From ceb5200f03737d9d307206ba6af013144eb6efbc Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 25 Jul 2016 18:53:42 +0200 Subject: k 3 makefu: add nixos.unstable CNAME to github --- krebs/3modules/makefu/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules/makefu') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 52db3de85..8a8538267 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -167,6 +167,7 @@ with config.krebs.lib; extraZones = { "krebsco.de" = '' euer IN MX 1 aspmx.l.google.com. + nixos.unstable IN CNAME krebscode.github.io. pigstarter IN A ${nets.internet.ip4.addr} gold IN A ${nets.internet.ip4.addr} boot IN A ${nets.internet.ip4.addr} -- cgit v1.2.3 From cd5ecd173b2d98974b9dc090ddcafaa902a6e238 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 26 Jul 2016 14:01:03 +0200 Subject: k 3 makefu: add tinc pubkeys to siem network --- krebs/3modules/makefu/default.nix | 59 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 57 insertions(+), 2 deletions(-) (limited to 'krebs/3modules/makefu') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 8a8538267..235ae84ff 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -53,6 +53,17 @@ with config.krebs.lib; aliases = [ "darth.siem" ]; + tinc.pubkey = '' + Ed25519PublicKey = 24t9ye4gRLg6UbVxBvuuDlvU/cnByxMjYjym4LO6GkK + -----BEGIN RSA PUBLIC KEY----- + MIIBCQKCAQEApcUeTecVahqNIfLEkfgNiaW+eHQ9Y90DxHhy9vdPZh8dmLqoFBoW + TCPcZIRpyj7hxRkNIhh34Ewpul0oQ1tzrUGcT2xvMNwaCupRDmhZn9jR9aFFEYKb + fUOplCxb4y2UKbWAA6hie3PKH9wnPfbwSsexb2BSQAqSt4iNIVCV6j7LXpiopbGS + Exs3/Pz+IeMtGyuMYA3rUmJsVRKR1o7axLtlhYK7JSMbqdYhaQJ4NZrvIXw//w21 + kM/TJTPZ4j47ME18jQInO62X5h+xVch6DtvwvjBMMMKbS0am9qw1P3qo7MP3PmQh + rvVQRth8L63q4NLOnT29XmnxPSVGL1PBQQICEAE= + -----END RSA PUBLIC KEY----- + ''; }; }; }; @@ -63,6 +74,16 @@ with config.krebs.lib; aliases = [ "ossim.siem" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAv5qv9R3E1AHJOhTnHJ2E5zWjItRdXSw/inpz/W+KcBeM/HSG0XEl + RyGAwty7VP4CiLp7CagWmtVsz/5ytnXJzLDeRLn5t+KzO6am0aOpvAt6ZggZXPhL + cQkn4IGi1TJE5tw+lzabBkUZm3zD1KEXpqJeZ6spA4e9lB/+T3Tx23g9WDEOKand + mAJrsdsvTCIiVJefidOAmgeZVVOV3ltBonNP1nqEy+5v4B3EBT/Uj7ImL2aRj/pd + dPs6dGV2LqSQvnrSbFZzuKVXKpD1M+wgT/5NQk/hVJJxBQC6rxvpg1XyQkepcLWL + WjvogOl4NjXStmKDX2+gPPFx6XTmwDenOwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; }; @@ -127,8 +148,19 @@ with config.krebs.lib; siem = { ip4.addr = "10.8.10.4"; aliases = [ - "arch.siem" + "makefu.siem" ]; + tinc.pubkey = '' + Ed25519PublicKey = rFTglGxm563e/w82Q9Qqy/E+V/ipT4DOTyTuYrWrtmI + -----BEGIN RSA PUBLIC KEY----- + MIIBCQKCAQEAx+OQXQj6rlXIByo48JZXSexRz5G5oJVZTHAJ0GF5f70U65C0x83p + XtNp4LGYti+cyyzmQjf/N7jr2CxUlOATN2nRO4CT+JaMM2MoqnPWqTZBPMDiHq2y + ce0zjLPPl0hVc5mg+6F0tgolbUvTIo2CgAIl5lNvJiVfmXRSehmMprf1NPkxJd/O + vAOD7mgnCjkEAWElf1cfxSGZqSLbNltRK340nE5x6A5tY7iEueP/r9chEmOnVjKm + t+GJAJIe1PClWJHJYAXF8I7R3g+XQIqgw+VTN3Ng5cS5W/mbTFIzLWMZpdZaAhWR + 56pthtZAE5FZ+4vxMpDQ4yeDu0b6gajWNQICEAE= + -----END RSA PUBLIC KEY----- + ''; }; }; ssh.privkey.path = ; @@ -326,6 +358,19 @@ with config.krebs.lib; siem = { ip4.addr = "10.8.10.7"; aliases = [ "display.siem" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA+/TpxsVIBL9J9QAe/+jB6sgu/O6J+KY4YrAzZ6dM4kbFv5JA64f5 + 6znv8EFqn6loS9Aez3e08P5scyGjiwWytdKN5Yztlffc0xDD7MUU2RiCsQF1X74J + +1i8NhSq3PJ6UeUURxYYnAYzBlFvsxev4vpniFTsIR9tmcAYX9NT9420D6nV7xq7 + FdkoBlYj4eUQqQzHH1T/Lmt+BGmf+BufIJas+Oo/Sg59vIk9OM08WyAjHVT2iNbg + LXDhzVaeGOOM3GOa0YGG0giM3Rd245YPaPiVbwrMy8HQRBpMzXOPjcC1nYZSjxrW + LQxtRS+dmfEMG7MJ8T2T2bseX6z6mONc1QIDAQAB + -----END RSA PUBLIC KEY----- + -----BEGIN ED25519 PUBLIC KEY----- + 3JGeGnADWR+hfb4TEoHDyopEYgkfGNJKwy71bqcsNrO + -----END ED25519 PUBLIC KEY----- + ''; }; retiolum = { ip4.addr = "10.243.214.15"; @@ -396,9 +441,19 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB siem = { ip4.addr = "10.8.10.1"; aliases = [ - "sjump.siem" + "shoney.siem" "graphs.siem" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0OK28PHsMGMxAqVRiRGv93zzEWJgV3hMFquWrpbYC3OZwHDYcNHu + 74skwRRwwnbcq0ZtWroEvUTmZczuPt2FewdtuEutT7uZJnAYnzSOrB9lmmdoXKQU + l4ho1LEf/J0sMBi7RU/OJosuruQTAl53ca5KQbRCXkcPlmq4KzUpvgPINpEpYQjB + CGC3ErOvw2jXESbDnWomYZgJl3uilJUEYlyQEwyWVG+fO8uxlz9qKLXMlkoJTbs4 + fTIcxh7y6ZA7QfMN3Ruq1R66smfXQ4xu1hybvqL66RLiDQgH3BRyKIgobS1UxI4z + L+xhIsiMXQIo2hv8aOUnf/7Ac9DXNR83GwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; internet = { ip4.addr = "64.137.234.215"; -- cgit v1.2.3 From b308c77e7af47bd4994ef23b59a7e40975485f9b Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 26 Jul 2016 15:18:59 +0200 Subject: k 3 m: siem.ip4.prefix --- krebs/3modules/makefu/default.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'krebs/3modules/makefu') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 235ae84ff..a878f50ee 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -49,7 +49,8 @@ with config.krebs.lib; ''; }; siem = { - ip4.addr = "10.8.10.2"; + ip4.addr = "10.8.10.2"; + ip4.prefix = "10.8.10.0/24"; aliases = [ "darth.siem" ]; @@ -71,6 +72,7 @@ with config.krebs.lib; nets = { siem = { ip4.addr = "10.8.10.6"; + ip4.prefix = "10.8.10.0/24"; aliases = [ "ossim.siem" ]; @@ -147,6 +149,7 @@ with config.krebs.lib; }; siem = { ip4.addr = "10.8.10.4"; + ip4.prefix = "10.8.10.0/24"; aliases = [ "makefu.siem" ]; @@ -357,6 +360,7 @@ with config.krebs.lib; nets = { siem = { ip4.addr = "10.8.10.7"; + ip4.prefix = "10.8.10.0/24"; aliases = [ "display.siem" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -440,6 +444,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB nets = { siem = { ip4.addr = "10.8.10.1"; + ip4.prefix = "10.8.10.0/24"; aliases = [ "shoney.siem" "graphs.siem" -- cgit v1.2.3 From b1569158057042aa50e6816e38f0305bab8e5f9c Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 28 Jul 2016 12:58:54 +0200 Subject: makefu: pornocauster -> x --- krebs/3modules/makefu/default.nix | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'krebs/3modules/makefu') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index a878f50ee..dffb6b0a1 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -126,15 +126,15 @@ with config.krebs.lib; }; }; }; - pornocauster = { + x = { cores = 2; nets = { retiolum = { ip4.addr = "10.243.0.91"; ip6.addr = "42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"; aliases = [ - "pornocauster.retiolum" - "pornocauster.r" + "x.retiolum" + "x.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -167,7 +167,7 @@ with config.krebs.lib; }; }; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@pornocauster"; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x"; }; @@ -441,8 +441,9 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB }; shoney = rec { cores = 1; - nets = { + nets = rec { siem = { + via = internet; ip4.addr = "10.8.10.1"; ip4.prefix = "10.8.10.0/24"; aliases = [ @@ -459,6 +460,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB L+xhIsiMXQIo2hv8aOUnf/7Ac9DXNR83GwIDAQAB -----END RSA PUBLIC KEY----- ''; + tinc.port = 1655; }; internet = { ip4.addr = "64.137.234.215"; @@ -790,8 +792,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB }; users = rec { makefu = { - mail = "makefu@pornocauster.retiolum"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@pornocauster"; + mail = "makefu@x.retiolum"; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@x"; pgp.pubkeys.default = builtins.readFile ./default.pgp; pgp.pubkeys.brain = builtins.readFile ./brain.pgp; }; -- cgit v1.2.3