diff options
| author | tv <tv@krebsco.de> | 2019-01-21 10:09:16 +0100 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2019-01-21 10:09:46 +0100 |
| commit | 9f2a6465666ee7a69d9261beee0e5ab3cd133933 (patch) | |
| tree | 944bb2f7ad3a16e86ecec06718a402a5a54da79e | |
| parent | c4be6cf076a9af9fc435992bcb2e42337fa7776e (diff) | |
krebs: move github known hosts to dedicated file
| -rw-r--r-- | krebs/3modules/default.nix | 26 | ||||
| -rw-r--r-- | krebs/3modules/github-known-hosts.nix | 40 |
2 files changed, 41 insertions, 25 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 2e7c61fb..0b785c0c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -23,6 +23,7 @@ let ./exim-smarthost.nix ./fetchWallpaper.nix ./github-hosts-sync.nix + ./github-known-hosts.nix ./git.nix ./go.nix ./hidden-ssh.nix @@ -238,31 +239,6 @@ let }; }) // - { - github = { - hostNames = [ - "github.com" - # List generated with - # curl -sS https://api.github.com/meta | jq -r .git[] | cidr2glob - "192.30.252.*" - "192.30.253.*" - "192.30.254.*" - "192.30.255.*" - "185.199.108.*" - "185.199.109.*" - "185.199.110.*" - "185.199.111.*" - "13.229.188.59" - "13.250.177.223" - "18.194.104.89" - "18.195.85.27" - "35.159.8.160" - "52.74.223.119" - ]; - publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="; - }; - } - // mapAttrs (name: host: { hostNames = diff --git a/krebs/3modules/github-known-hosts.nix b/krebs/3modules/github-known-hosts.nix new file mode 100644 index 00000000..def06f17 --- /dev/null +++ b/krebs/3modules/github-known-hosts.nix @@ -0,0 +1,40 @@ +{ + services.openssh.knownHosts.github = { + hostNames = [ + "github.com" + # List generated with + # curl -sS https://api.github.com/meta | jq -r .git[] | nix-shell -p cidr2glob --run cidr2glob | jq -R . + "192.30.252.*" + "192.30.253.*" + "192.30.254.*" + "192.30.255.*" + "185.199.108.*" + "185.199.109.*" + "185.199.110.*" + "185.199.111.*" + "140.82.112.*" + "140.82.113.*" + "140.82.114.*" + "140.82.115.*" + "140.82.116.*" + "140.82.117.*" + "140.82.118.*" + "140.82.119.*" + "140.82.120.*" + "140.82.121.*" + "140.82.122.*" + "140.82.123.*" + "140.82.124.*" + "140.82.125.*" + "140.82.126.*" + "140.82.127.*" + "13.229.188.59" + "13.250.177.223" + "18.194.104.89" + "18.195.85.27" + "35.159.8.160" + "52.74.223.119" + ]; + publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="; + }; +} |