summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2019-01-03 22:55:53 +0100
committermakefu <github@syntax-fehler.de>2019-01-03 22:55:53 +0100
commit4715e28304fc2396dbe9331c3824fb4de29a0d84 (patch)
tree685bb65138f417f9cc84bfef67afe85181da1615 /krebs/3modules
parentfa117593ada626b12f81b98c478fdb21ab36bc89 (diff)
parent2ce824f21f933710ef9f36864e1e585644da6eb5 (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/external/default.nix42
-rw-r--r--krebs/3modules/external/ssh/kmein.pub1
-rw-r--r--krebs/3modules/lass/default.nix13
3 files changed, 51 insertions, 5 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index fc450b667..1363df1a6 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -8,6 +8,9 @@ with import <stockholm/lib>;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
(krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ } // optionalAttrs (host.nets?wiregrill) {
+ nets.wiregrill.ip6.addr =
+ (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
});
ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
@@ -341,6 +344,41 @@ in {
};
};
};
+ matchbox = {
+ owner = config.krebs.users.Mic92;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.29.172";
+ aliases = [ "matchbox.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAqwB9pzV889vpMp/am+T0sfm5qO/wAWS/tv0auYK3Zyx3ChxrQX2m
+ VrxO5a/bjR/g1fi/t2kJIV/6tsVSRHfzKuKHprE2KxeNOmwUuSjjiM4CboASMR+w
+ nra6U0Ldf5vBxtEj5bj384QxwxxVLhSw8NbE43FCM07swSvAT8Y/ZmGUd738674u
+ TNC6zM6zwLvN0dxCDLuD5bwUq7y73JNQTm2YXv1Hfw3T8XqJK/Xson2Atv2Y5ZbE
+ TA0RaH3PoEkhkVeJG/EuUIJhvmunS5bBjFSiOiUZ8oEOSjo9nHUMD0u+x1BZIg/1
+ yy5B5iB4YSGPAtjMJhwD/LRIoI8msWpdVCCnA+FlKCKAsgC7JbJgcOUtK9eDFdbO
+ 4FyzdUJbK+4PDguraPGzIX7p+K3SY8bbyo3SSp5rEb+CEWtFf26oJm7eBhDBT6K4
+ Ofmzp0GjFbS8qkqEGCQcfi4cAsXMVCn4AJ6CKs89y19pLZ42fUtWg7WgUZA7GWV/
+ bPE2RSBMUkGb0ovgoe7Z7NXsL3AST8EQEy+3lAEyUrPFLiwoeGJZmfTDTy1VBFI4
+ nCShp7V+MSmz4DnLK1HLksLVLmGyZmouGsLjYUnEa414EI6NJF3bfEO2ZRGaswyR
+ /vW066YCTe7wi+YrvrMDgkdbyfn/ecMTn2iXsTb4k9/fuO0+hsqL+isCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+ miaoski = {
+ owner = config.krebs.users.miaoski;
+ nets = {
+ wiregrill = {
+ aliases = [ "miaoski.w" ];
+ wireguard = {
+ pubkey = "8haz9JX5nAMORzNy89VdHC1Z9XA94ogaZsY3d2Rfkl4=";
+ };
+ };
+ };
+ };
};
users = {
ciko = {
@@ -351,6 +389,8 @@ in {
pubkey = ssh-for "exco";
};
kmein = {
+ mail = "kieran.meinhardt@gmail.com";
+ pubkey = ssh-for "kmein";
};
Mic92 = {
mail = "joerg@higgsboson.tk";
@@ -371,6 +411,8 @@ in {
mail = "shackspace.de@myvdr.de";
pubkey = ssh-for "ulrich";
};
+ miaoski = {
+ };
};
}
diff --git a/krebs/3modules/external/ssh/kmein.pub b/krebs/3modules/external/ssh/kmein.pub
new file mode 100644
index 000000000..5711a2c1c
--- /dev/null
+++ b/krebs/3modules/external/ssh/kmein.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 9d1d56ad3..630c14f18 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -91,7 +91,6 @@ in {
};
wiregrill = {
via = internet;
- ip4.addr = "10.244.1.1";
ip6.addr = w6 "1";
aliases = [
"prism.w"
@@ -99,7 +98,6 @@ in {
wireguard = {
pubkey = "oKJotppdEJqQBjrqrommEUPw+VFryvEvNJr/WikXohk=";
subnets = [
- "10.244.1.0/24"
(krebs.genipv6 "wiregrill" "external" 0).subnetCIDR
(krebs.genipv6 "wiregrill" "lass" 0).subnetCIDR
];
@@ -278,7 +276,7 @@ in {
nets = rec {
retiolum = {
ip4.addr = "10.243.133.115";
- ip6.addr = r6 "dead";
+ ip6.addr = r6 "daed";
aliases = [
"daedalus.r"
"cgit.daedalus.r"
@@ -294,8 +292,14 @@ in {
-----END RSA PUBLIC KEY-----
'';
};
+ wiregrill = {
+ ip6.addr = w6 "daed";
+ aliases = [
+ "daedalus.w"
+ ];
+ wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI=";
+ };
};
- secure = true;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g";
};
@@ -474,7 +478,6 @@ in {
phone = {
nets = {
wiregrill = {
- ip4.addr = "10.244.1.2";
ip6.addr = w6 "a";
aliases = [
"phone.w"