From 401d80610243f1eac1fcb123f51ce3ea6e2280da Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Jun 2016 19:21:11 +0200 Subject: l 2: rename cbase to c-base --- lass/1systems/mors.nix | 3 +- lass/2configs/c-base.nix | 93 ++++++++++++++++++++++++++++++++++++++++++++++++ lass/2configs/cbase.nix | 93 ------------------------------------------------ 3 files changed, 94 insertions(+), 95 deletions(-) create mode 100644 lass/2configs/c-base.nix delete mode 100644 lass/2configs/cbase.nix (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index beb5659d0..062e4c29d 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -26,11 +26,10 @@ ../2configs/teamviewer.nix ../2configs/libvirt.nix ../2configs/fetchWallpaper.nix - ../2configs/cbase.nix + ../2configs/c-base.nix ../2configs/mail.nix ../2configs/krebs-pass.nix ../2configs/umts.nix - #../2configs/buildbot-standalone.nix { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ diff --git a/lass/2configs/c-base.nix b/lass/2configs/c-base.nix new file mode 100644 index 000000000..9d13bc30d --- /dev/null +++ b/lass/2configs/c-base.nix @@ -0,0 +1,93 @@ +{ config, lib, pkgs, ... }: + +let + inherit (config.krebs.lib) genid; + +in { + + users.extraUsers = { + cbasevpn = rec { + name = "cbasevpn"; + uid = genid "cbasevpn"; + description = "user for running c-base openvpn"; + home = "/home/${name}"; + }; + }; + + users.extraGroups.cbasevpn.gid = genid "cbasevpn"; + + services.openvpn.servers = { + c-base = { + config = '' + client + dev tap + proto tcp + remote vpn.ext.c-base.org 1194 + resolv-retry infinite + nobind + user cbasevpn + group cbasevpn + persist-key + persist-tun + + auth-nocache + #auth-user-pass + auth-user-pass ${toString } + + comp-lzo + verb 3 + + #script-security 2 + #up /etc/openvpn/update-resolv-conf + #down /etc/openvpn/update-resolv-conf + + + -----BEGIN CERTIFICATE----- + MIIDUjCCArugAwIBAgIJAOOk8EXgjsf5MA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNV + BAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZj + LWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJ + ARYQYWRtYXhAYy1iYXNlLm9yZzAeFw0wOTAyMTMwOTE1MzdaFw0xOTAyMTEwOTE1 + MzdaMHoxCzAJBgNVBAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGlu + MQ8wDQYDVQQKEwZjLWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEf + MB0GCSqGSIb3DQEJARYQYWRtYXhAYy1iYXNlLm9yZzCBnzANBgkqhkiG9w0BAQEF + AAOBjQAwgYkCgYEAt3wEgXbqFKxs8z/E4rv13hkRi6J+QdshNzntm7rTOmUsXKE7 + IEwoJSglrmsDPv4UqE86A7bjW7YYSFjhzxFRkTEHJanyOCF48ZPItVl7Eq7T81co + uR+6lAhxnLDrwnPJCC83NzAa6lw8U1DsQRDkayKlrQrtZq6++pFFEvZvt1cCAwEA + AaOB3zCB3DAdBgNVHQ4EFgQUqkSbdXS90+HtqXDeAI+PcyTSSHEwgawGA1UdIwSB + pDCBoYAUqkSbdXS90+HtqXDeAI+PcyTSSHGhfqR8MHoxCzAJBgNVBAYTAkRFMQsw + CQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZjLWJhc2UxGzAZ + BgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJARYQYWRtYXhA + Yy1iYXNlLm9yZ4IJAOOk8EXgjsf5MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF + BQADgYEAOBANG1H4uEEWk3sbeQoSMeA3LFG1+6MgFGk2WAdeHYuV9GKYBq6/PLP5 + ffw+FNkiDjLSeSQO88vHYJr2V1v8n/ZoCIT+1VBcDWXTpGz0YxDI1iBauO3tUPzK + wGs46RA/S0YwiZw64MaUHd88ZVadjKy9kNoO3w6/vpAS6s/Mh+o= + -----END CERTIFICATE----- + + key-direction 1 + + # + # 2048 bit OpenVPN static key + # + -----BEGIN OpenVPN Static key V1----- + 5d49aa8c9cec18de7ab6e0b5cd09a368 + d3f1b8b77e055e448804fa0e14f487cb + 491681742f96b54a23fb8639aa9ed14e + c40b86a5546b888c4f3873f23c956e87 + 169076ec869127ffc85353fd5928871c + da19776b79f723abb366fae6cdfe4ad6 + 7ef667b7d05a7b78dfd5ea1d2da276dc + 5f6c82313fe9c1178c7256b8d1d081b0 + 4c80bc8f21add61fbc52c158579edc1d + bbde230afb9d0e531624ce289a17098a + 3261f9144a9a2a6f0da4250c9eed4086 + 187ec6fa757a454de743a349e32af193 + e9f8b49b010014bdfb3240d992f2f234 + 581d0ce05d4e07a2b588ad9b0555b704 + 9d5edc28efde59226ec8942feed690a1 + 2acd0c8bc9424d6074d0d495391023b6 + -----END OpenVPN Static key V1----- + + ''; + }; + }; +} diff --git a/lass/2configs/cbase.nix b/lass/2configs/cbase.nix deleted file mode 100644 index 9d13bc30d..000000000 --- a/lass/2configs/cbase.nix +++ /dev/null @@ -1,93 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (config.krebs.lib) genid; - -in { - - users.extraUsers = { - cbasevpn = rec { - name = "cbasevpn"; - uid = genid "cbasevpn"; - description = "user for running c-base openvpn"; - home = "/home/${name}"; - }; - }; - - users.extraGroups.cbasevpn.gid = genid "cbasevpn"; - - services.openvpn.servers = { - c-base = { - config = '' - client - dev tap - proto tcp - remote vpn.ext.c-base.org 1194 - resolv-retry infinite - nobind - user cbasevpn - group cbasevpn - persist-key - persist-tun - - auth-nocache - #auth-user-pass - auth-user-pass ${toString } - - comp-lzo - verb 3 - - #script-security 2 - #up /etc/openvpn/update-resolv-conf - #down /etc/openvpn/update-resolv-conf - - - -----BEGIN CERTIFICATE----- - MIIDUjCCArugAwIBAgIJAOOk8EXgjsf5MA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNV - BAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZj - LWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJ - ARYQYWRtYXhAYy1iYXNlLm9yZzAeFw0wOTAyMTMwOTE1MzdaFw0xOTAyMTEwOTE1 - MzdaMHoxCzAJBgNVBAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGlu - MQ8wDQYDVQQKEwZjLWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEf - MB0GCSqGSIb3DQEJARYQYWRtYXhAYy1iYXNlLm9yZzCBnzANBgkqhkiG9w0BAQEF - AAOBjQAwgYkCgYEAt3wEgXbqFKxs8z/E4rv13hkRi6J+QdshNzntm7rTOmUsXKE7 - IEwoJSglrmsDPv4UqE86A7bjW7YYSFjhzxFRkTEHJanyOCF48ZPItVl7Eq7T81co - uR+6lAhxnLDrwnPJCC83NzAa6lw8U1DsQRDkayKlrQrtZq6++pFFEvZvt1cCAwEA - AaOB3zCB3DAdBgNVHQ4EFgQUqkSbdXS90+HtqXDeAI+PcyTSSHEwgawGA1UdIwSB - pDCBoYAUqkSbdXS90+HtqXDeAI+PcyTSSHGhfqR8MHoxCzAJBgNVBAYTAkRFMQsw - CQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZjLWJhc2UxGzAZ - BgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJARYQYWRtYXhA - Yy1iYXNlLm9yZ4IJAOOk8EXgjsf5MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF - BQADgYEAOBANG1H4uEEWk3sbeQoSMeA3LFG1+6MgFGk2WAdeHYuV9GKYBq6/PLP5 - ffw+FNkiDjLSeSQO88vHYJr2V1v8n/ZoCIT+1VBcDWXTpGz0YxDI1iBauO3tUPzK - wGs46RA/S0YwiZw64MaUHd88ZVadjKy9kNoO3w6/vpAS6s/Mh+o= - -----END CERTIFICATE----- - - key-direction 1 - - # - # 2048 bit OpenVPN static key - # - -----BEGIN OpenVPN Static key V1----- - 5d49aa8c9cec18de7ab6e0b5cd09a368 - d3f1b8b77e055e448804fa0e14f487cb - 491681742f96b54a23fb8639aa9ed14e - c40b86a5546b888c4f3873f23c956e87 - 169076ec869127ffc85353fd5928871c - da19776b79f723abb366fae6cdfe4ad6 - 7ef667b7d05a7b78dfd5ea1d2da276dc - 5f6c82313fe9c1178c7256b8d1d081b0 - 4c80bc8f21add61fbc52c158579edc1d - bbde230afb9d0e531624ce289a17098a - 3261f9144a9a2a6f0da4250c9eed4086 - 187ec6fa757a454de743a349e32af193 - e9f8b49b010014bdfb3240d992f2f234 - 581d0ce05d4e07a2b588ad9b0555b704 - 9d5edc28efde59226ec8942feed690a1 - 2acd0c8bc9424d6074d0d495391023b6 - -----END OpenVPN Static key V1----- - - ''; - }; - }; -} -- cgit v1.2.3