Merge remote-tracking branch 'lass/master'

5 files changed, 54 insertions, 22 deletions

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 2d73da884..8ea727dc7 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -102,6 +102,7 @@ let
 
   imp = lib.mkMerge [
     { krebs = import ./external { inherit config; }; }
+    { krebs = import ./external/dbalan.nix { inherit config; }; }
     { krebs = import ./external/kmein.nix { inherit config; }; }
     { krebs = import ./external/mic92.nix { inherit config; }; }
     { krebs = import ./external/palo.nix { inherit config; }; }
diff --git a/krebs/3modules/external/dbalan.nix b/krebs/3modules/external/dbalan.nix
new file mode 100644
index 000000000..301f010d3
--- /dev/null
+++ b/krebs/3modules/external/dbalan.nix
@@ -0,0 +1,50 @@
+with import <stockholm/lib>;
+{ config, ... }:
+let
+  hostDefaults = hostName: host: flip recursiveUpdate host ({
+    ci = false;
+    external = true;
+    monitoring = false;
+    owner = config.krebs.users.dbalan;
+  } // optionalAttrs (host.nets?retiolum) {
+    nets.retiolum = {
+      ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+    };
+  } // optionalAttrs (host.nets?wiregrill) {
+    nets.wiregrill = {
+      ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+    };
+  });
+in
+{
+  users = rec {
+    dbalan = {
+      mail = "dbalan@thaum.space";
+      pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
+    };
+  };
+  hosts = mapAttrs hostDefaults {
+    v60 = {
+      nets.retiolum = {
+        aliases = [ "v60.dbalan.r" ];
+        ip4.addr = "10.243.42.12";
+        tinc.pubkey = ''
+          -----BEGIN RSA PUBLIC KEY-----
+          MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
+          RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
+          1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
+          uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
+          p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
+          bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
+          I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
+          mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
+          OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
+          AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
+          9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
+          -----END RSA PUBLIC KEY-----
+        '';
+        tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
+      };
+    };
+  };
+}
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix
index d63a6b306..3bd2c1b7b 100644
--- a/krebs/3modules/external/mic92.nix
+++ b/krebs/3modules/external/mic92.nix
@@ -681,27 +681,6 @@ in {
         };
       };
     };
-    jarvis = {
-      owner = config.krebs.users.mic92;
-      nets = rec {
-        internet.addrs = [ "jarvis.thalheim.io" ];
-        retiolum = {
-          via = internet;
-          aliases = [ "jarvis.r" ];
-          tinc.pubkey = ''
-            -----BEGIN RSA PUBLIC KEY-----
-            MIIBCgKCAQEA7PtJlYBpBr2TK5CAvAukkGvj+esC+sMPKd3mO9iDwdViBrqKdf+D
-            yEy8SI80Y02dpkL97NjvnzepKpyGQWpG1ZQflJLhCTj7oFyVpWd4XsbIuzYp5ES6
-            r8qKWs2xcItc1pbW0ZmrCBzdWsC1B0VAHlYkiz+7vM6pCTvg6hNQugP4c1TRCtJC
-            Sr+n+EjTXN/NTaKl+f7eoHJGnT5liDO3/xZVxm8AuLnron1xPPDghXClVHfDj5mt
-            f66f+CLwZhq3BrZuptwXp7TerMfrNtPyTx96b+EyuLPjrYxKeKL/+Nbr3VmmiDIV
-            tsraNc+0a8OBpVsYh4MQLp55NYwqxAoetQIDAQAB
-            -----END RSA PUBLIC KEY-----
-          '';
-          tinc.pubkey_ed25519 = "RRkMnGSg+nMkz4L2iqmdFf2fIf4wIfcTM0TlTWLLNCE";
-        };
-      };
-    };
     bernie = {
       owner = config.krebs.users.mic92;
       nets = rec {
diff --git a/krebs/3modules/github-known-hosts.nix b/krebs/3modules/github-known-hosts.nix
index 7bdf5bb7c..eec719f27 100644
--- a/krebs/3modules/github-known-hosts.nix
+++ b/krebs/3modules/github-known-hosts.nix
@@ -57,6 +57,7 @@
       "20.201.28.151"
       "20.205.243.166"
       "102.133.202.242"
+      "20.248.137.48"
       "18.181.13.223"
       "54.238.117.237"
       "54.168.17.15"
@@ -70,6 +71,7 @@
       "20.201.28.152"
       "20.205.243.160"
       "102.133.202.246"
+      "20.248.137.50"
     ];
     publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
   };
diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix
index e8037128d..9ed5f29c5 100644
--- a/krebs/3modules/iana-etc.nix
+++ b/krebs/3modules/iana-etc.nix
@@ -34,7 +34,7 @@ with import <stockholm/lib>;
             '')
             (filter (proto: entry.${proto} != null) ["tcp" "udp"])}
           '') (attrValues config.krebs.iana-etc.services)}
-        cat ${pkgs.iana_etc}/etc/services
+        cat ${pkgs.iana-etc}/etc/services
       } |
       sort -b -k 2,2 -u > $out
     '');