summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2018-05-31 10:39:49 +0200
committermakefu <github@syntax-fehler.de>2018-05-31 10:39:49 +0200
commit10deb114affc296224df59a5e4a3161101548613 (patch)
treecdb0aec231ee0d5354003e6d0d2d4df38db22f82 /krebs
parent319bb6fa89e24d0da9eca1b9d69c685b95f329f0 (diff)
parent4277c251906100bc103808af7a674fe2fbb3851b (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'krebs')
-rw-r--r--krebs/0tests/data/secrets/grafana_security.nix (renamed from krebs/6tests/data/secrets/grafana_security.nix)0
-rw-r--r--krebs/0tests/data/secrets/hashedPasswords.nix (renamed from krebs/6tests/data/secrets/hashedPasswords.nix)0
-rw-r--r--krebs/0tests/data/secrets/retiolum.rsa_key.priv (renamed from krebs/6tests/data/secrets/retiolum.rsa_key.priv)0
-rw-r--r--krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix (renamed from krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix)0
-rw-r--r--krebs/0tests/data/secrets/ssh.id_ed25519 (renamed from krebs/6tests/data/secrets/ssh.id_ed25519)0
-rw-r--r--krebs/0tests/data/test-config.nix (renamed from krebs/6tests/data/test-config.nix)0
-rw-r--r--krebs/0tests/data/test-source.nix (renamed from krebs/6tests/data/test-source.nix)0
-rw-r--r--krebs/0tests/default.nix (renamed from krebs/6tests/default.nix)0
-rw-r--r--krebs/0tests/deploy.nix (renamed from krebs/6tests/deploy.nix)2
-rw-r--r--krebs/1systems/hope/config.nix41
-rw-r--r--krebs/1systems/hope/source.nix3
-rw-r--r--krebs/3modules/ci.nix2
-rw-r--r--krebs/3modules/krebs/default.nix32
-rw-r--r--krebs/3modules/lass/default.nix42
-rw-r--r--krebs/3modules/lass/pgp/blue.pgp51
-rw-r--r--krebs/3modules/lass/pgp/icarus.pgp51
-rw-r--r--krebs/3modules/lass/ssh/blue.rsa1
-rw-r--r--krebs/5pkgs/simple/kops.nix7
-rw-r--r--krebs/5pkgs/simple/krops.nix7
-rw-r--r--krebs/5pkgs/simple/thesauron/default.nix7
-rw-r--r--krebs/kops.nix4
-rw-r--r--krebs/source.nix2
22 files changed, 162 insertions, 90 deletions
diff --git a/krebs/6tests/data/secrets/grafana_security.nix b/krebs/0tests/data/secrets/grafana_security.nix
index 0967ef424..0967ef424 100644
--- a/krebs/6tests/data/secrets/grafana_security.nix
+++ b/krebs/0tests/data/secrets/grafana_security.nix
diff --git a/krebs/6tests/data/secrets/hashedPasswords.nix b/krebs/0tests/data/secrets/hashedPasswords.nix
index 0967ef424..0967ef424 100644
--- a/krebs/6tests/data/secrets/hashedPasswords.nix
+++ b/krebs/0tests/data/secrets/hashedPasswords.nix
diff --git a/krebs/6tests/data/secrets/retiolum.rsa_key.priv b/krebs/0tests/data/secrets/retiolum.rsa_key.priv
index e69de29bb..e69de29bb 100644
--- a/krebs/6tests/data/secrets/retiolum.rsa_key.priv
+++ b/krebs/0tests/data/secrets/retiolum.rsa_key.priv
diff --git a/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix b/krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix
index 963e6db8b..963e6db8b 100644
--- a/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix
+++ b/krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix
diff --git a/krebs/6tests/data/secrets/ssh.id_ed25519 b/krebs/0tests/data/secrets/ssh.id_ed25519
index e69de29bb..e69de29bb 100644
--- a/krebs/6tests/data/secrets/ssh.id_ed25519
+++ b/krebs/0tests/data/secrets/ssh.id_ed25519
diff --git a/krebs/6tests/data/test-config.nix b/krebs/0tests/data/test-config.nix
index f0927ddd9..f0927ddd9 100644
--- a/krebs/6tests/data/test-config.nix
+++ b/krebs/0tests/data/test-config.nix
diff --git a/krebs/6tests/data/test-source.nix b/krebs/0tests/data/test-source.nix
index dfc6b3297..dfc6b3297 100644
--- a/krebs/6tests/data/test-source.nix
+++ b/krebs/0tests/data/test-source.nix
diff --git a/krebs/6tests/default.nix b/krebs/0tests/default.nix
index c0ca00296..c0ca00296 100644
--- a/krebs/6tests/default.nix
+++ b/krebs/0tests/default.nix
diff --git a/krebs/6tests/deploy.nix b/krebs/0tests/deploy.nix
index 156e9239f..d96963500 100644
--- a/krebs/6tests/deploy.nix
+++ b/krebs/0tests/deploy.nix
@@ -3,7 +3,7 @@ import <nixpkgs/nixos/tests/make-test.nix> ({ ... }:
let
pkgs = import <nixpkgs> { overlays = [(import ../5pkgs)]; };
- test-config = <stockholm/krebs/6tests/data/test-config.nix>;
+ test-config = <stockholm/krebs/0tests/data/test-config.nix>;
privKey = ''
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
diff --git a/krebs/1systems/hope/config.nix b/krebs/1systems/hope/config.nix
deleted file mode 100644
index c19b210c5..000000000
--- a/krebs/1systems/hope/config.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-with import <stockholm/lib>;
-{ config, pkgs, ... }: let
-
- ip = config.krebs.build.host.nets.internet.ip4.addr;
- bestGuessGateway = addr: elemAt (match "(.*)(\.[^.])" addr) 0 + ".1";
-
-in {
- imports = [
- <stockholm/krebs>
- <stockholm/krebs/2configs>
- <stockholm/krebs/2configs/os-templates/CAC-CentOS-7-64bit.nix>
-
- <stockholm/krebs/2configs/secret-passwords.nix>
- {
- users.extraUsers = {
- satan = {
- name = "satan";
- uid = 1338;
- home = "/home/satan";
- group = "users";
- createHome = true;
- useDefaultShell = true;
- initialPassword = "test";
- };
- };
- }
- ];
-
- krebs.build.host = config.krebs.hosts.hope;
-
- networking = let
- address = config.krebs.build.host.nets.internet.ip4.addr;
- in {
- defaultGateway = bestGuessGateway address;
- interfaces.enp2s1.ip4 = singleton {
- inherit address;
- prefixLength = 24;
- };
- nameservers = ["8.8.8.8"];
- };
-}
diff --git a/krebs/1systems/hope/source.nix b/krebs/1systems/hope/source.nix
deleted file mode 100644
index 7121d1d9d..000000000
--- a/krebs/1systems/hope/source.nix
+++ /dev/null
@@ -1,3 +0,0 @@
-import <stockholm/krebs/source.nix> {
- name = "hope";
-}
diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix
index bb19f0602..e97aa16eb 100644
--- a/krebs/3modules/ci.nix
+++ b/krebs/3modules/ci.nix
@@ -147,7 +147,7 @@ in
"dummy_secrets": "true",
},
command=[
- "nix-build", "-I", "stockholm=.", "krebs/6tests",
+ "nix-build", "-I", "stockholm=.", "krebs/0tests",
"-A", "{}".format(test)
],
timeout=90001
diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix
index a916c1873..a938f8ec9 100644
--- a/krebs/3modules/krebs/default.nix
+++ b/krebs/3modules/krebs/default.nix
@@ -30,38 +30,6 @@ let
});
in {
hosts = {
- hope = {
- ci = true;
- owner = config.krebs.users.krebs;
- nets = {
- internet = {
- ip4.addr = "45.62.225.18";
- aliases = [
- "hope.i"
- ];
- ssh.port = 45621;
- };
- retiolum = {
- ip4.addr = "10.243.77.4";
- ip6.addr = "42:0:0:0:0:0:77:4";
- aliases = [
- "hope.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAsQVWCoNZZd77tYw1qEDlUsfcF0ld+jVorq2uR5il1D8sqER644l5
- uaWxPQjSl27xdq5kvzIH24Ab6/xF2EDgE2fUTwpO5coBYafeiGyi5AwURQmYMp2a
- 2CV7uUAagFQaSzD0Aj796r1BXPn1IeE+uRSBmmc/+/7L0hweRGLiha34NOMZkq+4
- A0pwI/CjnyRXdV4AqfORHXkelykJPATm+m3bC+KYogPBeNMP2AV2aYgY8a0UJPMK
- fjAJCzxYJjiYxm8faJlm2U1bWytZODQa8pRZOrYQa4he2UoU6x78CNcrQkYLPOFC
- K2Q7+B5WJNKV6CqYztXuU/6LTHJRmV0FiwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdLHRI29xJj1jmfSidE2Dh7EsDNszm+WH3Kj4zYBkP/";
- };
hotdog = {
ci = true;
owner = config.krebs.users.krebs;
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 48df04bcb..fd74983fa 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -65,6 +65,7 @@ with import <stockholm/lib>;
io 60 IN NS ions.lassul.us.
ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
'';
};
nets = rec {
@@ -670,9 +671,45 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp";
};
+ blue = {
+ cores = 1;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.0.77";
+ ip6.addr = "42:0:0:0:0:0:0:77";
+ aliases = [
+ "blue.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA28b+WMiQaWbwUPcJlacd
+ QwyX4PvVm9WItPmmNy+RE2y0Mf04LxZ7RLm5+e0wPuhXXQyhZ06CNd6tjeaKfXUc
+ sNeC1Vjuh1hsyYJLR5Xf/YRNJQKoaHjbkXGt+rSK7PPuCcsUPOSZSEAgHYVvcFzM
+ wWE4kTDcBZeISB4+yLmPIZXhnDImRRMEurFNRiocoMmEIu/zyYVq8rnlTl972Agu
+ PMGo1HqVxCouEWstRvtX5tJmV8yruRbH4tADAruLXErLLwUAx/AYDNRjY1TYYetJ
+ RoaxejmZVVIvR+hWaDLkHZO89+to6wS5IVChs1anFxMNN6Chq2v8Bb2Nyy1oG/H/
+ HzXxj1Rn7CN9es5Wl0UX4h9Zg+hfspoI75lQ509GLusYOyFwgmFF02eMpxgHBiWm
+ khSJzPkFdYJKUKaZI0nQEGGsFJOe/Se5jj70x3Q5XEuUoQqyahAqwQIYh6uwhbuP
+ 49RBPHpE+ry6smhUPLTitrRsqeBU4RZRNsUAYyCbwyAH1i+K3Q5PSovgPtlHVr2N
+ w+VZCzsrtOY2fxXw0e+mncrx/Qga62s4m6a/dyukA5RytA9f6bBsvSTqr7/EQTs6
+ ZEBoPudk7ULNEbfjmJtBkeG7wKIlpgzVg/JaCAwMuSgVjrpIHrZmjOVvmOwB8W6J
+ Ch/o7chVljAwW4JmyRnhZbMCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILSBxtPf8yJfzzI7/iYpoRSc/TT+zYmE/HM9XWS3MZlv";
+ };
};
- users = {
- lass = {
+ users = rec {
+ lass = lass-blue;
+ lass-blue = {
+ mail = "lass@blue.r";
+ pubkey = builtins.readFile ./ssh/blue.rsa;
+ pgp.pubkeys.default = builtins.readFile ./pgp/blue.pgp;
+ };
+ lass-mors = {
mail = "lass@mors.r";
pubkey = builtins.readFile ./ssh/mors.rsa;
pgp.pubkeys.default = builtins.readFile ./pgp/mors.pgp;
@@ -697,6 +734,7 @@ with import <stockholm/lib>;
lass-icarus = {
mail = "lass@icarus.r";
pubkey = builtins.readFile ./ssh/icarus.rsa;
+ pgp.pubkeys.default = builtins.readFile ./pgp/icarus.pgp;
};
lass-xerxes = {
mail = "lass@xerxes.r";
diff --git a/krebs/3modules/lass/pgp/blue.pgp b/krebs/3modules/lass/pgp/blue.pgp
new file mode 100644
index 000000000..e7a1ac0e1
--- /dev/null
+++ b/krebs/3modules/lass/pgp/blue.pgp
@@ -0,0 +1,51 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFr9fAEBEACz2E2E7uBulVBBtPmk9IR2yB+uAWSe8Hi7vNiGc1Dbs40jzWuy
+AqouqyC5xnVw66+cQaYOsgXiwencmu/cFEV2x2uRLDVh1E/fvc8yxAOizEIY0jm/
+WZ/4IWvTZLVPF3BOhM4p/HGNbdZhRc4RoljLTB34VuY1KSMhs3Vx7n3HgZzdbD7D
+itUFU4oY5CnkQp4yl1Htat08cZmbD51VTZB1hDw2Uea+VuMQ/ImRtTqW+Ss4xyPA
+DwUE/vRM3CKwBvcjbNL3uUqc5dtZuvruuFeK3ScmdNLytcgXqJzLlwuzHmSt/Tnc
+DQZWKGiHnMvrAOkMEvsmiKhboWSAq4sRUPhISqZ7MSvPfhaH5Gcmhi+hL8FZhGY0
+qF7MNLHoimw6MBV6FIIA0vCDn2p5Vwc7L+LqLjWqAvxdfVoeUJjUWbWWNNWg4Tw7
+9e7rAR86e4AvhCZRubRn1aOfKGF5vg/El98OeIwBFQHpr7uznKfjmAEpoGveV+vG
+amptMCBAr4Hw76U708XWOQkZ2GDY9cfdxUllhAmmPrNQ/OcT2b4x0xKvMi4nA5G8
+PBOFErkS61zNxsHgpFe2isG+VDqYLfeQhOdB101Qn6IHw3KxyW85CwImUpdRLMUi
+0wtcA7M5GB94HRZ8qW6LtFBjwqm2NGudB0alfIWIq7KuRMXus3sJKQ2gDQARAQAB
+tBlsYXNzQGJsdWUuciA8bGFzc0BibHVlLnI+iQJOBBMBCAA4FiEEuOpc8JA44Pd5
+NXyK8UJeZkL6H7wFAlr9fAECGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ
+8UJeZkL6H7ygPQ/+JydbB0IX64ojm34YaeWKVdM5D7JFBdNuKgbAMf0Uhcja6YcU
+0YRvuOPpw4lNZqV/1yxDXGHJrVfGolq6uz28oWr+9VUD8QXH9ODm1EMLsU8Jb1Nh
+SE+rWSAhEmdw8l9Bi12wq4v/z/JC93/VJLnBGOL8LDEsJ9OatUw71KIt/a50ERoz
+uCZbMeLPym8WqSK1kjQehL5pj97BzxmBNpFYwqaniTAuqTN6bhs2ws+k89vjaWIP
+T+bEqsJV/vR9KZcNlmKlTQwbsjQ1BZ9EuV4EBL6IAMrqxDeY3mFnT+EpkabfIVSh
+38KmG+4PZDXaj6rCsrsH2pUKaZ/Z6Mr3lmFb/1aaK3xKiQyxcMrbcixIIVI8ihTM
+HUC3DFFlA7+02b67QomWFLRiZid4gCry7xhZyryQJkN2l20fzRjWf0myzcPO0qxc
+y39gUyEqy1oeaffCc1QgDJH2Hvf+P9StyMZIulNuCKJ9tfQR5nkkDAy/2p405Lmf
+mdKOMha6bZ+mA5HbmjMqwyFPHEtU6t/mUhlh7mYqNYAJikuqV00N6nTKVrBb2IfK
+atoHeUcmvMWBGL7+x3zxwf2pnum6a5iDES2ir87ltOGKGDeMt2Y/Ap30P+uZGnn1
+AiRu2bGkCiQ/WH1StJhAhJeleUfdbOa7/voc14nl3rewqyhqYd8dlI+TWAu5Ag0E
+Wv18AQEQAOFMwY2ky5TyRrDqJosq0y/9+8D6RiXlyOnyTQ+bqu4mDEaVu3xNcKLH
+CQsTM7gDR9pivapoDo84CK8w519DHCA2EpNGTDO4twcQ3jKqPth809LnibwdKJCe
+qsfxsIfN8LbpKDOygZ2av11gcT0ye9uOMkiiRSE2MMGDU/50sskecavUAExDgwFs
+v72ReU3fXRfTqYT6p/i/qMB7GbS8PlKFz61JKHDceS5GJUZJ5OWOoq7ZMCz6zrLW
+2mQIJ7kblGCJKUnx/lZ5y9nqSCk7jer2qENxWNPOCwD48A78u1Bz8xSN5D1gFO3f
+YSKh60kK5UljwkvRD7NvAcg2ifwL1e+/7v8WV9OsHDUBEiJO05tsjJ76QwHnEq6j
+4peArcTAHWZ4uGncAgYN/Uii+0vs3oVDsZ9d2uLJxuR3h6T4XVejeuZ3j3o/XX/E
+aZwcdH3VpKqEjdG4c4TMz96bN7ZN2DbgTf40rwPFKgWnvhCA9dWlmfy9pW2z2hyg
+rJaRGXd/4znj5YlMliDrL4/Yp9j1J1CsoZM68er6/zMU1SA9U/y+MVqMoPCPlczx
+mbwWQm1JH6fZv2SzHbZOrZYWKVWX+jPZQV6SjKwSiVrLlZJ0Z8u00HBRRRzXLwXa
+OLL/dGP1v+msMv1oCJT1AsMcBEE3bY1efnDP1XK8vBLzoMKGS1RtABEBAAGJAjYE
+GAEIACAWIQS46lzwkDjg93k1fIrxQl5mQvofvAUCWv18AQIbDAAKCRDxQl5mQvof
+vOC1D/wO+tGKz/y5dc/ifJGTndxoHnU8tarboDll0kcdpTGU7It+ReNustqJZj5v
+HK4V/ZXUw5+y6ZasNa/mFYY8oACOI40SlMdyt708XfPqYKXOpnM0oGRGfALi+oKg
+iIzYtXsqYk5ZYSFWpgxajHef9HMmHNJ8riSVRugUPubPMKPR65DOXl+BdVIlQw7o
+2g3s4Lii0IRKov3BvB51oJMhRK2Ne55VDBid32oIoqXLXS2E2gJQegioAiDUA5J4
+1f96RCeYfxOgaPj/o4eiXK0H3owA3W78/tIjq5218PCIYFsOKPhrSqJ7ZF/5yGwW
+ppVzsaz1sE9oULR0VOFUwjpYmyH32WwKkLF6mKumb8Q7Pd/FJq0I3/kxD/OrlNVZ
+8UCX0CzxMyfEeSUfScunKLMfopEGxXTR4l8jew7CwxX08H0nkqyegDZSN8MjYxQL
+V/zoL+aPjYh1WYf1L8wyBZjQbA6khHwYRZPaHrGfGaCGC8MHiSjPb/nt54+vZXtt
+17LcX4VvHwWIBf88JpZO9eyTFPdYIZANSyo6ltbRoomuAywuA5IibCwh/BXi/aVa
+Jro4UvbiwMqbVgSAt15VAwEK1Re/NNLBTcVVMHsWr5WNmo0s2C7+j+iIMPEOwhRs
+ZFj74cztyOF/dGeCv9ycW29g+ejXaPpFOYQz0A9bBdkEdTGWhQ==
+=D854
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/krebs/3modules/lass/pgp/icarus.pgp b/krebs/3modules/lass/pgp/icarus.pgp
new file mode 100644
index 000000000..f41478a09
--- /dev/null
+++ b/krebs/3modules/lass/pgp/icarus.pgp
@@ -0,0 +1,51 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFpqAGEBEADWiwVYVFXuK9kM7Y1XFL70jb2ZAZBRIpcZF81URMDFhm6ulvHq
+fEhXTpiKKmfnv5Mz6r6wAWLJFKOKZuEvg8NwplRrlBHMkR3iEx4+7sP/dVey7U6f
++gI61ytFHTOKr52gstPVdXO3xhNmdrAI1hFuF2DxoXKloz8tPP92dZcCdm7+5C+2
+KSYEBrIp/Zv1cjkbAFwek5y4ut65sBh/VM+RhSLbqwzyCxwfBE9QAJdIEiSmChql
+Lcz6CToYrdXhOY0ykx+QhT092k/6Xh66JeZ63WVHGrF+SSabq5NNcbWi7EISioHd
+N6JXZmbXMpS/BxgMe145e3mWnd3KOSeOxaiORqev8VOycjRQJfSm8Ky+GtWIyxp7
+rwEHbY8vlG2X9RMW5UxVmSRPWLykZoX0Xvmnrpwcohb5WdkuCp9NjqF0gDswU8do
+bCqASfeWBvJAQkoAlMLU7YH+ymmeQcSVdLy4Jpv1fk5FocQBihTBnC1+ztt7Rm8m
+8VGEpH1h174/z4Xn+bCkRZqopl9GlvpilLT8m8N8jdL7QLZJlQwrHVtima8Rg3XZ
+TriW1Ha/NxHZ8nN7pbisqXHCrJB0szzu++yVeQ7Ebr7HA0tIHqDhqVR0s6a1g5AX
+JYI8vCErowhvPf+BVCUYfmh5dJAY6tt9zrvCneaZ7ogPzOH9kRnZXYi7ZQARAQAB
+tBZpY2FydXMgPGxhc3NAaWNhcnVzLnI+iQJOBBMBCAA4FiEEbimq9dgDayT9DrQy
+FSODpr2bDFMFAlpqAGECGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQFSOD
+pr2bDFNVohAAiY6Pp4whrAIKwNkzqLkUl2SyQCVSGOce906jthKSixdfaUORZPdD
+AnyYUmPyVpWxKYjZl7IfmDDo7D6m21tP8FxCRK8/oYAtz3uRK5b5sb0/5YR77O9+
+s65sNhU8jiHetUEHQ0Z9UJKfm1DpanJ37uIhVcye8BC8OuSD0v0s+hZ+2ZaN1qdn
+qqCkujAILxOWo1ZDqpXfHaV11AotzlgyYmxlXzClsLB0SGhU7HUZesKETn3JUmrV
+88kkpug8gn9MpTSPDIWsTeNUWpNhqdDRA+2TUygtpQSKzJC8sdkFaWkMrH3cF6wA
+BZ+4tS2mRMQWq9BNMK+xnkWPvYO9e6v4ddXtlcVgGTUhSo+opCXza3dcXE5Xbv8x
+a1T5HJSV0HQPTrlAUoXZveu7ZgYVO5SOTCm1jBNKX8WCmvO6yJRalxo9N/d6gswq
+tKAGm9tlXpTXnG6tvebmSxjzjVwjbQMDJGy4Cj4bw0GGCdapDFrPidUDY/INmU7D
+TWtNsAJlJRuu7ddxIVTspZ7rmDBAOhYzXxGuU3ntZFTiFm9BpCmHYWpeQ5EKuxhJ
+mgxzC9wKDoS8NRKwt5ak/mX0vpXkJjF2Lrza0wCAZ1ZYWFNaehEwhNT51s9kZIi3
+w1v2z8xmu7VDq/n2sMRtMe7MVIOh1Nu7l/5Uqeb+EYnEc1NGZsFxcYK5Ag0EWmoA
+YQEQALMaaF9HeDpeqDjDpxanjjIz4YXMZoMkXwrLS/Rn2mobG5lJzxU+1AkwXxTD
+K45A0YHWsnAH1S8V9Gx+NlUMS/S/m9BruSXNohUKARIJLbltEM/EufOThjgfhW0Y
+cLorZ1kOSZvORR9+Ctuq/RcvGFwyLB/4OpcGHUezTIcAkLUo0lKPS4HtT2ogSUIx
+UstAMwEOSQIDR6sDDiS0BXNdlkKK6daLpH+snQMGP+ILAyRHGu1MlYkACDQZa5aP
+9vpany7zC9Ls7vaewCevZCUJfs00VF72pdCRdBV8oPQqwPfhS+uSCV58WwWCqHTq
+8PtxCVVzQdngOvScRvjrijtzlseyyTW3w9DPoDsQ16oM3y0kcnnv2hdfTVuv4+YK
+9fVRIrWEAlU3cxud7iws9+vUO9GwyWy+epFLiCgNgJR/RVIIjcHUExn/XAcFStjw
+QtW+3BxjYmdJpsh5wvmMJSMZDJFMEdKYPm4RI7ZfKVwl6yFeJt3hNkLxxF7k2fXB
+84pIvl03hXA3tRQ5t46wS7L2EPlWT00+MCraczvbIS+SX1nCp4ZXLBs0YmicioBS
+Os0zEtVs+80eWMf86MTT7YLwre4t+QRbM/RyIvJFTqBT3ad7/7ZMyEuVJBwDJlpx
+LGwZGa6zwnbzcf8Us4kAIRzQoK8VOg/xC/ymJYCk3oJCKD9RABEBAAGJAjYEGAEI
+ACAWIQRuKar12ANrJP0OtDIVI4OmvZsMUwUCWmoAYQIbDAAKCRAVI4OmvZsMU1vw
+EACDJDmZR5BIPxwr9+1Z5ZgT7XcBUbu4F2w84J3xqCUYqcti6I4lSMtxfw94crMp
+HoexOVOhvoTneIliv0a4ZSu84u4CGoFn4M7RA0Ka1SVvbuasXf57sVwRptXjr3LL
+f/0olra5rkIyZbsvKm0g2N/bfmCfmtOClFDst2yK/FovW5PJBRx2mT38qBhHG8j2
+P7zG0/vO846FxjAGvOMGlEVGmN+R9BeecomOKsKgvUbsycAwzZi/2vWAUGbJBYjx
+Yd+K8wjPE8g5CumxaLSH/dlY/0BOZygjank+aHLrwMtNnplYVJmmqDhdbgwN6DDk
+cCQNLQyk61IdhtZ7UzJyFTkXnXiirrO4WzL6GJjunNzvcTUAU5vNiG+2he1GdxZF
+WiLRrcC+oIMWVST8fNRwJZU+Ibw/UIfEV/rHau0fJlxZatks7Qd8gjxSHIyElUVj
+CYrizbFPZ85IhkCirX2tvhycK/nseAYjDuJkJIp3Io0sl3cQ9M8Kx790LUbYzNC4
+bZn8vA1YwTr1ny3+vEhMhaaVSTeVrWYV8023kwzcLRWra7F1hJcc9+LNmqHvXR67
+uBW2KPIrXKrjJmGkMVBSrf9PJu5jNfvCWOntck7C7xOWoUcgyt3uTpP7FkHVdolh
+HFNPouS3w0HoB20zdCpmyFNs6Rjhey2r5JIttd6ATVRVYA==
+=gJia
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/krebs/3modules/lass/ssh/blue.rsa b/krebs/3modules/lass/ssh/blue.rsa
new file mode 100644
index 000000000..c0bf9b817
--- /dev/null
+++ b/krebs/3modules/lass/ssh/blue.rsa
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHYLHcHSumTUr0jTu1XmmwRMqjLHYvo4AYuEg1QdishDbwU5KCqarSf7sxLTjeBgOugHP/oJZclin+e9GTQ5hlBEtc26IVQqirNVD1BCZrt/y5ok0p8p+2Rhzh89kfRI6Etp+8cPbot4h3Vg6tY57icKn3visaMdH0cI2pAQbPWwSY+cmyXU5cfcFC8ahcZpEgth4ycC5yM/qdHxZek2wN+58ApgjEjuvTD6y4iXqdWmqHVoGaeNV7OFiiKVaYoJND1igHLNw2VEQR5aPsmc8gadBtGIQb43YqObNBDWwMjvozmQVFPycMmMTDwA1n+IWxvwz34KEzyw5jQShUTCRDji4vK58WfC16fPLbW+ohCe+9Yyg7TRdjDFA5jTA3rFM7tZS8EhpLgyHupNi1GbUVmeyhqTdWp+H66u5zTzC5Q/PYOk1M0D/X/C6dXyIcB4lLr9mDTGvS1aOZVZJuDF4pLyI2oZzaySALjcofCJyNpBBUtUXHsiT4VNuJExl4XEXjvQKnPKojEzpTsK1rm/ZSa3vBCv0gBbjQ8uU1q86ODIDy35q2GQvsLMkAbduBLeA9m1EdZXLYComSfVLalArw3Q+4vd/FHhoOicVkrwIzcPiYg9uQZm2NrjiBkYlWCdXTFc49ghIDrPXLnwwWqPuZcs430u6Somk8XzuRZBC7ZDdjbiS5D8vQkDThQrmmFPRs+bp1N9VkC+LaBtFnbFaYARF6i2yFUD9YNSEEu2r14u+KGlg5P7ndIkE+BhAOIp4XcHejVFWfvKvYpMRZ4LDVkPIJdmZ4gIIfGbdBNMv1zRsX6O0NOhiEP1pNYb+HdY5R2YYIvtxn1sC/TrjoN3ELAQA9YBszHEaYjvmqHh08/CWCEpgHIagCccYdSzbtM9GsoAcePL4E7kqSZxIfbNjrYQEBEQbu16pj7bMxVhH8QaouOdjiioqr2tBr5HwA05HP1poGProOzsmJxdph7pb4hJ1P+OEeuwTRIVLudYYl6iBajGW2IdsUo+xGANpuPBpQyB4RajJ4XcXP8K3xVY6x7DfH3DwKfCFAc6KzyADa2xw7/uwBRi2HOyKazkPe5ESYLWY29krqH2tO+IYkgm5tAEkf79j4R9aCeZe/HyjPDlSPZ2NwAZpWKJFkBTveiwoe2noZSAeVKrcblFN5ic0or+ci+CSbmctce8mbqB7QHEJJh5flLDzBMIuh4eroH/Dp5MBbDqxu/T8yCCRHFz70KXpaIFSGlSIebTRt1Om9+CWTgTp95cM0HrAhZDnN/W9FRdAFsA/IjEJ2Eh3tHpdvFZ3XgIq52MrHJdopQo7KUoOVhJiFCo5L0PcKNRVpMbcCKVk1i9k8jqyM9AVgwGrnijiaafUaFmBIlC/U2FZZ+KRtIyDcIRrnGGKE7DEyhBQ9YavxpOFDDSXuC5aPjMNcSGydGArtDd5+5Yp0YraY0oe6UTuzypsxdI8W6IbePryvEeOXG5b/6YayC2sq+7wRconaa9DU= lass@blue
diff --git a/krebs/5pkgs/simple/kops.nix b/krebs/5pkgs/simple/kops.nix
deleted file mode 100644
index 8db4b8ddd..000000000
--- a/krebs/5pkgs/simple/kops.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ fetchgit, ... }:
-
-fetchgit {
- url = https://cgit.krebsco.de/kops;
- rev = "refs/tags/v1.1.0";
- sha256 = "0k3zhv2830z4bljcdvf6ciwjihk2zzcn9y23p49c6sba5hbsd6jb";
-}
diff --git a/krebs/5pkgs/simple/krops.nix b/krebs/5pkgs/simple/krops.nix
new file mode 100644
index 000000000..29bfb52f5
--- /dev/null
+++ b/krebs/5pkgs/simple/krops.nix
@@ -0,0 +1,7 @@
+{ fetchgit, ... }:
+
+fetchgit {
+ url = https://cgit.krebsco.de/krops;
+ rev = "refs/tags/v1.0.0";
+ sha256 = "0ahp3fxb3l1vcjylxw0cd0f4hfp98bxskkf3z9d37hl3m7v4pcb4";
+}
diff --git a/krebs/5pkgs/simple/thesauron/default.nix b/krebs/5pkgs/simple/thesauron/default.nix
new file mode 100644
index 000000000..99ab2b728
--- /dev/null
+++ b/krebs/5pkgs/simple/thesauron/default.nix
@@ -0,0 +1,7 @@
+{ fetchgit, callPackage }: let
+ src = fetchgit {
+ url = "https://github.com/krebscode/thesauron";
+ rev = "8ac22588cf2c20465e3c9348e7ce04885599c2a5";
+ "sha256"= "1ivkjl235dnm5aaqqvarnxkz7zh0gvah22b0fqwlsflrcd5wmgva";
+ };
+in callPackage src {}
diff --git a/krebs/kops.nix b/krebs/kops.nix
index abd60ee5a..add1a359c 100644
--- a/krebs/kops.nix
+++ b/krebs/kops.nix
@@ -13,7 +13,7 @@
krebs-source = {
nixpkgs.git = {
- ref = "b50443b5c4ac0f382c49352a892b9d5d970eb4e7";
+ ref = "ef74cafd3e5914fdadd08bf20303328d72d65d6c";
url = https://github.com/NixOS/nixpkgs;
};
stockholm.file = toString ../.;
@@ -38,7 +38,7 @@
secrets =
if test
then {
- file = toString <stockholm/krebs/6tests/data/secrets>;
+ file = toString <stockholm/krebs/0tests/data/secrets>;
}
else {
pass = {
diff --git a/krebs/source.nix b/krebs/source.nix
index 3ee12b37f..49f464f61 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -14,7 +14,7 @@ in
{
nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
secrets = getAttr builder {
- buildbot.file = toString <stockholm/krebs/6tests/data/secrets>;
+ buildbot.file = toString <stockholm/krebs/0tests/data/secrets>;
krebs.pass = {
dir = "${getEnv "HOME"}/brain";
name = "krebs-secrets/${name}";