From 88b343292bf15269d1df3dd23198fa90c97ef485 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Nov 2020 20:40:28 +0100 Subject: github-hosts-sync: fix deprecated user definition --- krebs/3modules/github-hosts-sync.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 0b7d56098..7d618ebfd 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -62,8 +62,8 @@ let }; }; - users.extraUsers = singleton { - inherit (user) name uid; + users.users.${user.name} = { + inherit (user) uid; home = cfg.dataDir; }; }; -- cgit v1.2.3 From f36fd9b46ffe1898792b59709efffcce43d468e2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Nov 2020 16:38:42 +0100 Subject: jeschli: disable most hosts in ci --- krebs/3modules/jeschli/default.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix index 75d7eda6e..390f7585f 100644 --- a/krebs/3modules/jeschli/default.nix +++ b/krebs/3modules/jeschli/default.nix @@ -12,6 +12,7 @@ with import ; in { hosts = mapAttrs hostDefaults { brauerei = { + ci = false; nets = { retiolum = { ip4.addr = "10.243.27.29"; @@ -93,6 +94,7 @@ in { }; bolide = { + ci = false; nets = { retiolum = { ip4.addr = "10.243.27.31"; @@ -130,6 +132,7 @@ in { }; reagenzglas = { + ci = false; nets = { retiolum = { ip4.addr = "10.243.27.32"; -- cgit v1.2.3 From 2fce838d369dfe4dfffc19830272daaba95e2dea Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 17 Nov 2020 19:09:55 +0100 Subject: tv: disable ci for all systems --- krebs/3modules/tv/default.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 6a09cc834..756caa03e 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -32,7 +32,7 @@ in { }; hosts = mapAttrs hostDefaults { alnus = { - ci = true; + ci = false; cores = 2; nets = { retiolum = { @@ -56,7 +56,7 @@ in { ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q=="; }; au = { - ci = true; + ci = false; cores = 4; nets = { retiolum = { @@ -83,7 +83,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au"; }; mu = { - ci = true; + ci = false; cores = 2; nets = { retiolum = { @@ -155,7 +155,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; }; nomic = { - ci = true; + ci = false; cores = 2; nets = { retiolum = { @@ -181,7 +181,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIHmwXHV7E9UGuk4voVCADjlLkyygqNw054jvrsPn5t root@nomic"; }; wu = { - ci = true; + ci = false; cores = 4; nets = { retiolum = { @@ -207,7 +207,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa"; }; querel = { - ci = true; + ci = false; cores = 2; nets = { retiolum = { @@ -239,7 +239,7 @@ in { binary-cache = { pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s="; }; - ci = true; + ci = false; cores = 4; nets = { retiolum = { @@ -266,7 +266,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnjfceKuHNQu7S4eYFN1FqgzMqiL7haNZMh2ZLhvuhK root@xu"; }; zu = { - ci = true; + ci = false; cores = 4; nets = { retiolum = { -- cgit v1.2.3 From d20202b604371044a0ac2531462d0d3770e47c10 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 17 Nov 2020 20:10:21 +0100 Subject: Revert "tv: disable ci for all systems" This reverts commit 2fce838d369dfe4dfffc19830272daaba95e2dea. --- krebs/3modules/tv/default.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 756caa03e..6a09cc834 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -32,7 +32,7 @@ in { }; hosts = mapAttrs hostDefaults { alnus = { - ci = false; + ci = true; cores = 2; nets = { retiolum = { @@ -56,7 +56,7 @@ in { ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q=="; }; au = { - ci = false; + ci = true; cores = 4; nets = { retiolum = { @@ -83,7 +83,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au"; }; mu = { - ci = false; + ci = true; cores = 2; nets = { retiolum = { @@ -155,7 +155,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; }; nomic = { - ci = false; + ci = true; cores = 2; nets = { retiolum = { @@ -181,7 +181,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIHmwXHV7E9UGuk4voVCADjlLkyygqNw054jvrsPn5t root@nomic"; }; wu = { - ci = false; + ci = true; cores = 4; nets = { retiolum = { @@ -207,7 +207,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa"; }; querel = { - ci = false; + ci = true; cores = 2; nets = { retiolum = { @@ -239,7 +239,7 @@ in { binary-cache = { pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s="; }; - ci = false; + ci = true; cores = 4; nets = { retiolum = { @@ -266,7 +266,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnjfceKuHNQu7S4eYFN1FqgzMqiL7haNZMh2ZLhvuhK root@xu"; }; zu = { - ci = false; + ci = true; cores = 4; nets = { retiolum = { -- cgit v1.2.3 From e509e9fb80f2d62667be23b21e002e658ae38dda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 10 Nov 2020 21:25:58 +0100 Subject: mic92: add loki.r alias to rock.r --- krebs/3modules/external/mic92.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 39d738337..433ed6a3d 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -347,7 +347,10 @@ in { nets = { retiolum = { ip4.addr = "10.243.29.171"; - aliases = [ "rock.r" ]; + aliases = [ + "rock.r" + "loki.r" + ]; tinc.pubkey = '' -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0uhNk3XXVxQcIVhD1Ime -- cgit v1.2.3 From c334743d6f3d4618025e100f336ece3ef5dc549d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 19 Nov 2020 23:27:20 +0100 Subject: mic92: add bernie --- krebs/3modules/external/mic92.nix | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 433ed6a3d..57a9cc63b 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -511,5 +511,33 @@ in { }; }; }; + bernie = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.doctor.nets.retiolum.ip4.addr + config.krebs.hosts.doctor.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.169"; + aliases = [ "bernie.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEApH5nG/Lwe/LiBkdL38vk1QcjOG/kf8dUqifouB56OQqe+MXASTSM + vhipszZqXVGgWRVrSH3WSZt0YAXTQQGEjtnAr6fSSnUek21omRGFgr47LiGJp9R8 + OuhGPQs1sykIyl3HNSvDxj2EfWrXO73bKQPYdGIlfJWmsL69akWGlyYdEK1kloLC + ld5+eYICjiTtqAQ8snZQNaPIucW4cGOa0sATUP4H1jbDWtFCKE2/mR/gGo/W/opC + oOcJM7d5mb63blWVp9Zji/Gb64QltR50N3qvwc6W5ANHXIV97jYcNhSGqTsV0CEd + n0cqUqymh2e8fJdmbB4DvwqhWITn6nwuFOWoVCSFMmbiidyTm3RAH9ztZARzsQRL + Nj8OmeAr+plrzNH7AJpSkz30zukawCnbt+qWjqXLULH4kxJfOwzVh+KDfLzy7iLe + OWWrblgJZA2GHKzCC5zntNujW6Nr2AliSY2Hch2XfkLTWeNtclKIEXMkRxif5oxm + XpEJJ3lqdXz9/e37R/mkWVrdhpVfll2/v5c/PlnKMzky2mgkGpzegO0IiQcdJjrl + fuXAsh5UbnE5kt6vKL5aducScatyd5FRkNumKG5ji26eZR4lZmXn380JLDInV4n7 + SODZL2fQFBnSD1wTWcq9Q/luPh4FitzJUZzHexvNxR/KBZycZJtdVw8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; } -- cgit v1.2.3 From d9dfd892bfd410afad5722363c9f297ad4075175 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 19 Nov 2020 23:36:52 +0100 Subject: mic92: improve tinc cross-compiling --- krebs/3modules/tinc.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 0f5e1aa83..4252c8d3b 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -112,13 +112,15 @@ let hostsArchive = mkOption { type = types.package; - default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} '' + default = pkgs.runCommand "retiolum-hosts.tar.bz2" { + nativeBuildInputs = [ pkgs.gnutar pkgs.coreutils ]; + } '' cp \ --no-preserve=mode \ --recursive \ ${tinc.config.hostsPackage} \ hosts - ${pkgs.gnutar}/bin/tar -cjf $out hosts + tar -cjf $out hosts ''; readOnly = true; }; -- cgit v1.2.3 From 9ebbea467b2e8c022f694721bda3bfa2a0794cb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 19 Nov 2020 23:27:20 +0100 Subject: mic92: fix bernie tinc address --- krebs/3modules/external/mic92.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 57a9cc63b..269c540bf 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -516,8 +516,8 @@ in { nets = rec { retiolum = { addrs = [ - config.krebs.hosts.doctor.nets.retiolum.ip4.addr - config.krebs.hosts.doctor.nets.retiolum.ip6.addr + config.krebs.hosts.bernie.nets.retiolum.ip4.addr + config.krebs.hosts.bernie.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.169"; aliases = [ "bernie.r" ]; -- cgit v1.2.3 From 636d1eb762aae20e1da580d6f37460aa25391f45 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 23 Nov 2020 11:32:23 +0100 Subject: l: init styx.r --- krebs/3modules/lass/default.nix | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index d2a945284..3466ef8eb 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -645,6 +645,45 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPARXXe0HaP1r0pLqtInhnbYSZsP0g4VC6aaWP7qi5+w"; syncthing.id = "J6PHKTS-2JG5NOL-H5ZWOF6-6L6ENA7-L4RO6DV-BQHU7YL-CHOLDCC-S5YX3AC"; }; + styx = { + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.11.1"; + ip6.addr = r6 "111"; + aliases = [ + "styx.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuMJFklzpbxoDGD8LQ3tn + ETYrLu/TJjq5iSQx/JbbonJriMS3X/0+m8JREzeol67svQDuZEXTEg5EfEldxrrU + aZpNmTSmFbj2NLLCIfNBL/oLOvg9ElzhN+f+4jvakfEKi7Y7LekV25VVGrHbOEVE + 3G6XWfHx5qO5Vd6kqNWQKD3LG38aZ/Lx9XYDMbujYxPGCtOsabtAz8BKo/RgOZzi + 6A/54RFhdecJm0VoQk3iKpp2YqyCN6dLfJVLil4cREs4sW6nDyF4Y4l3dtZdfskq + m/MoZt6fwOjNIKuI9DGdU4/X1hQelnemstzxY5x1XwG52cz+ww0h7pMF2aggsHqn + Vmaq3b0fXrbn066Ybkbhz3UEIU9zKQGYaANGCnXxbvkd5lWbIN60GEXGE3zYJSAt + EH3FLDTGa27fTNgAnbdnSV40KWKN4FM0iY/xrt3aOXfneTP9S2fqzTVEL9vd04C/ + 7RWvRjvZ7mlAi+kVKSHkOibFVjeo+Z4Pvw5YxCAavrjXCiWj8zP8o3MNWcq/bMao + Uk9zBMXymm8zX43w5LNnhf59oitBjiY/mzZ3NDI9N3szMvJsaUEnhO4Kq1CWtMs2 + 6/TpEyRSmen1UmNwgKKFx3rELuctwMmNbOLL8cGLotEBhIk7vnZKD7NvLVX7xtOF + wzhy2N6a3ypB4XqM7dBzzAUCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + wiregrill = { + ip6.addr = w6 "111"; + aliases = [ + "styx.w" + ]; + wireguard.pubkey = '' + 0BZfd8f0pZMRfyoHrdYZY0cR5zfFvJcS8gQLn6xGuFs= + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU "; + }; }; users = rec { lass = lass-blue; -- cgit v1.2.3 From 6236a97876597e9689ab3ea6436c42d3da04368d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 23 Nov 2020 16:55:28 +0100 Subject: add alertmanager.r --- krebs/3modules/external/mic92.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 269c540bf..29d0b27fa 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -468,6 +468,7 @@ in { aliases = [ "eva.r" "prometheus.r" + "alertmanager.r" ]; tinc.pubkey = '' -----BEGIN PUBLIC KEY----- -- cgit v1.2.3 From ff1d896c8d436cdc83f60f7df7203f38f03fceac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 24 Nov 2020 10:25:37 +0100 Subject: mic92: add shannan --- krebs/3modules/external/default.nix | 4 ++++ krebs/3modules/external/ssh/shannan.pub | 1 + 2 files changed, 5 insertions(+) create mode 100644 krebs/3modules/external/ssh/shannan.pub (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index d14526703..277169e11 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -608,6 +608,10 @@ in { mail = "joerg@thalheim.io"; pubkey = ssh-for "mic92"; }; + shannan = { + mail = "shannan@lekwati.com"; + pubkey = ssh-for "shannan"; + }; qubasa = { mail = "luis.nixos@gmail.com"; pubkey = ssh-for "qubasa"; diff --git a/krebs/3modules/external/ssh/shannan.pub b/krebs/3modules/external/ssh/shannan.pub new file mode 100644 index 000000000..ed89d702a --- /dev/null +++ b/krebs/3modules/external/ssh/shannan.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBXTForyB6oNMK5bbGpALKU4lPsKRGxNLhrE/PnHHq7 shannan@bernie -- cgit v1.2.3