From 79cad8349bf8bb20d13d23a498935277d779ef21 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 29 Jan 2019 21:39:16 +0100 Subject: bier bal: fix regex --- krebs/3modules/reaktor2.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index e3e6ddf4f..9ab207d88 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -33,6 +33,10 @@ with import ; default = "reaktor2${optionalString (name != "default") "-${name}"}"; type = types.filename; }; + sendDelaySec = mkOption { + default = 0.7; + type = types.nullOr types.float; + }; username = mkOption { default = self.config.systemd-service-name; type = types.username; -- cgit v1.2.3 From 936bf9f7b2a7cf99d48fe4cdf1e8cffd0140240f Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 1 Feb 2019 21:15:27 +0100 Subject: remove kruck.r, add pepe.r --- krebs/3modules/external/default.nix | 37 +++++++++++------------------------ krebs/3modules/external/tinc/pepe.pub | 13 ++++++++++++ 2 files changed, 24 insertions(+), 26 deletions(-) create mode 100644 krebs/3modules/external/tinc/pepe.pub (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 089113ac6..e19ac6755 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -176,32 +176,6 @@ in { }; }; }; - kruck = { - owner = config.krebs.users.palo; - nets = { - retiolum = { - ip4.addr = "10.243.29.201"; - aliases = [ - "kruck.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh - QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA - EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U - uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/ - /RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR - 9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s - qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH - gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj - jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs - fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5 - TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; qubasa = { owner = config.krebs.users.qubasa; nets = { @@ -251,6 +225,17 @@ in { }; }; }; + pepe = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.123.4"; + tinc.port = 720; + aliases = [ "pepe.r" ]; + tinc.pubkey = tinc-for "pepe"; + }; + }; + }; scardanelli = { owner = config.krebs.users.kmein; nets = { diff --git a/krebs/3modules/external/tinc/pepe.pub b/krebs/3modules/external/tinc/pepe.pub new file mode 100644 index 000000000..65284d51d --- /dev/null +++ b/krebs/3modules/external/tinc/pepe.pub @@ -0,0 +1,13 @@ +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEA2ACttoosnRZ99o+OyMrxBdUWPqsT5btzSIQ5dU1XWqGjO4nRchCE +8tO0b/4jqVgJVTRZVIUJQESZRlSmclsCAjdM8tsGj74CJrm7tBvgbBn2IObSs5+4 +oJWe57VsQaeHPuI2JZuGqv8Z3Esw+B07bQS5VTaC1ISo7vnLG/q5XLCbKHB9JZc/ +ztYbk4bEQHwbulfoPjD9FY3heLnTzqPw9Xr3ixao5gbAXfWNJM+iCluMq+Q2g1BD +ozSnyYvaGLQ6h4yksDp+xuK8YCqiRj174EkXySI8Jee1CBMuI8ciX/5Q7yzvzscQ +ZQ/MLVdx3MRW+VeT0ctaRzoA9E09ILqPe+56DjpsKzt4Ne8qeMG5HdpzO9UdNzTu +MuibsCL7CJy5Ytl38PK+LAXHQr3Os1Z4OHjeTZ38vTAZcOUJZEkl6w9nO1XjcyBL +rIaG+20Nx0ZU79MlJZFiG7ovlUiDfIEKNygng8v/yoTMaqMYLxQZ/leQwLMNLujo +sku8+oV4Jvx4SyUjuAS6jgG9CnejLCnHP/yyDGdaMQSzmlzYXacLMfnPZE3r7bj1 +EjA6yQbkPixm7xLCyMm5u2leWtqtbg1oRA6Mw3UyYkNy3hiTU+jTvztEI3SCliDH +yjGlESH4/edryKjLNjmYP77VFbM9ZSQ+QGlbMGPvjcn6XCdJGdxm3PUCAwEAAQ== +-----END RSA PUBLIC KEY----- -- cgit v1.2.3 From e2ae92445cc439203427a58720fc394cf1ca4b44 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 2 Feb 2019 09:13:53 +0100 Subject: external: add palo.nix --- krebs/3modules/external/default.nix | 14 +----- krebs/3modules/external/palo.nix | 81 +++++++++++++++++++++++++++++++++++ krebs/3modules/external/tinc/palo.pub | 13 ++++++ krebs/3modules/external/tinc/pepe.pub | 13 ------ 4 files changed, 95 insertions(+), 26 deletions(-) create mode 100644 krebs/3modules/external/palo.nix create mode 100644 krebs/3modules/external/tinc/palo.pub delete mode 100644 krebs/3modules/external/tinc/pepe.pub (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index e19ac6755..16cc84651 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -16,6 +16,7 @@ with import ; tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); in { + hosts = mapAttrs hostDefaults { dpdkm = { owner = config.krebs.users.Mic92; @@ -225,17 +226,6 @@ in { }; }; }; - pepe = { - owner = config.krebs.users.palo; - nets = { - retiolum = { - ip4.addr = "10.243.123.4"; - tinc.port = 720; - aliases = [ "pepe.r" ]; - tinc.pubkey = tinc-for "pepe"; - }; - }; - }; scardanelli = { owner = config.krebs.users.kmein; nets = { @@ -404,8 +394,6 @@ in { mail = "joerg@thalheim.io"; pubkey = ssh-for "Mic92"; }; - palo = { - }; qubasa = { mail = "luis.nixos@gmail.com"; }; diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix new file mode 100644 index 000000000..e151ad358 --- /dev/null +++ b/krebs/3modules/external/palo.nix @@ -0,0 +1,81 @@ +with import ; +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill.ip6.addr = + (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + }); + ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); + tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); + +in { + hosts = mapAttrs hostDefaults { + pepe = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.1"; + tinc.port = 720; + aliases = [ "pepe.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + kruck = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.3"; + tinc.port = 720; + aliases = [ "kruck.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + schasch = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.2"; + tinc.port = 720; + aliases = [ "schasch.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + workhorse = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.5"; + tinc.port = 720; + aliases = [ "workhorse.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + workout = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.4"; + tinc.port = 720; + aliases = [ "workout.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + }; + users = { + palo = { + }; + }; +} + diff --git a/krebs/3modules/external/tinc/palo.pub b/krebs/3modules/external/tinc/palo.pub new file mode 100644 index 000000000..65284d51d --- /dev/null +++ b/krebs/3modules/external/tinc/palo.pub @@ -0,0 +1,13 @@ +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEA2ACttoosnRZ99o+OyMrxBdUWPqsT5btzSIQ5dU1XWqGjO4nRchCE +8tO0b/4jqVgJVTRZVIUJQESZRlSmclsCAjdM8tsGj74CJrm7tBvgbBn2IObSs5+4 +oJWe57VsQaeHPuI2JZuGqv8Z3Esw+B07bQS5VTaC1ISo7vnLG/q5XLCbKHB9JZc/ +ztYbk4bEQHwbulfoPjD9FY3heLnTzqPw9Xr3ixao5gbAXfWNJM+iCluMq+Q2g1BD +ozSnyYvaGLQ6h4yksDp+xuK8YCqiRj174EkXySI8Jee1CBMuI8ciX/5Q7yzvzscQ +ZQ/MLVdx3MRW+VeT0ctaRzoA9E09ILqPe+56DjpsKzt4Ne8qeMG5HdpzO9UdNzTu +MuibsCL7CJy5Ytl38PK+LAXHQr3Os1Z4OHjeTZ38vTAZcOUJZEkl6w9nO1XjcyBL +rIaG+20Nx0ZU79MlJZFiG7ovlUiDfIEKNygng8v/yoTMaqMYLxQZ/leQwLMNLujo +sku8+oV4Jvx4SyUjuAS6jgG9CnejLCnHP/yyDGdaMQSzmlzYXacLMfnPZE3r7bj1 +EjA6yQbkPixm7xLCyMm5u2leWtqtbg1oRA6Mw3UyYkNy3hiTU+jTvztEI3SCliDH +yjGlESH4/edryKjLNjmYP77VFbM9ZSQ+QGlbMGPvjcn6XCdJGdxm3PUCAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/external/tinc/pepe.pub b/krebs/3modules/external/tinc/pepe.pub deleted file mode 100644 index 65284d51d..000000000 --- a/krebs/3modules/external/tinc/pepe.pub +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA2ACttoosnRZ99o+OyMrxBdUWPqsT5btzSIQ5dU1XWqGjO4nRchCE -8tO0b/4jqVgJVTRZVIUJQESZRlSmclsCAjdM8tsGj74CJrm7tBvgbBn2IObSs5+4 -oJWe57VsQaeHPuI2JZuGqv8Z3Esw+B07bQS5VTaC1ISo7vnLG/q5XLCbKHB9JZc/ -ztYbk4bEQHwbulfoPjD9FY3heLnTzqPw9Xr3ixao5gbAXfWNJM+iCluMq+Q2g1BD -ozSnyYvaGLQ6h4yksDp+xuK8YCqiRj174EkXySI8Jee1CBMuI8ciX/5Q7yzvzscQ -ZQ/MLVdx3MRW+VeT0ctaRzoA9E09ILqPe+56DjpsKzt4Ne8qeMG5HdpzO9UdNzTu -MuibsCL7CJy5Ytl38PK+LAXHQr3Os1Z4OHjeTZ38vTAZcOUJZEkl6w9nO1XjcyBL -rIaG+20Nx0ZU79MlJZFiG7ovlUiDfIEKNygng8v/yoTMaqMYLxQZ/leQwLMNLujo -sku8+oV4Jvx4SyUjuAS6jgG9CnejLCnHP/yyDGdaMQSzmlzYXacLMfnPZE3r7bj1 -EjA6yQbkPixm7xLCyMm5u2leWtqtbg1oRA6Mw3UyYkNy3hiTU+jTvztEI3SCliDH -yjGlESH4/edryKjLNjmYP77VFbM9ZSQ+QGlbMGPvjcn6XCdJGdxm3PUCAwEAAQ== ------END RSA PUBLIC KEY----- -- cgit v1.2.3 From 932d11ed9346fbef640604d1107be39e7c11be85 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 5 Feb 2019 20:14:55 +0100 Subject: external: add catullus.r --- krebs/3modules/external/default.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 16cc84651..1f80906f8 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -18,6 +18,31 @@ with import ; in { hosts = mapAttrs hostDefaults { + catullus = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.3"; + aliases = [ "catullus.r" ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2tRtskPP6391+ZX9xzsx + CUotXuqYucYmnUbrRSIlxASVqTmAf3nDOE5EDBBcTdSwnb02JcJW4Zh7+BGgMxjF + GxDPs6ETI28mHK+6rp8TOkMnyDb5mtSGVZPvKJU9fFOt6aAX1J1BzTfwtHtVQq7K + WBzdpeKXlw4dIQ6K6SGmPIPpEh9pE1Xb+GuVljCXKxGJFbW40dmh2ZdadO7umBDu + vRk08jT9/BUnUP6KrZlvyePnG38z6srMrVU+XAHu5D2qZ9y+QIp3kw7Y5JUrNXc7 + 9q9P9TYx15GiIz2mSJKcLVmkLRebsaqdV7dBibPbfdGE+NB+F1FYPGDdW4cnonon + DzzjGm/FDfOCXEnSkYGQDBWpfd/8AWum1xGJxJCPNBJElGE2o5jDWo4Y1b9gHP0M + vARm8AOK8R1pQ7BP+pNMO0gGw2NDrtWiWpTeZ7SqXmZAZ/Gmyen9X+/fowcbTyDH + b9joIuMQeOtxbUV2JprZIdit9NBFSZq/7Re/GBUwjGBm3LabIXFNGKZovx/f9lf8 + r5tVs4SPauiKzZS0K1Gz1NSq+3OXaY5EwVrBUXptYqRT7uyhVloOPRUsqRFeB0Fn + Y5xOpDJ0UiJxgFbdH5Vb81D/VjNO9Q4nZib8wSEuLrYLHGoceQPX4+Ov9IdhIL4B + BMTCaF+VCWC5PCLr0e61KqMCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; dpdkm = { owner = config.krebs.users.Mic92; nets = rec { -- cgit v1.2.3 From 6830a9b32a19d3347f005a491d7a2c8f4094090c Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 31 Jan 2019 14:39:02 +0100 Subject: krebs-hosts-*: generate from krebs.hosts --- krebs/3modules/hosts.nix | 57 ++++++++++++++++++++++++++++++++++++++- krebs/3modules/retiolum-hosts.nix | 26 +++--------------- 2 files changed, 59 insertions(+), 24 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix index 0985bb539..eb7fd2283 100644 --- a/krebs/3modules/hosts.nix +++ b/krebs/3modules/hosts.nix @@ -1,6 +1,5 @@ with import ; { config, ... }: let - # TODO dedup functions with ./retiolum-hosts.nix check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains; domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers); in { @@ -30,6 +29,62 @@ in { map (addr: { ${addr} = aliases; }) net.addrs) (attrValues host.nets)) (attrValues config.krebs.hosts))); + + nixpkgs.config.packageOverrides = super: let + # nameValuePair name value : { "name" : name, "value" : value } + + # addr : str + # aliase : str + # hostname : str + # netname : str + + # addrAliases : nameValuePair addr [alias] + + # hostNetAliases : host -> { ${netname} : [addrAliases] } + hostNetAliases = host: + mapAttrs (_: net: filter (x: x.name != null) [ + { name = net.ip4.addr or null; value = net.aliases; } + { name = net.ip6.addr or null; value = net.aliases; } + ]) host.nets; + + # netAliases : { ${netname} : [addrAliases] } + netAliases = + foldl' + (result: host: + foldl' + # λ netAliases -> [addrAliases] -> netAliases + (result: { name, value }: result // { + ${name} = result.${name} or [] ++ value; + }) + result + (mapAttrsToList nameValuePair (hostNetAliases host)) + ) + {} + (attrValues config.krebs.hosts); + + # allAddrAliases : [addrAliases] + allAddrAliases = + flatten + (map + (host: attrValues (hostNetAliases host)) + (attrValues config.krebs.hosts)); + + # writeHosts : str -> [addrAliases] -> package + writeHosts = name: addrAliases: super.writeText name '' + ${concatMapStringsSep + "\n" + ({ name, value }: "${name} ${toString value}") + addrAliases} + ''; + in + { + krebs-hosts = writeHosts "krebs-hosts" allAddrAliases; + } + // + genAttrs' (attrNames netAliases) (netname: rec { + name = "krebs-hosts-${netname}"; + value = writeHosts name netAliases.${netname}; + }); }; } diff --git a/krebs/3modules/retiolum-hosts.nix b/krebs/3modules/retiolum-hosts.nix index ddf85ead7..2da174bea 100644 --- a/krebs/3modules/retiolum-hosts.nix +++ b/krebs/3modules/retiolum-hosts.nix @@ -1,28 +1,8 @@ with import ; -{ config, ... }: let - # TODO dedup functions with ./hosts.nix - check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains; - domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers); -in { +{ config, pkgs, ... }: { nixpkgs.config.packageOverrides = super: { retiolum-hosts = - super.writeText "retiolum-hosts" '' - ${ - concatStringsSep - "\n" - (flatten - (map - (host: let - net = host.nets.retiolum; - aliases = longs; - longs = filter check net.aliases; - in - optionals - (aliases != []) - (map (addr: "${addr} ${toString aliases}") net.addrs)) - (filter (host: hasAttr "retiolum" host.nets) - (attrValues config.krebs.hosts)))) - } - ''; + trace "pkgs.retiolum-hosts is deprecated, use pkgs.krebs-hosts-retiolum instead" + pkgs.krebs-hosts-retiolum; }; } -- cgit v1.2.3 From bc4984c7fa6a50052436399364d2de7f76f1cd2e Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 31 Jan 2019 14:40:57 +0100 Subject: retiolum-hosts: RIP --- krebs/3modules/default.nix | 1 - krebs/3modules/retiolum-hosts.nix | 8 -------- 2 files changed, 9 deletions(-) delete mode 100644 krebs/3modules/retiolum-hosts.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 9303a81fb..c72215e79 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -45,7 +45,6 @@ let ./reaktor2.nix ./realwallpaper.nix ./retiolum-bootstrap.nix - ./retiolum-hosts.nix ./rtorrent.nix ./secret.nix ./setuid.nix diff --git a/krebs/3modules/retiolum-hosts.nix b/krebs/3modules/retiolum-hosts.nix deleted file mode 100644 index 2da174bea..000000000 --- a/krebs/3modules/retiolum-hosts.nix +++ /dev/null @@ -1,8 +0,0 @@ -with import ; -{ config, pkgs, ... }: { - nixpkgs.config.packageOverrides = super: { - retiolum-hosts = - trace "pkgs.retiolum-hosts is deprecated, use pkgs.krebs-hosts-retiolum instead" - pkgs.krebs-hosts-retiolum; - }; -} -- cgit v1.2.3 From 659cbed237ebbf158374cc85929f97eb1a6fce36 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 31 Jan 2019 15:02:05 +0100 Subject: krebs-hosts_combined: init --- krebs/3modules/hosts.nix | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix index eb7fd2283..3d572c04d 100644 --- a/krebs/3modules/hosts.nix +++ b/krebs/3modules/hosts.nix @@ -62,13 +62,6 @@ in { {} (attrValues config.krebs.hosts); - # allAddrAliases : [addrAliases] - allAddrAliases = - flatten - (map - (host: attrValues (hostNetAliases host)) - (attrValues config.krebs.hosts)); - # writeHosts : str -> [addrAliases] -> package writeHosts = name: addrAliases: super.writeText name '' ${concatMapStringsSep @@ -78,7 +71,18 @@ in { ''; in { - krebs-hosts = writeHosts "krebs-hosts" allAddrAliases; + # hosts file for all krebs networks + krebs-hosts = + writeHosts "krebs-hosts" (concatLists [ + netAliases.internet + netAliases.retiolum + netAliases.wiregrill + ]); + + # combined hosts file for all networks (even custom ones) + krebs-hosts_combined = + writeHosts "krebs-hosts_combined" + (concatLists (attrValues netAliases)); } // genAttrs' (attrNames netAliases) (netname: rec { -- cgit v1.2.3 From cdb548ac3050c2e9f61a07e6f5eff88383e1114c Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 2 Feb 2019 09:22:06 +0100 Subject: krebs-hosts-*: don't add lines without alias --- krebs/3modules/hosts.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix index 3d572c04d..7fe01a769 100644 --- a/krebs/3modules/hosts.nix +++ b/krebs/3modules/hosts.nix @@ -42,7 +42,7 @@ in { # hostNetAliases : host -> { ${netname} : [addrAliases] } hostNetAliases = host: - mapAttrs (_: net: filter (x: x.name != null) [ + mapAttrs (_: net: filter (x: x.name != null && x.value != []) [ { name = net.ip4.addr or null; value = net.aliases; } { name = net.ip6.addr or null; value = net.aliases; } ]) host.nets; -- cgit v1.2.3 From 3a2d5affbb7766af4776f21b308c425008a4943d Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 8 Feb 2019 09:43:33 +0100 Subject: external: actually import palo.nix --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index c72215e79..9c2f53cbe 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -100,6 +100,7 @@ let { krebs = import ./krebs { inherit config; }; } { krebs = import ./lass { inherit config; }; } { krebs = import ./makefu { inherit config; }; } + { krebs = import ./external/palo.nix { inherit config; }; } { krebs = import ./tv { inherit config; }; } { krebs.dns.providers = { -- cgit v1.2.3 From 6da32a5952faf38c92c7b289cc6ae0881ec4aa36 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 26 Feb 2019 08:58:40 +0100 Subject: ma: cleanup hosts move pubkeys to separate files in folder RIP drop latte pigstarter wry shoney heidi lariat soundflower falk bridge horisa tahoe tcac-0-1 --- krebs/3modules/makefu/default.nix | 718 ++-------------------------- krebs/3modules/makefu/sshd/cake.pub | 1 + krebs/3modules/makefu/sshd/crapi.pub | 1 + krebs/3modules/makefu/sshd/fileleech.pub | 1 + krebs/3modules/makefu/sshd/firecracker.pub | 1 + krebs/3modules/makefu/sshd/gum.pub | 1 + krebs/3modules/makefu/sshd/omo.pub | 1 + krebs/3modules/makefu/sshd/sdev.pub | 1 + krebs/3modules/makefu/sshd/studio.pub | 1 + krebs/3modules/makefu/sshd/wbob.pub | 1 + krebs/3modules/makefu/sshd/x.pub | 1 + krebs/3modules/makefu/tinc/cake.pub | 8 + krebs/3modules/makefu/tinc/crapi.pub | 9 + krebs/3modules/makefu/tinc/filebitch.pub | 8 + krebs/3modules/makefu/tinc/fileleech.pub | 8 + krebs/3modules/makefu/tinc/filepimp.pub | 8 + krebs/3modules/makefu/tinc/firecracker.pub | 14 + krebs/3modules/makefu/tinc/flap.pub | 8 + krebs/3modules/makefu/tinc/gum.pub | 8 + krebs/3modules/makefu/tinc/nukular.pub | 8 + krebs/3modules/makefu/tinc/omo.pub | 8 + krebs/3modules/makefu/tinc/sdev.pub | 8 + krebs/3modules/makefu/tinc/senderechner.pub | 8 + krebs/3modules/makefu/tinc/studio.pub | 8 + krebs/3modules/makefu/tinc/tsp.pub | 13 + krebs/3modules/makefu/tinc/wbob.pub | 8 + krebs/3modules/makefu/tinc/x.pub | 8 + 27 files changed, 188 insertions(+), 680 deletions(-) create mode 100644 krebs/3modules/makefu/sshd/cake.pub create mode 100644 krebs/3modules/makefu/sshd/crapi.pub create mode 100644 krebs/3modules/makefu/sshd/fileleech.pub create mode 100644 krebs/3modules/makefu/sshd/firecracker.pub create mode 100644 krebs/3modules/makefu/sshd/gum.pub create mode 100644 krebs/3modules/makefu/sshd/omo.pub create mode 100644 krebs/3modules/makefu/sshd/sdev.pub create mode 100644 krebs/3modules/makefu/sshd/studio.pub create mode 100644 krebs/3modules/makefu/sshd/wbob.pub create mode 100644 krebs/3modules/makefu/sshd/x.pub create mode 100644 krebs/3modules/makefu/tinc/cake.pub create mode 100644 krebs/3modules/makefu/tinc/crapi.pub create mode 100644 krebs/3modules/makefu/tinc/filebitch.pub create mode 100644 krebs/3modules/makefu/tinc/fileleech.pub create mode 100644 krebs/3modules/makefu/tinc/filepimp.pub create mode 100644 krebs/3modules/makefu/tinc/firecracker.pub create mode 100644 krebs/3modules/makefu/tinc/flap.pub create mode 100644 krebs/3modules/makefu/tinc/gum.pub create mode 100644 krebs/3modules/makefu/tinc/nukular.pub create mode 100644 krebs/3modules/makefu/tinc/omo.pub create mode 100644 krebs/3modules/makefu/tinc/sdev.pub create mode 100644 krebs/3modules/makefu/tinc/senderechner.pub create mode 100644 krebs/3modules/makefu/tinc/studio.pub create mode 100644 krebs/3modules/makefu/tinc/tsp.pub create mode 100644 krebs/3modules/makefu/tinc/wbob.pub create mode 100644 krebs/3modules/makefu/tinc/x.pub (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index e60bbee70..8c7e415cb 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -13,6 +13,8 @@ with import ; }); pub-for = name: builtins.readFile (./ssh + "/${name}.pub"); + sshd-for = name: builtins.readFile (./sshd + "/${name}.pub"); + tinc-for= name: builtins.readFile (./tinc + "/${name}.pub"); in { hosts = mapAttrs hostDefaults { @@ -25,20 +27,11 @@ in { aliases = [ "cake.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0khdelSrOV/ZI9vvbV5aT1wVn2IfUfIdDCQIOnF2mZsrnIcuaedu - jRfZnJST1vOfL7JksF1+8pYwSn34CjJCGhyFf25lc6mARXmZe/araNrVpTntCy2+ - MqG8KZe4mIda/WPTXRYGtFVQZeClM5SCZ7EECtw8sEkwt2QtOv43p/hiMXAkOQsq - 6xc9/b4Bry7d+IjJs3waKfFQllF+C+GuK8yF0YnCEb6GZw7xkxHIO1QV4KSQ4CH7 - 36kEAdCSQ5rgaygRanUlUl+duQn1MLQ+lRlerAEcFfKrr3MKNz2jmGth8iUURdyP - MHjSWe+RkLQ6zzBaVgoKKuI9MbIbhenJWwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "cake"; }; }; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGyJlI0YpIh/LiiPMseD2IBHg+uVGrkSy0MPNeD+Jv8Y cake"; + ssh.pubkey = sshd-for "cake"; }; crapi = rec { # raspi1 cores = 1; @@ -49,215 +42,55 @@ in { aliases = [ "crapi.r" ]; - tinc.pubkey = '' - Ed25519PublicKey = Zkh6vtSNBvKYUjCPsMyAFJmxzueglCDoawVPCezKy4F - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAloXLBfZQEVW9mJ7uwOoa+DfV4ek/SG+JQuexJMugei/iNy0NjY66 - OVIkzFmED32c3D7S1+Q+5Mc3eR02k1o7XERpZeZhCtJOBlS4xMzCKH62E4USvH5L - R4O8XX1o/tpeOuZvpnpY1oPmFFc/B5G2jWWQR4Slpbw7kODwYYm5o+B7n+MkVNrk - OEOHLaaO6I5QB3GJvDH2JbwzDKLVClQM20L/EvIwnB+Xg0q3veKFj0WTXEK+tuME - di++RV4thhZ9IOgRTJOeT94j7ulloh15gqYaIqRqgtzfWE2TnUxvl+upB+yQHNtl - bJFLHkE34cQGxEv9dMjRe8i14+Onhb3B6wIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "crapi"; }; }; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaV5Ga5R8RTrA+nclxw6uy5Z+hPBLitQTfuXdsmbVW6 crapi"; + ssh.pubkey = sshd-for "crapi"; }; - drop = rec { - ci = false; - cores = 1; + firecracker = { + cores = 4; nets = { retiolum = { - ip4.addr = "10.243.177.9"; + ip4.addr = "10.243.12.12"; + ip6.addr = "42:0:0:0:0:0:0:12"; aliases = [ - "drop.r" + "firecracker.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA1QxukdeDqI47nm7/gd5Y9dZZbJULA02ak0A2cB4lmysJjgMFAfbl - 6qpH7HCZk6s+4eI7H+UHUF177W7Z1qq3bqGLmlgdMMAzuDNz9UvNLhrthZMp3tCI - GIFD28O1bKgDAYgsF/X21CRqEvgk3vRDp9yqIVIzQDmerOrZUx62Rx9Fssl/7ooW - 0319fxcTw6GZEp7RXNzgIobnWPydakh+/I0inP0rC6It/vM5Hi2bV71QPZUyJ78C - Szh4S8TznW7yMzTQaOENeaUKfqEyN+CW2OomVdWIBOvTJVpvfAut/kg1dyUGgHlT - F8OlAoNAyxCSxqbM0fY0wtqKD7FaYY9cbQIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "firecracker"; }; }; + ssh.privkey.path = ; + ssh.pubkey = sshd-for "firecracker"; }; + studio = rec { ci = false; cores = 4; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; + ssh.pubkey = sshd-for "studio"; nets = { retiolum = { ip4.addr = "10.243.227.163"; aliases = [ "studio.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti - cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk - GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI - jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1 - 78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu - 8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "studio"; }; }; }; - fileleech = rec { ci = false; cores = 4; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; + ssh.pubkey = ""; nets = { retiolum = { ip4.addr = "10.243.113.98"; aliases = [ "fileleech.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF - 8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K - YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait - nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z - e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V - UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - latte = rec { - ci = false; - cores = 1; - ssh.privkey.path = ; - # ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrkK1mWfPvfZ9ALC1irGLuzOtMefaGAmGY1VD4dj7K1 latte"; - nets = { - internet = { - ip4.addr = "185.215.224.160"; - aliases = [ - "latte.i" - ]; - }; - retiolum = { - ip4.addr = "10.243.80.249"; - aliases = [ - "latte.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAx70gmNoP4RYeF3ShddEMsbNad9L5ezegwxJTZA7XTfF+/cwr/QwU - 5BL0QXTwBnKzS0gun5NXmhwPzvOdvfczAxtJLk8/NjVHFeE39CiTHGgIxkZFgnbo - r2Rj6jJb89ZPaTr+hl0+0WQQVpl9NI7MTCUimvFBaD6IPmBh5wTySu6mYBs0mqmf - 43RrvS42ieqQJAvVPkIzxxJeTS/M3NXmjbJ3bdx/2Yzd7INdfPkMhOONHcQhTKS4 - GSXJRTytLYZEah8lp8F4ONggN6ixlhlcQAotToFP4s8c+KqYfIZrtP+pRj7W72Y6 - vhnobLDJwBbAsW1RQ6FHcw10TrP2H+haewIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - - pnp = { - ci = false; - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.0.210"; - aliases = [ - "pnp.r" - "cgit.pnp.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAugkgEK4iy2C5+VZHwhjj/q3IOhhazE3TYHuipz37KxHWX8ZbjH+g - Ewtm79dVysujAOX8ZqV8nD8JgDAvkIZDp8FCIK0/rgckhpTsy1HVlHxa7ECrOS8V - pGz4xOxgcPFRbv5H2coHtbnfQc4GdA5fcNedQ3BP3T2Tn7n/dbbVs30bOP5V0EMR - SqZwNmtqaDQxOvjpPg9EoHvAYTevrpbbIst9UzCyvmNli9R+SsiDrzEPgB7zOc4T - TG12MT+XQr6JUu4jPpzdhb6H/36V6ADCIkBjzWh0iSfWGiFDQFinD+YSWbA1NOTr - Qtd1I3Ov+He7uc2Z719mb0Og2kCGnCnPIwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - darth = { - ci = false; - cores = 4; - nets = { - retiolum = { - ip4.addr = "10.243.0.84"; - aliases = [ - "darth.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA1pWNU+FY9XpQxw6srUb5mvGFgqSyJQAelFoufZng6EFeTnAzQOdq - qT7IWN+o3kSbQQsC2tQUnRYFoPagsgFP610D+LGwmeJlNgAf23gBI9ar1agUAvYX - yzYBj7R9OgGXHm6ECKwsxUJoGxM4L0l6mk/rTMVFnzgYPbpVJk1o6NPmiZhW8xIi - 3BfxJUSt8rEQ1OudCirvdSr9uYv/WMR5B538wg4JeQK715yKEYbYi8bqOPnTvGD8 - q5HRwXszWzCYYnqrdlmXzoCA1fT4vQdtov+63CvHT2RV7o42ruGZbHy7JIX9X3IE - u0nA8nZhZ5byhWGCpDyr6bTkvwJpltJypQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - siem = { - ip4.addr = "10.8.10.2"; - ip4.prefix = "10.8.10.0/24"; - aliases = [ - "darth.siem" - ]; - tinc.pubkey = '' - Ed25519PublicKey = 24t9ye4gRLg6UbVxBvuuDlvU/cnByxMjYjym4LO6GkK - -----BEGIN RSA PUBLIC KEY----- - MIIBCQKCAQEApcUeTecVahqNIfLEkfgNiaW+eHQ9Y90DxHhy9vdPZh8dmLqoFBoW - TCPcZIRpyj7hxRkNIhh34Ewpul0oQ1tzrUGcT2xvMNwaCupRDmhZn9jR9aFFEYKb - fUOplCxb4y2UKbWAA6hie3PKH9wnPfbwSsexb2BSQAqSt4iNIVCV6j7LXpiopbGS - Exs3/Pz+IeMtGyuMYA3rUmJsVRKR1o7axLtlhYK7JSMbqdYhaQJ4NZrvIXw//w21 - kM/TJTPZ4j47ME18jQInO62X5h+xVch6DtvwvjBMMMKbS0am9qw1P3qo7MP3PmQh - rvVQRth8L63q4NLOnT29XmnxPSVGL1PBQQICEAE= - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - ossim = { # vm on darth - nets = { - siem = { - ip4.addr = "10.8.10.6"; - ip4.prefix = "10.8.10.0/24"; - aliases = [ - "ossim.siem" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAv5qv9R3E1AHJOhTnHJ2E5zWjItRdXSw/inpz/W+KcBeM/HSG0XEl - RyGAwty7VP4CiLp7CagWmtVsz/5ytnXJzLDeRLn5t+KzO6am0aOpvAt6ZggZXPhL - cQkn4IGi1TJE5tw+lzabBkUZm3zD1KEXpqJeZ6spA4e9lB/+T3Tx23g9WDEOKand - mAJrsdsvTCIiVJefidOAmgeZVVOV3ltBonNP1nqEy+5v4B3EBT/Uj7ImL2aRj/pd - dPs6dGV2LqSQvnrSbFZzuKVXKpD1M+wgT/5NQk/hVJJxBQC6rxvpg1XyQkepcLWL - WjvogOl4NjXStmKDX2+gPPFx6XTmwDenOwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - honeydrive = { # vm on darth - nets = { - internet = { # via shoney - ip4.addr = "64.137.234.232"; - aliases = [ - "honeydrive.i" - ]; + tinc.pubkey = tinc-for "fileleech"; }; }; }; @@ -270,21 +103,7 @@ in { aliases = [ "tsp.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAwW+RjRcp3uarkfXZ+FcCYY2GFcfI595GDpLRuiS/YQAB3JZEirHi - HFhDJN80fZ9qHqtq9Af462xSx+cIb282TxAqCM1Z9buipOcYTYo0m8xIqkT10dB3 - mR87B+Ed1H6G3J6isdwEb9ZMegyGIIeyR53FJQYMZXjxdJbAmGMDKqjZSk1D5mo+ - n5Vx3lGzTuDy84VyphfO2ypG48RHCxHUAx4Yt3o84LKoiy/y5E66jaowCOjZ6SqG - R0cymuhoBhMIk2xAXk0Qn7MZ1AOm9N7Wru7FXyoLc7B3+Gb0/8jXOJciysTG7+Gr - Txza6fJvq2FaH8iBnfezSELmicIYhc8Ynlq4xElcHhQEmRTQavVe/LDhJ0i6xJSi - aOu0njnK+9xK+MyDkB7n8dO1Iwnn7aG4n3CjVBB4BDO08lrovD3zdpDX0xhWgPRo - ReOJ3heRO/HsVpzxKlqraKWoHuOXXcREfU9cj3F6CRd0ECOhqtFMEr6TnuSc8GaE - KCKxY1oN45NbEFOCv2XKd2wEZFH37LFO6xxzSRr1DbVuKRYIPjtOiFKpwN1TIT8v - XGzTT4TJpBGnq0jfhFwhVjfCjLuGj29MCkvg0nqObQ07qYrjdQI4W1GnGOuyXkvQ - teyxjUXYbp0doTGxKvQaTWp+JapeEaJPN2MDOhrRFjPrzgo3aW9+97UCAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "tsp"; }; }; }; @@ -297,34 +116,7 @@ in { aliases = [ "x.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAnztrijsfao+fmNtwAjqwIDKsRaMP3ECsq2T2zqKvxwCyXk69G9bG - RFhWjgaawS9ZhnHSlgWK/vtoR0O9NxpzdU/mvdQijbVGxM02DegjO9qDSIe8EGmA - kscW4nDqYtw4rtjOVPfnNiWXbcWD8eiYR0kcSWmSvfOpVvdhTETqduTx5HRHyEFD - JRQYR/tJSvVWXmM670PENAPNJFJ4VSJR60s5A+bFT7J/uw7HzJXX28LygJz73Dj2 - 2a4ev0WcZQngLq072h/91R/TOpg+ogUDVhXkQtKyFj7im0287JTL4bXGofZBhzaf - +h9dFGs1QLoNyhG/cgt9fog7boSXTelAiQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - siem = { - ip4.addr = "10.8.10.4"; - ip4.prefix = "10.8.10.0/24"; - aliases = [ - "makefu.siem" - ]; - tinc.pubkey = '' - Ed25519PublicKey = rFTglGxm563e/w82Q9Qqy/E+V/ipT4DOTyTuYrWrtmI - -----BEGIN RSA PUBLIC KEY----- - MIIBCQKCAQEAx+OQXQj6rlXIByo48JZXSexRz5G5oJVZTHAJ0GF5f70U65C0x83p - XtNp4LGYti+cyyzmQjf/N7jr2CxUlOATN2nRO4CT+JaMM2MoqnPWqTZBPMDiHq2y - ce0zjLPPl0hVc5mg+6F0tgolbUvTIo2CgAIl5lNvJiVfmXRSehmMprf1NPkxJd/O - vAOD7mgnCjkEAWElf1cfxSGZqSLbNltRK340nE5x6A5tY7iEueP/r9chEmOnVjKm - t+GJAJIe1PClWJHJYAXF8I7R3g+XQIqgw+VTN3Ng5cS5W/mbTFIzLWMZpdZaAhWR - 56pthtZAE5FZ+4vxMpDQ4yeDu0b6gajWNQICEAE= - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "x"; }; #wiregrill = { # aliases = [ @@ -334,113 +126,8 @@ in { #}; }; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x"; - - }; + ssh.pubkey = sshd-for "x"; - vbob = { - ci = true; - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.1.91"; - aliases = [ - "vbob.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+0TIo0dS9LtSdrmH0ClPHLO7dHtV9Dj7gaBAsbyuwxAI5cQgYKwr - 4G6t7IcJW+Gu2bh+LKtPP91+zYXq4Qr1nAaKw4ajsify6kpxsCBzknmwi6ibIJMI - AK114dr/XSk/Pc6hOSA8kqDP4c0MZXwitRBiNjrWbTrQh6GJ3CXhmpZ2lJkoAyNP - hjdPerbTUrhQlNW8FanyQQzOgN5I7/PXsZShmb3iNKz1Ban5yWKFCVpn8fjWQs5o - Un2AKowH4Y+/g8faGemL8uy/k5xrHSrn05L92TPDUpAXrcZXzo6ao1OBiwJJVl7s - AVduOY18FU82GUw7edR0e/b2UC6hUONflwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPLTMl+thSq77cjYa2XF7lz5fA7JMftrLo8Dy/OBXSg root@nixos"; - }; - pigstarter = rec { - cores = 1; - - extraZones = { - "krebsco.de" = '' - euer IN MX 1 aspmx.l.google.com. - nixos.unstable IN CNAME krebscode.github.io. - boot IN A ${nets.internet.ip4.addr} - ''; - }; - nets = { - internet = { - ip4.addr = "192.40.56.122"; - ip6.addr = "2604:2880::841f:72c"; - aliases = [ - "pigstarter.i" - ]; - }; - retiolum = { - ip4.addr = "10.243.0.153"; - aliases = [ - "pigstarter.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA/efJuJRLUIZROe3QE8WYTD/zyNGRh9I2/yw+5It9HSNVDMIOV1FZ - 9PaspsC+YQSBUQRN8SJ95G4RM6TIn/+ei7LiUYsf1Ik+uEOpP5EPthXqvdJEeswv - 3QFwbpBeOMNdvmGvQLeR1uJKVyf39iep1wWGOSO1sLtUA+skUuN38QKc1BPASzFG - 4ATM6rd2Tkt8+9hCeoePJdLr3pXat9BBuQIxImgx7m5EP02SH1ndb2wttQeAi9cE - DdJadpzOcEgFatzXP3SoKVV9loRHz5HhV4WtAqBIkDvgjj2j+NnXolAUY25Ix+kv - sfqfIw5aNLoIX4kDhuDEVBIyoc7/ofSbkQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - wry = rec { - ci = false; - cores = 1; - extraZones = { - "krebsco.de" = '' - wry IN A ${nets.internet.ip4.addr} - tinc IN A ${nets.internet.ip4.addr} - ''; - }; - nets = rec { - internet = { - ip4.addr = "104.233.87.86"; - aliases = [ - "wry.i" - ]; - }; - retiolum = { - via = internet; - ip4.addr = "10.243.29.169"; - aliases = [ - "wry.r" - "graph.wry.r" - "paste.wry.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAs9bq++H4HF8EpZMfWGfoIsh/C+YNO2pg74UPBsP/tFFe71yzWwUn - U9LW0n3bBqCMQ/oDthbSMwCkS9JzcUi22QJEdjbQs/aay9gZR115b+UxWPocw0Ms - ZoREKo3Oe0hETk7Ing8NdBDI0kCBh9QnvqQ3iKd0rBae3DYvcWlDsY93GLGMddgA - 7E9oa3EHVYH/MPZaeJtTknaJduanBSbiEb/xQOqxTadHoQASKU6DQD1czMH3hLG2 - 8Wn4MBj9fgKBAoIy092tIzPtE2QwAHO73yz4mSW/3r190hREgVbjuEPiw4w5mEyQ - j+NeN3f3heFKx+GCgdWH9xPw6m6qPdqUiGUPq91KXMOhNa8lLcTp95mHdCMesZCF - TFj7hf6y+SVt17Vo+YUL7UqnMtAm3eZZmwyDu0DfKFrdgz6MtDD+5dQp9g8VHpqw - RfbaB1Srlr24EUYYoOBEF9CcIacFbsr+MKh+hQk5R0uEMSeAWARzxvvr69iMgdEC - zDiu0rrRLN+CrfgkDir7pkRKxeA1lz8KpySyIZRziNg6mSHjKjih4++Bbu4N2ack - 86h84qBrA8lq2xsub4+HgKZGH2l5Y8tvlr+rx0mQKEJkT6XDKCXZFPfl2N0QrWGT - Dv7l2vn0QMj9E6+BdRhYaO/m3+cIZ9faM851nRj/gq2OOtzW3ekrne0CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH4Tjx9qK6uWtxT1HCpeC0XvDZKO/kaPygyKatpAqU6I root@wry"; }; filepimp = rec { ci = false; @@ -457,16 +144,7 @@ in { aliases = [ "filepimp.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA43w+A1TMOfugZ/CVwilJn4c36wWSjihaeVe7suZD0DSscKBcbkGg - 3dTCSTnu6Qb9sYd2mKebKXLreO6nhEEoFGsRU0yw/1h8gl7mWYEdTifPfvM5EWwS - wkN9dJ5njwIUSRyWH7QTsLkiRJVFN2UxEwrhAbo1FJ7yuhRgAKqKJSN4yPVViZwR - oHyyobvm/i2J+XSiDI9MRo74vNjnDLvO7R6ErIrhOPP1bD9fx3u+UYUfgS0iCO3X - UN0duBz/faRcl6IRytZOuHaIp30eJ4850ZK8RPz/Dqqj+USMFq60i0oMsuAi/ljB - 8b+eQBt6OXu4MSntxoR8Ja7ht+EOTDnBOwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "filepimp"; }; }; }; @@ -489,68 +167,33 @@ in { "dcpp.omo.r" "torrent.omo.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAuHQEeowvxRkoHJUw6cUp431pnoIy4MVv7kTLgWEK46nzgZtld9LM - ZdNMJB9CuOVVMHEaiY6Q5YchUmapGxwEObc0y+8zQxTPw3I4q0GkSJqKLPrsTpkn - sgEkHPfs2GVdtIBXDn9I8i5JsY2+U8QF8fbIQSOO08/Vpa3nknDAMege9yEa3NFm - s/+x+2pS+xV6uzf/H21XNv0oufInXwZH1NCNXAy5I2V6pz7BmAHilVOGCT7g2zn6 - GasmofiYEnro4V5s8gDlQkb7bCZEIA9EgX/HP6fZJQezSUHcDCQFI0vg26xywbr6 - 5+9tTn8fN2mWS5+Pdmx3haX1qFcBP5HglwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "omo"; }; }; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBGboU/P00yYiwYje53G0oqDFWmcSJ+hIpMsl4f/HH"; + ssh.pubkey = sshd-for "omo"; }; wbob = rec { ci = true; cores = 4; nets = { - siem = { - ip4.addr = "10.8.10.7"; - ip4.prefix = "10.8.10.0/24"; - aliases = [ "display.siem" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+/TpxsVIBL9J9QAe/+jB6sgu/O6J+KY4YrAzZ6dM4kbFv5JA64f5 - 6znv8EFqn6loS9Aez3e08P5scyGjiwWytdKN5Yztlffc0xDD7MUU2RiCsQF1X74J - +1i8NhSq3PJ6UeUURxYYnAYzBlFvsxev4vpniFTsIR9tmcAYX9NT9420D6nV7xq7 - FdkoBlYj4eUQqQzHH1T/Lmt+BGmf+BufIJas+Oo/Sg59vIk9OM08WyAjHVT2iNbg - LXDhzVaeGOOM3GOa0YGG0giM3Rd245YPaPiVbwrMy8HQRBpMzXOPjcC1nYZSjxrW - LQxtRS+dmfEMG7MJ8T2T2bseX6z6mONc1QIDAQAB - -----END RSA PUBLIC KEY----- - -----BEGIN ED25519 PUBLIC KEY----- - 3JGeGnADWR+hfb4TEoHDyopEYgkfGNJKwy71bqcsNrO - -----END ED25519 PUBLIC KEY----- - ''; - }; retiolum = { ip4.addr = "10.243.214.15"; aliases = [ "wbob.r" "hydra.wbob.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e - QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal - cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 - khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs - rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 - TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "wbob"; }; }; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr"; + ssh.pubkey = sshd-for "wbob"; }; gum = rec { ci = true; extraZones = { "krebsco.de" = '' + boot IN A ${nets.internet.ip4.addr} boot.euer IN A ${nets.internet.ip4.addr} cache.euer IN A ${nets.internet.ip4.addr} cache.gum IN A ${nets.internet.ip4.addr} @@ -558,6 +201,7 @@ in { dl.euer IN A ${nets.internet.ip4.addr} dockerhub IN A ${nets.internet.ip4.addr} euer IN A ${nets.internet.ip4.addr} + euer IN MX 1 aspmx.l.google.com. ghook IN A ${nets.internet.ip4.addr} git.euer IN A ${nets.internet.ip4.addr} gold IN A ${nets.internet.ip4.addr} @@ -566,6 +210,7 @@ in { iso.euer IN A ${nets.internet.ip4.addr} mon.euer IN A ${nets.internet.ip4.addr} netdata.euer IN A ${nets.internet.ip4.addr} + nixos.unstable IN CNAME krebscode.github.io. o.euer IN A ${nets.internet.ip4.addr} photostore IN A ${nets.internet.ip4.addr} pigstarter IN A ${nets.internet.ip4.addr} @@ -617,90 +262,24 @@ in { "wiki.gum.r" "wiki.makefu.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAvgvzx3rT/3zLuCkzXk1ZkYBkG4lltxrLOLNivohw2XAzrYDIw/ZY - BTDDcD424EkNOF6g/3tIRWqvVGZ1u12WQ9A/R+2F7i1SsaE4nTxdNlQ5rjy80gO3 - i1ZubMkTGwd1OYjJytYdcMTwM9V9/8QYFiiWqh77Xxu/FhY6PcQqwHxM7SMyZCJ7 - 09gtZuR16ngKnKfo2tw6C3hHQtWCfORVbWQq5cmGzCb4sdIKow5BxUC855MulNsS - u5l+G8wX+UbDI85VSDAtOP4QaSFzLL+U0aaDAmq0NO1QiODJoCo0iPhULZQTFZUa - OMDYHHfqzluEI7n8ENI4WwchDXH+MstsgwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "gum"; }; }; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; + ssh.pubkey = sshd-for "gum"; }; - shoney = rec { - ci = false; - cores = 1; - nets = rec { - siem = { - via = internet; - ip4.addr = "10.8.10.1"; - ip4.prefix = "10.8.10.0/24"; - aliases = [ - "shoney.siem" - "graph.siem" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0OK28PHsMGMxAqVRiRGv93zzEWJgV3hMFquWrpbYC3OZwHDYcNHu - 74skwRRwwnbcq0ZtWroEvUTmZczuPt2FewdtuEutT7uZJnAYnzSOrB9lmmdoXKQU - l4ho1LEf/J0sMBi7RU/OJosuruQTAl53ca5KQbRCXkcPlmq4KzUpvgPINpEpYQjB - CGC3ErOvw2jXESbDnWomYZgJl3uilJUEYlyQEwyWVG+fO8uxlz9qKLXMlkoJTbs4 - fTIcxh7y6ZA7QfMN3Ruq1R66smfXQ4xu1hybvqL66RLiDQgH3BRyKIgobS1UxI4z - L+xhIsiMXQIo2hv8aOUnf/7Ac9DXNR83GwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - tinc.port = 1655; - }; - internet = { - ip4.addr = "64.137.234.215"; - aliases = [ - "shoney.i" - ]; - }; - retiolum = { - ip4.addr = "10.243.205.131"; - aliases = [ - "shoney.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAsYXzbotmODJqos+Ilve8WyO2qBti6eMDSOP59Aqb18h8A5b4tCTL - ygDo2xLLzRaINQAxfdaKcdMOWSEkiy1j/pBYs1tfqv4mT6BO+1t8LXz82D+YcT+4 - okGXklZ/H5L+T9cynbpKIwzTrw0DuOUhzs/WRFJU60B4cJ0Tl3IQs5ePX1SevVht - M5n1ob47SCHxEuC+ZLNdLc6KRumcp3Ozk6Yxj3lZ0tqyngxY1C+1kTJwRyw9A7vO - +DAH8t1YusYi7ICHcYt5J1p0ZGizcs8oEnZLBy4D+bJX86g7zbix1lZ37LxDCpQ5 - uCoAYFes7QqLVDYhucZ5ElRWdATM2mBtZwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; sdev = rec { ci = true; cores = 1; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev"; + ssh.pubkey = sshd-for "sdev"; nets = { retiolum = { ip4.addr = "10.243.83.237"; aliases = [ "sdev.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA8BwHwQ4pLZpskVnQONJsmzRPll4ZKMjAC56sY5p+GfT9ZBMkVDn+ - LeH9wuTRiX/ehgtBiyu8w37cz62hz/71H+3mnWJlTm9bbBTc5N0y8l9b+YYeExW4 - XPm4bUbJWKNRG9tHQAns/OREYDsHLsY6UoyNFmB0wTDpgs7egDCoe7E2eT+pG428 - ysCDYlaZaigOyW+bj/HFLj8FSfpF5C/ug7NE/D7QocadsRUiLtVYrJsfmT+KHWf+ - f5rLWLvuFiz1SWf7wZ9sICF3RCaC9Qhz7zplgHbvwbOHtF+Z/6DxduRMkggZUsUD - nm+40Ex1XJTe+s4V4GKLgh/fDKBTS6JwewIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "sdev"; }; }; }; @@ -728,16 +307,7 @@ in { aliases = [ "flap.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAwtLD+sgTQGO+eh2Ipq2r54J1I0byvfkaTBeBwhtUmWst+lUQUoGy - 2fGReRYsb4ThDLeyK439jZuQBeXSc5r2g0IHBJCSWj3pVxc1HRTa8LASY7QuprQM - 8rSQa2XUtx/KpfM2eVX0yIvLuPTxBoOf/AwklIf+NmL7WCfN7sfZssoakD5a1LGn - 3EtZ2M/4GyoXJy34+B8v7LugeClnW3WDqUBZnNfUnsNWvoldMucxsl4fAhvEehrL - hGgQMjHFOdKaLyatZOx6Pq4jAna+kiJoq3mVDsB4rcjLuz8XkAUZmVpe5fXAG4hr - Ig8l/SI6ilu0zCWNSJ/v3wUzksm0P9AJkwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "flap"; }; }; }; @@ -750,105 +320,7 @@ in { aliases = [ "nukular.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAnt/d9Ys9gmQMGEPzPydAs0Etp9aPb5PreogzVilvazFCZ8HiQHl/ - gRGlNBImcPPAPGgLjQ49TZ6V1s0bX0GMlu9gJxqU7Nz/TPbAaDJSmEDPkXnaMC97 - gLoluwJHURKPP6+0VNQuK/IOjjDLzLjRDiVeIg6NR0nFAQPlxUhrCN/PhxqNV5WP - H1nR+a4UDoLcKbtgQP+4Eu09iEm+H6o5eCFTX2Ov9Ok2m948Jm0rAqUbPAISf9m4 - tOOhhUhn0xvQy5iNHI72ndLvogQ968rnFwBpZM7HF1FsiaQfOF9Nhf11rHCJod3P - meq9GsIUyppZmEKecnTtVfG1oUHMbt1GxQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - - heidi = rec { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.124.21"; - aliases = [ - "heidi.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAqRLnAJNZ1OoO1bTS58DQgxi1VKgITHIuTW0fVGDvbXnsjPUB3cgx - 1GEVtLc0LN6R9wrPKDaqHS6mkiRSDVScaW/FqkdFhTDaBJy8LfomL9ZmkU9DzkvQ - jncDjr0WoR+49rJHYsUULp1fe98Ev+y3VwVdJOOH92pAj1CAAUdtfG7XcGyHznYY - ZNLriGZe3l1AwsWMEflzHLeXcKQ/ZPOrjZ4EFVvfGfdQdJ24UUF3r4sBypYnasmA - q8lCw9rCrFh1OS6mHLC9qsvGfal6X4x2/xKc5VxZD4MQ/Bp7pBi1kwfHpKoREFKo - w/Jr3oG/uDxMGIzphGX185ObIkZ1wl/9DwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - - - lariat = rec { - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.64.7"; - aliases = [ - "lariat.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAqiDzxADQYY8cWBH+R5aKSoxaFHLvPvVMgB7R1Y6QVTqD5YUCuINX - eBLFV9idHnHzdZU+xo/c8EFQf0hvyP0z3bcXaiw+RlpEYdK6tuaypJ3870toqWmA - 269H8ufA3DA0hxlY7dwnhg8Rb7KGIlNN8fy4RMGe73PupF5aAmiDiEhPalv4E0qJ - unmk5y1OHQFPxYm++yLo5SVFlcO89jDtGpvg5papp8JvtxTkrshby1lXf/sph3Cv - d1z6h7S+HgT+BMwTZY5dIrwYAcob/t1sRmWsY62P1n02RbiJFm27wg0t/ZcfsI2o - yBjRTiK5ACJaIdpM99/902gJsuJASPGB2QIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - - soundflower = rec { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.69.184"; - aliases = [ - "soundflower.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0a0oenAy9MDa2M6NoLtB8elduGgc3oLtUwsm3iUu6w8L+Je5TndN - H8dPn3sByUk1Jkd8tGGRk/vSFj/mtUn7xXKCnFXfKDqVowu/0KS3Q+6o4mcoATeb - Ax7e6Cz1YH5+qhQjR7apuase9X9Dzp56//5VW2gaScvWevvzrij2x7eNvJRF+W/l - FDXc8zBPkFW5TLFHOizRoLl4mK1hz2NrUiqcq5Ghs2yPsFxl/o5+e2MOwtdI49T6 - lMkeshAeNOSMKYfP9nmHZoKI/MIpGak0EF3ZQtLvyv+tM2Q0nuwH3RvxlK/Xf6U+ - 8SoQu4yRIeK+pMiLEHhFPzBpk+sblUlG7QIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - - falk = rec { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.120.19"; - aliases = [ - "falk.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA961eCQE562VPYjuZtd0+FNRfUghvD2ccjUlihMjzg46GAK+duqK+ - 4peWklGOL4eRYQBg6G2VDzWiU2MxXVbXUZaMrxh7fTc3G3LdbqTxzAv3GQKR/6iA - 9bGUf6u4ztVNAcj2mrY3mfs4gMlBQyQ2wcM0ZUpiAMaRB4cdq7I4GVHbYTFYfQuI - 2zdnr0w8AjlMpFFcD0ExsWeppiJsE7iiME/S2VVfh2NrEpAKQbLH9fKrfkiJA/+9 - 0VIH9wLLIYngUtQKbvEQ5xgx6ybrg0vO8ZqZ1ZGXYxOQZzWzPP0tvDU0QHSKYSWb - FjcOf1lWSWjsjHxMl/Gh57hjNJFCbs8yjQIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "nukular"; }; }; }; @@ -861,88 +333,7 @@ in { aliases = [ "filebitch.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d - fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs - e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1 - KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99 - oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf - wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - - bridge = rec { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.26.29"; - aliases = [ - "excobridge.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEApeeMSYMuXg4o/fNHnG2ftp2WskZLrt63zhRag7U1HqYUnuPqY60d - VVy9MBTawm6N02nC2Svm3V07ZXaRp/XsXQLx+evZcDjPjnDYgl2ZGX0ir5Cn50bm - UzhJiMW6/J7AYvucgeAaVJ0YmIwRw6ndYGcxmXWi4TK0jSzhuSLgookWM6iJfbdB - oaYsjiXisEvNxt7rBlCfacaHMlPhz3gr1gc4IDCwF+RAMM29NUN3OinI+/f56d7b - /hLZWbimiwtvGVsGLiA2EIcfxQ7aD/LINu+XXMaq7f8QByXj/Lzi7456tDi3pdJg - lyg9yqRJYt4Zle5PVejn08qiofTUmlEhnwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - - horisa = rec { - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.226.213"; - aliases = [ - "horisa.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA1hhBqCku98gimv0yXr6DFwE2HUemigyqX8o7IsPOW5XT/K8o+V40 - Oxk3r0+c7IYREvug/raxoullf5TMJFzTzqzX4njgsiTs25V8D7hVT4jcRKTcXmBn - XpjtD+tIeDW1E6dIMMDbxKCyfd/qaeg83G7gPobeFYr4JNqQLXrnotlWMO9S13UT - +EgSP2pixv/dGIqX8WRg23YumO8jZKbso/sKKFMIEOJvnh/5EcWb24+q2sDRCitP - sWJ5j/9M1Naec/Zl27Ac2HyMWRk39F9Oo+iSbc47QvjKTEmn37P4bBg3hY9FSSFo - M90wG/NRbw1Voz6BgGlwOAoA+Ln0rVKqDQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - - tahoe = rec { - cores = 1; - nets = { - internet = { - ip4.addr = "148.251.47.69"; - aliases = [ - "wooki.i" - ]; - }; - retiolum = { - ip4.addr = "10.243.57.85"; - aliases = [ - "wooki.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAx6R+CuJu4Bql+DgGPpE7wI+iasRY6ltxW0/L04uW9XiOKiEjx66y - QMMaW18bcb0SOfTE8qYo8pOsZ5E9FFPY6cKH4DGi8g1FpaODle9V8RrVg3F7RuZ8 - dXDXeZxvYvJ2LwPBvlr1aisqJqgxAwF2ipPPX97rAYbp46a/vkgU5bPF1OFlTDaH - 9jjThuidiEwY4EMtJGKisnTGx8yS5iQibDMqzrcRpCxCLcl68FgFNKCTtSIj1mo6 - hgO1ZKmHw73ysmrL2tImmalHYcqDJnq/KInG2ZkCZI/2ZqfJyrRSTk86t5ubfD6p - egC5N0Y5dQHJd66AytNwXxymiAcWuYth9QIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "filebitch"; }; }; }; @@ -955,40 +346,7 @@ in { aliases = [ "senderechner.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0zCc5aLVRO6NuxUoR6BVzq2PQ/U5AEjYTdGkQufRot42N29MhxY7 - lJBfPfkw/yg2FOzmAzTi62QyrLWSaF1x54rKu+JeNSsOAX+BorGhM67N45DGvJ0X - rakIL0BrVoV7Kxssq3DscGVbjbNS5B5c+IvTp97me/MpuDrfYqUyZk5mS9nB0oDL - inao/A5AtOO4sdqN5BNE9/KisN/9dD359Gz2ZGGq6Ki7o4HBdBj5vi0f4fTofZxT - BJH4BxbWaHwXMC0HYGlhQS0Y7tKYT6h3ChxoLDuW2Ox2IF5AQ/O4t4PIBDp1XaAO - OK8SsmsiD6ZZm6q/nLWBkYH08geYfq0BhQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - tcac-0-1 = rec { - cores = 1; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcX7rlGmGp1zCStrERXZ3XuT/j69FDBXV4ceLn9RXsG tcac-0-1 - "; - nets = { - retiolum = { - ip4.addr = "10.243.144.142"; - aliases = [ - "tcac-0-1.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+3zuZa8FhFBcUNdNGyTQph6Jes0WDQB4CDcEcnK9okP60Z0ONq8j - 7sKmxzQ43WFm04fd992Aa/KLbYBbXmGtYuu68DQwQGwk3HVNksp6ha7uVK1ibgNs - zJIKizpFqK4NAYit0OfAy7ugVSvtyIxg9CDhnASDZ5NRq8/OLhvo5M4c3r3lGOlO - Hv1nf4Tl2IYRln3c+AJEiw2369K46mRlt28yHeKUw1ur6hrbahnkYW+bjeliROIs - QLp8J8Jl6evtPOyZpgyGHLQ/WPsQRK5svVA9ou17R//m4KNL1kBjTfxs7GaJWHLl - HpSZTqRKsuK6K9R6kzu7NU81Wz0HXxw/qwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = tinc-for "senderechner"; }; }; }; diff --git a/krebs/3modules/makefu/sshd/cake.pub b/krebs/3modules/makefu/sshd/cake.pub new file mode 100644 index 000000000..8eab57ab7 --- /dev/null +++ b/krebs/3modules/makefu/sshd/cake.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGyJlI0YpIh/LiiPMseD2IBHg+uVGrkSy0MPNeD+Jv8Y cake diff --git a/krebs/3modules/makefu/sshd/crapi.pub b/krebs/3modules/makefu/sshd/crapi.pub new file mode 100644 index 000000000..5361111a5 --- /dev/null +++ b/krebs/3modules/makefu/sshd/crapi.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaV5Ga5R8RTrA+nclxw6uy5Z+hPBLitQTfuXdsmbVW6 crapi diff --git a/krebs/3modules/makefu/sshd/fileleech.pub b/krebs/3modules/makefu/sshd/fileleech.pub new file mode 100644 index 000000000..22a3c7534 --- /dev/null +++ b/krebs/3modules/makefu/sshd/fileleech.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech diff --git a/krebs/3modules/makefu/sshd/firecracker.pub b/krebs/3modules/makefu/sshd/firecracker.pub new file mode 100644 index 000000000..8e9ef5a37 --- /dev/null +++ b/krebs/3modules/makefu/sshd/firecracker.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGk+QqJEPoBNP9KbPiivCI5YJ9psAKnujRrUL4bNqxwe firecracker diff --git a/krebs/3modules/makefu/sshd/gum.pub b/krebs/3modules/makefu/sshd/gum.pub new file mode 100644 index 000000000..c79e3cbee --- /dev/null +++ b/krebs/3modules/makefu/sshd/gum.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum diff --git a/krebs/3modules/makefu/sshd/omo.pub b/krebs/3modules/makefu/sshd/omo.pub new file mode 100644 index 000000000..63bbbc709 --- /dev/null +++ b/krebs/3modules/makefu/sshd/omo.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBGboU/P00yYiwYje53G0oqDFWmcSJ+hIpMsl4f/HH diff --git a/krebs/3modules/makefu/sshd/sdev.pub b/krebs/3modules/makefu/sshd/sdev.pub new file mode 100644 index 000000000..972e9b6d4 --- /dev/null +++ b/krebs/3modules/makefu/sshd/sdev.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev diff --git a/krebs/3modules/makefu/sshd/studio.pub b/krebs/3modules/makefu/sshd/studio.pub new file mode 100644 index 000000000..be5a4e6d3 --- /dev/null +++ b/krebs/3modules/makefu/sshd/studio.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio diff --git a/krebs/3modules/makefu/sshd/wbob.pub b/krebs/3modules/makefu/sshd/wbob.pub new file mode 100644 index 000000000..8b1789f21 --- /dev/null +++ b/krebs/3modules/makefu/sshd/wbob.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr diff --git a/krebs/3modules/makefu/sshd/x.pub b/krebs/3modules/makefu/sshd/x.pub new file mode 100644 index 000000000..085f7f490 --- /dev/null +++ b/krebs/3modules/makefu/sshd/x.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x diff --git a/krebs/3modules/makefu/tinc/cake.pub b/krebs/3modules/makefu/tinc/cake.pub new file mode 100644 index 000000000..8a1e4b933 --- /dev/null +++ b/krebs/3modules/makefu/tinc/cake.pub @@ -0,0 +1,8 @@ +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEA0khdelSrOV/ZI9vvbV5aT1wVn2IfUfIdDCQIOnF2mZsrnIcuaedu +jRfZnJST1vOfL7JksF1+8pYwSn34CjJCGhyFf25lc6mARXmZe/araNrVpTntCy2+ +MqG8KZe4mIda/WPTXRYGtFVQZeClM5SCZ7EECtw8sEkwt2QtOv43p/hiMXAkOQsq +6xc9/b4Bry7d+IjJs3waKfFQllF+C+GuK8yF0YnCEb6GZw7xkxHIO1QV4KSQ4CH7 +36kEAdCSQ5rgaygRanUlUl+duQn1MLQ+lRlerAEcFfKrr3MKNz2jmGth8iUURdyP +MHjSWe+RkLQ6zzBaVgoKKuI9MbIbhenJWwIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/makefu/tinc/crapi.pub b/krebs/3modules/makefu/tinc/crapi.pub new file mode 100644 index 000000000..2b6104468 --- /dev/null +++ b/krebs/3modules/makefu/tinc/crapi.pub @@ -0,0 +1,9 @@ +Ed25519PublicKey = Zkh6vtSNBvKYUjCPsMyAFJmxzueglCDoawVPCezKy4F +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAloXLBfZQEVW9mJ7uwOoa+DfV4ek/SG+JQuexJMugei/iNy0NjY66 +OVIkzFmED32c3D7S1+Q+5Mc3eR02k1o7XERpZeZhCtJOBlS4xMzCKH62E4USvH5L +R4O8XX1o/tpeOuZvpnpY1oPmFFc/B5G2jWWQR4Slpbw7kODwYYm5o+B7n+MkVNrk +OEOHLaaO6I5QB3GJvDH2JbwzDKLVClQM20L/EvIwnB+Xg0q3veKFj0WTXEK+tuME +di++RV4thhZ9IOgRTJOeT94j7ulloh15gqYaIqRqgtzfWE2TnUxvl+upB+yQHNtl +bJFLHkE34cQGxEv9dMjRe8i14+Onhb3B6wIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/makefu/tinc/filebitch.pub b/krebs/3modules/makefu/tinc/filebitch.pub new file mode 100644 index 000000000..fe31accda --- /dev/null +++ b/krebs/3modules/makefu/tinc/filebitch.pub @@ -0,0 +1,8 @@ +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d +fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs +e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1 +KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99 +oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf +wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/makefu/tinc/fileleech.pub b/krebs/3modules/makefu/tinc/fileleech.pub new file mode 100644 index 000000000..1dc6a5b1f --- /dev/null +++ b/krebs/3modules/makefu/tinc/fileleech.pub @@ -0,0 +1,8 @@ +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF +8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K +YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait +nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z +e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V +UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/makefu/tinc/filepimp.pub b/krebs/3modules/makefu/t