summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2022-08-02 14:34:22 +0200
committermakefu <github@syntax-fehler.de>2022-08-02 14:34:22 +0200
commit739fad41da87d206f76bc3db9861d8b2bd0a5639 (patch)
tree023f294d5ba55b93905772eec90a3ebbe3667528 /krebs/3modules
parentbebf0baf031fca08fde11cc7f840fc885737f5b7 (diff)
parentb3694198eaac7ffd13640c64bc3e3af27e40389b (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/external/dbalan.nix50
-rw-r--r--krebs/3modules/external/mic92.nix21
-rw-r--r--krebs/3modules/github-known-hosts.nix2
-rw-r--r--krebs/3modules/iana-etc.nix2
5 files changed, 54 insertions, 22 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 2d73da884..8ea727dc7 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -102,6 +102,7 @@ let
imp = lib.mkMerge [
{ krebs = import ./external { inherit config; }; }
+ { krebs = import ./external/dbalan.nix { inherit config; }; }
{ krebs = import ./external/kmein.nix { inherit config; }; }
{ krebs = import ./external/mic92.nix { inherit config; }; }
{ krebs = import ./external/palo.nix { inherit config; }; }
diff --git a/krebs/3modules/external/dbalan.nix b/krebs/3modules/external/dbalan.nix
new file mode 100644
index 000000000..301f010d3
--- /dev/null
+++ b/krebs/3modules/external/dbalan.nix
@@ -0,0 +1,50 @@
+with import <stockholm/lib>;
+{ config, ... }:
+let
+ hostDefaults = hostName: host: flip recursiveUpdate host ({
+ ci = false;
+ external = true;
+ monitoring = false;
+ owner = config.krebs.users.dbalan;
+ } // optionalAttrs (host.nets?retiolum) {
+ nets.retiolum = {
+ ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ };
+ } // optionalAttrs (host.nets?wiregrill) {
+ nets.wiregrill = {
+ ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ };
+ });
+in
+{
+ users = rec {
+ dbalan = {
+ mail = "dbalan@thaum.space";
+ pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
+ };
+ };
+ hosts = mapAttrs hostDefaults {
+ v60 = {
+ nets.retiolum = {
+ aliases = [ "v60.dbalan.r" ];
+ ip4.addr = "10.243.42.12";
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
+ RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
+ 1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
+ uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
+ p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
+ bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
+ I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
+ mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
+ OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
+ AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
+ 9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
+ };
+ };
+ };
+}
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix
index d63a6b306..3bd2c1b7b 100644
--- a/krebs/3modules/external/mic92.nix
+++ b/krebs/3modules/external/mic92.nix
@@ -681,27 +681,6 @@ in {
};
};
};
- jarvis = {
- owner = config.krebs.users.mic92;
- nets = rec {
- internet.addrs = [ "jarvis.thalheim.io" ];
- retiolum = {
- via = internet;
- aliases = [ "jarvis.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA7PtJlYBpBr2TK5CAvAukkGvj+esC+sMPKd3mO9iDwdViBrqKdf+D
- yEy8SI80Y02dpkL97NjvnzepKpyGQWpG1ZQflJLhCTj7oFyVpWd4XsbIuzYp5ES6
- r8qKWs2xcItc1pbW0ZmrCBzdWsC1B0VAHlYkiz+7vM6pCTvg6hNQugP4c1TRCtJC
- Sr+n+EjTXN/NTaKl+f7eoHJGnT5liDO3/xZVxm8AuLnron1xPPDghXClVHfDj5mt
- f66f+CLwZhq3BrZuptwXp7TerMfrNtPyTx96b+EyuLPjrYxKeKL/+Nbr3VmmiDIV
- tsraNc+0a8OBpVsYh4MQLp55NYwqxAoetQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- tinc.pubkey_ed25519 = "RRkMnGSg+nMkz4L2iqmdFf2fIf4wIfcTM0TlTWLLNCE";
- };
- };
- };
bernie = {
owner = config.krebs.users.mic92;
nets = rec {
diff --git a/krebs/3modules/github-known-hosts.nix b/krebs/3modules/github-known-hosts.nix
index 7bdf5bb7c..eec719f27 100644
--- a/krebs/3modules/github-known-hosts.nix
+++ b/krebs/3modules/github-known-hosts.nix
@@ -57,6 +57,7 @@
"20.201.28.151"
"20.205.243.166"
"102.133.202.242"
+ "20.248.137.48"
"18.181.13.223"
"54.238.117.237"
"54.168.17.15"
@@ -70,6 +71,7 @@
"20.201.28.152"
"20.205.243.160"
"102.133.202.246"
+ "20.248.137.50"
];
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
};
diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix
index e8037128d..9ed5f29c5 100644
--- a/krebs/3modules/iana-etc.nix
+++ b/krebs/3modules/iana-etc.nix
@@ -34,7 +34,7 @@ with import <stockholm/lib>;
'')
(filter (proto: entry.${proto} != null) ["tcp" "udp"])}
'') (attrValues config.krebs.iana-etc.services)}
- cat ${pkgs.iana_etc}/etc/services
+ cat ${pkgs.iana-etc}/etc/services
} |
sort -b -k 2,2 -u > $out
'');