diff options
Diffstat (limited to 'kartei/krebs/default.nix')
| -rw-r--r-- | kartei/krebs/default.nix | 85 |
1 files changed, 34 insertions, 51 deletions
diff --git a/kartei/krebs/default.nix b/kartei/krebs/default.nix index 6da73ff8..7e3f1b54 100644 --- a/kartei/krebs/default.nix +++ b/kartei/krebs/default.nix @@ -1,11 +1,12 @@ -with import ../../lib; -{ config, ... }: let +{ config, lib, ... }: let + inherit (lib) flip genAttrs mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ owner = config.krebs.users.krebs; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "krebs" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "krebs" { inherit hostName; }).address; }); testHosts = genAttrs [ @@ -15,7 +16,6 @@ with import ../../lib; "test-all-krebs-modules" ] (name: { inherit name; - cores = 1; nets = { retiolum = { ip4.addr = "10.243.73.57"; @@ -36,7 +36,6 @@ in { hosts = mapAttrs hostDefaults ({ filebitch = { ci = true; - cores = 4; nets = { shack = { ip4 = { @@ -52,18 +51,22 @@ in { aliases = [ "filebitch.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA8ZSLsOlPy9Vd8XdEcIoP8H3rztsbB0McTYPGhUaZ6/aqcD/MBSQa - FT9NZS0+N0Pev7y90As6Rj5Wrom92xlThcFPaX0Dzmzz+7363M4qtlrtmmWkx2FX - VDrPOYbe4hGGOCsPNOTNJkcW4zs2Ym5YKbZeXHfnuqCW+yuhKBCgO9slc740jkHZ - 5xuv5zbU3ZMRk1H8xi4+cQcHqh+1PY75lJxVSNvrbe5pvGxm9yVdp235b49ohDRU - UfUjXmymPlnfJgTOMxmHwl+UmwYR4Yw2CZKXTjbJe5HjbykleTwUb1qyijM8suJf - eXRyma8VGILcY6K/HmE4nz7ESAlI1c+QlwIDAQAB + MIICCgKCAgEA8S3eYZB/z1oT8SlSeHXdHVlSZE1Z15KA2Icd/qLnopqIj9qi8rGa + TVptxNPAnI6ohLw3MnFix2fZCizHremrIV5lObSB/hYfqJZq73/Og3zb7GO25cl+ + bb/ApgmTHKjrI0xJPnRxC4Wl0KawEFfX+J3pS0ty9JHN7VNHfPzCnd3NO/LplY+9 + hxsV6Oegt4+X4onv7/5xjd/PYe7CsA3BvKGqtLwznEg/fZdm/e2UJv2U/ddk2MUU + JwDpQ3n4WYSv4ltY6TcTP1CiFHNOzaPV4AxUROimvI8natuTC+Yapv/J5DDowatX + Fo51GXXptTr3lASHNfonWDBTmhkELp3uS48MYO6z/fxLNqS4Un7q845sEN4GQQXL + StdUQEDp7+ycui2zHG7GHfbGqK5qZ1/hVU8sofnlfIGlfgwcMN4NHjhS5GifQGPC + Fuwx5e/r06HI9FaC5BM6muouaFiGWkK2Xb/coSZb7eoXffVIyiX1didrlwCYzI5b + K/KMQRsJu1mhAjUrlxxvtW5Y2yj+kP70Kz9FaPAIlWirMK+EQFCToK63CbCO5X2y + 5Pxkomg/KCeZ9grBSugnI2i6WqYeyOTGHM45VugxhU39mgBxzcIVjDy+UKVh/ILS + 3IYJVNzCFcbDueHp+G56ClCT1HYYPuAieFhawzwAQ7jUN3mhvdOr5fUCAwEAAQ== -----END RSA PUBLIC KEY----- - Ed25519PublicKey = NPjEmo1dkxNS2Xm7qUyWhLKdFYF4MnhIM79NPQELWHC ''; + tinc.pubkey_ed25519 = "D5TYSZW9OAkdnvQ/NL98UgheRC2Zg4SMNZ8M4/KwdeL"; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKRpjW68lSlTL8jBQcXKOTdGa+olQw5ghaU5df2yAE64"; }; hotdog = { @@ -74,6 +77,7 @@ in { aliases = [ "hotdog.r" "agenda.r" + "bedge.r" "kri.r" "build.r" "build.hotdog.r" @@ -83,7 +87,6 @@ in { "irc.r" "wiki.r" ]; - tinc.port = 0; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAs9+Au3oj29C5ol/YnkG9GjfCH5z53wxjH2iy8UPike8C7GASZKqc @@ -97,7 +100,6 @@ in { tinc.pubkey_ed25519 = "ugy/sGReVro3YzjDuroV/5hdeBdqD18no9dMhTy9DYL"; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; }; news = { @@ -111,7 +113,6 @@ in { "go.r" "rss.r" ]; - tinc.port = 0; tinc.pubkey = '' -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc @@ -130,11 +131,9 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo "; }; onebutton = { - cores = 1; nets = { retiolum = { ip4.addr = "10.243.0.101"; @@ -159,17 +158,30 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe "; }; ponte = { - cores = 1; owner = config.krebs.users.krebs; + extraZones = { + "krebsco.de" = /* bindzone */ '' + @ IN A ${config.krebs.hosts.ponte.nets.internet.ip4.addr} + ns1 IN A ${config.krebs.hosts.ponte.nets.internet.ip4.addr} + ''; + }; nets = rec { internet = { - ip4 = { + ip4 = rec { addr = "141.147.36.79"; - prefix = "0.0.0.0/0"; + prefix = "${addr}/32"; + }; + aliases = [ + "ponte.i" + ]; + }; + intranet = { + ip4 = rec { + addr = "10.0.0.234"; + prefix = "${addr}/24"; }; }; retiolum = { @@ -199,12 +211,10 @@ in { }; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEw9fo8Qtb/DTLacdrJP7Ti7c4UXTm6wUUX+iRFweEo "; }; puyak = { ci = true; - cores = 4; nets = { retiolum = { ip4.addr = "10.243.77.2"; @@ -213,7 +223,6 @@ in { "build.puyak.r" "cgit.puyak.r" ]; - tinc.port = 0; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAwwDvaVKSJmAi1fpbsmjLz1DQVTgqnx56GkHKbz5sHwAfPVQej955 @@ -226,34 +235,9 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY"; syncthing.id = "DK5CEE2-PNUXYCE-Q42H2HP-623GART-B7KS4VK-HU2RBGQ-EK6QPUP-HUL3PAR"; }; - arcadeomat = { - ci = true; - nets = { - retiolum = { - ip4.addr = "10.243.77.67"; - aliases = [ - "arcadeomat.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAzpXyEATt8+ElxPq650/fkboEC9RvTWqN6UIAl/R4Zu+uDhAZ2ekb - HBjoSbRxu/0w2I37nwWUhEOemxGm4PXCgWrtO0jeRF4nVNYu3ZBppA3vuVALUWq7 - apxRUEL9FdsWQlXGo4PVd20dGaDTi8M/Ggo755MStVTY0rRLluxyPq6VAa015sNg - 4NOFuWm0NDn4e+qrahTCTiSjbCU8rWixm0GktV40kdg0QAiFbEcRhuXF1s9/yojk - 7JT/nFg6LELjWUSSNZnioj5oSfVbThDRelIld9VaAKBAZZ5/zy6T2XSeDfoepytH - 8aw6itEuTCy1M1DTiTG+12SPPw+ubG+NqQIDAQAB - -----END RSA PUBLIC KEY----- - Ed25519PublicKey = n/HMlgTTyLa0fcXqSBO/G6sVOUYh2yZ5PfU4vLI9CJO - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOu6EVN3928qWiWszqBUzOjeQJRvFozTBl4xAhBP/Ymc"; - }; wolf = { ci = true; nets = { @@ -288,7 +272,6 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR"; }; } // testHosts); |