summaryrefslogtreecommitdiffstats
path: root/krebs/3modules/external
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2019-02-05 22:31:39 +0100
committermakefu <github@syntax-fehler.de>2019-02-05 22:31:39 +0100
commita9ec59e87d65c1f72f346e0568a542715502576f (patch)
treec50f29688cc9ffe6ab0d00cf1d3ce0706b5b3bfb /krebs/3modules/external
parent80c2ab739d2d51bf47b07fd6f39508a85077b0e6 (diff)
parent932d11ed9346fbef640604d1107be39e7c11be85 (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'krebs/3modules/external')
-rw-r--r--krebs/3modules/external/default.nix54
-rw-r--r--krebs/3modules/external/palo.nix81
-rw-r--r--krebs/3modules/external/tinc/palo.pub13
3 files changed, 120 insertions, 28 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 089113ac6..1f80906f8 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -16,7 +16,33 @@ with import <stockholm/lib>;
tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
in {
+
hosts = mapAttrs hostDefaults {
+ catullus = {
+ owner = config.krebs.users.kmein;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.2.3";
+ aliases = [ "catullus.r" ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2tRtskPP6391+ZX9xzsx
+ CUotXuqYucYmnUbrRSIlxASVqTmAf3nDOE5EDBBcTdSwnb02JcJW4Zh7+BGgMxjF
+ GxDPs6ETI28mHK+6rp8TOkMnyDb5mtSGVZPvKJU9fFOt6aAX1J1BzTfwtHtVQq7K
+ WBzdpeKXlw4dIQ6K6SGmPIPpEh9pE1Xb+GuVljCXKxGJFbW40dmh2ZdadO7umBDu
+ vRk08jT9/BUnUP6KrZlvyePnG38z6srMrVU+XAHu5D2qZ9y+QIp3kw7Y5JUrNXc7
+ 9q9P9TYx15GiIz2mSJKcLVmkLRebsaqdV7dBibPbfdGE+NB+F1FYPGDdW4cnonon
+ DzzjGm/FDfOCXEnSkYGQDBWpfd/8AWum1xGJxJCPNBJElGE2o5jDWo4Y1b9gHP0M
+ vARm8AOK8R1pQ7BP+pNMO0gGw2NDrtWiWpTeZ7SqXmZAZ/Gmyen9X+/fowcbTyDH
+ b9joIuMQeOtxbUV2JprZIdit9NBFSZq/7Re/GBUwjGBm3LabIXFNGKZovx/f9lf8
+ r5tVs4SPauiKzZS0K1Gz1NSq+3OXaY5EwVrBUXptYqRT7uyhVloOPRUsqRFeB0Fn
+ Y5xOpDJ0UiJxgFbdH5Vb81D/VjNO9Q4nZib8wSEuLrYLHGoceQPX4+Ov9IdhIL4B
+ BMTCaF+VCWC5PCLr0e61KqMCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ };
dpdkm = {
owner = config.krebs.users.Mic92;
nets = rec {
@@ -176,32 +202,6 @@ in {
};
};
};
- kruck = {
- owner = config.krebs.users.palo;
- nets = {
- retiolum = {
- ip4.addr = "10.243.29.201";
- aliases = [
- "kruck.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
- QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
- EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
- uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
- /RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
- 9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
- qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
- gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
- jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
- fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
- TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
qubasa = {
owner = config.krebs.users.qubasa;
nets = {
@@ -419,8 +419,6 @@ in {
mail = "joerg@thalheim.io";
pubkey = ssh-for "Mic92";
};
- palo = {
- };
qubasa = {
mail = "luis.nixos@gmail.com";
};
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
new file mode 100644
index 000000000..e151ad358
--- /dev/null
+++ b/krebs/3modules/external/palo.nix
@@ -0,0 +1,81 @@
+with import <stockholm/lib>;
+{ config, ... }: let
+
+ hostDefaults = hostName: host: flip recursiveUpdate host ({
+ ci = false;
+ external = true;
+ monitoring = false;
+ } // optionalAttrs (host.nets?retiolum) {
+ nets.retiolum.ip6.addr =
+ (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ } // optionalAttrs (host.nets?wiregrill) {
+ nets.wiregrill.ip6.addr =
+ (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ });
+ ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
+ tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
+
+in {
+ hosts = mapAttrs hostDefaults {
+ pepe = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.1";
+ tinc.port = 720;
+ aliases = [ "pepe.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ kruck = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.3";
+ tinc.port = 720;
+ aliases = [ "kruck.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ schasch = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.2";
+ tinc.port = 720;
+ aliases = [ "schasch.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ workhorse = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.5";
+ tinc.port = 720;
+ aliases = [ "workhorse.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ workout = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.4";
+ tinc.port = 720;
+ aliases = [ "workout.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ };
+ users = {
+ palo = {
+ };
+ };
+}
+
diff --git a/krebs/3modules/external/tinc/palo.pub b/krebs/3modules/external/tinc/palo.pub
new file mode 100644
index 000000000..65284d51d
--- /dev/null
+++ b/krebs/3modules/external/tinc/palo.pub
@@ -0,0 +1,13 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA2ACttoosnRZ99o+OyMrxBdUWPqsT5btzSIQ5dU1XWqGjO4nRchCE
+8tO0b/4jqVgJVTRZVIUJQESZRlSmclsCAjdM8tsGj74CJrm7tBvgbBn2IObSs5+4
+oJWe57VsQaeHPuI2JZuGqv8Z3Esw+B07bQS5VTaC1ISo7vnLG/q5XLCbKHB9JZc/
+ztYbk4bEQHwbulfoPjD9FY3heLnTzqPw9Xr3ixao5gbAXfWNJM+iCluMq+Q2g1BD
+ozSnyYvaGLQ6h4yksDp+xuK8YCqiRj174EkXySI8Jee1CBMuI8ciX/5Q7yzvzscQ
+ZQ/MLVdx3MRW+VeT0ctaRzoA9E09ILqPe+56DjpsKzt4Ne8qeMG5HdpzO9UdNzTu
+MuibsCL7CJy5Ytl38PK+LAXHQr3Os1Z4OHjeTZ38vTAZcOUJZEkl6w9nO1XjcyBL
+rIaG+20Nx0ZU79MlJZFiG7ovlUiDfIEKNygng8v/yoTMaqMYLxQZ/leQwLMNLujo
+sku8+oV4Jvx4SyUjuAS6jgG9CnejLCnHP/yyDGdaMQSzmlzYXacLMfnPZE3r7bj1
+EjA6yQbkPixm7xLCyMm5u2leWtqtbg1oRA6Mw3UyYkNy3hiTU+jTvztEI3SCliDH
+yjGlESH4/edryKjLNjmYP77VFbM9ZSQ+QGlbMGPvjcn6XCdJGdxm3PUCAwEAAQ==
+-----END RSA PUBLIC KEY-----