diff options
Diffstat (limited to 'kartei')
| -rw-r--r-- | kartei/default.nix | 8 | ||||
| -rw-r--r-- | kartei/lass/neoprism.nix | 9 | ||||
| -rw-r--r-- | kartei/lass/prism.nix | 3 | ||||
| -rw-r--r-- | kartei/lass/xerxes.nix | 48 | ||||
| -rw-r--r-- | kartei/makefu/default.nix | 2 | ||||
| -rw-r--r-- | kartei/tv/default.nix | 2 | ||||
| -rw-r--r-- | kartei/tv/hosts/fu.nix | 1 | ||||
| -rw-r--r-- | kartei/tv/hosts/leg.nix | 1 | ||||
| -rw-r--r-- | kartei/tv/hosts/ne.nix | 25 | ||||
| -rw-r--r-- | kartei/tv/hosts/ni.nix | 68 | ||||
| -rw-r--r-- | kartei/tv/hosts/pi.nix | 1 | ||||
| -rw-r--r-- | kartei/tv/hosts/zoppo.nix | 1 |
12 files changed, 37 insertions, 132 deletions
diff --git a/kartei/default.nix b/kartei/default.nix index 046efdd7b..7624807a0 100644 --- a/kartei/default.nix +++ b/kartei/default.nix @@ -1,15 +1,15 @@ -{ config, lib, ... }: let +{ lib, ... }@arg: let removeTemplate = # TODO don't remove during CI lib.flip builtins.removeAttrs ["template"]; in { - config = - lib.mkMerge + imports = (lib.mapAttrsToList (name: _type: let path = ./. + "/${name}"; in { - krebs = import path { inherit config lib; }; + _file = toString path; + krebs = import path arg; }) (removeTemplate (lib.filterAttrs diff --git a/kartei/lass/neoprism.nix b/kartei/lass/neoprism.nix index 73eda0762..086362938 100644 --- a/kartei/lass/neoprism.nix +++ b/kartei/lass/neoprism.nix @@ -1,5 +1,12 @@ { r6, w6, ... }: -{ +rec { + extraZones = { + "krebsco.de" = '' + p 60 IN A ${nets.internet.ip4.addr} + c 60 IN A ${nets.internet.ip4.addr} + paste 60 IN A ${nets.internet.ip4.addr} + ''; + }; nets = rec { internet = { ip4 = rec { diff --git a/kartei/lass/prism.nix b/kartei/lass/prism.nix index a44e120b2..33c662bc4 100644 --- a/kartei/lass/prism.nix +++ b/kartei/lass/prism.nix @@ -3,9 +3,6 @@ rec { extraZones = { "krebsco.de" = '' cache 60 IN A ${nets.internet.ip4.addr} - p 60 IN A ${nets.internet.ip4.addr} - c 60 IN A ${nets.internet.ip4.addr} - paste 60 IN A ${nets.internet.ip4.addr} prism 60 IN A ${nets.internet.ip4.addr} social 60 IN A ${nets.internet.ip4.addr} ''; diff --git a/kartei/lass/xerxes.nix b/kartei/lass/xerxes.nix index 96f619a70..985bba5f5 100644 --- a/kartei/lass/xerxes.nix +++ b/kartei/lass/xerxes.nix @@ -1,52 +1,6 @@ { r6, w6, ... }: { consul = false; - nets = rec { - retiolum = { - ip4.addr = "10.243.1.3"; - ip6.addr = r6 "3"; - aliases = [ - "xerxes.r" - ]; - tinc = { - pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIECgKCBAEArqEaK+m7WZe/9/Vbc+qx2TjkkRJ9lDgDMr1dvj98xb8/EveUME6U - MZyAqNjLuKq3CKzJLo02ZmdFs4CT1Hj28p5IC0wLUWn53hrqdy8cCJDvIiKIv+Jk - gItsxJyMnRtsdDbB6IFJ08D5ReGdAFJT5lqpN0DZuNC6UQRxzUK5fwKYVVzVX2+W - /EZzEPe5XbE69V/Op2XJ2G6byg9KjOzNJyJxyjwVco7OXn1OBNp94NXoFrUO7kxb - mTNnh3D+iB4c3qv8woLhmb+Uh/9MbXS14QrSf85ou4kfUjb5gdhjIlzz+jfA/6XO - X4t86uv8L5IzrhSGb0TmhrIh5HhUmSKT4RdHJom0LB7EASMR2ZY9AqIG11XmXuhj - +2b5INBZSj8Cotv5aoRXiPSaOd7bw7lklYe4ZxAU+avXot9K3/4XVLmi6Wa6Okim - hz+MEYjW5gXY+YSUWXOR4o24jTmDjQJpdL83eKwLVAtbrE7TcVszHX6zfMoQZ5M9 - 3EtOkDMxhC+WfkL+DLQAURhgcPTZoaj0cAlvpb0TELZESwTBI09jh/IBMXHBZwI4 - H1gOD5YENpf0yUbLjVu4p82Qly10y58XFnUmYay0EnEgdPOOVViovGEqTiAHMmm5 - JixtwJDz7a6Prb+owIg27/eE1/E6hpfXpU8U83qDYGkIJazLnufy32MTFE4T9fI4 - hS8icFcNlsobZp+1pB3YK4GV5BnvMwOIVXVlP8yMCRTDRWZ4oYmAZ5apD7OXyNwe - SUP2mCNNlQCqyjRsxj5S1lZQRy1sLQztU5Sff4xYNK+5aPgJACmvSi3uaJAxBloo - 4xCCYzxhaBlvwVISJXZTq76VSPybeQ+pmSZFMleNnWOstvevLFeOoH2Is0Ioi1Fe - vnu5r0D0VYsb746wyRooiEuOAjBmni8X/je6Vwr1gb/WZfZ23EwYpGyakJdxLNv3 - Li+LD9vUfOR80WL608sUU45tAx1RAy6QcH/YDtdClbOdK53+cQVTsYnCvDW8uGlO - scQWgk+od3qvo6yCPO7pRlEd3nedcPSGh/KjBHao6eP+bsVERp733Vb9qrEVwmxv - jlZ1m12V63wHVu9uMAGi9MhK+2Q/l7uLTj03OYpi4NYKL2Bu01VXfoxuauuZLdIJ - Z3ZV+qUcjzZI0PBlGxubq6CqVFoSB7nhHUbcdPQ66WUnwoKq0cKmE7VOlJQvJ07u - /Wsl8BIsxODVt0rTzEAx0hTd5mJCX7sCawRt+NF+1DZizl9ouebNMkNlsEAg4Ps0 - bQerZLcOmpYjGa5+lWDwJIMXVIcxwTmQR86stlP/KQm0vdOvH2ZUWTXcYvCYlHkQ - sgVnnA2wt+7UpZnEBHy04ry+jYaSsPdYgwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - pubkey_ed25519 = "PRtxFg/zw8dmwEGEM+u28N5GWuGNiHSNlaieplVSqQK"; - }; - }; - wiregrill = { - ip6.addr = w6 "3"; - aliases = [ - "xerxes.w" - ]; - wireguard.pubkey = "UTm8B8YUVvBGqwwxAUMVFsVQFQGQ6jbcXAavZ8LxYT8="; - }; - }; secure = true; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n"; - syncthing.id = "EA76ZHP-DF2I3CJ-NNTFEUH-YGPQK5S-T7FQ6JA-BNQQUNC-GF2YL46-CKOZCQM"; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP017KDMPZgXeb5pwo8sOD9R16vEaHFp523HGyeWPIIa"; } diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix index 9df79afbf..e92aeec93 100644 --- a/kartei/makefu/default.nix +++ b/kartei/makefu/default.nix @@ -251,6 +251,8 @@ in { wikisearch IN A ${nets.internet.ip4.addr} work.euer IN A ${nets.internet.ip4.addr} shop.euer IN A ${nets.internet.ip4.addr} + matrix.euer IN A ${nets.internet.ip4.addr} + element.euer IN A ${nets.internet.ip4.addr} mediengewitter IN CNAME over.dose.io. nixos.unstable IN CNAME krebscode.github.io. diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index 60369d4df..848646510 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -1,5 +1,5 @@ { config, lib, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); extend = x: f: { lambda = lib.recursiveUpdate x (f x); diff --git a/kartei/tv/hosts/fu.nix b/kartei/tv/hosts/fu.nix index f33da59c9..c3f2f9297 100644 --- a/kartei/tv/hosts/fu.nix +++ b/kartei/tv/hosts/fu.nix @@ -20,5 +20,4 @@ }; secure = true; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE8T+2Oe6qCE0uEb9H7CWZengyhHK30NelmYmpI4Umpm root@fu"; - syncthing.id = "F5B3EPT-OEOFYMV-GATESYO-727M6R4-YBXGW6Q-SG3QWC7-PPVFX4C-AY4UKAJ"; } diff --git a/kartei/tv/hosts/leg.nix b/kartei/tv/hosts/leg.nix index c09749302..5841c72d5 100644 --- a/kartei/tv/hosts/leg.nix +++ b/kartei/tv/hosts/leg.nix @@ -23,5 +23,4 @@ }; secure = true; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGiputkYYQbg8sUHu+dMVOEuqhPYwPhPdmkS6LopPx17 root@leg"; - syncthing.id = "5IB2U3K-HNQWNA4-ULYNPZF-XC3HX4D-IKQB72L-GNF6U2P-RNL4OMF-BWGDVAU"; } diff --git a/kartei/tv/hosts/ne.nix b/kartei/tv/hosts/ne.nix index e7d9056b1..1191fcb71 100644 --- a/kartei/tv/hosts/ne.nix +++ b/kartei/tv/hosts/ne.nix @@ -1,8 +1,14 @@ { config, ... }: { extraZones = { "krebsco.de" = '' + @ 60 IN MX 5 ne + @ 60 IN TXT "v=spf1 mx -all" ne 60 IN A ${config.krebs.hosts.ne.nets.internet.ip4.addr} ne 60 IN AAAA ${config.krebs.hosts.ne.nets.internet.ip6.addr} + cgit 60 IN A ${config.krebs.hosts.ne.nets.internet.ip4.addr} + cgit 60 IN AAAA ${config.krebs.hosts.ne.nets.internet.ip6.addr} + cgit.ne 60 IN A ${config.krebs.hosts.ne.nets.internet.ip4.addr} + search.ne 60 IN AAAA ${config.krebs.hosts.ne.nets.internet.ip6.addr} tv 300 IN NS ne ''; }; @@ -10,14 +16,13 @@ internet = { aliases = [ "ne.i" + "cgit.ne.i" ]; - ip4 = rec { + ip4 = { addr = "159.195.31.38"; - prefix = "${addr}/32"; }; - ip6 = rec { + ip6 = { addr = "2a0a:4cc0:c1:5eb0::1"; - prefix = "${addr}/64"; prefixLength = 64; }; ssh.port = 11423; @@ -27,14 +32,26 @@ "ne.m" ]; ip6.addr = "45f:fa21:4bdd:a758:8091:947d:fe84:fac3"; + via = config.krebs.hosts.ne.nets.internet; }; retiolum = { aliases = [ "ne.r" + "cgit.ne.r" + "krebs.ne.r" + "search.ne.r" + "p.ne.r" + "p.tv.r" ]; + ip4.addr = "10.243.113.224"; + via = config.krebs.hosts.ne.nets.internet; }; wiregrill = { ip4.addr = "10.244.3.2"; + via = config.krebs.hosts.ne.nets.internet; + wireguard.subnets = [ + (slib.krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR + ]; }; }; } diff --git a/kartei/tv/hosts/ni.nix b/kartei/tv/hosts/ni.nix deleted file mode 100644 index fed171f23..000000000 --- a/kartei/tv/hosts/ni.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ config, lib, slib, ... }: { - extraZones = { - "krebsco.de" = '' - ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} - ni 60 IN AAAA ${config.krebs.hosts.ni.nets.internet.ip6.addr} - cgit 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} - cgit 60 IN AAAA ${config.krebs.hosts.ni.nets.internet.ip6.addr} - cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} - cgit.ni 60 IN AAAA ${config.krebs.hosts.ni.nets.internet.ip6.addr} - search.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} - search.ni 60 IN AAAA ${config.krebs.hosts.ni.nets.internet.ip6.addr} - krebsco.de. 60 IN MX 5 ni - krebsco.de. 60 IN TXT "v=spf1 mx -all" - tv 300 IN NS ni - ''; - }; - nets = { - internet = { - ip4 = rec { - addr = "185.162.251.237"; - prefix = "${addr}/32"; - }; - ip6 = rec { - addr = "2a03:4000:1a:cf::1"; - prefix = "${addr}/64"; - }; - aliases = [ - "ni.i" - "cgit.ni.i" - ]; - ssh.port = 11423; - }; - retiolum = { - via = config.krebs.hosts.ni.nets.internet; - ip4.addr = "10.243.113.223"; - aliases = [ - "ni.r" - "cgit.ni.r" - "krebs.ni.r" - "search.ni.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEA7NHuW8eLVhpBfL70WwcSGVmv4dijKLJs5cH/BmqK8zN2lpiLKt12 - bhaE1YEhGoGma7Kef1Fa0V9xUkJy6C1+sVlfWp/LeY8VRSX5E3u36TEl6kl/4zu6 - Ea/44BoGUSOC9ImxVEX51czA10PFjUSrGFyK0oaRlKNsTwwpNiBOY7/6i74bhn59 - OIsySRUBd2QPjYhJkiuc7gltVfwt6wteZh8R4w2rluVGYLQPsmN/XEWgJbhzI4im - W+3/bdewHVF1soZWtdocPLeXTn5HETX5g8p2V3bwYL37oIwkCcYxOeQtT7W+lNJ2 - NvIiVh4Phojl4dBUgUQGT0NApMnsaG/4LJpSC4AGiqbsznBdSPhepob7zJggPnWY - nfAs+YrUUZp1wovhSgWfYTRglRuyYvWkoGbq411H1efawyZ0gcMr+HQlSn2keQOv - lbcvdgOAxQiEcPVixPq3mTeKaSxWyIJGFceuqtnILGifRNvViX0uo9g5rLQ41PrJ - 9F3azz3gD2Uh73j5pvLU72cge7p1a7epPYWTJYf8oc5JcI3nYTKpSqH8IYaWUjv9 - q0NwOYFDhYtUcTwdbUNl/tUWKyBcovIe7f40723pHSijiPV2WDZC2M/mOc3dvWKF - Mf00uin+7uMuKtnG6+1z5nKb/AWrqN1RZu0rnG/IkZPKwa19HYsYcOkCAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "nDuK96NlNhcxzlX7G30w/706RxItb+FhkFkz/VhUgCE"; - }; - wiregrill = { - via = config.krebs.hosts.ni.nets.internet; - ip4.addr = "10.244.3.1"; - wireguard.subnets = [ - (slib.krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR - ]; - }; - }; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; -} diff --git a/kartei/tv/hosts/pi.nix b/kartei/tv/hosts/pi.nix index 991bc0086..cfcc71a28 100644 --- a/kartei/tv/hosts/pi.nix +++ b/kartei/tv/hosts/pi.nix @@ -1,4 +1,3 @@ { nets.wiregrill.ip4.addr = "10.244.3.102"; - syncthing.id = "NLR6FLV-2MJQSZ6-4M5QBBB-X2UM225-YGB6IYW-F2EGFV6-D7ZDCWY-27EQAAM"; } diff --git a/kartei/tv/hosts/zoppo.nix b/kartei/tv/hosts/zoppo.nix index 4d312105f..abbcc08dc 100644 --- a/kartei/tv/hosts/zoppo.nix +++ b/kartei/tv/hosts/zoppo.nix @@ -20,5 +20,4 @@ }; secure = true; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMk5DVtgzKmbJTsJs81GIMYE3YblnJJTc/FtVukKJK4J root@zoppo"; - syncthing.id = "F4GDV3I-QX6QAA5-32MXHXE-2RJDYBO-RFXGDFR-EGMN4IQ-OJDKL62-NCUWOAQ"; } |