From 200b973fa988f96c2e5d59b760f810ceed990948 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 23 Jul 2017 20:54:13 +0200 Subject: ma: tag managed hosts --- krebs/3modules/makefu/default.nix | 15 +++++++++++++++ makefu/2configs/git/brain-retiolum.nix | 3 ++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index f80c397ee..21ea7e23c 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -6,6 +6,7 @@ with import ; hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { drop = rec { cores = 1; + managed = true; nets = { retiolum = { ip4.addr = "10.243.177.9"; @@ -28,6 +29,7 @@ with import ; }; studio = rec { cores = 4; + managed = true; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; nets = { @@ -53,6 +55,7 @@ with import ; fileleech = rec { cores = 4; + managed = true; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; nets = { @@ -78,6 +81,7 @@ with import ; pnp = { cores = 1; + managed = true; nets = { retiolum = { ip4.addr = "10.243.0.210"; @@ -101,6 +105,7 @@ with import ; }; darth = { cores = 4; + managed = true; nets = { retiolum = { ip4.addr = "10.243.0.84"; @@ -171,6 +176,7 @@ with import ; }; }; tsp = { + managed = true; cores = 1; nets = { retiolum = { @@ -198,6 +204,7 @@ with import ; }; }; x = { + managed = true; cores = 4; nets = { retiolum = { @@ -243,6 +250,7 @@ with import ; vbob = { cores = 2; + managed = true; nets = { retiolum = { ip4.addr = "10.243.1.91"; @@ -305,6 +313,7 @@ with import ; }; wry = rec { cores = 1; + managed = true; extraZones = { "krebsco.de" = '' wry IN A ${nets.internet.ip4.addr} @@ -349,6 +358,7 @@ with import ; }; filepimp = rec { cores = 1; + managed = true; nets = { lan = { ip4.addr = "192.168.1.12"; @@ -378,6 +388,7 @@ with import ; omo = rec { cores = 2; + managed = true; nets = { lan = { @@ -411,6 +422,7 @@ with import ; }; wbob = rec { cores = 4; + managed = true; nets = { siem = { ip4.addr = "10.8.10.7"; @@ -452,6 +464,7 @@ with import ; gum = rec { cores = 2; + managed = true; extraZones = { "krebsco.de" = '' @@ -514,6 +527,7 @@ with import ; }; shoney = rec { cores = 1; + managed = true; nets = rec { siem = { via = internet; @@ -562,6 +576,7 @@ with import ; }; sdev = rec { cores = 1; + managed = true; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev"; nets = { diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix index 18275e3df..05754dc7f 100644 --- a/makefu/2configs/git/brain-retiolum.nix +++ b/makefu/2configs/git/brain-retiolum.nix @@ -8,6 +8,7 @@ let krebs-repos = mapAttrs make-krebs-repo { brain = { }; + krebs-secrets = { }; }; @@ -33,7 +34,7 @@ let set-owners repo [ config.krebs.users.makefu ] ++ set-ro-access repo krebsminister; set-ro-access = with git; repo: user: - optional repo.public { + singleton { inherit user; repo = [ repo ]; perm = fetch; -- cgit v1.2.3