diff options
Diffstat (limited to 'krebs/3modules')
| -rw-r--r-- | krebs/3modules/ci.nix | 50 | ||||
| -rw-r--r-- | krebs/3modules/krebs/default.nix | 40 | ||||
| -rw-r--r-- | krebs/3modules/lass/default.nix | 46 | ||||
| -rw-r--r-- | krebs/3modules/makefu/default.nix | 30 | ||||
| -rw-r--r-- | krebs/3modules/mv/default.nix | 1 | ||||
| -rw-r--r-- | krebs/3modules/tv/default.nix | 42 |
6 files changed, 89 insertions, 120 deletions
diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index b55827e3a..dab87792e 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -17,30 +17,12 @@ in default = 10; description = "how long to wait until we test changes (in minutes)"; }; - users = mkOption { - type = with types; attrsOf (submodule { - options = { - all = mkOption { - type = bool; - default = false; - }; - hosts = mkOption { - type = listOf str; - default = []; - }; - }; - }); - example = { - lass.all = true; - krebs = { - all = true; - hosts = [ - "test-all-krebs-modules" - "test-arch" - ]; - }; - }; - default = {}; + hosts = mkOption { + type = types.listOf types.host; + default = []; + description = '' + List of hosts that should be build + ''; }; }; @@ -132,23 +114,9 @@ in timeout=90001 ) - ${let - user-hosts = mapAttrs (user: a: let - managed-hosts = attrNames (filterAttrs (_: h: (h.owner.name == user) && h.managed) config.krebs.hosts); - defined-hosts = a.hosts; - in - defined-hosts ++ (optionals a.all managed-hosts) - ) cfg.users; - - in - concatStringsSep "\n" ( - (mapAttrsToList (user: hosts: - concatMapStringsSep "\n" (host: - "build_host(\"${user}\", \"${host}\")" - ) hosts - ) user-hosts) - ) - } + ${concatMapStringsSep "\n" (host: + "build_host(\"${host.owner.name}\", \"${host.name}\")" + ) cfg.hosts} bu.append( util.BuilderConfig( diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 27fbb7088..2fe3e5115 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -30,15 +30,48 @@ let }); in { hosts = { + hope = { + ci = true; + owner = config.krebs.users.krebs; + nets = { + internet = { + ip4.addr = "45.62.225.18"; + aliases = [ + "hope.i" + ]; + ssh.port = 45621; + }; + retiolum = { + ip4.addr = "10.243.77.4"; + ip6.addr = "42:0:0:0:0:0:77:4"; + aliases = [ + "hope.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAsQVWCoNZZd77tYw1qEDlUsfcF0ld+jVorq2uR5il1D8sqER644l5 + uaWxPQjSl27xdq5kvzIH24Ab6/xF2EDgE2fUTwpO5coBYafeiGyi5AwURQmYMp2a + 2CV7uUAagFQaSzD0Aj796r1BXPn1IeE+uRSBmmc/+/7L0hweRGLiha34NOMZkq+4 + A0pwI/CjnyRXdV4AqfORHXkelykJPATm+m3bC+KYogPBeNMP2AV2aYgY8a0UJPMK + fjAJCzxYJjiYxm8faJlm2U1bWytZODQa8pRZOrYQa4he2UoU6x78CNcrQkYLPOFC + K2Q7+B5WJNKV6CqYztXuU/6LTHJRmV0FiwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdLHRI29xJj1jmfSidE2Dh7EsDNszm+WH3Kj4zYBkP/"; + }; hotdog = { + ci = true; owner = config.krebs.users.krebs; - managed = true; nets = { retiolum = { ip4.addr = "10.243.77.3"; ip6.addr = "42:0:0:0:0:0:77:3"; aliases = [ "hotdog.r" + "build.r" "build.hotdog.r" "cgit.hotdog.r" ]; @@ -58,8 +91,8 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; }; puyak = { + ci = true; owner = config.krebs.users.krebs; - managed = true; nets = { retiolum = { ip4.addr = "10.243.77.2"; @@ -68,6 +101,7 @@ in { "puyak.r" "build.puyak.r" "cgit.puyak.r" + "go.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -85,8 +119,8 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY"; }; wolf = { + ci = true; owner = config.krebs.users.krebs; - managed = true; nets = { shack = { ip4.addr = "10.42.2.150" ; diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 4e50ef577..257268af2 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -5,7 +5,7 @@ with import <stockholm/lib>; { hosts = mapAttrs (_: recursiveUpdate { owner = config.krebs.users.lass; - managed = true; + ci = true; }) { dishfire = { cores = 4; @@ -43,7 +43,7 @@ with import <stockholm/lib>; cores = 2; nets = rec { internet = { - ip4.addr = "104.233.79.118"; + ip4.addr = "45.62.226.163"; aliases = [ "echelon.i" ]; @@ -56,7 +56,6 @@ with import <stockholm/lib>; aliases = [ "echelon.r" "cgit.echelon.r" - "go.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -117,6 +116,8 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQChm4sqQ2bUZj+2YnTf6G5HHRTpSe1jTUhJRnwcYPYZKF+CBqBncipRpuGlGXEsptNa+7ZMcQC0ySsz5SUOMt3Ih+NehVe/qt3VtRz0l0MgOWmH2qBwKK9Y4IuxrJQzUmP4UGlOGlFj9DORssSMOyFIG4eZ9k2qMn3xal0NVRfGTShKlouWsiUILZ8I+sDNE00z8DAYesgc1yazvRnjzvLkRxdNdpYiAFBbmXMpPKK95McRJaWsuNSeal9kd5p5PagWcgN4DZ6+ebzz3NKnmzk4j+vuHX0U9lTXBqKMlzzmM2YNLRtDPfrtJNyHqLpZUpFhJKqZCD+4/0zdrzRfC7Th+5czzUCSvHiKPVsqw5eOdiQX6EyzNAF5zpkpRp//QdUNNXC5/Ku6GKCO491+TuA8VCha0fOwBONccTLUI/hGNmCh88mLbukVoeGJrbYNCOA/6kEz7ZLEveU4i+TT7okhDElMsNk+AWCZ8/NdJQNX3/K6+JJ9qAn+/yC8LdjgYYJ2oU/aw5/HyOgiQ0z4n9UfQ7j+nHysY9CQb1b3guX7yjJoc3KpNXCXEztuIRHjFD1EP8NRTSmGjsa/VjLmTLSsqjD+7IE5mT0tO5RJvmagDgdJSr/iR5D9zjW7hx7ttvektrlp9g0v3CiCFVaW4l95hGYT0HaNBLJ5R0YHm0lD+Q=="; }; domsen-nas = { + ci = false; + external = true; nets = rec { internet = { aliases = [ @@ -126,40 +127,6 @@ with import <stockholm/lib>; ssh.port = 2223; }; }; - managed = false; - }; - cloudkrebs = { - cores = 1; - nets = rec { - internet = { - ip4.addr = "104.167.113.104"; - aliases = [ - "cloudkrebs.i" - ]; - ssh.port = 45621; - }; - retiolum = { - via = internet; - ip4.addr = "10.243.206.102"; - ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f762"; - aliases = [ - "cloudkrebs.r" - "cgit.cloudkrebs.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAttUygCu7G6lIA9y+9rfTpLKIy2UgNDglUVoKZYLs8JPjtAtQVbtA - OcWwwPc8ijLQvwJWa8e/shqSzSIrtOe+HJbRGdXLdBLtOuLKpz+ZFHcS+95RS5aF - QTehg+QY7pvhbrrwKX936tkMR568suTQG6C8qNC/5jWYO/wIxFMhnQ2iRRKQOq1v - 3aGGPC16KeXKVioY9KoV98S3n1rZW1JK07CIsZU4qb5txtLlW6FplJ7UmhVku1WC - sgOOj9yi6Zk1t8R2Pwv9gxa3Hc270voj5U+I2hgLV/LjheE8yhQgYHEA4vXerPdO - TGSATlSmMtE2NYGrKsLM7pKn286aSpXinwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7oYx7Lbkc0wPYNp92LQF93DCtxsGzOkVD91FJQzVZl"; }; uriel = { cores = 1; @@ -328,10 +295,12 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEB/MmASvx3i09DY1xFVM5jOhZRZA8rMRqtf8bCIkC+t"; }; iso = { + ci = false; cores = 1; - managed = false; }; sokrateslaptop = { + ci = false; + external = true; nets = { retiolum = { ip4.addr = "10.243.142.104"; @@ -351,7 +320,6 @@ with import <stockholm/lib>; ''; }; }; - managed = false; }; }; users = { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 21ea7e23c..6e0e876b8 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -5,8 +5,8 @@ with import <stockholm/lib>; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { drop = rec { + ci = true; cores = 1; - managed = true; nets = { retiolum = { ip4.addr = "10.243.177.9"; @@ -28,8 +28,8 @@ with import <stockholm/lib>; }; }; studio = rec { + ci = true; cores = 4; - managed = true; ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; nets = { @@ -54,8 +54,8 @@ with import <stockholm/lib>; }; fileleech = rec { + ci = true; cores = 4; - managed = true; ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; nets = { @@ -80,8 +80,8 @@ with import <stockholm/lib>; }; pnp = { + ci = true; cores = 1; - managed = true; nets = { retiolum = { ip4.addr = "10.243.0.210"; @@ -104,8 +104,8 @@ with import <stockholm/lib>; }; }; darth = { + ci = true; cores = 4; - managed = true; nets = { retiolum = { ip4.addr = "10.243.0.84"; @@ -176,7 +176,7 @@ with import <stockholm/lib>; }; }; tsp = { - managed = true; + ci = true; cores = 1; nets = { retiolum = { @@ -204,7 +204,7 @@ with import <stockholm/lib>; }; }; x = { - managed = true; + ci = true; cores = 4; nets = { retiolum = { @@ -249,8 +249,8 @@ with import <stockholm/lib>; }; vbob = { + ci = true; cores = 2; - managed = true; nets = { retiolum = { ip4.addr = "10.243.1.91"; @@ -312,8 +312,8 @@ with import <stockholm/lib>; }; }; wry = rec { + ci = true; cores = 1; - managed = true; extraZones = { "krebsco.de" = '' wry IN A ${nets.internet.ip4.addr} @@ -357,8 +357,8 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH4Tjx9qK6uWtxT1HCpeC0XvDZKO/kaPygyKatpAqU6I root@wry"; }; filepimp = rec { + ci = true; cores = 1; - managed = true; nets = { lan = { ip4.addr = "192.168.1.12"; @@ -387,8 +387,8 @@ with import <stockholm/lib>; }; omo = rec { + ci = true; cores = 2; - managed = true; nets = { lan = { @@ -421,8 +421,8 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBGboU/P00yYiwYje53G0oqDFWmcSJ+hIpMsl4f/HH"; }; wbob = rec { + ci = true; cores = 4; - managed = true; nets = { siem = { ip4.addr = "10.8.10.7"; @@ -463,8 +463,8 @@ with import <stockholm/lib>; }; gum = rec { + ci = true; cores = 2; - managed = true; extraZones = { "krebsco.de" = '' @@ -526,8 +526,8 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; }; shoney = rec { + ci = true; cores = 1; - managed = true; nets = rec { siem = { via = internet; @@ -575,8 +575,8 @@ with import <stockholm/lib>; }; }; sdev = rec { + ci = true; cores = 1; - managed = true; ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev"; nets = { diff --git a/krebs/3modules/mv/default.nix b/krebs/3modules/mv/default.nix index 7876ab79e..c8d138a44 100644 --- a/krebs/3modules/mv/default.nix +++ b/krebs/3modules/mv/default.nix @@ -5,6 +5,7 @@ with import <stockholm/lib>; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.mv) { stro = { + ci = true; cores = 4; nets = { retiolum = { diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 81db2d411..79fa27bad 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -8,8 +8,8 @@ with import <stockholm/lib>; }; hosts = mapAttrs (_: setAttr "owner" config.krebs.users.tv) { alnus = { + ci = true; cores = 2; - managed = true; nets = { retiolum = { ip4.addr = "10.243.21.1"; @@ -33,6 +33,7 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q=="; }; cd = { + ci = true; cores = 2; extraZones = { # TODO generate krebsco.de zone from nets and don't use extraZones at all @@ -40,7 +41,6 @@ with import <stockholm/lib>; cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} ''; }; - managed = true; nets = { internet = { ip4.addr = "45.62.237.203"; @@ -79,6 +79,7 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOd/HqZIO9Trn3eycl23GZAz21HQCISaVNfNyaLSQvJ6"; }; ju = { + external = true; nets = { gg23 = { ip4.addr = "10.23.1.144"; @@ -112,15 +113,8 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM6dL0fQ8Bd0hER0Xa3I2pAWVHdnwOBaAZhbDlLJmUu"; }; kaepsele = { + external = true; nets = { - internet = { - ip4.addr = "92.222.10.169"; - aliases = [ - "kaepsele.i" - "kaepsele.internet" - # TODO "kaepsele.org" - ]; - }; retiolum = { ip4.addr = "10.243.166.2"; ip6.addr = "42:b9d:6660:d07c:2bb7:4e91:1a01:2e7d"; @@ -129,21 +123,22 @@ with import <stockholm/lib>; ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAxj7kaye4pGLou7mVRTVgtcWFjuEosJlxVg24gM7nU1EaoRnBD93/ - Y3Je7BSUbz5xMXr5SFTPSkitInL7vU+jDOf2bEpqv+uUJAJIz85494oPS9xocdWo - rQsrQRAtOg4MLD+YIoAxQm2Mc4nt2CSE1+UP4uXGxpuh0c051b+9Kmwv1bTyHB9y - y01VSkDvNyHk5eA+RGDiujBAzhi35hzTlQgCJ3REOBiq4YmE1d3qpk3oNiYUcrcu - yFzQrSRIfhXjuzIR+wxqS95HDUsewSwt9HgkjJzYF5sQZSea0/XsroFqZyTJ8iB5 - FQx2emBqB525cWKOt0f5jgyjklhozhJyiwIDAQAB + MIIBCgKCAQEA4+kDaKhCBNlpHqRCA2R6c4UEFk0OaiPwHvjmBBjpihTJVyffIEYm + QFZ5ZNkaVumSOAgKk9ygppO9WsNasl1ag+IRWik9oupdzEkNjgvOMBVJGhcwGZGF + 6UEY5sdA1n0qg74og5BGSiXUBiaahVM0rAfCNk8gV3qrot5kWJMQLb9BKabJ56eb + JrgWepxuVaw3BoEhz6uusuvw5i1IF382L8R11hlvyefifXONFOAUjCrCr0bCb4uK + ZZcRUU35pbHLDXXTOrOarOO1tuVGu85VXo3S1sLaaouHYjhTVT8bxqbwcNhxBXYf + ONLv0f7G5XwecgUNbE6ZTfjV5PQKaww3lwIDAQAB -----END RSA PUBLIC KEY----- ''; }; }; - ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDA9cDUg7qm37uOhQpdKSgpnJPWao9VZR6LFNphVcJQ++gYvVgWu6WMhigiy7DcGQSStUlXkZc4HZBBugwwNWcf7aAF6ijBuG5rVwb9AFQmSexpTOfWap33iA5f+LXYFHe7iv4Pt9TYO1ga1Ryl4EGKb7ol2h5vbKC+JiGaDejB0WqhBAyrTg4tTWO8k2JT11CrlTjNVctqV0IVAMtTc/hcJcNusnoGD4ic0QGSzEMYxcIGRNvIgWmxhI6GHeaHxXWH5fv4b0OpLlDfVUsIvEo9KVozoLGm/wgLBG/tQXKaF9qVMVgOYi9sX/hDLwhRrcD2cyAlq9djo2pMARYiriXF"; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC5Wr36T0MmB8pnSO5/pw9/Dfe5+IMgVHOhm6EUa55jj"; }; mu = { + ci = true; cores = 2; - managed = true; nets = { retiolum = { ip4.addr = "10.243.20.1"; @@ -212,8 +207,8 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; }; nomic = { + ci = true; cores = 2; - managed = true; nets = { gg23 = { ip4.addr = "10.23.1.110"; @@ -244,6 +239,7 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIHmwXHV7E9UGuk4voVCADjlLkyygqNw054jvrsPn5t root@nomic"; }; ok = { + external = true; nets = { gg23 = { ip4.addr = "10.23.1.1"; @@ -252,6 +248,7 @@ with import <stockholm/lib>; }; }; schnabeldrucker = { + external = true; nets = { gg23 = { ip4.addr = "10.23.1.21"; @@ -260,6 +257,7 @@ with import <stockholm/lib>; }; }; schnabelscanner = { + external = true; nets = { gg23 = { ip4.addr = "10.23.1.22"; @@ -268,8 +266,8 @@ with import <stockholm/lib>; }; }; wu = { + ci = true; cores = 4; - managed = true; nets = { gg23 = { ip4.addr = "10.23.1.37"; @@ -306,8 +304,8 @@ with import <stockholm/lib>; binary-cache = { pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s="; }; + ci = true; cores = 4; - managed = true; nets = { gg23 = { ip4.addr = "10.23.1.38"; @@ -342,8 +340,8 @@ with import <stockholm/lib>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnjfceKuHNQu7S4eYFN1FqgzMqiL7haNZMh2ZLhvuhK root@xu"; }; zu = { + ci = true; cores = 4; - managed = true; nets = { gg23 = { ip4.addr = "10.23.1.39"; |