diff options
-rw-r--r-- | krebs/1systems/hope/config.nix | 41 | ||||
-rw-r--r-- | krebs/1systems/hope/source.nix | 3 | ||||
-rw-r--r-- | krebs/3modules/krebs/default.nix | 32 |
3 files changed, 76 insertions, 0 deletions
diff --git a/krebs/1systems/hope/config.nix b/krebs/1systems/hope/config.nix new file mode 100644 index 000000000..c19b210c5 --- /dev/null +++ b/krebs/1systems/hope/config.nix @@ -0,0 +1,41 @@ +with import <stockholm/lib>; +{ config, pkgs, ... }: let + + ip = config.krebs.build.host.nets.internet.ip4.addr; + bestGuessGateway = addr: elemAt (match "(.*)(\.[^.])" addr) 0 + ".1"; + +in { + imports = [ + <stockholm/krebs> + <stockholm/krebs/2configs> + <stockholm/krebs/2configs/os-templates/CAC-CentOS-7-64bit.nix> + + <stockholm/krebs/2configs/secret-passwords.nix> + { + users.extraUsers = { + satan = { + name = "satan"; + uid = 1338; + home = "/home/satan"; + group = "users"; + createHome = true; + useDefaultShell = true; + initialPassword = "test"; + }; + }; + } + ]; + + krebs.build.host = config.krebs.hosts.hope; + + networking = let + address = config.krebs.build.host.nets.internet.ip4.addr; + in { + defaultGateway = bestGuessGateway address; + interfaces.enp2s1.ip4 = singleton { + inherit address; + prefixLength = 24; + }; + nameservers = ["8.8.8.8"]; + }; +} diff --git a/krebs/1systems/hope/source.nix b/krebs/1systems/hope/source.nix new file mode 100644 index 000000000..7121d1d9d --- /dev/null +++ b/krebs/1systems/hope/source.nix @@ -0,0 +1,3 @@ +import <stockholm/krebs/source.nix> { + name = "hope"; +} diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 27fbb7088..9cd103175 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -30,6 +30,38 @@ let }); in { hosts = { + hope = { + owner = config.krebs.users.krebs; + managed = true; + nets = { + internet = { + ip4.addr = "45.62.225.18"; + aliases = [ + "hope.i" + ]; + ssh.port = 45621; + }; + retiolum = { + ip4.addr = "10.243.77.4"; + ip6.addr = "42:0:0:0:0:0:77:4"; + aliases = [ + "hope.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAsQVWCoNZZd77tYw1qEDlUsfcF0ld+jVorq2uR5il1D8sqER644l5 + uaWxPQjSl27xdq5kvzIH24Ab6/xF2EDgE2fUTwpO5coBYafeiGyi5AwURQmYMp2a + 2CV7uUAagFQaSzD0Aj796r1BXPn1IeE+uRSBmmc/+/7L0hweRGLiha34NOMZkq+4 + A0pwI/CjnyRXdV4AqfORHXkelykJPATm+m3bC+KYogPBeNMP2AV2aYgY8a0UJPMK + fjAJCzxYJjiYxm8faJlm2U1bWytZODQa8pRZOrYQa4he2UoU6x78CNcrQkYLPOFC + K2Q7+B5WJNKV6CqYztXuU/6LTHJRmV0FiwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdLHRI29xJj1jmfSidE2Dh7EsDNszm+WH3Kj4zYBkP/"; + }; hotdog = { owner = config.krebs.users.krebs; managed = true; |