diff options
| author | tv <tv@krebsco.de> | 2019-02-02 09:16:32 +0100 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2019-02-02 09:16:32 +0100 |
| commit | bca298e1a8582f5704e1e154ead6d1f866ac3206 (patch) | |
| tree | 7ca3a33bc72108b392b35d8c014df0ceda33e75e /krebs/3modules/external/palo.nix | |
| parent | a09bf933da2d31645872f1e2332507da98fb6a00 (diff) | |
| parent | e2ae92445cc439203427a58720fc394cf1ca4b44 (diff) | |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs/3modules/external/palo.nix')
| -rw-r--r-- | krebs/3modules/external/palo.nix | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix new file mode 100644 index 000000000..e151ad358 --- /dev/null +++ b/krebs/3modules/external/palo.nix @@ -0,0 +1,81 @@ +with import <stockholm/lib>; +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill.ip6.addr = + (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + }); + ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); + tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); + +in { + hosts = mapAttrs hostDefaults { + pepe = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.1"; + tinc.port = 720; + aliases = [ "pepe.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + kruck = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.3"; + tinc.port = 720; + aliases = [ "kruck.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + schasch = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.2"; + tinc.port = 720; + aliases = [ "schasch.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + workhorse = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.5"; + tinc.port = 720; + aliases = [ "workhorse.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + workout = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.23.4"; + tinc.port = 720; + aliases = [ "workout.r" ]; + tinc.pubkey = tinc-for "palo"; + }; + }; + }; + }; + users = { + palo = { + }; + }; +} + |