summaryrefslogtreecommitdiffstats
path: root/krebs/3modules/lass
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/3modules/lass')
-rw-r--r--krebs/3modules/lass/default.nix41
-rw-r--r--krebs/3modules/lass/pgp/yubikey.pgp109
-rw-r--r--krebs/3modules/lass/ssh/yubikey.rsa1
3 files changed, 115 insertions, 36 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 78f3542fa..dc5c9ca3c 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -602,42 +602,6 @@ in {
ci = false;
syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ";
};
- morpheus = {
- cores = 1;
- nets = {
- retiolum = {
- ip4.addr = "10.243.0.19";
- ip6.addr = r6 "012f";
- aliases = [
- "morpheus.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAptrlSKQKsBH2QMQxllZR94S/fXneajpJifRjXR5bi+7ME2ThdQXY
- T7yWiKaUuBJThWged9PdPltLUEMmv+ubQqpWHZq442VWSS36r1yMSGpUeKK+oYMN
- /Sfu+1yC4m2uXno95wpJZIcDfbbn26jT6ldJ4Yd97zyrXKljvcdrz3wZzQq0tojh
- S5Q59x/aQMJbnQpnlFnMIEVgULuFPW16+vPGsXIPdYNggaF1avcBaFl8i3M0EZVz
- Swn4hArDynDJhR7M0QdlwOpOh7O+1iOnmXqqei3LxMVHb+YtzfHgxOPxggUsy7CR
- bj9uBR9loGwgmZwaxXd1Vfbw8kn/feOb9FcW73u+SZyzwEA9HFRV0jGQe3P9mGfI
- Bwe02DOTVXEB8jTAGCw5T3bXLIOX8kqdlCECuAWFfrt8H+GjZDuGUWRcMn32orMz
- sMvkab95ZOHK6Q31mrhILOIOdyZWKPZIabL3HF6CZtu52h6MDHbmGS0w0OJYhj2+
- VnT9ZBoaeooVg8QOE43rCXvmL5vzhLKrj4s/53wTGG5SpzLs9Q9rrJVgAnz4YQ7j
- 3Ov5q3Zxyr+vO6O7Pb5X49vCQw/jzK41S0/15GEmKcoxXemzeZCpX1mbeeTUtLvA
- U7OJwldrElzictBJ1gT94L4BDvoGZVqAkXJCJPamfsWaiw6SsMqtTfECAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- wiregrill = {
- ip6.addr = w6 "012f";
- aliases = [
- "morpheus.w"
- ];
- wireguard.pubkey = "BdiIHJjJQThmZD8DehxPGA+bboBHjljedwaRaV5yyDY=";
- };
- };
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f ";
- };
hilum = {
cores = 1;
nets = {
@@ -681,6 +645,11 @@ in {
};
users = rec {
lass = lass-blue;
+ lass-yubikey = {
+ mail = lass.mail;
+ pubkey = builtins.readFile ./ssh/yubikey.rsa;
+ pgp.pubkeys.default = builtins.readFile ./pgp/yubikey.pgp;
+ };
lass-blue = {
mail = "lass@blue.r";
pubkey = builtins.readFile ./ssh/blue.rsa;
diff --git a/krebs/3modules/lass/pgp/yubikey.pgp b/krebs/3modules/lass/pgp/yubikey.pgp
new file mode 100644
index 000000000..0c7791ce8
--- /dev/null
+++ b/krebs/3modules/lass/pgp/yubikey.pgp
@@ -0,0 +1,109 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF2iTTQBEAChyVXMTAd7NWUHV1iepW+ZjvCedpr5AQR7kT6btSYPJCjiCNEy
+aCesw0OFyodQDhEZhKldBdvCnvTxKF/GtBuSKrvFhm7uxJgtT7/VS82IB57Ezmog
+3AaX95D7tRHKf0I0coWKk+5Yaq2SpNyjTYmG65y93/Hf1PMt4v+oySGfEz/f+R4P
+rsyIJBfpXOyVKwd7zy4Hj0mqzbsNy9aP7Fk3zMUv+M3A0D33XCd+dm/ogzQpI4vw
+xlzd5my5R+b7uGwrCHZg9Egp4gbeSChgQc/5ZIcYrUncVVP6OMAjlHfdJFQEOmru
+eLtuoXwSSSlU8c85O2PV/1/ClkrGGn2zT+UmKnOz1RK405MCOB35wkyboZ4efk2m
+28LVoYRaoN1yTW7c3CsHpOAIXLsP91LmcHmRI59UHAkNmtlZKS95titv6Dwe3yZj
+iyOE7McfxpxR0K9P3vUSr42XRYHLJFQuZDCDeReMomGzy8X9EQhUi0cH1BcfZfSD
+dvcXC9IWpdWickU2wFkDkTECSyJTbC4JPpTQQtj/LAP+zya3tdobnpPn9Msj99WX
+yLFkKUGWy9yxmDRYst6ErAZMY84J+dqZkm+mLQw9x1jKWIVZDNlwP+Jrz7VMqc1g
+S2gg1BVl6Nts8Z7foZV6w5IYLr7g3noUm7+NhD83jKTJw8AsHU5RIaJnwwARAQAB
+tB1sYXNzdWx1cyA8bGFzc3VsdXNAbGFzc3VsLnVzPokCTAQTAQoANhYhBNvNdXhG
+Bps5LqlAHWZXvoqNHugHBQJdok00AhsBBAsJCAcEFQoJCAUWAgMBAAIeAQIXgAAK
+CRBmV76KjR7oB3AdD/0TaW3wUWaUhNr5B3clDrTOHL94Ztzsg/Xjr1b/KT1sygad
+WAanuwGvdmFr4x+eshrTijIXmh5giBwi+QnG7+VX2hlOKuJ+j+0zR2n7i4KVwAuQ
+SRcQ8TGnBCrWLl80NjnGOky5Nmq4qCzpxhtuFcWixaqlBa3GnXDfecDfBDrcD1T9
+z63gPJ2Ghovoub1UGp01A+4ZBXD4yc1ZEGmhLFA8Aih4BPdsD6cfXWsAi5Nx8FmC
+KvNEg4FeMGV13ZEAF8cxaIS/xq9R2xdgYt+lImaDson/ODIoeg+k5B9ntSGs2H9N
+YoFDlSiB4/a6mBkZm6BA649aL2FjbfOaIB3V07ynzkrSDeUvES9ybnyqbkvd2Slf
+4us4me9zroOo2UQn1fJVWfPFRFb7aAoBIAIHNVmf1vtMYe9tQQ5o1Mcxb0sixaqO
+To4fBaaz1WOtrH6NdEWD3OHUkJrFJb/2dVfvR4bHxdWxtF+WdKkbRfdRmYPVAwVf
+PhasEaaTOZ5r0QghOnjF0YL0YAqvJLx/roz54mNTgavH5BzXjYd9koW0csbWghXd
+p7BfBwGjfaJfPq6MK+Ifk0WH2Dr5mbSFUw1QdEx9dYZJUDuwu7np5ctd62sjZkwY
+ppZlgf+gp+OVjGz+yiTAlQ3PB3wCs23qKtdypxsA7G056TNNkwMcBLN16ngLD7kC
+DQRdok2SARAA/FdD3ji4pAe3C8ziLQfxq2LJX2QPmySoqr0nZWZ2XmZu58w9fVZh
+SSaKpdmqXfR1qSxIw8Pz+7i5Hh2dcG6dJleAMNYYTc7sm4EUDqLtUaQSNVtXrmCE
+SwWcsOPybgHwQNIBd6CTgtQON+iNe6xA/b6nLw5/4ITalkTe43Kv3yVZbvo7X8x+
+c+eIyhYx1UZjbndagH26FXB+WJ22QsNgQrPAYdltn57eQ2m8u9LBCtQl00DLUbv4
++1SDvVAlal3Es62m0u97tKx2FOoJBehMBc+Czle5/6hS6xKgKgArdKfUcfLch7Au
+FtOd2n+HpCCUskApEgH9s7pcMFmioL9V366x1sgTZoRE+qhs81255hjnK8oWQ6+E
+F+D3YHPKb8b9wDLMfvwXZLPQPyNpAuDczDBrbAZ7s2CvQ4icOYJLBGzQo0bHAHTs
+N6p/mTAfwLHrgKEDY+YLLqaogdZ0O7wL+jgrL6fuKqALuIJqO/6FBVXfyR5rvUGs
+8R9rdy39x0NkWdyt+I0kXf50cWVi/tSi47HGYJpc1JSjFOfLjpQihij+nWlMnaF4
+bpeJBUYx5FZlIou4a7+aRsPQC7P58tcMSFR7gKlomBacBQoVkf8iZ6ml0aWRTZnr
+s2XOGn7h6A4AoeLr1i4U8XkJGHatunhvhXJTPHk0QZvgfq92gQc3IdUAEQEAAYkE
+cgQYAQoAJhYhBNvNdXhGBps5LqlAHWZXvoqNHugHBQJdok2SAhsCBQkB4TOAAkAJ
+EGZXvoqNHugHwXQgBBkBCgAdFiEEVAotn4qIhqe83vdsfheGip18nM8FAl2iTZIA
+CgkQfheGip18nM9DVxAAuqX7iztddbttkIfN65R5XJPjz7NRg0AI8G+1qnkvF3c2
+ufNjL++BJSvlbi/2ov92S+0CPF08E4kDsHjA/JM782D6lDfSZltW4YBBqkJZdtiP
+ElcIqIhM6EX7fs3Ag/RjUVPb4tYkH20xcNhyl+0RdBuSvR0+KOXXBfoNmsyQM4/h
+UKiWW3vGOZOBmYPNcvAQcMs+p4D5JHQcOyxgtXyiXU/VxvUWI7cH6I7daRDTFR3L
+4zXoIrRwqEgxIqof2Zm4smoHDLfXxGQrcjj6eKkn/gt/T7qYxnhcG5guS2DwIay5
+c7xV1xuB7pDgM1On56heD21DI4vtXXnTkjo7/6hsw2e6TBcn295fEekvBupYVwaz
+efBSlr2f3xxlDvd35D5tWZRVGspzxO15DcTaTglOeNtRnYGRwHwE/tiJ0G0uwGfv
+aI0xeexuhnTfvEkpJ4SJ/iMl+FpOw7I35H7mz8MrRNMjtR+Es8gzuw7hNErmbh0S
+LZvddoPnqt9kF8ayA1iz1X9KiBkkj3EbvI99jYjdDDm5lsxCZKLSX4r9Mp236K6D
+MGlifRN2AfdXziXhPABQkKE5m7kcn1gALn9Mcg5HgeXTdxan6QP35ygDtmNldJGE
+P+AWAZ4RwaFK8P3/oqQ/8XhnkwH5n2SPd8WQqnldvrtajUzUegvJUstLS5B1TFQl
+Ug/9EV4nuVrGU0uFQLFKLzCXAxWGQPwFwJW4XI4SfhHzyXm8nuJLAKJunxxYni9z
+7bIe297hNCMLh8VwW6WkGCz4v9BfURE1jUEPeuu0biCHxa+U8vd1l/CIgAYbNTgj
+8eNsN6hV4X9fpGaW0YjDtGSkl1FMC+4YLXm8xRHzdM0RpZpRMaUKSuAYJzi21LGa
+QyhdrTn77RvbkeFu0I3b8If5QLTFxLTkAM2IwfyHd7ytlhl6vxHaUwh8djop9jjc
+Ty+bSyEjEIZyR+buj3CVUiheQXWw6rGFdR/TLGERWMf6rYF/fuXp5s6jmRCPmB0d
+7iX3WkZ6XvjW6wuM9TaBhK3PixPHcHss8uwhtg7+WeVqRAr4VWTFxTIy60vacDvL
+5Sskqas4JWnYxfuFpm60IDnBS2kkHM07O+PY2x4S5o+7S0qT9RPtcvqVtAp8eont
+2ovc9fXn4UpbeENFeytwed65QrFYDLGlNtq66iO2kp2mX/sFk634TUZ04vyz6nut
+senoOofrZefND2uhzJ8pyJkYWTWBsmGitn0JPSBxbIil7PSDBbqEdHE/fD6QnOdw
+dmDrFJUdcDzwdBDlmn80VOmooyR8pfrH5u6wKfNZ9xBjVsh1z6lWQbuBgXtltTtE
+5rJJvZ7Pawt8nmb+UW0WxCL3TsWCG3sq1MV8ryU/9l0hTEK5Ag0EXaJN1gEQANML
+yxoeknGlTtkG640UP5ZkUEojwXxlni3v2dpWEaEJO9yqvkELCWum5pRz+iDzoDFS
+lUPnP3YKVFkLbAlk56abIAQ6VK7wkOSHCw1F7LlCY830bRkgGJ8/b8us9KpET6Am
+ei7OGYVtqNBUodEJi6XkH5q9RLQeVR+7ynt0LTAxO/mMFYc3nhccrhadubhh5rTd
+e/UcxBL/zYx8tCBy2F4ep6Anx02HOauTwaqk4KLhB9IcdS8sJQHFY7iEVWNcovwF
+8luGEGPJOdOPTMZz4jD4aWFqbT6ragWaG8tisLEe9UhET2LL3r/4DIgAJY4bwg5T
+ZyK/1j+Nj1IyYkQ9A6YF96Y5XCi9DF0MYq9NytWNnMCT8F4QCCDRWhgql714/Er/
+qfwnT2M6m8P4OS1sAHv5vDDYXezB0WrJNstYvhtHhi4ctuolBuwOb7nyIBlZovhk
+5/6IAFmoUprfGHOuttEcPTRDGv737cR1cYaz5QMuz2svNU3ivI/tYfIQwMAjv84A
+ZN2wl63QkghYo/dm9a5Ex78CNwZD/z7HOE3zD+Rd0C9/hXLpVVhN0mKmDzgJHPUo
+VDk//P3YgzM+dtUWWPJ1FfaTz2543V9MwVWUJQj0DIgl4noLHX3wkd/d4gYGAhlW
+kBxkbQPJ4NT7EKBFk44fa6DVuGOGatBAxKQq1GftABEBAAGJAjwEGAEKACYWIQTb
+zXV4RgabOS6pQB1mV76KjR7oBwUCXaJN1gIbDAUJAeEzgAAKCRBmV76KjR7oB4ke
+D/94TykloLIX2yjqUgsIbzPNH4Q+wzXYAUwhPaY9WlRsnwMJdoWxLVvMDF44JxKj
+nzUi5UctaeI2GylLv5G2na5/trRnvIAQq0IyMCz7+mQwSDcZL1UgWpoljRnKbPYs
+dYSS1t7LLjP9So4YXeHlAu6tKfF5XkUvB8yfcpupPF+mhfIGPMDRPMBuO3GovpNk
+Gutgrzo3dttRr5b4lwFv6uZBw906b5dgKf82nC3zhvJ0q45VFPmBvriCMHdCzR+E
+i6Lv06/xSe/ksY2m2Ma16M5n/cvPdl0NFMSwPz/VctEbWV+HoIJs/swW3l5xSV1f
+06GQ9h+kaTlF7UUaXWqgiKaOBpvjgVhg88AUwxbpkH/BN1MJ3ww3XAk8gyI7AW0P
+60Xzj0q8zlKxYWxaDWCrBc0yCfC0ulChetVGGaJ9WWRVu2ZjPLwHoZmwEpevSrNc
+0UmO4jtB/5ojCzTI+l5lLHDLYjAZFDvA2qaLfgs5roQvEaGxW9MDpuz10AclrUfV
+u6UikxdivbYssVA0/ytdiIDmITONY6kNL3PLSA7Ki/N3oz4s5WpPFUOBL3wPmpW/
+MXq/d/GvzbgjXHHWdPKrC3sz12/R+PUzr+dTQeJR72eW+6QQqAEmEhS8xfffjsvQ
+z3unfvv/4c/mVInpnGBuQXNFYbZxgEsFxbzVavnwppvAirkCDQRdok4KARAAyG97
+rjKhP8Uie1i/16SekDo+GkpodBmvhrZiZdwg75YxriHhgioe2AKKmQItOdZOY+mV
+qMA63FmByDlPodHmQnrIAn/gr7p5V3lM+l0oVTI8maPO39iT7Nh6W/rv4ni8eMBk
+L6P2cPPaTpcv76qWl/WcMiEflPNSAFaxyIapq04rafthcIILWmOBbQ+liMn9YT7a
+6w3nF/Ig4Zxx7hoQE6/HrTC8HcENpCAceQQYAqIrlu8F5y1AQVWHjtyCPee1z/8l
+PNnPg40lSbXozg5kQDP965Pge6XReUoUVVRcgeiSUfkHdYPIkh/tkFy1MtzTNize
+buadqE41Ds6BD1maO5cpGc5iFnf+YY01vWIhwvgPMbAsUKrPOw/RyvYSwOrnWegh
+pKuIRv+sBcDY0jJ799CHB2c8eiAYoTRm64rKyYS8RIilqTCmIHnpoSIq3n1wOlMV
+X4sB4N4CfAZRAbI9LZfx1QEYn0dst9+mCDRJ/ALBxocKz0wRTpwU5nwP1Zz9TZVh
+81wn1Ypj+mFb3aBggpwMLxbifmbsZmd1MwW9k3p2WTs8M1dLFM2ZNA9QmkgRSVFN
+6GTTpAyDOs+ZSGYM7MisG9/EvFbNx2BPg6qZH7JeMnlOZXXOg8K5VcLkiGuL1brO
+Hlg94Axha8ffMmqjsde6XOAgvSl5P9k47SWOcZkAEQEAAYkCPAQYAQoAJhYhBNvN
+dXhGBps5LqlAHWZXvoqNHugHBQJdok4KAhsgBQkB4TOAAAoJEGZXvoqNHugHSVkP
+/iEIS7oVZuXBRYCv6GSfrS7b8h5NH8TFiu89sl3B0aRjRXhcsCgutFHVa4ztJqjF
+rzuzmZ/6dlZ2F/LGu1Qzgu8Vd3VNFTuxanUE5W82mFqTcYij1G2HjN0gBoOhscl3
+Oy5zsYfP4gyB3pypPujcqhKfFxxW4V7HK8CvspQ6Anh8TrrAobM7b5gREm3BUvl+
+VH7ErYLy13XkH2dNhUeAY2lNLLBbftwBE3RDFtaT9on/e4FZycgtfOM9fXOqdNXk
+EQW4fXBoazWWYXXcVMro0+KTpITjXdX9F613C9xwLEATS8OVIDxQZFuyrl1r/Dty
+keEn2OKi1RVdZhW7aV09ckKKeH1X/89850WDQatrsREjLXfJBJU94XKwekFC0wsw
+uUJkyf5tb/FbAQg8fTMLhVv1D+IqkEISSwr3JmRZXqDEAYqCZHHWqnRrB8mm6eoB
+vI93yMV1bkxb2/aI4xBtGKhPzfLIiiV5PevmnDOq08htU/Jr6VGhW+Wm1/qnHmPw
+JE1J+yH8NHJQ6NemztSomK8K9J23zgJfgb24Eztc8zIBcNb2CWJ9BgkSYy1BLFy4
+gsfSx3i91GdfsjMpBL7o4/rjdlJGbt76k18dSyWJEdtwYYKwGYvNes21GwbZ/aOx
+z8vpeBc06aBx5UOb4Y22HNfG9hDfuuDhGP7Kl0b0LIqq
+=U2Jf
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/krebs/3modules/lass/ssh/yubikey.rsa b/krebs/3modules/lass/ssh/yubikey.rsa
new file mode 100644
index 000000000..349bb4aab
--- /dev/null
+++ b/krebs/3modules/lass/ssh/yubikey.rsa
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIb3uuMqE/xSJ7WL/XpJ6QOj4aSmh0Ga+GtmJl3CDvljGuIeGCKh7YAoqZAi051k5j6ZWowDrcWYHIOU+h0eZCesgCf+CvunlXeUz6XShVMjyZo87f2JPs2Hpb+u/ieLx4wGQvo/Zw89pOly/vqpaX9ZwyIR+U81IAVrHIhqmrTitp+2FwggtaY4FtD6WIyf1hPtrrDecX8iDhnHHuGhATr8etMLwdwQ2kIBx5BBgCoiuW7wXnLUBBVYeO3II957XP/yU82c+DjSVJtejODmRAM/3rk+B7pdF5ShRVVFyB6JJR+Qd1g8iSH+2QXLUy3NM2LN5u5p2oTjUOzoEPWZo7lykZzmIWd/5hjTW9YiHC+A8xsCxQqs87D9HK9hLA6udZ6CGkq4hG/6wFwNjSMnv30IcHZzx6IBihNGbrisrJhLxEiKWpMKYgeemhIirefXA6UxVfiwHg3gJ8BlEBsj0tl/HVARifR2y336YINEn8AsHGhwrPTBFOnBTmfA/VnP1NlWHzXCfVimP6YVvdoGCCnAwvFuJ+ZuxmZ3UzBb2TenZZOzwzV0sUzZk0D1CaSBFJUU3oZNOkDIM6z5lIZgzsyKwb38S8Vs3HYE+Dqpkfsl4yeU5ldc6DwrlVwuSIa4vVus4eWD3gDGFrx98yaqOx17pc4CC9KXk/2TjtJY5xmQ== lass@yubikey