From 12ce60ff1435a71ee4cf0431223c129010e7df73 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 22 Nov 2022 14:38:42 +0100 Subject: external xkey: add mail --- krebs/3modules/external/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 62cbb78a8..989961490 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -862,6 +862,7 @@ in { pubkey = ssh-for "xq"; }; xkey = { + mail = "xkey@krebsco.de"; pubkey = ssh-for "xkey"; }; miaoski = { -- cgit v1.2.3 From a781a0976f59700261eecf2cf24da53b7cd8e709 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 22 Nov 2022 15:02:14 +0100 Subject: exim-smarthost: add krebstel-ml --- krebs/2configs/exim-smarthost.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix index 82f8ec942..01597f49f 100644 --- a/krebs/2configs/exim-smarthost.nix +++ b/krebs/2configs/exim-smarthost.nix @@ -16,6 +16,14 @@ in { tv ]; eloop-ml = spam-ml; + krebstel-ml = [ + config.krebs.users."0x4A6F" + { mail = "krebstel-1rxz0mqa95nkmk298s1731ly0ii7vc36kkm36pnjj89hrq52pgn1@ni.r"; } + { mail = "krebstel-1difh7483axpiaq92ghi14r5cql822wbhixqb0nn3y3jkcj0b785@ni.r"; } + { mail = "lass@green.r"; } + tv + xkey + ]; spam-ml = [ lass makefu @@ -28,6 +36,7 @@ in { "spam@eloop.org" = eloop-ml; "youtube@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead "postmaster@krebsco.de" = spam-ml; # RFC 822 + "krebstel@krebsco.de" = krebstel-ml; "lass@krebsco.de" = lass; "makefu@krebsco.de" = makefu; "spam@krebsco.de" = spam-ml; -- cgit v1.2.3 From 606f88e4f0a8c257f9e6be94ca8469da04b381cc Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 22 Nov 2022 20:15:44 +0100 Subject: kartei: init --- kartei/dbalan/default.nix | 50 ++ kartei/default.nix | 15 + kartei/jeschli/default.nix | 181 ++++ kartei/kmein/default.nix | 193 +++++ kartei/kmein/kmein.gpg | 30 + kartei/kmein/ssh/kmein.kabsa.pub | 1 + kartei/kmein/ssh/kmein.manakish.pub | 1 + kartei/krebs/default.nix | 317 +++++++ kartei/lass/default.nix | 932 ++++++++++++++++++++ kartei/lass/pgp/mors.pgp | 51 ++ kartei/lass/pgp/yubikey.pgp | 157 ++++ kartei/lass/ssh/android.ed25519 | 1 + kartei/lass/ssh/blue.rsa | 1 + kartei/lass/ssh/green.ed25519 | 1 + kartei/lass/ssh/mors.rsa | 1 + kartei/lass/ssh/tablet.ed25519 | 1 + kartei/lass/ssh/yubikey.rsa | 1 + kartei/makefu/default.nix | 393 +++++++++ kartei/makefu/pgp/brain.asc | 51 ++ kartei/makefu/pgp/default.asc | 64 ++ kartei/makefu/retiolum/cake.pub | 8 + kartei/makefu/retiolum/cake_ed25519.pub | 1 + kartei/makefu/retiolum/crapi.pub | 8 + kartei/makefu/retiolum/crapi_ed25519.pub | 1 + kartei/makefu/retiolum/fileleech.pub | 8 + kartei/makefu/retiolum/fileleech_ed25519.pub | 1 + kartei/makefu/retiolum/filepimp.pub | 8 + kartei/makefu/retiolum/filepimp_ed25519.pub | 1 + kartei/makefu/retiolum/firecracker.pub | 14 + kartei/makefu/retiolum/firecracker_ed25519.pub | 1 + kartei/makefu/retiolum/flap.pub | 8 + kartei/makefu/retiolum/flap_ed25519.pub | 1 + kartei/makefu/retiolum/gum.pub | 8 + kartei/makefu/retiolum/gum_ed25519.pub | 1 + kartei/makefu/retiolum/latte.pub | 8 + kartei/makefu/retiolum/latte_ed25519.pub | 1 + kartei/makefu/retiolum/nukular.pub | 8 + kartei/makefu/retiolum/nukular_ed25519.pub | 1 + kartei/makefu/retiolum/omo.pub | 8 + kartei/makefu/retiolum/omo_ed25519.pub | 1 + kartei/makefu/retiolum/sdev.pub | 8 + kartei/makefu/retiolum/sdev_ed25519.pub | 1 + kartei/makefu/retiolum/senderechner.pub | 8 + kartei/makefu/retiolum/senderechner_ed25519.pub | 1 + kartei/makefu/retiolum/studio.pub | 8 + kartei/makefu/retiolum/studio_ed25519.pub | 1 + kartei/makefu/retiolum/tsp.pub | 13 + kartei/makefu/retiolum/tsp_ed25519.pub | 1 + kartei/makefu/retiolum/vbob.pub | 8 + kartei/makefu/retiolum/vbob_ed25519.pub | 1 + kartei/makefu/retiolum/wbob.pub | 8 + kartei/makefu/retiolum/wbob_ed25519.pub | 1 + kartei/makefu/retiolum/x.pub | 8 + kartei/makefu/retiolum/x_ed25519.pub | 1 + kartei/makefu/ssh/makefu.android.pub | 1 + kartei/makefu/ssh/makefu.bob.pub | 1 + kartei/makefu/ssh/makefu.omo.pub | 1 + kartei/makefu/ssh/makefu.remote-builder.pub | 1 + kartei/makefu/ssh/makefu.tempx.pub | 1 + kartei/makefu/ssh/makefu.tsp.pub | 1 + kartei/makefu/ssh/makefu.vbob.pub | 1 + kartei/makefu/ssh/makefu.x.pub | 1 + kartei/makefu/sshd/cake.pub | 1 + kartei/makefu/sshd/crapi.pub | 1 + kartei/makefu/sshd/fileleech.pub | 1 + kartei/makefu/sshd/firecracker.pub | 1 + kartei/makefu/sshd/gum.pub | 1 + kartei/makefu/sshd/omo.pub | 1 + kartei/makefu/sshd/sdev.pub | 1 + kartei/makefu/sshd/studio.pub | 1 + kartei/makefu/sshd/wbob.pub | 1 + kartei/makefu/sshd/x.pub | 1 + kartei/makefu/wiregrill/gum.pub | 1 + kartei/makefu/wiregrill/rockit.pub | 1 + kartei/makefu/wiregrill/shackdev.pub | 1 + kartei/makefu/wiregrill/x.pub | 1 + kartei/mic92/default.nix | 964 +++++++++++++++++++++ kartei/mic92/ssh/mic92.pub | 1 + kartei/others/default.nix | 878 +++++++++++++++++++ kartei/others/ssh/0x4A6F.pub | 1 + kartei/others/ssh/exco.pub | 1 + kartei/others/ssh/hase.pub | 1 + kartei/others/ssh/neos.pub | 1 + kartei/others/ssh/qubasa.pub | 1 + kartei/others/ssh/raute.pub | 1 + kartei/others/ssh/rtjure.pub | 1 + kartei/others/ssh/shannan.pub | 1 + kartei/others/ssh/ulrich.pub | 1 + kartei/others/ssh/xkey.pub | 1 + kartei/others/ssh/xq.pub | 1 + kartei/others/tinc/hasegateway.pub | 13 + kartei/others/tinc/horisa.pub | 8 + kartei/others/tinc/justraute.pub | 14 + kartei/others/tinc/tpsw.pub | 8 + kartei/palo/default.nix | 83 ++ kartei/palo/retiolum.pub | 13 + kartei/rtunreal/default.nix | 51 ++ kartei/tv/default.nix | 402 +++++++++ kartei/tv/pgp/CBF89B0B.asc | 51 ++ kartei/tv/wiregrill/alnus.pub | 1 + kartei/tv/wiregrill/mu.pub | 1 + kartei/tv/wiregrill/ni.pub | 1 + kartei/tv/wiregrill/nomic.pub | 1 + kartei/tv/wiregrill/querel.pub | 1 + kartei/tv/wiregrill/umz.pub | 1 + kartei/tv/wiregrill/wu.pub | 1 + kartei/tv/wiregrill/xu.pub | 1 + kartei/tv/wiregrill/zu.pub | 1 + krebs/3modules/default.nix | 12 +- krebs/3modules/external/dbalan.nix | 50 -- krebs/3modules/external/default.nix | 882 ------------------- krebs/3modules/external/gpg/kmein.gpg | 30 - krebs/3modules/external/kmein.nix | 193 ----- krebs/3modules/external/mic92.nix | 958 -------------------- krebs/3modules/external/palo.nix | 85 -- krebs/3modules/external/rtunreal.nix | 51 -- krebs/3modules/external/ssh/0x4A6F.pub | 1 - krebs/3modules/external/ssh/exco.pub | 1 - krebs/3modules/external/ssh/hase.pub | 1 - krebs/3modules/external/ssh/kmein.kabsa.pub | 1 - krebs/3modules/external/ssh/kmein.manakish.pub | 1 - krebs/3modules/external/ssh/mic92.pub | 1 - krebs/3modules/external/ssh/neos.pub | 1 - krebs/3modules/external/ssh/qubasa.pub | 1 - krebs/3modules/external/ssh/raute.pub | 1 - krebs/3modules/external/ssh/rtjure.pub | 1 - krebs/3modules/external/ssh/shannan.pub | 1 - krebs/3modules/external/ssh/ulrich.pub | 1 - krebs/3modules/external/ssh/xkey.pub | 1 - krebs/3modules/external/ssh/xq.pub | 1 - krebs/3modules/external/tinc/hasegateway.pub | 13 - krebs/3modules/external/tinc/horisa.pub | 8 - krebs/3modules/external/tinc/justraute.pub | 14 - krebs/3modules/external/tinc/palo.pub | 13 - krebs/3modules/external/tinc/tpsw.pub | 8 - krebs/3modules/jeschli/default.nix | 181 ---- krebs/3modules/krebs/default.nix | 317 ------- krebs/3modules/lass/default.nix | 932 -------------------- krebs/3modules/lass/pgp/mors.pgp | 51 -- krebs/3modules/lass/pgp/yubikey.pgp | 157 ---- krebs/3modules/lass/ssh/android.ed25519 | 1 - krebs/3modules/lass/ssh/blue.rsa | 1 - krebs/3modules/lass/ssh/green.ed25519 | 1 - krebs/3modules/lass/ssh/mors.rsa | 1 - krebs/3modules/lass/ssh/tablet.ed25519 | 1 - krebs/3modules/lass/ssh/yubikey.rsa | 1 - krebs/3modules/makefu/default.nix | 393 --------- krebs/3modules/makefu/pgp/brain.asc | 51 -- krebs/3modules/makefu/pgp/default.asc | 64 -- krebs/3modules/makefu/retiolum/cake.pub | 8 - krebs/3modules/makefu/retiolum/cake_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/crapi.pub | 8 - krebs/3modules/makefu/retiolum/crapi_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/fileleech.pub | 8 - .../3modules/makefu/retiolum/fileleech_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/filepimp.pub | 8 - .../3modules/makefu/retiolum/filepimp_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/firecracker.pub | 14 - .../makefu/retiolum/firecracker_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/flap.pub | 8 - krebs/3modules/makefu/retiolum/flap_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/gum.pub | 8 - krebs/3modules/makefu/retiolum/gum_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/latte.pub | 8 - krebs/3modules/makefu/retiolum/latte_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/nukular.pub | 8 - krebs/3modules/makefu/retiolum/nukular_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/omo.pub | 8 - krebs/3modules/makefu/retiolum/omo_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/sdev.pub | 8 - krebs/3modules/makefu/retiolum/sdev_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/senderechner.pub | 8 - .../makefu/retiolum/senderechner_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/studio.pub | 8 - krebs/3modules/makefu/retiolum/studio_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/tsp.pub | 13 - krebs/3modules/makefu/retiolum/tsp_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/vbob.pub | 8 - krebs/3modules/makefu/retiolum/vbob_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/wbob.pub | 8 - krebs/3modules/makefu/retiolum/wbob_ed25519.pub | 1 - krebs/3modules/makefu/retiolum/x.pub | 8 - krebs/3modules/makefu/retiolum/x_ed25519.pub | 1 - krebs/3modules/makefu/ssh/makefu.android.pub | 1 - krebs/3modules/makefu/ssh/makefu.bob.pub | 1 - krebs/3modules/makefu/ssh/makefu.omo.pub | 1 - .../3modules/makefu/ssh/makefu.remote-builder.pub | 1 - krebs/3modules/makefu/ssh/makefu.tempx.pub | 1 - krebs/3modules/makefu/ssh/makefu.tsp.pub | 1 - krebs/3modules/makefu/ssh/makefu.vbob.pub | 1 - krebs/3modules/makefu/ssh/makefu.x.pub | 1 - krebs/3modules/makefu/sshd/cake.pub | 1 - krebs/3modules/makefu/sshd/crapi.pub | 1 - krebs/3modules/makefu/sshd/fileleech.pub | 1 - krebs/3modules/makefu/sshd/firecracker.pub | 1 - krebs/3modules/makefu/sshd/gum.pub | 1 - krebs/3modules/makefu/sshd/omo.pub | 1 - krebs/3modules/makefu/sshd/sdev.pub | 1 - krebs/3modules/makefu/sshd/studio.pub | 1 - krebs/3modules/makefu/sshd/wbob.pub | 1 - krebs/3modules/makefu/sshd/x.pub | 1 - krebs/3modules/makefu/wiregrill/gum.pub | 1 - krebs/3modules/makefu/wiregrill/rockit.pub | 1 - krebs/3modules/makefu/wiregrill/shackdev.pub | 1 - krebs/3modules/makefu/wiregrill/x.pub | 1 - krebs/3modules/tv/default.nix | 402 --------- krebs/3modules/tv/pgp/CBF89B0B.asc | 51 -- krebs/3modules/tv/wiregrill/alnus.pub | 1 - krebs/3modules/tv/wiregrill/mu.pub | 1 - krebs/3modules/tv/wiregrill/ni.pub | 1 - krebs/3modules/tv/wiregrill/nomic.pub | 1 - krebs/3modules/tv/wiregrill/querel.pub | 1 - krebs/3modules/tv/wiregrill/umz.pub | 1 - krebs/3modules/tv/wiregrill/wu.pub | 1 - krebs/3modules/tv/wiregrill/xu.pub | 1 - krebs/3modules/tv/wiregrill/zu.pub | 1 - 216 files changed, 5135 insertions(+), 5130 deletions(-) create mode 100644 kartei/dbalan/default.nix create mode 100644 kartei/default.nix create mode 100644 kartei/jeschli/default.nix create mode 100644 kartei/kmein/default.nix create mode 100644 kartei/kmein/kmein.gpg create mode 100644 kartei/kmein/ssh/kmein.kabsa.pub create mode 100644 kartei/kmein/ssh/kmein.manakish.pub create mode 100644 kartei/krebs/default.nix create mode 100644 kartei/lass/default.nix create mode 100644 kartei/lass/pgp/mors.pgp create mode 100644 kartei/lass/pgp/yubikey.pgp create mode 100644 kartei/lass/ssh/android.ed25519 create mode 100644 kartei/lass/ssh/blue.rsa create mode 100644 kartei/lass/ssh/green.ed25519 create mode 100644 kartei/lass/ssh/mors.rsa create mode 100644 kartei/lass/ssh/tablet.ed25519 create mode 100644 kartei/lass/ssh/yubikey.rsa create mode 100644 kartei/makefu/default.nix create mode 100644 kartei/makefu/pgp/brain.asc create mode 100644 kartei/makefu/pgp/default.asc create mode 100644 kartei/makefu/retiolum/cake.pub create mode 100644 kartei/makefu/retiolum/cake_ed25519.pub create mode 100644 kartei/makefu/retiolum/crapi.pub create mode 100644 kartei/makefu/retiolum/crapi_ed25519.pub create mode 100644 kartei/makefu/retiolum/fileleech.pub create mode 100644 kartei/makefu/retiolum/fileleech_ed25519.pub create mode 100644 kartei/makefu/retiolum/filepimp.pub create mode 100644 kartei/makefu/retiolum/filepimp_ed25519.pub create mode 100644 kartei/makefu/retiolum/firecracker.pub create mode 100644 kartei/makefu/retiolum/firecracker_ed25519.pub create mode 100644 kartei/makefu/retiolum/flap.pub create mode 100644 kartei/makefu/retiolum/flap_ed25519.pub create mode 100644 kartei/makefu/retiolum/gum.pub create mode 100644 kartei/makefu/retiolum/gum_ed25519.pub create mode 100644 kartei/makefu/retiolum/latte.pub create mode 100644 kartei/makefu/retiolum/latte_ed25519.pub create mode 100644 kartei/makefu/retiolum/nukular.pub create mode 100644 kartei/makefu/retiolum/nukular_ed25519.pub create mode 100644 kartei/makefu/retiolum/omo.pub create mode 100644 kartei/makefu/retiolum/omo_ed25519.pub create mode 100644 kartei/makefu/retiolum/sdev.pub create mode 100644 kartei/makefu/retiolum/sdev_ed25519.pub create mode 100644 kartei/makefu/retiolum/senderechner.pub create mode 100644 kartei/makefu/retiolum/senderechner_ed25519.pub create mode 100644 kartei/makefu/retiolum/studio.pub create mode 100644 kartei/makefu/retiolum/studio_ed25519.pub create mode 100644 kartei/makefu/retiolum/tsp.pub create mode 100644 kartei/makefu/retiolum/tsp_ed25519.pub create mode 100644 kartei/makefu/retiolum/vbob.pub create mode 100644 kartei/makefu/retiolum/vbob_ed25519.pub create mode 100644 kartei/makefu/retiolum/wbob.pub create mode 100644 kartei/makefu/retiolum/wbob_ed25519.pub create mode 100644 kartei/makefu/retiolum/x.pub create mode 100644 kartei/makefu/retiolum/x_ed25519.pub create mode 100644 kartei/makefu/ssh/makefu.android.pub create mode 100644 kartei/makefu/ssh/makefu.bob.pub create mode 100644 kartei/makefu/ssh/makefu.omo.pub create mode 100644 kartei/makefu/ssh/makefu.remote-builder.pub create mode 100644 kartei/makefu/ssh/makefu.tempx.pub create mode 100644 kartei/makefu/ssh/makefu.tsp.pub create mode 100644 kartei/makefu/ssh/makefu.vbob.pub create mode 100644 kartei/makefu/ssh/makefu.x.pub create mode 100644 kartei/makefu/sshd/cake.pub create mode 100644 kartei/makefu/sshd/crapi.pub create mode 100644 kartei/makefu/sshd/fileleech.pub create mode 100644 kartei/makefu/sshd/firecracker.pub create mode 100644 kartei/makefu/sshd/gum.pub create mode 100644 kartei/makefu/sshd/omo.pub create mode 100644 kartei/makefu/sshd/sdev.pub create mode 100644 kartei/makefu/sshd/studio.pub create mode 100644 kartei/makefu/sshd/wbob.pub create mode 100644 kartei/makefu/sshd/x.pub create mode 100644 kartei/makefu/wiregrill/gum.pub create mode 100644 kartei/makefu/wiregrill/rockit.pub create mode 100644 kartei/makefu/wiregrill/shackdev.pub create mode 100644 kartei/makefu/wiregrill/x.pub create mode 100644 kartei/mic92/default.nix create mode 100644 kartei/mic92/ssh/mic92.pub create mode 100644 kartei/others/default.nix create mode 100644 kartei/others/ssh/0x4A6F.pub create mode 100644 kartei/others/ssh/exco.pub create mode 100644 kartei/others/ssh/hase.pub create mode 100644 kartei/others/ssh/neos.pub create mode 100644 kartei/others/ssh/qubasa.pub create mode 100644 kartei/others/ssh/raute.pub create mode 100644 kartei/others/ssh/rtjure.pub create mode 100644 kartei/others/ssh/shannan.pub create mode 100644 kartei/others/ssh/ulrich.pub create mode 100644 kartei/others/ssh/xkey.pub create mode 100644 kartei/others/ssh/xq.pub create mode 100644 kartei/others/tinc/hasegateway.pub create mode 100644 kartei/others/tinc/horisa.pub create mode 100644 kartei/others/tinc/justraute.pub create mode 100644 kartei/others/tinc/tpsw.pub create mode 100644 kartei/palo/default.nix create mode 100644 kartei/palo/retiolum.pub create mode 100644 kartei/rtunreal/default.nix create mode 100644 kartei/tv/default.nix create mode 100644 kartei/tv/pgp/CBF89B0B.asc create mode 100644 kartei/tv/wiregrill/alnus.pub create mode 100644 kartei/tv/wiregrill/mu.pub create mode 100644 kartei/tv/wiregrill/ni.pub create mode 100644 kartei/tv/wiregrill/nomic.pub create mode 100644 kartei/tv/wiregrill/querel.pub create mode 100644 kartei/tv/wiregrill/umz.pub create mode 100644 kartei/tv/wiregrill/wu.pub create mode 100644 kartei/tv/wiregrill/xu.pub create mode 100644 kartei/tv/wiregrill/zu.pub delete mode 100644 krebs/3modules/external/dbalan.nix delete mode 100644 krebs/3modules/external/default.nix delete mode 100644 krebs/3modules/external/gpg/kmein.gpg delete mode 100644 krebs/3modules/external/kmein.nix delete mode 100644 krebs/3modules/external/mic92.nix delete mode 100644 krebs/3modules/external/palo.nix delete mode 100644 krebs/3modules/external/rtunreal.nix delete mode 100644 krebs/3modules/external/ssh/0x4A6F.pub delete mode 100644 krebs/3modules/external/ssh/exco.pub delete mode 100644 krebs/3modules/external/ssh/hase.pub delete mode 100644 krebs/3modules/external/ssh/kmein.kabsa.pub delete mode 100644 krebs/3modules/external/ssh/kmein.manakish.pub delete mode 100644 krebs/3modules/external/ssh/mic92.pub delete mode 100644 krebs/3modules/external/ssh/neos.pub delete mode 100644 krebs/3modules/external/ssh/qubasa.pub delete mode 100644 krebs/3modules/external/ssh/raute.pub delete mode 100644 krebs/3modules/external/ssh/rtjure.pub delete mode 100644 krebs/3modules/external/ssh/shannan.pub delete mode 100644 krebs/3modules/external/ssh/ulrich.pub delete mode 100644 krebs/3modules/external/ssh/xkey.pub delete mode 100644 krebs/3modules/external/ssh/xq.pub delete mode 100644 krebs/3modules/external/tinc/hasegateway.pub delete mode 100644 krebs/3modules/external/tinc/horisa.pub delete mode 100644 krebs/3modules/external/tinc/justraute.pub delete mode 100644 krebs/3modules/external/tinc/palo.pub delete mode 100644 krebs/3modules/external/tinc/tpsw.pub delete mode 100644 krebs/3modules/jeschli/default.nix delete mode 100644 krebs/3modules/krebs/default.nix delete mode 100644 krebs/3modules/lass/default.nix delete mode 100644 krebs/3modules/lass/pgp/mors.pgp delete mode 100644 krebs/3modules/lass/pgp/yubikey.pgp delete mode 100644 krebs/3modules/lass/ssh/android.ed25519 delete mode 100644 krebs/3modules/lass/ssh/blue.rsa delete mode 100644 krebs/3modules/lass/ssh/green.ed25519 delete mode 100644 krebs/3modules/lass/ssh/mors.rsa delete mode 100644 krebs/3modules/lass/ssh/tablet.ed25519 delete mode 100644 krebs/3modules/lass/ssh/yubikey.rsa delete mode 100644 krebs/3modules/makefu/default.nix delete mode 100644 krebs/3modules/makefu/pgp/brain.asc delete mode 100644 krebs/3modules/makefu/pgp/default.asc delete mode 100644 krebs/3modules/makefu/retiolum/cake.pub delete mode 100644 krebs/3modules/makefu/retiolum/cake_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/crapi.pub delete mode 100644 krebs/3modules/makefu/retiolum/crapi_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/fileleech.pub delete mode 100644 krebs/3modules/makefu/retiolum/fileleech_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/filepimp.pub delete mode 100644 krebs/3modules/makefu/retiolum/filepimp_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/firecracker.pub delete mode 100644 krebs/3modules/makefu/retiolum/firecracker_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/flap.pub delete mode 100644 krebs/3modules/makefu/retiolum/flap_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/gum.pub delete mode 100644 krebs/3modules/makefu/retiolum/gum_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/latte.pub delete mode 100644 krebs/3modules/makefu/retiolum/latte_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/nukular.pub delete mode 100644 krebs/3modules/makefu/retiolum/nukular_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/omo.pub delete mode 100644 krebs/3modules/makefu/retiolum/omo_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/sdev.pub delete mode 100644 krebs/3modules/makefu/retiolum/sdev_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/senderechner.pub delete mode 100644 krebs/3modules/makefu/retiolum/senderechner_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/studio.pub delete mode 100644 krebs/3modules/makefu/retiolum/studio_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/tsp.pub delete mode 100644 krebs/3modules/makefu/retiolum/tsp_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/vbob.pub delete mode 100644 krebs/3modules/makefu/retiolum/vbob_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/wbob.pub delete mode 100644 krebs/3modules/makefu/retiolum/wbob_ed25519.pub delete mode 100644 krebs/3modules/makefu/retiolum/x.pub delete mode 100644 krebs/3modules/makefu/retiolum/x_ed25519.pub delete mode 100644 krebs/3modules/makefu/ssh/makefu.android.pub delete mode 100644 krebs/3modules/makefu/ssh/makefu.bob.pub delete mode 100644 krebs/3modules/makefu/ssh/makefu.omo.pub delete mode 100644 krebs/3modules/makefu/ssh/makefu.remote-builder.pub delete mode 100644 krebs/3modules/makefu/ssh/makefu.tempx.pub delete mode 100644 krebs/3modules/makefu/ssh/makefu.tsp.pub delete mode 100644 krebs/3modules/makefu/ssh/makefu.vbob.pub delete mode 100644 krebs/3modules/makefu/ssh/makefu.x.pub delete mode 100644 krebs/3modules/makefu/sshd/cake.pub delete mode 100644 krebs/3modules/makefu/sshd/crapi.pub delete mode 100644 krebs/3modules/makefu/sshd/fileleech.pub delete mode 100644 krebs/3modules/makefu/sshd/firecracker.pub delete mode 100644 krebs/3modules/makefu/sshd/gum.pub delete mode 100644 krebs/3modules/makefu/sshd/omo.pub delete mode 100644 krebs/3modules/makefu/sshd/sdev.pub delete mode 100644 krebs/3modules/makefu/sshd/studio.pub delete mode 100644 krebs/3modules/makefu/sshd/wbob.pub delete mode 100644 krebs/3modules/makefu/sshd/x.pub delete mode 100644 krebs/3modules/makefu/wiregrill/gum.pub delete mode 100644 krebs/3modules/makefu/wiregrill/rockit.pub delete mode 100644 krebs/3modules/makefu/wiregrill/shackdev.pub delete mode 100644 krebs/3modules/makefu/wiregrill/x.pub delete mode 100644 krebs/3modules/tv/default.nix delete mode 100644 krebs/3modules/tv/pgp/CBF89B0B.asc delete mode 100644 krebs/3modules/tv/wiregrill/alnus.pub delete mode 100644 krebs/3modules/tv/wiregrill/mu.pub delete mode 100644 krebs/3modules/tv/wiregrill/ni.pub delete mode 100644 krebs/3modules/tv/wiregrill/nomic.pub delete mode 100644 krebs/3modules/tv/wiregrill/querel.pub delete mode 100644 krebs/3modules/tv/wiregrill/umz.pub delete mode 100644 krebs/3modules/tv/wiregrill/wu.pub delete mode 100644 krebs/3modules/tv/wiregrill/xu.pub delete mode 100644 krebs/3modules/tv/wiregrill/zu.pub diff --git a/kartei/dbalan/default.nix b/kartei/dbalan/default.nix new file mode 100644 index 000000000..fadf187db --- /dev/null +++ b/kartei/dbalan/default.nix @@ -0,0 +1,50 @@ +with import ../../lib; +{ config, ... }: +let + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + owner = config.krebs.users.dbalan; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum = { + ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + }; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill = { + ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + }; + }); +in +{ + users = rec { + dbalan = { + mail = "dbalan@thaum.space"; + pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60"; + }; + }; + hosts = mapAttrs hostDefaults { + v60 = { + nets.retiolum = { + aliases = [ "v60.dbalan.r" ]; + ip4.addr = "10.243.42.12"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6 + RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr + 1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU + uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz + p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm + bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy + I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD + mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA + OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy + AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds + 9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC"; + }; + }; + }; +} diff --git a/kartei/default.nix b/kartei/default.nix new file mode 100644 index 000000000..1b11f0fd5 --- /dev/null +++ b/kartei/default.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: { + config = lib.mkMerge (map (path: { krebs = import path { inherit config; }; }) [ + ./dbalan + ./jeschli + ./kmein + ./krebs + ./lass + ./makefu + ./mic92 + ./others + ./palo + ./rtunreal + ./tv + ]); +} diff --git a/kartei/jeschli/default.nix b/kartei/jeschli/default.nix new file mode 100644 index 000000000..fe12c16a4 --- /dev/null +++ b/kartei/jeschli/default.nix @@ -0,0 +1,181 @@ +with import ../../lib; +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = true; + owner = config.krebs.users.jeschli; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "jeschli" { inherit hostName; }).address; + }); + +in { + hosts = mapAttrs hostDefaults { + brauerei = { + ci = false; + nets = { + retiolum = { + ip4.addr = "10.243.27.29"; + aliases = [ + "brauerei.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEAvC4AjkAoH01sKDXE3xVM2YUpPQ9iewIPQCCCSWYZQh2BWOfl+FFs + pW3ix5FjAzTxzkIf5NxW0usff8UTkFHB+sGZLZ9DPqvb8AM4GJsvXR06LORHtBlo + Vt/g1sndD3i3NXn5IJ2G4mZDImQjI3vuTkPyFQsR5LRAaPQgIORHBtN/X1UEVMRq + gThUeMb1kZ/y4AmUx0pepQYmAcYf0cN/7r9n68dWJCZ7DWX3q49bIz4TPG519IQp + KzoCtdXImKl6cFDepa2pRmIW4SPaDXztHDmXoJA1NBfdDOMOW67FUjzhcwZS9usM + q9x/1Tph63PJy4Vc0jsJnY29WrInx/nVAb22QuTOXQ9SfBNoOATYoFoVmY+yw1FX + 67y3bRbq8lQk1y3F2vZVYxQ52WiYLmtNtuzUMZHErL7VgFIEfQKoO2Oa/WZXdgSJ + Asmn67NSicc5QNI4rBUthju1JDuM/3ja0yCXh7trDCmPxKd94KzxMlq9VA6S2f/Q + uke3VnXEDqOWOZdcon5DnRTT1y4xjk1XHuO/9tVDcrL7x1unkdGL9BNMU6opJiLm + batAtKQ/7EJrlgIxYpEQyCNAjj0dEn0BgNZNqQSKkeGe6giVMuHtnXeTYMEraDas + DWxHmGOvYWrs3tZdELkB/h/y7DdijOabS4AlLOljKHiacw8e0D7p9qeIU2EwRaXD + ebPYaAIIWn1FU1aCYpvF4YJYbdNJZg6aKpoWNz86ZjO9t3GBkf612xB7fRO9mbTg + Ww2Hl6lir0rnlo7P9M1xhQqmZ0phaUjkqYRCaTOW1kC5ACpJJ/Jrq0oyplHVBY8Y + IvzPDA4nu/YOpyhQjlQwcVt62NgW0CZdwp3ZnMMoy7akgEo71bjoHbRxAeWy5oRB + 5CgGvQAB+qdf97XjZ5RggWQ2rglkCn49X4fXN6r4zuaIji1VVFTEZGRNsi0vt1YC + Eedz68auu1ZDO1qwNcX00n94E09B05DQBjE/6SAX6wBCY/BwUtzdQ9JnyfHNSl8i + dmHBPLssB9Dku4U0mo+LLer+bf6fiR7r5gp/KRuY/tMGFahprZRfWFtyO2Pg1cYI + HCdmDmSlbFq3EJmBl0egbU8Ym1m6t4EvPcoTxwy3ljZWybHlhm4wvhGcA/2bDRZA + jcXSL3G7buBOf8WJNYnMXCtPEyIYUdRyNvz3EUfvmbzZDhHd/bc0pJRrrtI7HqoF + +g67gCrtXx6i9PD0LSDJ1jExMZcmU1+DPg0dzDEmLHvW+HW538/HXGJ8FsunWBwD + /8wsQfoqAwlBSucLHDDrYVvfSp0+TLzg/HDMhNkcN7d5hm3syrI+IN4gEEjYeZIO + g7fjR1X7g5FGCDQnRA/dzNsZVnk6UFpCRwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + enklave = { + ci = false; + nets = rec { + internet = { + ip4.addr = "88.198.164.182"; + aliases = [ + "enklave.i" + ]; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.27.30"; + aliases = [ + "enklave.r" + "cgit.enklave.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIID8gKCA+kAt8zRg/g0jRmqXn6rVul/tdjWtLPcu0aTjNJ5OYZh50i7WqWllGVz + +FfJicuq/Xd1l5qrgUN7MD+Wrfeov+G9lzSgacfPhXMujutXxX3JwW/9f7UN+yoN + Sw29Zj+NWb45HyI5WVwMQ332KbKjNcWdTRe+O39oE6bZWg54oEeZOad2UJ7/83sB + yNEV/B7bJ0+X9HR8XCKrHI/RkjixNauMDlquGzoVyqLKIWwUnBl9CwtNBCYHbvYD + G1rWeCewd9Z6KsqcKSePfa4mn5eOluWcXmbrD/sx8oII40oNUs3kI7a2HExB2Yle + P9Q5MQrXRZfI3bdrh1aHieBodZLtosHPNuJIpo8ZaCX88WLhGR3nhJa1vvM1vNwd + TSSAdobdZUcuIQJKnVxwP4rXQAKPkN2+ddy+tXCGvfFAsdGKDbgPy4FgT+Ed28vg + 3W0fef/3sDNGPY1VAa58/pLz9Un3kNJKUjt00tWamo8daU/3mxZs83nIqDHLq86l + 1+wCl37l+KHe7pUVZ3smoezPRCMoUThmc7VzupbQG+piiSSyiYQi0CuBusa44t76 + 1lMr3pOdRBBAoetZ745ZZVx8s+eYk+C1BmQbLJAfzQ9sbH3LAwXpuAH70mtrFqWl + C3LF89/5mZRbFxALZv9cVx3LqIZDjwpKlwPWorZwo14L+eAagdPCcnVNo6ZcVow2 + mAdNnf7C33fvRsU+rUEIZVPsBHZfAv+f0jqQ65TMvl32VZ0FlxxahSZSj64n8iwr + Z+DOxKA9OcAaTrHQReYLpWUfNceVDLfOmQLeih8hNgClgqPgYJP/OtN+ox3NP6ZX + +Gkx9HO7a+agtyJxjh3NYbT/NkRW8HcjW8KgRN7jlE9sQi5/FoxKQOUdHmLTvjdk + YJXqdPWMYHj2xt4A8x2nzl/si6lwDsod+zdY5RGSdYhoybEOs4wZZIuArmm8GP+C + IbtgutknAuqvm2FOxyWCbLFTimgqC5BgrNUsXFJJLsHQ3bWFJtVpJlSa5Y0iypCP + Yr/cefbDrGfs3eCy7FlYDIkCcH06FPm1LTs6USisrtKFObRQN+zPSPln9FysNmpH + h0YUhrWdTO+wN78K5gc4ALPNUlyqmH61h8jS2qSdrRZLcZWIi4K4banG6EJcWRvV + kaVxghY1i/Z9x43bZRpBPvpM462IDx08vYX9AcFmF7JfjAXPwJO/EqZVsY1YPDzO + vdXWrtTORO8R8Pjq3X952yNqgHBcJQh7Q9TBcj+XBtkidOSnTt3Sp/RumsucUW19 + 0wMempDPiCOAadLmR4cW5XL1ednXurkd+5gHCmB1Sl7FueP5dgLB/mhXjmITE3zH + aQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + + bolide = { + ci = false; + nets = { + retiolum = { + ip4.addr = "10.243.27.31"; + aliases = [ + "bolide.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEAn9mkcX4WvyClMxiHgpvM7nNFbGuUVIxM71luzhfroTxMxcWBcik+ + m7ensF256uQeUw4+y/d3wVj06ARnJubdGa1zrM54ghLp6dDTULnUhPfgIbCeP+Zz + A9hlZsD+yx9ZkPmSMhaakz5dKVlx9KFy4IrS42uGCquXIZ979loZ0372MxYxmPEY + sIiuZXQcLOiJa5ajJMHS2UEkr4rCvpa/nOJ3AcEl0QbCjX1WALjPZEw9Ogrwergy + tv0d8dkXHB80DZ4sEjA7+BxB/sVrI4YpT9diTqEHNlkhjYjk6x9o0aBAIfJoyFYK + Yo2eb8SYN4qwoNbtXr5JLvT0i6thT2R+jXm9h11NIGS91x4cJc2P7eIZI2J33gsV + VOfcZ4BfJSQSbd1G12EpgzM6UlorNGMqG2DfH3XPbQ0Ez19tNlEUqlbT3dnvVA5y + kpwWDEJrZB3SDvwtHQf9/4j/jXFlMNu4GE1kcwm+a4LvGFne37atY3irv3xZ9ih4 + ygRbKfFFmxTqK3Cl2Vwxf/dsUm/P+hVF5nzROu7v7wkyU90nYp/AnpXywc4rEAVj + M8/7H6OlY59yqElJkSdsMum7HtytpsvvenQWW85Ycz+/Ti3nmYuaILgme2Q6JfA3 + c6aNRv8A31m4GIuacHNGJOi2WfJab076bYw82HnX4bVoft9i2SxjZrXr75euz/4k + jGC4A4YQnrUi4wTBiSc3jm69wb3NXHYoKHjDIwDUUI91vUOKaTO/09RlAYr5EWT3 + nekSaOu9nCrpTR6dq+yc4MktFjHBKPs2ReFKfDHkYzKiNSn5Ei9g3QhpCMF1LE19 + RDvBbFawXtH3M8JHofalwsek44eso0tWA3RzFmiH2WzSLD2UV8a2la9vIfJbMvw3 + LqunwCgC0QWtSTjh+X6H0MBKcGcie5bisKfkXQExx0cnNERDoXpe1E8g5EmJBt2B + 8anRC6thNhpAuMTB8hZy+RP9AsRBxUE9lr9oKDH3JrHRBk1S4LktuNL3Zf8UqnRO + s7hGPzr8nw5yXV61xXFmXwA0snBsNfo83XpuiWJgz2qrz6/EWLZBgnLNyq22udxl + O9EGExulbija5rmrSp1MGi7K2K2qAx06KP3C1TerpSY0BW6ZhX/4MK/WIRihDBG4 + JLg/gxX/4FES2qGmjCkW74TQDHq6B8xFuJQ3y5nD1cZBN4+VDNb1+mQbR06Zn0Sc + pDASYWimJzqxR+s/cr0a8PwoE/RdjwOYlXIOW4tDcK12Am6XRRf87cycG9ueNzhy + RwrvUJ4JMyUA5sbo2sbumAMqiytNZ7ReRVK6S5IiMpysr4/lHb2OQSPhQArDCprg + KXNgncRZsrL9VgVueVmOp45qkAkapeQ8wQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + + reagenzglas = { + ci = false; + nets = { + retiolum = { + ip4.addr = "10.243.27.32"; + aliases = [ + "reagenzglas.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwYLQr5m/x7Q6w8sL8QwI + GSEScP4V1Eun77mpV5ygk8FBV7S7Cj64QaEntM4NPNMS8DOs3qDkXQbC5yQQhVdG + rL191UK7B1VxprsyVDY5wj2bR96vOX9KadYSpk2lEaB2yyA8Xt2t4VrhcDOIk3k+ + COMIbeqFd4rs5B2kV8p1KIFScng0x7uDhEvpn8zTakbtXWzcqirzBzqLTt9GqHE9 + wXAca7iYCabhp6tzrOF7ifkRXgFy9+RPjUb8cqOyYL0k4zRSqNRDUQaySgUHRUwo + EzE/piLnBQHX/7tc9PdNPHizL62HeLOCnsKB+MoaJqsey6KPhxVDwYw3dJ/C3pCS + wFMUlt6D/5LxPL2yXJRRGb+I/hLnKGzbfB7Hz4Mh2PW2NMtdK0NMouDdH1VRnx68 + QdL0MetHECz+TjpZIrn0Y2OCizDDGiKDndafQi4VPnWGulYUHtpIIMHkAS6xCHHn + 5Rfe1LRxNXVSfqcQEYbjf+PNmwUw8etzBwYzB6zFFnQhw+6kWBPqnB38NkQ0Fzhc + h7isl2iq9aotObk9p53gj1i8eaSCeq6C5sFM9Bs3d00HfCLNTCNMqYZynmapo+3Q + 0P6oX3YWzM2oUiknWKKOVyDUwCJolwlAeNOvlwCDzsiAAAB7INYBnJCIIPPcoE/q + iddgcSx6Poq15h8H5tr439kCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + }; + users = { + jeschli = { + mail = "jeschli@gmail.com"; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMPuFzd6p3zZETIjoV5mRxCTQgeZk9s/P374mEDbj58wDTT0uGWu2JRf7cL1QRTvd5238tYl0eSHXH65+oaFB/mIvmiRnuw6qQODOMHlSbJN5/J2hEw/3v5gveiP1xNLfKlFhj6mmMRF7Etvzns/kLGLCSjj1UTlfo4iHmtinPmU+iQ8J4foS4cZj4oZesF8gndkc2EFMfL6en7EuU8GK6U9GtwKNL9N4UoUZXu8Nf00pkn/jrpmsDdI4zdVVAxWeu/Lo4li43EVixLcfwQiwzf6S9FvYIv30xPdy92GJSJwxm/QkYuc48VZWUoE+qThf3IEPETtX+MRZrM8RTtY01"; + }; + jeschli-bln = { + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhQdDQFMxXOjbC+Avx3mlcFHqQpFUk/q9sO6ATA65jCV3YzN11vhZDDv54hABVS2h8TPXs7Lu3PCvK9qouASd2h4Ie9cExUmn50G/iwgFIODsCugVYBzVt1iwaAdwz1Hb9DKYXbVXanzVJjimmrrlQNvsyZg85lcnfyedpPX5ad+4FdSP68LHqEHC18LTitldR6V4P1omaKHlOtVpDgR/72tDgbtNZDBn3EU+TPk9OLTzjc6PinPw4iIvjEfiu14APwXpFDIqT7P7SjOEFpa0v/1z7dhxIy/Z9XbqyEdUfhv3PjZR5K2C+VzR7g6jVEVR2xFId51MpLv/Un4/lalbphBEw3I90Rr8tatOJiFhyrXbaKTcLqp1sIu05OxdPkm3hzfmLIhoKxhaIlXH7WQ9sAqxL1NAQ7O+J6yT4DMnwKzvpkkJjBaGtV84Pp1cccfNRH8XXID3FkWkrUpdgXWBpyLnRq4ilUJTajkU0GSdXkq8kLL3mWg9LPRTg3dmDj61ZB/qhjM61ppwHJvDRN9WI5HruXIU6nOQjh5yE2C/JZfLcsZD4Y1UDBy5/JSZrCVT2sQjFopkkYEkRCbX7oITHOH4iyRdxZkKWLUPboFrcmBpXO+owCEhO4JZrtfFWMC6qM++nrmiZWOrdIOIvdYHWluhKR2shlkisEKQP5pUqkw== markus.hihn@dcso.de"; + }; + jeschli-brauerei = { + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"; + }; + jeschli-bolide = { + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGnLjnFw3OYJJy/ID9RCWHTtnVcKRfROIj1tJdJZoOWzGMY+kgyCN/WNBg7JJtCW22yU5O3ftSdN851URCBZ6FgYmcvURBxUOKPlyX5EoxUrrnbmtxJM9+OIT3Dt2RWfrqX6aEQ57nwe/qIFKo9UaoedB/FOzsw1f3U5zBxVuWVRQrsnPxkbPWHmPAGB4CvL897tb83uecDexmGZpLe/0dN4768i2nYaSwrNL+HtqZCvkEqEmnfHlmqqXhiuq83q8su/WSXAtDbUVucG3frgOir14YCbrWKf59+MugxhYOEYBqp+KME5+niFGoulg+NBW/HzH6U+DiH4RFBJhCu1Gr jeschli@bolide"; + }; + jeschli-reagenzglas = { + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXgtbgeivxlMKkoEJ4ANhtR+LRMSPrsmL4U5grFUME jeschli@nixos"; + }; + }; +} diff --git a/kartei/kmein/default.nix b/kartei/kmein/default.nix new file mode 100644 index 000000000..8e9e108e6 --- /dev/null +++ b/kartei/kmein/default.nix @@ -0,0 +1,193 @@ +with import ../../lib; +{ config, ... }: +let + maybeEmpty = attrset: key: if (attrset?key) then attrset.${key} else []; + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + owner = config.krebs.users.kmein; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum = { + ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + }; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill = { + ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + }; + }); + ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); +in +{ + users = rec { + kmein = kmein-kabsa; + kmein-kabsa = { + mail = "kmein@posteo.de"; + pubkey = ssh-for "kmein.kabsa"; + }; + kmein-manakish = { + inherit (kmein-kabsa) mail; + pubkey = ssh-for "kmein.manakish"; + }; + }; + hosts = mapAttrs hostDefaults { + ful = { + nets.retiolum = { + aliases = [ "ful.r" ]; + ip4.addr = "10.243.2.107"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAwoaPWvnl+g9KYh8coXj/RAaxGHEtbuTG2NpWxbeJG0CemxBoYz2c + EE/2JbGRrSaNj3nrFWBTqmTuEB7nHyurFe06G0t+Or5eCBPg2zS5LiQE/LTZV08t + 5jUm0jfOQHWbtCMrFGisH9R9Z3XId5cJGN1KsYg4R9RkKIKVVhKJ7maBWbsc+V5G + LxKEdDL7T4AfesQzzlAYUQ/s+zHlwJ2fyl3NrBg6Nc27C2A2g9pefhJbn0h8lWdn + I627DIrjDMvoSTiF1MKD/N4bXbF665gflUxbI5DTTHCtWf+0lP9i8mXP0kXQU4By + 2QLdcpQzlHgnprI+qio1ioKuojcPcryYaOnpQWFHL6AqHzkRJRpMLPBhgQPbpz1v + BaShxGBasSHO+Htw5PbwrNwWvU8eH5joRQu3PBgzATS9M91RN58i03u2oQMt3Qif + e5USnfk3iYir/qkJWJk8m2kveZy0giI8AaRISu0jXNsB8euQXP2dxTKIF3BPEi5m + MZKTGTS4Tz3alpHWaeJtfJT0ihq4HME91rTKgP+CIHWYR4hmTPyYgrX0mm2MN+wi + G4vJXtcmBaCdcQZ1buCBVWJCUJ0bWZ3Fs4Ohjw6bP3iyb+Q5UOcXNyOi5NpaUbAi + 47F5O6hvEWPxHRhvPD/9NASjRSxaUDbBVj5lieUXCHnhMSAHo1H3kHMCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "id5vF2fBwUCMrT5HLvIpeXmvQMQoksUBYXOdc9RyOUF"; + }; + }; + kabsa = { + nets.retiolum = { + aliases = [ "kabsa.r" "kabsa.kmein.r" ]; + ip4.addr = "10.243.2.4"; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtz/MY5OSxJqrEMv6Iwjk + g/V58MATljj+2bmOuOuPui/AUYHEZX759lHW4MgLjYdNbZEoVq8UgkxNk0KPGlSg + 2lsJ7FneCU7jBSE2iLT1aHuNFFa56KzSThFUl6Nj6Vyg5ghSmDF2tikurtG2q+Ay + uxf5/yEhFUPc1ZxmvJDqVHMeW5RZkuKXH00C7yN+gdcPuuFEFq+OtHNkBVmaxu7L + a8Q6b/QbrwQJAR9FAcm5WSQIj2brv50qnD8pZrU4loVu8dseQIicWkRowC0bzjAo + IHZTbF/S+CK0u0/q395sWRQJISkD+WAZKz5qOGHc4djJHBR3PWgHWBnRdkYqlQYM + C9zA/n4I+Y2BEfTWtgkD2g0dDssNGP5dlgFScGmRclR9pJ/7dsIbIeo9C72c6q3q + sg0EIWggQ8xyWrUTXIMoDXt37htlTSnTgjGsuwRzjotAEMJmgynWRf3br3yYChrq + 10Exq8Lej+iOuKbdAXlwjKEk0qwN7JWft3OzVc2DMtKf7rcZQkBoLfWKzaCTQ4xo + 1Y7d4OlcjbgrkLwHltTaShyosm8kbttdeinyBG1xqQcK11pMO43GFj8om+uKrz57 + lQUVipu6H3WIVGnvLmr0e9MQfThpC1em/7Aq2exn1JNUHhCdEho/mK2x/doiiI+0 + QAD64zPmuo9wsHnSMR2oKs0CAwEAAQ== + -----END PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "KhOetVTVLtGxB22NmZhkTWC0Uhg8rXJv4ayZqchSgCN"; + }; + }; + makanek = { + nets.retiolum = { + aliases = [ + "makanek.r" + "makanek.kmein.r" + "grafana.kmein.r" + "names.kmein.r" + "graph.r" + "rrm.r" + "redaktion.r" + ]; + ip4.addr = "10.243.2.84"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAwvtxCG7Vua6+WoStGrkL+H/g4BABidL2eikDBtbxWN+oGv2Bjrwb + VzXB8lMTCsu6M2wb3YTXXzAkc5oI4gE1sSOiCKyhYnQRrndc91KewquxTPfKL19u + JiRqax/E49IvWKARPRPXUhPfU/NNw1oIxhbcFkjwJmqDvh9SWhl5VZVynCE28ov5 + hjjhqNXZHOR8CQqPJeY8v38OAAwTWvJ6rhEQwp5dLBqmRAbvPXj7OOzCxKluDY2X + Dl4k6QAjI6NddJXsXHRYRNGiB0CP1UBC91NDtW2+HIjf1Q1Lip5agO4/SkkSUt39 + de7uYKrNcfyDUBb9Suconw0HvW+Dv4Ce5um+aa1RUrWIQdqBCOECbsXYKp66vAnK + Hidf2uznFseWxiyxz1ow8AvvSseABej5GuHI/56lywnFlnHEZLREUF/4PT+BZ0vE + uPRkzqeSNybsYYFieK8aany/RmJaoIsduGutgAiKBvkCCHru895n02xuLhZVkM2G + zfVjA2le+Gxr21/sVPrHfxResLUh4RA8fkS7erWMRF4a3IOpIS4yrM+p4pZTlTxO + Ya8buh4RgyE/0hp4QNpa4K7fvntriK+k6zHs7BcZcG2aMWP3O9/4DgjzBR3eslQV + oou23ajP11wyfrmZK0/PQGTpsU472Jj+06KtMAaH0zo4vAR8s2kV1ukCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "GiAe9EH3ss+K71lRlkGaOcg/MrV/zxNW5tDF0koEGvC"; + }; + }; + manakish = { + nets.retiolum = { + aliases = [ + "manakish.r" + "manakish.kmein.r" + ]; + ip4.addr = "10.243.2.85"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAtZcWwm1tTFoMcO0EOwNdSrZW9m2tSNWzwTGjlfuNFQKPnHiKdFFH + Hym72+WtaIZmffermGTfYdMoB/lWgOB0glqH9oSBFvrLVDgdQL2il589EXBd/1Qy + 7Ye5EVy2/xEA7iZGg3j0i+q1ic48tt6ePd4+QR0LmLEa8+Gz5X0Tp9TTf7gdv+lB + dVA6p7LJixKcBsC5W0jY5oTGUP0fM844AtWbpflmlz0JZNWrkJhCksOnfhUzeIsF + 1m9rCsyK+3jGMV6ZxhEbwaOt99Wlv0N0ouPePw+xLnnGTu0rJ/RKWceYnWnrHIyb + GgGIHnm9GbMd4mAfyp63emRYDMclSQSrddpDUL2GK8TCTttr6bZm4M/pFuXQGJsQ + EG0iaE8FM+nCrhmCRnX8dRWcNmHybd34UoVGCDJ6u+ksLIivqgWeY41CauqN0vQw + U4zqp6XMXRB6vlVcyLzdTASxVKaLJt+BuvHcyqz/YslJ97z4yoLE3d7s/9gZkM// + +FD970bsyvKpKRx72rNRCO9tQJNgPsaMiW5nuHUFw71XxX8o0w//5a0h5cdbiT64 + I4ISySa4ynmHI1/v0a937/sFS0IvRI1Va0Efh2VxasNIqpDmM3hA8auPDj0Js/4c + qVnWMbvqqYlY9l//HCNxUXIhi0vcOr2PoCxBtcP5pHY8nNphQrPjRrcCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "CjSqXJMvJevjqX9W9sqDpLTJs9DXfC04YNAFpYqS2iN"; + }; + }; + g7power = { + nets.wiregrill = { + ip4.addr = "10.244.2.97"; + aliases = [ "phone.kmein.w" ]; + wireguard.pubkey = "09yVPHL/ucvqc6V5n7vFQ2Oi1LBMdwQZDL+7jBwy+iQ="; + }; + }; + tahina = { + nets.retiolum = { + ip4.addr = "10.243.2.74"; + aliases = [ "tahina.r" "tahina.kmein.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAtX6RpdFl9AqCF6Jy9ZhGY1bOUnEw5x3wm8gBK/aFb5592G3sGbWV + 5Vv1msdLcoYQ5X4sgp3wizE5tbW7SiRVBwVB4mfYxe5KSiFJvTmXdp/VtKXs/hD8 + VXNBjCdPeFOZ4Auh4AT+eibA/lW5veOnBkrsD/GkEcAkKb2MMEoxv4VqLDKuNzPv + EfE+mIb/J3vJmfpLG/+VGLrCuyShjPR2z0o5KMg8fI4ukcg6vwWwGE3Qd8JkSYMz + iy9oIGo/AJNyOUG0vQXL1JU/LFBXKty515UmXR2hO/Xi1w92DT8lxfLYRgoseT2u + i4aHmfl49LGkpQVIFejj6R0FrZBd5R2ElmQbmxSKS1PO9VheOOm02fgVXRpeoh6R + FdDkFWWmELW921UtEB2jSIMkf5xW8XmlJlGveaDnkld07aQlshnnOUfIs3r7H+T9 + 9g1QxiE7EFeoLrfIkgT81F+iL6RazSbf9DcTxvrKv+cZBrZKdcurcTtX0wFFD4wZ + 0tzYPTcAnv/ytacf2/jv/Vm3xNFyjrBLM6ZtJtZ6NAJvD+OW4G/o2941KCu1Mqz/ + VFAJW3djrqfASNCU1GqtHV0wdJMN8EszDNYdJ7pyw6+rG2PeYCVfE7wNe3b6zYqY + tUYhU1xkQQD4xgOMX3AdSI/JGjxMBBKlJXafwdDW8LMBWBPt+9Xq2vMCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "m8fnOzCx2KVsQx/616+AzVW5OTgAjBGDoT/PpKuyx+I"; + }; + }; + zaatar = { + nets.retiolum = { + ip4.addr = "10.243.2.34"; + aliases = [ + "zaatar.r" + "zaatar.kmein.r" + "grocy.kmein.r" + "moodle.kmein.r" + "radio.kmein.r" + "home.kmein.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAyEeesa4mDNAT2QT/PxfmildhqawinWTcUiF3V2wsfy3eXJCFySKM + pRKrLnOpkd2RoLWA88o0/hAfTdel/fXRjAx8TtKlh1n+UoRhYOGqLJKUZDVGImjJ + xTPGCC+g4b2cNCYU3RVdttSu8+zlfO6ktkySULKbVkJN3ocQmSCmWs2tP6hYvk2i + 5OB3Uxw+OwhtVO76dlby6Idmc8o++ZVm3snbYsgiR7RQf9vHZHR8lKr5fZ/ycq2Q + T+agY/cFLJ+jhfUi8LFtKKcqGLyKKrDywADQWTcIG+cjV33k6ftW678jvsEft6e6 + 2RgspZX5XciTbMPIPGMcH5NZPXi6youcUcqcqDtok7Y1Jj3N5dSmJno5ojyKolZp + PRt4bPx9WuerjzwL5gG9E6n6l24neX6Mq7RDyJfBYtpUvZblezXWUuoReGNczAvj + zZrAKXKnuCEgQ/du7pT8V6qHG5NjovIMm0VDxOJV5jBL4NUox3PGbW5g0vS/nxHc + xKWPq+4zoyA6MsL9sGCqIlSWEqNnSERX19GbJZNYjm1J+aGZ/fZ+MaDJGuCzlxn4 + yjLBuuXSkIrPxxtIV+Yh8Wy5qDNRN7XS1wNxUcmjQn0+7Ou/4W+cTWJ/+yZyC1DK + uYEZh8YBMJo0E4bR4s04SFA6uLIvLigPELxzb0jwZSKXRnQhay6zzZ0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "GYg9UMw0rFWFS0Yr8HFe81HcGjQw0xbu9wqDWtQPDLH"; + }; + }; + }; +} diff --git a/kartei/kmein/kmein.gpg b/kartei/kmein/kmein.gpg new file mode 100644 index 000000000..1fa694326 --- /dev/null +++ b/kartei/kmein/kmein.gpg @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBF0GDc0BCACZi+PQgX6Lefq/36X68W+XEyA2fWbMPJE1vAHETlzcMluOIL++ +6KRYqGr0ieFcaXNn4joNDN7cFMN0YHF2Rr7k6SWjOtcHS1RnZ8g/N+uxEvTBug60 +tRbhcO80rnHHb25jloV//wAAWD2ukTtwXWAMVBXwEXMc1JBOlFXcIDlNPdBMJG7A +/5+AKMXg8HYUSbsad1SyagZbo9KuC/s4BVReBr4vK/zTo1gIwy95dQrBnC31O7Wa +/s9CpNG//QJAbAxMN15P7Yo9xxG/AALjPSnKamp3yJsSiSyxhXImXEZtxU7ahq3t +/DzuI2BbIv3Nj/39IZLgETrplzKUnWV18TzdABEBAAG0HUtpZXLDoW4gTWVpbmhh +cmR0IDxrZm1Ad2lsZGU+iQFOBBMBCAA4FiEEnt6CzHKjQ6lSZtD0RIVwdKOsyLcF +Al0GDc0CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQRIVwdKOsyLfHDQf/ +YLaprugBmzaCvAGADzdgSrQJyFY2BnncVH1b/0HQ1p1smrcvKqbCXxlUmrWM896B +7xHpcDPz/mMfNPTvSrcUHgqVkiiSsSzno1RCmeHKMiUaR/M6Ik59aa/EzxJf/QDT +3QYy3mFIj44M0ZWjRZJ/3RhVT6QxaUh7fRNzduVE0LH6suybPcTcnIUGSURKwG9F +cTXtMJA3+7UGj/emHk8yaFOWMJDY6h7rnXxiD5xcxapjrygFFNfAuaA2NcY3HEeG +yOVYGwPQhwFWjbUhC1RIYu2fz7fkD11zQ22gt0aEn5fqiIVssBEvHJqNp577QxO4 +6q4ag1Js/gbus6PfQzlvqrkBDQRdBg3NAQgA1ewP1suBTB5UxyqEl7fpisD6hZ62 +9TDQUSn2yfxa8W1wtTH5i1Mw0p5e/+vPFqfu2TMSPoqASq9sDjeWSsiCdtaHbLu0 +y1W5hhQwGcxqauFJBSj/VpDnKd38inOvbW5PwDqZBqnbRZOpsdvsQ2dlaS0/5AJa +RqJXNRc7Owg3ssqeBuhvZKeiPNADn3k9ZbAYNfDkYPJDbHTNPd8eu44vlBlMC7kX +IkucV8zV31x9lCZx0cjI+OQbd/4GOSxBKqjBX5SBUQAlzHUT2CLoeKkivxbnHH40 +gV1PP/3QVVMJjkAot0v/n95KRj78iYOU2PrP5DiPogtLO4v14/lE3eaENwARAQAB +iQE2BBgBCAAgFiEEnt6CzHKjQ6lSZtD0RIVwdKOsyLcFAl0GDc0CGwwACgkQRIVw +dKOsyLfjegf/bX4MkzqsIOOAcmVla7M29Uk0HX5j4dK5t4Z7kx8OnhbYUMr8vr1w ++2D5HiaV2kib5yhI17z9lL6vKyIWwTdf93zS+ivV+IUpxbx/KAdr83dd7B3RCdU7 +GFMzj7f3ieGQYOXw7pROZQR1zF90H6AtW/8qvOs73hSdcnQOtnmntvY/S5ifnzxi +jpsOgjM7VD+BWsmhmYw7E4FiZOaLfoRsylyj5I+Sim2j9Xnu6lYvcgBXvwIqfunO +O/gY21iomMwQm4mlXsFVRfSzRE4zlNASql1zcS1mbO6yeKJDKJgzqvWkcjd3OOuF +e67yzkzlwiVDJIjhV6B0tRCDIqiOaiS3vw== +=pwUK +-----END PGP PUBLIC KEY BLOCK----- diff --git a/kartei/kmein/ssh/kmein.kabsa.pub b/kartei/kmein/ssh/kmein.kabsa.pub new file mode 100644 index 000000000..a3cec5f8f --- /dev/null +++ b/kartei/kmein/ssh/kmein.kabsa.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDyTnGhFq0Q+vghNhrqNrAyY+CsN7nNz8bPfiwIwNpjk diff --git a/kartei/kmein/ssh/kmein.manakish.pub b/kartei/kmein/ssh/kmein.manakish.pub new file mode 100644 index 000000000..8be09d407 --- /dev/null +++ b/kartei/kmein/ssh/kmein.manakish.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOiQEc8rTr7C7xVLYV7tQ99BDDBLrJsy5hslxtCEatkB diff --git a/kartei/krebs/default.nix b/kartei/krebs/default.nix new file mode 100644 index 000000000..b33a54f9a --- /dev/null +++ b/kartei/krebs/default.nix @@ -0,0 +1,317 @@ +with import ../../lib; +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + owner = config.krebs.users.krebs; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "krebs" { inherit hostName; }).address; + }); + + testHosts = genAttrs [ + "test-arch" + "test-centos6" + "test-centos7" + "test-all-krebs-modules" + ] (name: { + inherit name; + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.73.57"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd + mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5 + TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1 + K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8 + QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY + VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }); +in { + hosts = mapAttrs hostDefaults ({ + filebitch = { + ci = true; + cores = 4; + nets = { + shack = { + ip4 = { + addr = "10.42.0.50" ; + prefix = "10.42.0.0/16"; + }; + aliases = [ + "filebitch.shack" + ]; + }; + retiolum = { + ip4.addr = "10.243.189.130"; + aliases = [ "filebitch.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA8ZSLsOlPy9Vd8XdEcIoP8H3rztsbB0McTYPGhUaZ6/aqcD/MBSQa + FT9NZS0+N0Pev7y90As6Rj5Wrom92xlThcFPaX0Dzmzz+7363M4qtlrtmmWkx2FX + VDrPOYbe4hGGOCsPNOTNJkcW4zs2Ym5YKbZeXHfnuqCW+yuhKBCgO9slc740jkHZ + 5xuv5zbU3ZMRk1H8xi4+cQcHqh+1PY75lJxVSNvrbe5pvGxm9yVdp235b49ohDRU + UfUjXmymPlnfJgTOMxmHwl+UmwYR4Yw2CZKXTjbJe5HjbykleTwUb1qyijM8suJf + eXRyma8VGILcY6K/HmE4nz7ESAlI1c+QlwIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = NPjEmo1dkxNS2Xm7qUyWhLKdFYF4MnhIM79NPQELWHC + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKRpjW68lSlTL8jBQcXKOTdGa+olQw5ghaU5df2yAE64"; + }; + hotdog = { + ci = true; + nets = { + retiolum = { + ip4.addr = "10.243.77.3"; + aliases = [ + "hotdog.r" + "agenda.r" + "kri.r" + "build.r" + "build.hotdog.r" + "ca.r" + "cgit.hotdog.r" + "irc.r" + "wiki.r" + ]; + tinc.port = 0; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAs9+Au3oj29C5ol/YnkG9GjfCH5z53wxjH2iy8UPike8C7GASZKqc + bZBrvxkIOyVs5oVtolPcaI0/nvtpIhSlmM6hg9qe1rZO6jXt53GVNvgdcUIfVHbX + mQmp4oVXOjPIeDqLn32Mc0O73Kp6i66zQGAXi8ejczuO0h6oSvAnjolT4wM9jugk + JBGCDlpl9mxAGDN5VOqbg2i0FxwtUk2UA9XghEaRcfBkVdsOrtW8sCwOg8YttQt9 + fs7JjezUtw7JBxN754ynaahSRODcjyJhwjE18tKx6P7wsNbgbmULFQz+7IxZ01/P + h5ZUzfd1r1pTzQ0nYD5aRtlDd7zP7y5tUwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "ugy/sGReVro3YzjDuroV/5hdeBdqD18no9dMhTy9DYL"; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; + }; + news = { + ci = true; + nets = { + retiolum = { + ip4.addr = "10.243.0.5"; + aliases = [ + "news.r" + "brockman.r" + "go.r" + "rss.r" + ]; + tinc.port = 0; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc + cgPezX8yGmA0nuTyCUPtXbWyWee9HnzYqekzJYvBHwgBDvZ8UhLZTCXD15agDfaf + cbzd4uM5bCDgqI8sezzD95tqj7mzvIEurIShDXYSWC6YRat1h1Opp86JngBJRvHZ + Gb6NAyfnr4v2eyMrmH9/j+sECxjCAaC5QLpJWyoDPilFU8dXBarmiZNYYlXQt1pn + yxZSF5pElmrdiZ6vlKlnEHwFtExm1gv63ZjAlusrXM+bKMvdVKRnhahq76A5VXjc + kbOhQi+wYGaVK4jB2a1UilmKYh1wKLE7HULoHDRrqEe4jemNZg+JOBPTU+jM/JzM + XdPy0KAMxHOUZCe8IX0LgF1snVaMF05Qkoe3QKr0YJ3KTD7UdsJpa1Br216Z/w2f + koz+cRn/Z/8TO8SIRKvy5TfXeH+ra6rp/CvwryNlNL4FB+25LFDkJtLIZGqAsz3G + vRXUiGN4l1FR4TbX7XaK2rvIlA/+4isJ02bBdnZhe7kmuuBeECyPaR1+Ui6pElXe + ZamnxTAmj86Q8pDx6Wn2cg8YAJlVV3UCfhda34DZokJmmmKucGupg/6Xt0Bhm9d5 + exNrTIDG3lXTxmg2mfiZJeg/fsnalvtN0j/VB+NmmKzie+ZohMK4nUfslq8o5CO9 + j7ZLmZzm062GzX0RenxNkwUCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo "; + }; + onebutton = { + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.0.101"; + aliases = [ + "onebutton.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA11w6votRExwE0ZEiQmPa + 9WGNsMfNAZEd14iHaHCZH7UPQEH+cH/T6isGPpaysindroMnqFe9mUf/cdYChb6N + aaFreApwGBQaJPUcdy4cfphrFpzmOClpOFuFbnV7ZvAk/wefBad3kUzsq/lK4HvB + 7nPKeOB9kljphLrkzuLL/h2yOenMpO2ZdvwxyWN8HKmUNgvpBQjIr+Hka6cgy7Gp + pBVFHfSnad/eHeEvq91O/bHxrAxzH5N5DVagPDpkbiWYGl+0XVGP/h0CApr15Ael + +j2pJYc0ZlaXIp4KmNRqbd/fLe52JLrWbnFX4rRuY/DhoMqK8kjECEZ7gLiNSpCC + KlnlJ2LXX9c+d79ubzl5yLAJ3d6T4IJqkbAWJDuCrj821M9ZDk/qZwerayhrrvkF + tMYkQoGSe8MvSOU0rTEoH5iSRwDC7M0XzUe4l8/yZLFyD4Prz/dq6coqANfk/tlE + DnH3vDu9lmFvYrLcd6yDWzFfI3mWDJoUa6AKKoScCOaCkRfIM4Aew0i73+h1nJLO + 59AAbZIkDYyWs53QniIG4EQteI9y/9j/628nPAVj68V5oIN76RDXfFHWDWq4DxmU + PpGVmoIKcKZmnl7RrDomRVpuGMdyQ+kCzIGH3XYe12v8Y5beHZBrd3OajgHZ/Tfp + jP873cT6h0hsGm9glgOYho8CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe "; + }; + ponte = { + cores = 1; + owner = config.krebs.users.krebs; + nets = rec { + internet = { + ip4 = { + addr = "141.147.36.79"; + prefix = "0.0.0.0/0"; + }; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.4.43"; + ip6.addr = "42::443"; + aliases = [ + "ponte.r" + ]; + tinc = { + pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA52Glj/C85oMy3cnaRAtg2qkleaJFWiqwaQNUsk4JgX1PwZJ8aInD + YAMXj0H0wz7h3mh5QVRDq4i11LXOIy1P6J6QAvb3lssYnFfJkR9j/dArCIFsEhHf + V41E4KMcHV9t17xO6wQitXqzvcmxodxly8qAx1k7ddlGdQPTWXVvQTRgWBwm9oQ9 + w0d5p2fej/E5iOmbLyVjiJ72rFJIQdfPo782W78ZQftMSXsnyrr5OJu1b4qsga1Q + fYiAKjNE29OPiw5hLy9W/jLJMm0eR94LpUy0MZ5hYkYmvII1TqIqxVgj48gYfJ5v + QCjU9R2H5pUNfDiYutCqscRn5YDe44dcYBeG8Rkf0i4BTdqiE7h1AIciccXsJddt + HFxbWqi3HDoWlo7cFK9vYVUi4jgQP5cUVP85I43aDu3S3M3mszk1nyP+gDobE5Z9 + jPGckgn7wTYXlDioIlExJJ6FCaSWSxvh0Zh0HDrTD+WKP6qJ2aYnAz2xptiQGNCu + rYEvFoWd5T7VMzI02Z2hCiE2fFWlH63Am1tKspFKl+lHjwMrwcwFA5WoNHCeXx2X + S1T3I7P4SkRZervYJ55wQxCBKLgvZP2I1J1JzMkyuTszg9tex14MdVdZZrKXVrnr + exCMJruliLbZmtrbHHTXoCngppylnJOxKXpfpogLTZzLGncO6Ry5G18CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + pubkey_ed25519 = "0l+q3Bg5gYcw8VDjSYV7+wVSO3t4Es5jizAYJ9UR8cA"; + }; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEw9fo8Qtb/DTLacdrJP7Ti7c4UXTm6wUUX+iRFweEo "; + }; + puyak = { + ci = true; + cores = 4; + nets = { + retiolum = { + ip4.addr = "10.243.77.2"; + aliases = [ + "puyak.r" + "build.puyak.r" + "cgit.puyak.r" + ]; + tinc.port = 0; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwwDvaVKSJmAi1fpbsmjLz1DQVTgqnx56GkHKbz5sHwAfPVQej955 + SwotAPBrOT5P3pZ52Pu326SR5nj9XWfN6GD0CkcDQddtRG5OOtUWlvkYzZraNh33 + p9l8TBgHJKogGe6umbs+4v7pWfbS0k708L2ttwY0ceju6RL6UqShIYB6qhDzwalU + p8s7pypl7BwrsTwYkUGleIptiN78cYv/NHvXhvXBuVGz4J0tCH4GMvdTHCah1l1r + zwEpKlAq0FD6bgYTJL94Tvxe2xzyr8c+xn1+XbJtMudGmrRjIHS6YupzO/Y2MO7w + UkbMKDhYVhSPFEyk6PMm0SU9uAh4I1+8BQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY"; + syncthing.id = "DK5CEE2-PNUXYCE-Q42H2HP-623GART-B7KS4VK-HU2RBGQ-EK6QPUP-HUL3PAR"; + }; + arcadeomat = { + ci = true; + nets = { + retiolum = { + ip4.addr = "10.243.77.67"; + aliases = [ + "arcadeomat.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAzpXyEATt8+ElxPq650/fkboEC9RvTWqN6UIAl/R4Zu+uDhAZ2ekb + HBjoSbRxu/0w2I37nwWUhEOemxGm4PXCgWrtO0jeRF4nVNYu3ZBppA3vuVALUWq7 + apxRUEL9FdsWQlXGo4PVd20dGaDTi8M/Ggo755MStVTY0rRLluxyPq6VAa015sNg + 4NOFuWm0NDn4e+qrahTCTiSjbCU8rWixm0GktV40kdg0QAiFbEcRhuXF1s9/yojk + 7JT/nFg6LELjWUSSNZnioj5oSfVbThDRelIld9VaAKBAZZ5/zy6T2XSeDfoepytH + 8aw6itEuTCy1M1DTiTG+12SPPw+ubG+NqQIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = n/HMlgTTyLa0fcXqSBO/G6sVOUYh2yZ5PfU4vLI9CJO + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOu6EVN3928qWiWszqBUzOjeQJRvFozTBl4xAhBP/Ymc"; + }; + wolf = { + ci = true; + nets = { + shack = { + ip4.addr = "10.42.2.150" ; + aliases = [ + "wolf.shack" + "graphite.shack" + "acng.shack" + "drivedroid.shack" + "mobile.lounge.mpd.shack" + "lounge.mpd.wolf.shack" + ]; + }; + retiolum = { + ip4.addr = "10.243.77.1"; + aliases = [ + "wolf.r" + "build.wolf.r" + "cgit.wolf.r" + "lounge.mpd.wolf.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAzpXyEATt8+ElxPq650/fkboEC9RvTWqN6UIAl/R4Zu+uDhAZ2ekb + HBjoSbRxu/0w2I37nwWUhEOemxGm4PXCgWrtO0jeRF4nVNYu3ZBppA3vuVALUWq7 + apxRUEL9FdsWQlXGo4PVd20dGaDTi8M/Ggo755MStVTY0rRLluxyPq6VAa015sNg + 4NOFuWm0NDn4e+qrahTCTiSjbCU8rWixm0GktV40kdg0QAiFbEcRhuXF1s9/yojk + 7JT/nFg6LELjWUSSNZnioj5oSfVbThDRelIld9VaAKBAZZ5/zy6T2XSeDfoepytH + 8aw6itEuTCy1M1DTiTG+12SPPw+ubG+NqQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR"; + }; + } // testHosts); + users = { + krebs = { + pubkey = "lol"; # TODO krebs.users.krebs.pubkey should be unnecessary + }; + hotdog-repo-sync = { + name = "hotdog-repo-sync"; + mail = "spam@krebsco.de"; + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILzTvaR3QqOD3oEEGHQzg/sRnNbKJnZYcV9htDvXmu53"; + }; + puyak-repo-sync = { + name = "puyak-repo-sync"; + mail = "spam@krebsco.de"; + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ+18mG/cV1YbR9PXzuu3ScyV9kENy08OXUntpmgh9H2"; + }; + wolf-repo-sync = { + name = "wolf-repo-sync"; + mail = "spam@krebsco.de"; + pubkey = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwuAZB3wtAvBJFYh+gWdyGaZU4mtqM