Merge remote-tracking branch 'lassul.us/master'

author: makefu <github@syntax-fehler.de> 2023-04-23 16:26:01 +0200
committer: makefu <github@syntax-fehler.de> 2023-04-23 16:26:01 +0200
commit: 60fb7a1aa12b1d18224babeaf5481e43663b65b8 (patch)
tree: 2054d6460bc1a4a35de4496c88d33644878757da /kartei
parent: d8de7ad7063d6a2028e8dc40771f89af216fbfaf (diff)
parent: 4bf2909be3afb5e834cacdb4d6f949e4dd78400e (diff)
6 files changed, 97 insertions, 9 deletions
diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix
index 33f7f9663..e98da7bc6 100644
--- a/kartei/feliks/default.nix
+++ b/kartei/feliks/default.nix
@@ -1,12 +1,16 @@
 with import ../../lib;
 { config, ... }: let
   hostDefaults = hostName: host: flip recursiveUpdate host ({
+    owner = config.krebs.users.feliks;
     ci = false;
     external = true;
     monitoring = false;
   } // optionalAttrs (host.nets?retiolum) {
     nets.retiolum.ip6.addr =
       (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+  } // optionalAttrs (host.nets?wiregrill) {
+    nets.wiregrill.ip6.addr =
+      (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
   });
 in {
   users.feliks = {
@@ -14,11 +18,10 @@ in {
   };
   hosts = mapAttrs hostDefaults {
     papawhakaaro = {
-      owner = config.krebs.users.feliks;
       nets = {
         retiolum = {
           ip4.addr = "10.243.10.243";
-          aliases = [ "papawhakaaro.r" ];
+          aliases = [ "papawhakaaro.r" "tp.feliks.r" ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----
             MIICCgKCAgEA4bd0lVUVlzFmM8TuH77C5VctcK4lkw02LbMVQDJ5U+Ww075nNahw
@@ -39,11 +42,10 @@ in {
       };
     };
     iti = {
-      owner = config.krebs.users.feliks;
       nets = {
         retiolum = {
           ip4.addr = "10.243.10.244";
-          aliases = [ "iti.r" ];
+          aliases = [ "iti.r" "ltd.feliks.r" ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----
             MIICCgKCAgEA5TXEmw3F3lCekITBPW8QYF1ciKHN8RSi47k1vW+jXb6gdWcVo5KL
@@ -64,11 +66,10 @@ in {
       };
     };
     tumaukainga = {
-      owner = config.krebs.users.feliks;
       nets = {
         retiolum = {
           ip4.addr = "10.243.10.245";
-          aliases = [ "tumaukainga.r" ];
+          aliases = [ "tumaukainga.r" "hs.feliks.r" ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----
             MIICCgKCAgEAj1q28QzUlag0i+2ZEpZyQEbrtuODj6pCCt2IX1Uz1B83outO2l/n
@@ -88,5 +89,12 @@ in {
         };
       };
     };
+    ahuatangata = {
+      nets.wiregrill = {
+        ip4.addr = "10.244.10.246";
+        aliases = [ "ahuatangata" "ndrd.feliks.r" ];
+        wireguard.pubkey = "QPDGBEYJ1znqUdjy6JWZJ+cqPMcU67dHlOX5beTM6TA=";
+      };
+    };
   };
 }
diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix
index 78206a241..952b5fd40 100644
--- a/kartei/mic92/default.nix
+++ b/kartei/mic92/default.nix
@@ -90,6 +90,7 @@ in {
             "tts.r"
             "flood.r"
             "warez.r"
+            "bing-gpt.r"
             "navidrome.r"
           ];
           tinc.pubkey = ''
@@ -788,7 +789,7 @@ in {
           aliases = [
             "jack.r"
             "stable-confusion.r"
-            "llama.r"
+            "vicuna.r"
           ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----
@@ -910,6 +911,33 @@ in {
       };
     };
 
+    donna = {
+      owner = config.krebs.users.mic92;
+      nets = rec {
+        internet = {
+          # clara.dse.in.tum.de
+          ip4.addr = "131.159.38.222";
+          ip6.addr = "2a09:80c0:38::222";
+          aliases = [ "donna.i" ];
+        };
+        retiolum = {
+          via = internet;
+          aliases = [ "donna.r" ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEAs34lPq8SnVdzMdPkWQMfeM061Yh95wqqGOdGODiyoWdsP0ErRH3/
+            HjgmB7luMl7MdL3ZKIpZe/IR2OSAL+6HBE/JPIapO2e1DFFEg42AI58lgjrR0yEr
+            Q59ZeGu+V95l+jC08IUoS9K6SVTkDCVe2b4Akf5oMtHAAG+ELtzh2zrPH6lkrXYd
+            LvzIWcrmqu1AnmmUiHT1JleCDfSn2m/ev+LcY109lN7LCFA5VL12/EP2FhM3ELHq
+            j2gAdvD1LAKq4var2MnR0MnKg0k1vMGSgwK+hj0AoLNiYivo8bxoRBNbUb94o4jQ
+            8xfbYyAFxpxdi/bFDmT1UjkouJ1Y8I8GJwIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+          tinc.pubkey_ed25519 = "8XlFDxQoGq6Fr40PTDyF8GUwP2+YSDp8By0vlKn1OlO";
+        };
+      };
+    };
+
     clara = {
       owner = config.krebs.users.mic92;
       nets = rec {
diff --git a/kartei/rtunreal/default.nix b/kartei/rtunreal/default.nix
index faa593c63..9d57c0fce 100644
--- a/kartei/rtunreal/default.nix
+++ b/kartei/rtunreal/default.nix
@@ -74,5 +74,12 @@ in
         tinc.pubkey_ed25519 = "YJE4KD9PhDjxucDAGrbec5Yqqf3A8/VU0J0NV8EPXuN";
       };
     };
+    rtgraphene = {
+      nets.wiregrill = {
+        aliases = [ "graphene.rtunreal.w" ];
+        ip4.addr = "10.244.20.20";
+        wireguard.pubkey = "IZ7tnD5ZVqO886hFzk6k92R70p1J6jYvyIEAWUccehU=";
+      };
+    };
   };
 }
diff --git a/kartei/trust-gpg.sh b/kartei/trust-gpg.sh
new file mode 100755
index 000000000..84b67aeb4
--- /dev/null
+++ b/kartei/trust-gpg.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+# usage: $0
+set -eu
+WD=$(dirname "$(realpath "$0")")
+PUBKEYS=
+for key in "$WD"/kmein/kmein.gpg "$WD"/lass/pgp/* "$WD"/makefu/pgp/* "$WD"/tv/pgp/*; do
+  echo "$key" >&2
+  keyid=$(gpg --with-colons --fingerprint --import-options show-only --import "$key" | grep fpr | cut -d : -f 10 | head -1)
+  gpg --import "$key" >&2
+  printf '5\ny\n' | gpg --command-fd 0 --expert --edit-key "$keyid" trust >&2
+  PUBKEYS="${PUBKEYS}${keyid}\n"
+done
+printf "$PUBKEYS"
diff --git a/kartei/tv/hosts/ni.nix b/kartei/tv/hosts/ni.nix
index c45321656..aae5c5cd4 100644
--- a/kartei/tv/hosts/ni.nix
+++ b/kartei/tv/hosts/ni.nix
@@ -17,11 +17,11 @@
   nets = {
     internet = {
       ip4 = rec {
-        addr = "188.68.36.196";
+        addr = "185.162.251.237";
         prefix = "${addr}/32";
       };
       ip6 = rec {
-        addr = "2a03:4000:13:4c::1";
+        addr = "2a03:4000:1a:cf::1";
         prefix = "${addr}/64";
       };
       aliases = [
diff --git a/kartei/ynnel/default.nix b/kartei/ynnel/default.nix
new file mode 100644
index 000000000..e7d985278
--- /dev/null
+++ b/kartei/ynnel/default.nix
@@ -0,0 +1,32 @@
+{ config, ... }:
+let
+  lib = import ../../lib;
+in
+{
+  users.ynnel = {
+    mail = "retiolum@lenny.ninja";
+  };
+  hosts.mokemoke = {
+    owner = config.krebs.users.ynnel;
+    nets.retiolum = {
+      aliases = [ "mokemoke.ynnel.r" ];
+      ip6.addr = (lib.krebs.genipv6 "retiolum" "ynnel" { hostName = "mokemoke"; }).address;
+      tinc.pubkey = ''
+        -----BEGIN RSA PUBLIC KEY-----
+        MIICCgKCAgEA7rS560SZEPcSekW30dRF6ZTHOnb8WvuVgt3BFLRWhTgV5DqLqFa8
+        fxT2TJci8ogYZtlnSCNKEhxup3wlIrAPLLzu5jL6hx4okfmyARGQqeUn9kD+jmGL
+        9N9wjGXDp/CVyMIb5mcK2l0mvElvs7ae700GScq+2ASsFTHC/w2w2KoeDtt/UED9
+        Cjy+kxP7SuzksigIuuA8gncf9FmfRgG31XGctX1H6hUywtq05oVRd5qMHeiI/l4v
+        jHJSadtlR1FuExMT9l7nRZ98yOLKWhDUym4qmi/3zsnDl38f9gcqlp040McUqfZl
+        6mclphcthOv6xp7nCbEd58djBU1hrPHJJrk5qL0CGcTwaTBzZFvrV4lklfBFPhVv
+        dwiagzZDsTvQfXe7UJTSHOKhw+i7a7ok2n+IFhyd+GnQYeOvaBropjYgYDHbZ/u7
+        d6E1xUVjANLtt2oOYfaH/LlERgucEcQY2qRyMBQXYTwp+d3ThTc+Vs0Lbo08rvFN
+        y76KXPsH8ptVVFK4DclK0GxI64JpnSmG/BHcU114K7LPNONQBSvE8UyZlMVkuZfc
+        qwBzyM70tKPoWmoxjBkQcXsK6JgclXohZ0jbMhRV5K4oDocAhEuUtOC5qG4IZo+R
+        BWc0bxueCaOQFqB6UKcZLgCj6ZhXHpqTSk/8MBevxrbH44I+4oYwQOkCAwEAAQ==
+        -----END RSA PUBLIC KEY-----
+      '';
+      tinc.pubkey_ed25519 = "um4yKCJkkBX9pISAa78SttNSqyEPhpCDGfL6FJA0wzK";
+    };
+  };
+}
author	makefu <github@syntax-fehler.de>	2023-04-23 16:26:01 +0200
committer	makefu <github@syntax-fehler.de>	2023-04-23 16:26:01 +0200
commit	60fb7a1aa12b1d18224babeaf5481e43663b65b8 (patch)
tree	2054d6460bc1a4a35de4496c88d33644878757da /kartei
parent	d8de7ad7063d6a2028e8dc40771f89af216fbfaf (diff)
parent	4bf2909be3afb5e834cacdb4d6f949e4dd78400e (diff)