diff options
Diffstat (limited to 'krebs/3modules/lass/default.nix')
-rw-r--r-- | krebs/3modules/lass/default.nix | 65 |
1 files changed, 64 insertions, 1 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 2475a0d5a..280021347 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -14,7 +14,47 @@ in { dns.providers = { "lassul.us" = "zones"; }; - hosts = mapAttrs hostDefaults { + hosts = mapAttrs (_: recursiveUpdate { + owner = config.krebs.users.lass; + ci = true; + monitoring = true; + }) { + dishfire = { + cores = 4; + nets = rec { + internet = { + ip4 = rec { + addr = "157.90.232.92"; + prefix = "${addr}/32"; + }; + aliases = [ + "dishfire.i" + ]; + ssh.port = 45621; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.133.99"; + ip6.addr = r6 "d15f:1233"; + aliases = [ + "dishfire.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwKi49fN+0s5Cze6JThM7f7lj4da27PSJ/3w3tDFPvtQco11ksNLs + Xd3qPaQIgmcNVCR06aexae3bBeTx9y3qHvKqZVE1nCtRlRyqy1LVKSj15J1D7yz7 + uS6u/BSZiCzmdZwu3Fq5qqoK0nfzWe/NKEDWNa5l4Mz/BZQyI/hbOpn6UfFD0LpK + R4jzc9Dbk/IFNAvwb5yrgEYtwBzlXzeDvHW2JcPq3qQjK2byQYNiIyV3g0GHppEd + vDbIPDFhTn3Hv5zz/lX+/We8izzRge7MEd+Vn9Jwb5NAzwDsOHl6ExpqASv9H49U + HwgPw5pstabyrsDWXybSYUb+8LcZf+unGwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.port = 655; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv0JMp0y+E5433GRSFKVK3cQmP0AAlS9aH9fk49yFxy"; + }; prism = rec { cores = 4; extraZones = { @@ -31,6 +71,7 @@ in { 60 IN NS ns16.ovh.net. 60 IN NS dns16.ovh.net. 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + 60 IN AAAA ${config.krebs.hosts.prism.nets.internet.ip6.addr} IN MX 5 lassul.us. 60 IN TXT v=spf1 mx a:lassul.us -all 60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" ) @@ -58,6 +99,10 @@ in { addr = "95.216.1.150"; prefix = "0.0.0.0/0"; }; + ip6 = { + addr = "2a01:4f9:2a:1e9::1"; + prefix = "2a01:4f9:2a:1e9::/64"; + }; aliases = [ "prism.i" "paste.i" @@ -73,6 +118,7 @@ in { "cache.prism.r" "cgit.prism.r" "flix.r" + "jelly.r" "paste.r" "c.r" "p.r" @@ -529,6 +575,20 @@ in { ci = false; syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ"; }; + tablet = { + nets = { + wiregrill = { + ip4.addr = "10.244.1.14"; + ip6.addr = w6 "b"; + aliases = [ + "tablet.w" + ]; + wireguard.pubkey = "eIafsxYEFCqmWNFon6ZsYXeDrK4X1UJ9KD0zmNZjgEI="; + }; + }; + external = true; + ci = false; + }; hilum = { cores = 1; nets = { @@ -777,5 +837,8 @@ in { mail = "lassulus@gmail.com"; pubkey = builtins.readFile ./ssh/android.ed25519; }; + lass-tablet = { + pubkey = builtins.readFile ./ssh/tablet.ed25519; + }; }; } |