From d6aee94277e4329db12d0dfd78fbd6ab58fdeab7 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 26 Aug 2017 17:18:58 +0200
Subject: init hope.r

---
 krebs/1systems/hope/config.nix   | 41 ++++++++++++++++++++++++++++++++++++++++
 krebs/1systems/hope/source.nix   |  3 +++
 krebs/3modules/krebs/default.nix | 32 +++++++++++++++++++++++++++++++
 3 files changed, 76 insertions(+)
 create mode 100644 krebs/1systems/hope/config.nix
 create mode 100644 krebs/1systems/hope/source.nix

diff --git a/krebs/1systems/hope/config.nix b/krebs/1systems/hope/config.nix
new file mode 100644
index 00000000..c19b210c
--- /dev/null
+++ b/krebs/1systems/hope/config.nix
@@ -0,0 +1,41 @@
+with import <stockholm/lib>;
+{ config, pkgs, ... }: let
+
+  ip = config.krebs.build.host.nets.internet.ip4.addr;
+  bestGuessGateway = addr: elemAt (match "(.*)(\.[^.])" addr) 0 + ".1";
+
+in {
+  imports = [
+    <stockholm/krebs>
+    <stockholm/krebs/2configs>
+    <stockholm/krebs/2configs/os-templates/CAC-CentOS-7-64bit.nix>
+
+    <stockholm/krebs/2configs/secret-passwords.nix>
+    {
+      users.extraUsers = {
+        satan = {
+          name = "satan";
+          uid = 1338;
+          home = "/home/satan";
+          group = "users";
+          createHome = true;
+          useDefaultShell = true;
+          initialPassword = "test";
+        };
+      };
+    }
+  ];
+
+  krebs.build.host = config.krebs.hosts.hope;
+
+  networking = let
+    address = config.krebs.build.host.nets.internet.ip4.addr;
+  in {
+    defaultGateway = bestGuessGateway address;
+    interfaces.enp2s1.ip4 = singleton {
+      inherit address;
+      prefixLength = 24;
+    };
+    nameservers = ["8.8.8.8"];
+  };
+}
diff --git a/krebs/1systems/hope/source.nix b/krebs/1systems/hope/source.nix
new file mode 100644
index 00000000..7121d1d9
--- /dev/null
+++ b/krebs/1systems/hope/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+  name = "hope";
+}
diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix
index 27fbb708..9cd10317 100644
--- a/krebs/3modules/krebs/default.nix
+++ b/krebs/3modules/krebs/default.nix
@@ -30,6 +30,38 @@ let
   });
 in {
   hosts = {
+    hope = {
+      owner = config.krebs.users.krebs;
+      managed = true;
+      nets = {
+        internet = {
+          ip4.addr = "45.62.225.18";
+          aliases = [
+            "hope.i"
+          ];
+          ssh.port = 45621;
+        };
+        retiolum = {
+          ip4.addr = "10.243.77.4";
+          ip6.addr = "42:0:0:0:0:0:77:4";
+          aliases = [
+            "hope.r"
+          ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEAsQVWCoNZZd77tYw1qEDlUsfcF0ld+jVorq2uR5il1D8sqER644l5
+            uaWxPQjSl27xdq5kvzIH24Ab6/xF2EDgE2fUTwpO5coBYafeiGyi5AwURQmYMp2a
+            2CV7uUAagFQaSzD0Aj796r1BXPn1IeE+uRSBmmc/+/7L0hweRGLiha34NOMZkq+4
+            A0pwI/CjnyRXdV4AqfORHXkelykJPATm+m3bC+KYogPBeNMP2AV2aYgY8a0UJPMK
+            fjAJCzxYJjiYxm8faJlm2U1bWytZODQa8pRZOrYQa4he2UoU6x78CNcrQkYLPOFC
+            K2Q7+B5WJNKV6CqYztXuU/6LTHJRmV0FiwIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+      ssh.privkey.path = <secrets/ssh.id_ed25519>;
+      ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdLHRI29xJj1jmfSidE2Dh7EsDNszm+WH3Kj4zYBkP/";
+    };
     hotdog = {
       owner = config.krebs.users.krebs;
       managed = true;
-- 
cgit v1.2.3