summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2022-11-23 18:41:11 +0100
committerlassulus <lassulus@lassul.us>2022-11-23 18:41:11 +0100
commitc345613cf0868c7835821f395aacdc0d135557c7 (patch)
tree5169e9d2920f1623e2c7cbb50a9ad5e44d52519a /krebs
parent82f774d59d054af79926660ec631529aa26b9bcd (diff)
parent606f88e4f0a8c257f9e6be94ca8469da04b381cc (diff)
Merge remote-tracking branch 'ni/master'
Diffstat (limited to 'krebs')
-rw-r--r--krebs/2configs/exim-smarthost.nix9
-rw-r--r--krebs/3modules/default.nix12
-rw-r--r--krebs/3modules/external/dbalan.nix50
-rw-r--r--krebs/3modules/external/default.nix881
-rw-r--r--krebs/3modules/external/gpg/kmein.gpg30
-rw-r--r--krebs/3modules/external/kmein.nix193
-rw-r--r--krebs/3modules/external/mic92.nix958
-rw-r--r--krebs/3modules/external/palo.nix85
-rw-r--r--krebs/3modules/external/rtunreal.nix51
-rw-r--r--krebs/3modules/external/ssh/0x4A6F.pub1
-rw-r--r--krebs/3modules/external/ssh/exco.pub1
-rw-r--r--krebs/3modules/external/ssh/hase.pub1
-rw-r--r--krebs/3modules/external/ssh/kmein.kabsa.pub1
-rw-r--r--krebs/3modules/external/ssh/kmein.manakish.pub1
-rw-r--r--krebs/3modules/external/ssh/mic92.pub1
-rw-r--r--krebs/3modules/external/ssh/neos.pub1
-rw-r--r--krebs/3modules/external/ssh/qubasa.pub1
-rw-r--r--krebs/3modules/external/ssh/raute.pub1
-rw-r--r--krebs/3modules/external/ssh/rtjure.pub1
-rw-r--r--krebs/3modules/external/ssh/shannan.pub1
-rw-r--r--krebs/3modules/external/ssh/ulrich.pub1
-rw-r--r--krebs/3modules/external/ssh/xkey.pub1
-rw-r--r--krebs/3modules/external/ssh/xq.pub1
-rw-r--r--krebs/3modules/external/tinc/hasegateway.pub13
-rw-r--r--krebs/3modules/external/tinc/horisa.pub8
-rw-r--r--krebs/3modules/external/tinc/justraute.pub14
-rw-r--r--krebs/3modules/external/tinc/palo.pub13
-rw-r--r--krebs/3modules/external/tinc/tpsw.pub8
-rw-r--r--krebs/3modules/jeschli/default.nix181
-rw-r--r--krebs/3modules/krebs/default.nix317
-rw-r--r--krebs/3modules/lass/default.nix932
-rw-r--r--krebs/3modules/lass/pgp/mors.pgp51
-rw-r--r--krebs/3modules/lass/pgp/yubikey.pgp157
-rw-r--r--krebs/3modules/lass/ssh/android.ed255191
-rw-r--r--krebs/3modules/lass/ssh/blue.rsa1
-rw-r--r--krebs/3modules/lass/ssh/green.ed255191
-rw-r--r--krebs/3modules/lass/ssh/mors.rsa1
-rw-r--r--krebs/3modules/lass/ssh/tablet.ed255191
-rw-r--r--krebs/3modules/lass/ssh/yubikey.rsa1
-rw-r--r--krebs/3modules/makefu/default.nix393
-rw-r--r--krebs/3modules/makefu/pgp/brain.asc51
-rw-r--r--krebs/3modules/makefu/pgp/default.asc64
-rw-r--r--krebs/3modules/makefu/retiolum/cake.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/cake_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/crapi.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/crapi_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/fileleech.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/fileleech_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/filepimp.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/filepimp_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/firecracker.pub14
-rw-r--r--krebs/3modules/makefu/retiolum/firecracker_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/flap.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/flap_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/gum.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/gum_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/latte.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/latte_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/nukular.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/nukular_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/omo.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/omo_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/sdev.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/sdev_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/senderechner.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/senderechner_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/studio.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/studio_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/tsp.pub13
-rw-r--r--krebs/3modules/makefu/retiolum/tsp_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/vbob.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/vbob_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/wbob.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/wbob_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/x.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/x_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/ssh/makefu.android.pub1
-rw-r--r--krebs/3modules/makefu/ssh/makefu.bob.pub1
-rw-r--r--krebs/3modules/makefu/ssh/makefu.omo.pub1
-rw-r--r--krebs/3modules/makefu/ssh/makefu.remote-builder.pub1
-rw-r--r--krebs/3modules/makefu/ssh/makefu.tempx.pub1
-rw-r--r--krebs/3modules/makefu/ssh/makefu.tsp.pub1
-rw-r--r--krebs/3modules/makefu/ssh/makefu.vbob.pub1
-rw-r--r--krebs/3modules/makefu/ssh/makefu.x.pub1
-rw-r--r--krebs/3modules/makefu/sshd/cake.pub1
-rw-r--r--krebs/3modules/makefu/sshd/crapi.pub1
-rw-r--r--krebs/3modules/makefu/sshd/fileleech.pub1
-rw-r--r--krebs/3modules/makefu/sshd/firecracker.pub1
-rw-r--r--krebs/3modules/makefu/sshd/gum.pub1
-rw-r--r--krebs/3modules/makefu/sshd/omo.pub1
-rw-r--r--krebs/3modules/makefu/sshd/sdev.pub1
-rw-r--r--krebs/3modules/makefu/sshd/studio.pub1
-rw-r--r--krebs/3modules/makefu/sshd/wbob.pub1
-rw-r--r--krebs/3modules/makefu/sshd/x.pub1
-rw-r--r--krebs/3modules/makefu/wiregrill/gum.pub1
-rw-r--r--krebs/3modules/makefu/wiregrill/rockit.pub1
-rw-r--r--krebs/3modules/makefu/wiregrill/shackdev.pub1
-rw-r--r--krebs/3modules/makefu/wiregrill/x.pub1
-rw-r--r--krebs/3modules/tv/default.nix402
-rw-r--r--krebs/3modules/tv/pgp/CBF89B0B.asc51
-rw-r--r--krebs/3modules/tv/wiregrill/alnus.pub1
-rw-r--r--krebs/3modules/tv/wiregrill/mu.pub1
-rw-r--r--krebs/3modules/tv/wiregrill/ni.pub1
-rw-r--r--krebs/3modules/tv/wiregrill/nomic.pub1
-rw-r--r--krebs/3modules/tv/wiregrill/querel.pub1
-rw-r--r--krebs/3modules/tv/wiregrill/umz.pub1
-rw-r--r--krebs/3modules/tv/wiregrill/wu.pub1
-rw-r--r--krebs/3modules/tv/wiregrill/xu.pub1
-rw-r--r--krebs/3modules/tv/wiregrill/zu.pub1
109 files changed, 10 insertions, 5129 deletions
diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix
index 82f8ec942..01597f49f 100644
--- a/krebs/2configs/exim-smarthost.nix
+++ b/krebs/2configs/exim-smarthost.nix
@@ -16,6 +16,14 @@ in {
tv
];
eloop-ml = spam-ml;
+ krebstel-ml = [
+ config.krebs.users."0x4A6F"
+ { mail = "krebstel-1rxz0mqa95nkmk298s1731ly0ii7vc36kkm36pnjj89hrq52pgn1@ni.r"; }
+ { mail = "krebstel-1difh7483axpiaq92ghi14r5cql822wbhixqb0nn3y3jkcj0b785@ni.r"; }
+ { mail = "lass@green.r"; }
+ tv
+ xkey
+ ];
spam-ml = [
lass
makefu
@@ -28,6 +36,7 @@ in {
"spam@eloop.org" = eloop-ml;
"youtube@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
"postmaster@krebsco.de" = spam-ml; # RFC 822
+ "krebstel@krebsco.de" = krebstel-ml;
"lass@krebsco.de" = lass;
"makefu@krebsco.de" = makefu;
"spam@krebsco.de" = spam-ml;
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 7af6b13d9..70fc05813 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -6,6 +6,7 @@ let
out = {
imports = [
+ ../../kartei
./acl.nix
./airdcpp.nix
./announce-activation.nix
@@ -100,17 +101,6 @@ let
};
imp = lib.mkMerge [
- { krebs = import ./external { inherit config; }; }
- { krebs = import ./external/dbalan.nix { inherit config; }; }
- { krebs = import ./external/kmein.nix { inherit config; }; }
- { krebs = import ./external/mic92.nix { inherit config; }; }
- { krebs = import ./external/palo.nix { inherit config; }; }
- { krebs = import ./external/rtunreal.nix { inherit config; }; }
- { krebs = import ./jeschli { inherit config; }; }
- { krebs = import ./krebs { inherit config; }; }
- { krebs = import ./lass { inherit config; }; }
- { krebs = import ./makefu { inherit config; }; }
- { krebs = import ./tv { inherit config; }; }
{
krebs.dns.providers = {
"krebsco.de" = "zones";
diff --git a/krebs/3modules/external/dbalan.nix b/krebs/3modules/external/dbalan.nix
deleted file mode 100644
index 301f010d3..000000000
--- a/krebs/3modules/external/dbalan.nix
+++ /dev/null
@@ -1,50 +0,0 @@
-with import <stockholm/lib>;
-{ config, ... }:
-let
- hostDefaults = hostName: host: flip recursiveUpdate host ({
- ci = false;
- external = true;
- monitoring = false;
- owner = config.krebs.users.dbalan;
- } // optionalAttrs (host.nets?retiolum) {
- nets.retiolum = {
- ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
- };
- } // optionalAttrs (host.nets?wiregrill) {
- nets.wiregrill = {
- ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
- };
- });
-in
-{
- users = rec {
- dbalan = {
- mail = "dbalan@thaum.space";
- pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
- };
- };
- hosts = mapAttrs hostDefaults {
- v60 = {
- nets.retiolum = {
- aliases = [ "v60.dbalan.r" ];
- ip4.addr = "10.243.42.12";
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
- RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
- 1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
- uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
- p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
- bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
- I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
- mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
- OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
- AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
- 9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
- };
- };
- };
-}
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
deleted file mode 100644
index 62cbb78a8..000000000
--- a/krebs/3modules/external/default.nix
+++ /dev/null
@@ -1,881 +0,0 @@
-with import <stockholm/lib>;
-{ config, ... }: let
-
- hostDefaults = hostName: host: flip recursiveUpdate host ({
- ci = false;
- external = true;
- monitoring = false;
- } // optionalAttrs (host.nets?retiolum) {
- nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
- } // optionalAttrs (host.nets?wiregrill) {
- nets.wiregrill.ip6.addr =
- (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
- });
- ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
- tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");