiki.makefu.retiolum"
"wiki.wry.retiolum"
"blog.makefu.retiolum"
@@ -343,6 +357,13 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
shoney = rec {
cores = 1;
nets = {
+ siem = {
+ ip4.addr = "10.8.10.1";
+ aliases = [
+ "sjump.siem"
+ "graphs.siem"
+ ];
+ };
internet = {
ip4.addr = "64.137.234.215";
aliases = [
@@ -456,6 +477,28 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
};
+ lariat = rec {
+ cores = 2;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.64.7";
+ aliases = [
+ "lariat.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAqiDzxADQYY8cWBH+R5aKSoxaFHLvPvVMgB7R1Y6QVTqD5YUCuINX
+ eBLFV9idHnHzdZU+xo/c8EFQf0hvyP0z3bcXaiw+RlpEYdK6tuaypJ3870toqWmA
+ 269H8ufA3DA0hxlY7dwnhg8Rb7KGIlNN8fy4RMGe73PupF5aAmiDiEhPalv4E0qJ
+ unmk5y1OHQFPxYm++yLo5SVFlcO89jDtGpvg5papp8JvtxTkrshby1lXf/sph3Cv
+ d1z6h7S+HgT+BMwTZY5dIrwYAcob/t1sRmWsY62P1n02RbiJFm27wg0t/ZcfsI2o
+ yBjRTiK5ACJaIdpM99/902gJsuJASPGB2QIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+
soundflower = rec {
cores = 1;
nets = {
@@ -598,6 +641,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
};
};
+ } // { # hosts only maintained in stockholm, not owned by me
muhbaasu = rec {
cores = 1;
nets = {
@@ -626,7 +670,6 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
};
};
};
- } // { # hosts only maintained in stockholm, not owned by me
tpsw = {
cores = 2;
owner = config.krebs.users.ciko; # main laptop
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index e7366e182..a753e6777 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -16,6 +16,8 @@ with config.krebs.lib;
nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name);
krebs = {
enable = true;
+
+ dns.providers.siem = "hosts";
search-domain = "retiolum";
build = {
user = config.krebs.users.makefu;