summaryrefslogtreecommitdiffstats
path: root/kartei
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2022-12-12 19:44:00 +0100
committermakefu <github@syntax-fehler.de>2022-12-12 19:44:00 +0100
commit6eb5e44b7e5bdc8b1b3b5ffe40c146841f7afd10 (patch)
treef706bf7c3c7a289f680ac329caa2b578e5145a56 /kartei
parent96e934dc8a353cff91ef824f6a125ed49996d058 (diff)
parent3884243448869bdf09f6434b385e532c7c26ae88 (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'kartei')
-rw-r--r--kartei/dbalan/default.nix50
-rw-r--r--kartei/default.nix18
-rw-r--r--kartei/jeschli/default.nix181
-rw-r--r--kartei/kmein/default.nix217
-rw-r--r--kartei/kmein/kmein.gpg30
-rw-r--r--kartei/kmein/ssh/kmein.kabsa.pub1
-rw-r--r--kartei/kmein/ssh/kmein.manakish.pub1
-rw-r--r--kartei/krebs/default.nix326
-rw-r--r--kartei/lass/default.nix933
-rw-r--r--kartei/lass/pgp/mors.pgp51
-rw-r--r--kartei/lass/pgp/yubikey.pgp157
-rw-r--r--kartei/lass/ssh/android.ed255191
-rw-r--r--kartei/lass/ssh/blue.rsa1
-rw-r--r--kartei/lass/ssh/green.ed255191
-rw-r--r--kartei/lass/ssh/mors.rsa1
-rw-r--r--kartei/lass/ssh/tablet.ed255191
-rw-r--r--kartei/lass/ssh/yubikey.rsa1
-rw-r--r--kartei/makefu/default.nix399
-rw-r--r--kartei/makefu/pgp/brain.asc51
-rw-r--r--kartei/makefu/pgp/default.asc64
-rw-r--r--kartei/makefu/retiolum/cake.pub8
-rw-r--r--kartei/makefu/retiolum/cake_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/crapi.pub8
-rw-r--r--kartei/makefu/retiolum/crapi_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/fileleech.pub8
-rw-r--r--kartei/makefu/retiolum/fileleech_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/filepimp.pub8
-rw-r--r--kartei/makefu/retiolum/filepimp_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/firecracker.pub14
-rw-r--r--kartei/makefu/retiolum/firecracker_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/flap.pub8
-rw-r--r--kartei/makefu/retiolum/flap_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/gum.pub8
-rw-r--r--kartei/makefu/retiolum/gum_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/latte.pub8
-rw-r--r--kartei/makefu/retiolum/latte_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/nukular.pub8
-rw-r--r--kartei/makefu/retiolum/nukular_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/omo.pub8
-rw-r--r--kartei/makefu/retiolum/omo_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/sdev.pub8
-rw-r--r--kartei/makefu/retiolum/sdev_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/senderechner.pub8
-rw-r--r--kartei/makefu/retiolum/senderechner_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/studio.pub8
-rw-r--r--kartei/makefu/retiolum/studio_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/tsp.pub13
-rw-r--r--kartei/makefu/retiolum/tsp_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/vbob.pub8
-rw-r--r--kartei/makefu/retiolum/vbob_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/wbob.pub8
-rw-r--r--kartei/makefu/retiolum/wbob_ed25519.pub1
-rw-r--r--kartei/makefu/retiolum/x.pub8
-rw-r--r--kartei/makefu/retiolum/x_ed25519.pub1
-rw-r--r--kartei/makefu/ssh/makefu.android.pub1
-rw-r--r--kartei/makefu/ssh/makefu.bob.pub1
-rw-r--r--kartei/makefu/ssh/makefu.omo.pub1
-rw-r--r--kartei/makefu/ssh/makefu.remote-builder.pub1
-rw-r--r--kartei/makefu/ssh/makefu.tempx.pub1
-rw-r--r--kartei/makefu/ssh/makefu.tsp.pub1
-rw-r--r--kartei/makefu/ssh/makefu.vbob.pub1
-rw-r--r--kartei/makefu/ssh/makefu.x.pub1
-rw-r--r--kartei/makefu/sshd/cake.pub1
-rw-r--r--kartei/makefu/sshd/crapi.pub1
-rw-r--r--kartei/makefu/sshd/fileleech.pub1
-rw-r--r--kartei/makefu/sshd/firecracker.pub1
-rw-r--r--kartei/makefu/sshd/gum.pub1
-rw-r--r--kartei/makefu/sshd/omo.pub1
-rw-r--r--kartei/makefu/sshd/sdev.pub1
-rw-r--r--kartei/makefu/sshd/studio.pub1
-rw-r--r--kartei/makefu/sshd/wbob.pub1
-rw-r--r--kartei/makefu/sshd/x.pub1
-rw-r--r--kartei/makefu/wiregrill/gum.pub1
-rw-r--r--kartei/makefu/wiregrill/rockit.pub1
-rw-r--r--kartei/makefu/wiregrill/shackdev.pub1
-rw-r--r--kartei/makefu/wiregrill/telex.pub1
-rw-r--r--kartei/makefu/wiregrill/x.pub1
-rw-r--r--kartei/mic92/default.nix964
-rw-r--r--kartei/mic92/ssh/mic92.pub1
-rw-r--r--kartei/others/default.nix774
-rw-r--r--kartei/others/ssh/0x4A6F.pub1
-rw-r--r--kartei/others/ssh/exco.pub1
-rw-r--r--kartei/others/ssh/hase.pub1
-rw-r--r--kartei/others/ssh/neos.pub1
-rw-r--r--kartei/others/ssh/qubasa.pub1
-rw-r--r--kartei/others/ssh/raute.pub1
-rw-r--r--kartei/others/ssh/rtjure.pub1
-rw-r--r--kartei/others/ssh/shannan.pub1
-rw-r--r--kartei/others/ssh/ulrich.pub1
-rw-r--r--kartei/others/ssh/xkey.pub1
-rw-r--r--kartei/others/ssh/xq.pub1
-rw-r--r--kartei/others/tinc/hasegateway.pub13
-rw-r--r--kartei/others/tinc/horisa.pub8
-rw-r--r--kartei/others/tinc/justraute.pub14
-rw-r--r--kartei/others/tinc/tpsw.pub8
-rw-r--r--kartei/oxzi/default.nix62
-rw-r--r--kartei/palo/default.nix83
-rw-r--r--kartei/palo/retiolum.pub13
-rw-r--r--kartei/rtunreal/default.nix51
-rw-r--r--kartei/template/default.nix20
-rw-r--r--kartei/tv/default.nix405
-rw-r--r--kartei/tv/pgp/CBF89B0B.asc51
-rw-r--r--kartei/tv/wiregrill/alnus.pub1
-rw-r--r--kartei/tv/wiregrill/mu.pub1
-rw-r--r--kartei/tv/wiregrill/ni.pub1
-rw-r--r--kartei/tv/wiregrill/nomic.pub1
-rw-r--r--kartei/tv/wiregrill/querel.pub1
-rw-r--r--kartei/tv/wiregrill/umz.pub1
-rw-r--r--kartei/tv/wiregrill/wu.pub1
-rw-r--r--kartei/tv/wiregrill/xu.pub1
-rw-r--r--kartei/tv/wiregrill/zu.pub1
-rw-r--r--kartei/xkey/default.nix126
-rw-r--r--kartei/xkey/ssh/xkey.pub1
113 files changed, 5286 insertions, 0 deletions
diff --git a/kartei/dbalan/default.nix b/kartei/dbalan/default.nix
new file mode 100644
index 000000000..fadf187db
--- /dev/null
+++ b/kartei/dbalan/default.nix
@@ -0,0 +1,50 @@
+with import ../../lib;
+{ config, ... }:
+let
+ hostDefaults = hostName: host: flip recursiveUpdate host ({
+ ci = false;
+ external = true;
+ monitoring = false;
+ owner = config.krebs.users.dbalan;
+ } // optionalAttrs (host.nets?retiolum) {
+ nets.retiolum = {
+ ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ };
+ } // optionalAttrs (host.nets?wiregrill) {
+ nets.wiregrill = {
+ ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ };
+ });
+in
+{
+ users = rec {
+ dbalan = {
+ mail = "dbalan@thaum.space";
+ pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
+ };
+ };
+ hosts = mapAttrs hostDefaults {
+ v60 = {
+ nets.retiolum = {
+ aliases = [ "v60.dbalan.r" ];
+ ip4.addr = "10.243.42.12";
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
+ RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
+ 1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
+ uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
+ p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
+ bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
+ I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
+ mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
+ OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
+ AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
+ 9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
+ };
+ };
+ };
+}
diff --git a/kartei/default.nix b/kartei/default.nix
new file mode 100644
index 000000000..6024e2351
--- /dev/null
+++ b/kartei/default.nix
@@ -0,0 +1,18 @@
+{ config, lib, ... }: let
+ removeTemplate =
+ # TODO don't remove during CI
+ lib.flip builtins.removeAttrs ["template"];
+in {
+ config =
+ lib.mkMerge
+ (lib.mapAttrsToList
+ (name: _type: let
+ path = ./. + "/${name}";
+ in {
+ krebs = import path { inherit config; };
+ })
+ (removeTemplate
+ (lib.filterAttrs
+ (_name: type: type == "directory")
+ (builtins.readDir ./.))));
+}
diff --git a/kartei/jeschli/default.nix b/kartei/jeschli/default.nix
new file mode 100644
index 000000000..fe12c16a4
--- /dev/null
+++ b/kartei/jeschli/default.nix
@@ -0,0 +1,181 @@
+with import ../../lib;
+{ config, ... }: let
+
+ hostDefaults = hostName: host: flip recursiveUpdate host ({
+ ci = true;
+ owner = config.krebs.users.jeschli;
+ } // optionalAttrs (host.nets?retiolum) {
+ nets.retiolum.ip6.addr =
+ (krebs.genipv6 "retiolum" "jeschli" { inherit hostName; }).address;
+ });
+
+in {
+ hosts = mapAttrs hostDefaults {
+ brauerei = {
+ ci = false;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.27.29";
+ aliases = [
+ "brauerei.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIECgKCBAEAvC4AjkAoH01sKDXE3xVM2YUpPQ9iewIPQCCCSWYZQh2BWOfl+FFs
+ pW3ix5FjAzTxzkIf5NxW0usff8UTkFHB+sGZLZ9DPqvb8AM4GJsvXR06LORHtBlo
+ Vt/g1sndD3i3NXn5IJ2G4mZDImQjI3vuTkPyFQsR5LRAaPQgIORHBtN/X1UEVMRq
+ gThUeMb1kZ/y4AmUx0pepQYmAcYf0cN/7r9n68dWJCZ7DWX3q49bIz4TPG519IQp
+ KzoCtdXImKl6cFDepa2pRmIW4SPaDXztHDmXoJA1NBfdDOMOW67FUjzhcwZS9usM
+ q9x/1Tph63PJy4Vc0jsJnY29WrInx/nVAb22QuTOXQ9SfBNoOATYoFoVmY+yw1FX
+ 67y3bRbq8lQk1y3F2vZVYxQ52WiYLmtNtuzUMZHErL7VgFIEfQKoO2Oa/WZXdgSJ
+ Asmn67NSicc5QNI4rBUthju1JDuM/3ja0yCXh7trDCmPxKd94KzxMlq9VA6S2f/Q
+ uke3VnXEDqOWOZdcon5DnRTT1y4xjk1XHuO/9tVDcrL7x1unkdGL9BNMU6opJiLm
+ batAtKQ/7EJrlgIxYpEQyCNAjj0dEn0BgNZNqQSKkeGe6giVMuHtnXeTYMEraDas
+ DWxHmGOvYWrs3tZdELkB/h/y7DdijOabS4AlLOljKHiacw8e0D7p9qeIU2EwRaXD
+ ebPYaAIIWn1FU1aCYpvF4YJYbdNJZg6aKpoWNz86ZjO9t3GBkf612xB7fRO9mbTg
+ Ww2Hl6lir0rnlo7P9M1xhQqmZ0phaUjkqYRCaTOW1kC5ACpJJ/Jrq0oyplHVBY8Y
+ IvzPDA4nu/YOpyhQjlQwcVt62NgW0CZdwp3ZnMMoy7akgEo71bjoHbRxAeWy5oRB
+ 5CgGvQAB+qdf97XjZ5RggWQ2rglkCn49X4fXN6r4zuaIji1VVFTEZGRNsi0vt1YC
+ Eedz68auu1ZDO1qwNcX00n94E09B05DQBjE/6SAX6wBCY/BwUtzdQ9JnyfHNSl8i
+ dmHBPLssB9Dku4U0mo+LLer+bf6fiR7r5gp/KRuY/tMGFahprZRfWFtyO2Pg1cYI
+ HCdmDmSlbFq3EJmBl0egbU8Ym1m6t4EvPcoTxwy3ljZWybHlhm4wvhGcA/2bDRZA
+ jcXSL3G7buBOf8WJNYnMXCtPEyIYUdRyNvz3EUfvmbzZDhHd/bc0pJRrrtI7HqoF
+ +g67gCrtXx6i9PD0LSDJ1jExMZcmU1+DPg0dzDEmLHvW+HW538/HXGJ8FsunWBwD
+ /8wsQfoqAwlBSucLHDDrYVvfSp0+TLzg/HDMhNkcN7d5hm3syrI+IN4gEEjYeZIO
+ g7fjR1X7g5FGCDQnRA/dzNsZVnk6UFpCRwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+ enklave = {
+ ci = false;
+ nets = rec {
+ internet = {
+ ip4.addr = "88.198.164.182";
+ aliases = [
+ "enklave.i"
+ ];
+ };
+ retiolum = {
+ via = internet;
+ ip4.addr = "10.243.27.30";
+ aliases = [