diff options
| author | makefu <github@syntax-fehler.de> | 2018-12-19 14:10:21 +0100 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2018-12-19 14:10:21 +0100 |
| commit | b7529f97e118f1b4da91acae2c21a06eae6e5638 (patch) | |
| tree | b368295e641d65b7303cb987be85f80c3c62cd9b /krebs | |
| parent | 5299bd93a0240580bc1aec377436c44273f144e5 (diff) | |
| parent | dc79107558105a3b6afb558f194965fcb3867542 (diff) | |
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'krebs')
| -rw-r--r-- | krebs/3modules/external/default.nix | 28 | ||||
| -rw-r--r-- | krebs/3modules/lass/default.nix | 24 | ||||
| -rw-r--r-- | krebs/3modules/tv/default.nix | 33 | ||||
| -rw-r--r-- | krebs/3modules/tv/wiregrill/alnus.pub | 1 | ||||
| -rw-r--r-- | krebs/3modules/tv/wiregrill/mu.pub | 1 | ||||
| -rw-r--r-- | krebs/3modules/tv/wiregrill/ni.pub | 1 | ||||
| -rw-r--r-- | krebs/3modules/tv/wiregrill/nomic.pub | 1 | ||||
| -rw-r--r-- | krebs/3modules/tv/wiregrill/querel.pub | 1 | ||||
| -rw-r--r-- | krebs/3modules/tv/wiregrill/wu.pub | 1 | ||||
| -rw-r--r-- | krebs/3modules/tv/wiregrill/xu.pub | 1 | ||||
| -rw-r--r-- | krebs/3modules/tv/wiregrill/zu.pub | 1 |
11 files changed, 77 insertions, 16 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 02d28ddc8..39922e2ee 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -289,6 +289,31 @@ in { }; }; }; + qubasa = { + owner = config.krebs.users.qubasa; + nets = { + retiolum = { + ip4.addr = "10.243.29.175"; + aliases = [ "qubasa.r" ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ioASTOx6Vndp316u89Z + f+9WgfyVGw9deP2pQjoHnsPjBqRrsDCQGFO/U1ILQn0AWskQpHWHRir7Q6cI90jm + 8MqqGVymVFbeYbrOLHLjp+2fle9iU9DfST4O76TQwF/3elLf3tpGFS8EB+qF3Ig7 + aVOf5TuHPWWj6VtGTuWW9I8MsPnNykyRstlWXEztIs2zQrc0cO1IGd1QVarDGqTs + KR4Zm7PvF7U193NzPLaH6jcdjF37FETLrNxAu88M+YnvXBp4oRHeJmvBloazpH0v + aSb3+vNRlViMSlf9ImpAHlFRyvYYDAWlIY0nyeNUJna1ImGloSStLtBAhFAwc65j + kmrXeK3TVAoGZQOvSbjFmI/nBgfHEOnz/9aRVHGUNoQ/nAM6UhALFEZV6sdjX6W4 + 3p670DEO5fiI3fqqErkscbv8zSEjfmxV4YGMXVMw8Ub87fGwQEF17uDLeqD0k9AB + 7umwrWP53YffauAqinma0I6RcLRVRfJ2vhyBH1mKwAAW55WU6DpBTydy46kxy/Oz + k9Cnxw7oMydUAAdnf5Axgs+dcx43lnXvGsoHi4lZycYhqtPe2YI152HAbGfmrixV + Slzh8aiinBkLYW2VzJNTRmHvB3njjeua4/guXwe00G7MIs3UDMIieJNcVxb+E07v + vF2rqhqU9b+1MQRhIPsBf4cCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; }; users = { Mic92 = { @@ -301,6 +326,9 @@ in { }; sokratess = { }; + qubasa = { + mail = "luis.nixos@gmail.com"; + }; }; } diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 1eac198fa..9d1d56ad3 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -8,7 +8,7 @@ with import <stockholm/lib>; }; r6 = ip: (krebs.genipv6 "retiolum" "lass" ip).address; - w6 = ip: (krebs.genipv6 "wirelum" "lass" ip).address; + w6 = ip: (krebs.genipv6 "wiregrill" "lass" ip).address; in { dns.providers = { @@ -89,7 +89,7 @@ in { -----END RSA PUBLIC KEY----- ''; }; - wirelum = { + wiregrill = { via = internet; ip4.addr = "10.244.1.1"; ip6.addr = w6 "1"; @@ -98,7 +98,11 @@ in { ]; wireguard = { pubkey = "oKJotppdEJqQBjrqrommEUPw+VFryvEvNJr/WikXohk="; - subnets = [ "10.244.1.0/24" "42:1::/32" ]; + subnets = [ + "10.244.1.0/24" + (krebs.genipv6 "wiregrill" "external" 0).subnetCIDR + (krebs.genipv6 "wiregrill" "lass" 0).subnetCIDR + ]; }; }; }; @@ -191,7 +195,7 @@ in { -----END RSA PUBLIC KEY----- ''; }; - wirelum = { + wiregrill = { ip6.addr = w6 "dea7"; aliases = [ "mors.w" @@ -224,7 +228,7 @@ in { -----END RSA PUBLIC KEY----- ''; }; - wirelum = { + wiregrill = { ip6.addr = w6 "50da"; aliases = [ "shodan.w" @@ -257,7 +261,7 @@ in { -----END RSA PUBLIC KEY----- ''; }; - wirelum = { + wiregrill = { ip6.addr = w6 "1205"; aliases = [ "icarus.w" @@ -419,7 +423,7 @@ in { -----END PUBLIC KEY----- ''; }; - wirelum = { + wiregrill = { ip6.addr = w6 "3110"; aliases = [ "yellow.w" @@ -456,7 +460,7 @@ in { -----END PUBLIC KEY----- ''; }; - wirelum = { + wiregrill = { ip6.addr = w6 "b1ce"; aliases = [ "blue.w" @@ -469,7 +473,7 @@ in { }; phone = { nets = { - wirelum = { + wiregrill = { ip4.addr = "10.244.1.2"; ip6.addr = w6 "a"; aliases = [ @@ -506,7 +510,7 @@ in { -----END RSA PUBLIC KEY----- ''; }; - wirelum = { + wiregrill = { ip6.addr = w6 "012f"; aliases = [ "morpheus.w" diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 0683492bc..a20801b12 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -1,12 +1,30 @@ with import <stockholm/lib>; { config, ... }: let - hostDefaults = hostName: host: flip recursiveUpdate host ({ - owner = config.krebs.users.tv; - } // optionalAttrs (host.nets?retiolum) { - nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; - }); + hostDefaults = hostName: host: foldl' recursiveUpdate {} [ + { + owner = config.krebs.users.tv; + } + (optionalAttrs (host.nets?retiolum) { + nets.retiolum = { + ip6.addr = + (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; + }; + }) + (let + pubkey-path = ./wiregrill + "/${hostName}.pub"; + in optionalAttrs (pathExists pubkey-path) { + nets.wiregrill = { + aliases = [ + "${hostName}.w" + ]; + ip6.addr = + (krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address; + wireguard.pubkey = readFile pubkey-path; + }; + }) + host + ]; in { dns.providers = { @@ -103,6 +121,9 @@ in { -----END RSA PUBLIC KEY----- ''; }; + wiregrill.wireguard.subnets = [ + (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR + ]; }; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; }; diff --git a/krebs/3modules/tv/wiregrill/alnus.pub b/krebs/3modules/tv/wiregrill/alnus.pub new file mode 100644 index 000000000..de85e54da --- /dev/null +++ b/krebs/3modules/tv/wiregrill/alnus.pub @@ -0,0 +1 @@ +w7+6kMf1P3Ka0kXXY4CCbr80TrWPYpe/zd13yuvz9SE= diff --git a/krebs/3modules/tv/wiregrill/mu.pub b/krebs/3modules/tv/wiregrill/mu.pub new file mode 100644 index 000000000..18edc8986 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/mu.pub @@ -0,0 +1 @@ +4bboT+cZM1BYvNho9oKbO0MFnPFTvmASR+1IdV4/fwQ= diff --git a/krebs/3modules/tv/wiregrill/ni.pub b/krebs/3modules/tv/wiregrill/ni.pub new file mode 100644 index 000000000..257b29833 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/ni.pub @@ -0,0 +1 @@ +KiIiwkuin+E4FXqFajJjnoGKkHW3H3FzIx5EQrF1+lw= diff --git a/krebs/3modules/tv/wiregrill/nomic.pub b/krebs/3modules/tv/wiregrill/nomic.pub new file mode 100644 index 000000000..be9c94be6 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/nomic.pub @@ -0,0 +1 @@ +UgvgarDtuSvbciNx5SU2NDbctb9/OTQ9Kr8H/O3931A= diff --git a/krebs/3modules/tv/wiregrill/querel.pub b/krebs/3modules/tv/wiregrill/querel.pub new file mode 100644 index 000000000..2273cf99d --- /dev/null +++ b/krebs/3modules/tv/wiregrill/querel.pub @@ -0,0 +1 @@ +sxaqrsqcDgdM3+QH6mxzqDs3SLWgm7J8AytpIbRZ2n0= diff --git a/krebs/3modules/tv/wiregrill/wu.pub b/krebs/3modules/tv/wiregrill/wu.pub new file mode 100644 index 000000000..0d25d9de9 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/wu.pub @@ -0,0 +1 @@ +68bL6l3/sjbirva80tm0Dw6/PJu1S95nJC58gWCh42E= diff --git a/krebs/3modules/tv/wiregrill/xu.pub b/krebs/3modules/tv/wiregrill/xu.pub new file mode 100644 index 000000000..ba0c7dd04 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/xu.pub @@ -0,0 +1 @@ +XU76RFN0jG/YjffAPg3e3VuHF/iKMvVoRhHmixvLL1s= diff --git a/krebs/3modules/tv/wiregrill/zu.pub b/krebs/3modules/tv/wiregrill/zu.pub new file mode 100644 index 000000000..0238dd653 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/zu.pub @@ -0,0 +1 @@ +WrILdnsketejrJuYM/sLEh89GdSVbddv8BG/D3sW7kw= |