From 6bff3fe5d8bfd2c58f2b3b1a7680e0b2ae68249d Mon Sep 17 00:00:00 2001 From: Dhananjay Balan Date: Tue, 10 Oct 2023 22:17:58 +0200 Subject: kartei dbalan: init tofu --- kartei/dbalan/default.nix | 62 ++++++++++++++++++++++++++++++++++------------- 1 file changed, 45 insertions(+), 17 deletions(-) (limited to 'kartei') diff --git a/kartei/dbalan/default.nix b/kartei/dbalan/default.nix index 6bf10b921..1f7e22aca 100644 --- a/kartei/dbalan/default.nix +++ b/kartei/dbalan/default.nix @@ -2,29 +2,57 @@ let inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; slib = import ../../lib/pure.nix { inherit lib; }; - hostDefaults = hostName: host: flip recursiveUpdate host ({ - ci = false; - external = true; - monitoring = false; - owner = config.krebs.users.dbalan; - } // optionalAttrs (host.nets?retiolum) { - nets.retiolum = { - ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; - }; - } // optionalAttrs (host.nets?wiregrill) { - nets.wiregrill = { - ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; - }; - }); -in -{ + hostDefaults = hostName: host: + flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + owner = config.krebs.users.dbalan; + } // optionalAttrs (host.nets ? retiolum) { + nets.retiolum = { + ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { + inherit hostName; + }).address; + }; + } // optionalAttrs (host.nets ? wiregrill) { + nets.wiregrill = { + ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { + inherit hostName; + }).address; + }; + }); +in { users = rec { dbalan = { mail = "dbalan@thaum.space"; - pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60"; + pubkey = + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60"; }; }; hosts = mapAttrs hostDefaults { + tofu = { + nets.retiolum = { + aliases = [ "tofu.dbalan.r" ]; + ip4.addr = "10.243.43.12"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAlBMwSkdI+3CWPVazfDoPCoqYJH1MLd8Z/ZQCTFx4MhLO/DvJrb7H + HJEwvFuImk2yy4oYfcRz8pK+ymBDArdVT5aeTwztTbjkcWa5RTm2d2xuYppTUPZB + L0/yY+a+mP1eRa8O6HAoNx3ETvC5euJS40qISTh6grPGFV7i1HhGNPUkvYFlNF6q + rJs7RgC8Y2/OSNed5WdJfNYNBeB4xUiKtg3sShKQGO++860yNV4G+J+PtBVnMs8/ + MnxQbJxnMbhAHNQt5nV+Z66Ewy/2qcn4clrGB3SG1v9fFizzh9mAFK3Udfa+6s8r + JaM4BL41uOgHxiiKovmudxIRtts31cKzwPkMyThQpK8hdxJxrCzSQSbiDUkckE+5 + CeLgAh5jMwEkT6OvYOGZbyeqvZX5gX+yErJyRlsjgYs5TTlfUnpg1BKz2BErzb1b + +lWsZXjO03BpNXsuWhC2sspKfuB3+fjlNwR+ov8/UDTOwhzBz15TlufcxiqzA08d + yJiNylm07C19qxlffqSZ5KSZGTT+DZg53ror1PLMoxLApV5MgHiM6oltDxemSegb + yySGz/EFDDbQQYLYOPu6seLt+ktudvFTERmetV0Bn37Ok8Avs2y6BIgXWjVxcb5p + EDbE5tAvX/MZIU9rAXRqDAOulumfvsyFpK8RkXDEoIQEt+gDoZ5OzJsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "b355fDYFQgFFj3KfzUCv4DPSfoFTKklsB12imwci7fH"; + }; + }; + v60 = { nets.retiolum = { aliases = [ "v60.dbalan.r" ]; -- cgit v1.2.3