summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2019-02-02 09:13:53 +0100
committerlassulus <lassulus@lassul.us>2019-02-02 09:13:53 +0100
commite2ae92445cc439203427a58720fc394cf1ca4b44 (patch)
tree8e2f0fc007d1d47c4a4f51f872030c63296da65e
parent936bf9f7b2a7cf99d48fe4cdf1e8cffd0140240f (diff)
external: add palo.nix
-rw-r--r--krebs/3modules/external/default.nix14
-rw-r--r--krebs/3modules/external/palo.nix81
-rw-r--r--krebs/3modules/external/tinc/palo.pub (renamed from krebs/3modules/external/tinc/pepe.pub)0
3 files changed, 82 insertions, 13 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index e19ac6755..16cc84651 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -16,6 +16,7 @@ with import <stockholm/lib>;
tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
in {
+
hosts = mapAttrs hostDefaults {
dpdkm = {
owner = config.krebs.users.Mic92;
@@ -225,17 +226,6 @@ in {
};
};
};
- pepe = {
- owner = config.krebs.users.palo;
- nets = {
- retiolum = {
- ip4.addr = "10.243.123.4";
- tinc.port = 720;
- aliases = [ "pepe.r" ];
- tinc.pubkey = tinc-for "pepe";
- };
- };
- };
scardanelli = {
owner = config.krebs.users.kmein;
nets = {
@@ -404,8 +394,6 @@ in {
mail = "joerg@thalheim.io";
pubkey = ssh-for "Mic92";
};
- palo = {
- };
qubasa = {
mail = "luis.nixos@gmail.com";
};
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
new file mode 100644
index 000000000..e151ad358
--- /dev/null
+++ b/krebs/3modules/external/palo.nix
@@ -0,0 +1,81 @@
+with import <stockholm/lib>;
+{ config, ... }: let
+
+ hostDefaults = hostName: host: flip recursiveUpdate host ({
+ ci = false;
+ external = true;
+ monitoring = false;
+ } // optionalAttrs (host.nets?retiolum) {
+ nets.retiolum.ip6.addr =
+ (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ } // optionalAttrs (host.nets?wiregrill) {
+ nets.wiregrill.ip6.addr =
+ (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ });
+ ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
+ tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
+
+in {
+ hosts = mapAttrs hostDefaults {
+ pepe = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.1";
+ tinc.port = 720;
+ aliases = [ "pepe.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ kruck = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.3";
+ tinc.port = 720;
+ aliases = [ "kruck.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ schasch = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.2";
+ tinc.port = 720;
+ aliases = [ "schasch.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ workhorse = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.5";
+ tinc.port = 720;
+ aliases = [ "workhorse.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ workout = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.4";
+ tinc.port = 720;
+ aliases = [ "workout.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ };
+ users = {
+ palo = {
+ };
+ };
+}
+
diff --git a/krebs/3modules/external/tinc/pepe.pub b/krebs/3modules/external/tinc/palo.pub
index 65284d51d..65284d51d 100644
--- a/krebs/3modules/external/tinc/pepe.pub
+++ b/krebs/3modules/external/tinc/palo.pub