diff options
author | makefu <github@syntax-fehler.de> | 2016-02-11 21:31:15 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2016-02-11 21:31:15 +0100 |
commit | 014cbb7598c5d45cfc4cc7e1ec81c92e000eabfb (patch) | |
tree | fab0e894948010cd73be18ad2c68cd4750bd2419 /krebs/3modules/default.nix | |
parent | 8ecdb889dd3081ba29c6ea7eb35f60b30420d201 (diff) | |
parent | 7b3b839cc7a2af73dee9858e6ebcc7be831eb481 (diff) |
Merge remote-tracking branch 'cd/master'
Diffstat (limited to 'krebs/3modules/default.nix')
-rw-r--r-- | krebs/3modules/default.nix | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index ba1f425d9..3d51076cf 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -21,6 +21,7 @@ let ./go.nix ./iptables.nix ./nginx.nix + ./nixpkgs.nix ./per-user.nix ./Reaktor.nix ./retiolum-bootstrap.nix @@ -84,6 +85,7 @@ let imp = mkMerge [ { krebs = import ./lass { inherit lib; }; } { krebs = import ./makefu { inherit lib; }; } + { krebs = import ./miefda { inherit lib; }; } { krebs = import ./mv { inherit lib; }; } { krebs = import ./shared { inherit lib; }; } { krebs = import ./tv { inherit lib; }; } @@ -92,11 +94,12 @@ let de.krebsco = "zones"; gg23 = "hosts"; shack = "hosts"; + i = "hosts"; internet = "hosts"; + r = "hosts"; retiolum = "hosts"; }; - # XXX This overlaps with krebs.retiolum networking.extraHosts = concatStringsSep "\n" (flatten ( mapAttrsToList (hostname: host: mapAttrsToList (netname: net: @@ -104,10 +107,8 @@ let aliases = longs ++ shorts; providers = dns.split-by-provider net.aliases cfg.dns.providers; longs = providers.hosts; - shorts = - map (removeSuffix ".${cfg.search-domain}") - (filter (hasSuffix ".${cfg.search-domain}") - longs); + shorts = let s = ".${cfg.search-domain}"; in + map (removeSuffix s) (filter (hasSuffix s) longs); in map (addr: "${addr} ${toString aliases}") net.addrs ) (filterAttrs (name: host: host.aliases != []) host.nets) @@ -156,7 +157,16 @@ let let inherit (config.krebs.build.host.ssh) privkey; in mkIf (privkey != null) (mkForce [privkey]); + # TODO use imports for merging services.openssh.knownHosts = + (let inherit (config.krebs.build.host.ssh) pubkey; in + optionalAttrs (pubkey != null) { + localhost = { + hostNames = ["localhost" "127.0.0.1" "::1"]; + publicKey = pubkey; + }; + }) + // # GitHub's IPv4 address range is 192.30.252.0/22 # Refs https://help.github.com/articles/what-ip-addresses-does-github-use-that-i-should-whitelist/ # 192.30.252.0/22 = 192.30.252.0-192.30.255.255 (1024 addresses) @@ -180,7 +190,6 @@ let (mapAttrsToList (net-name: net: let - aliases = shorts ++ longs; longs = net.aliases; shorts = map (removeSuffix ".${cfg.search-domain}") @@ -191,7 +200,7 @@ let then "[${a}]:${toString net.ssh.port}" else a; in - aliases ++ map add-port net.addrs) + map add-port (shorts ++ longs ++ net.addrs)) host.nets); publicKey = host.ssh.pubkey; |