Merge remote-tracking branch 'lass/master'

author: makefu <github@syntax-fehler.de> 2022-02-14 19:48:45 +0100
committer: makefu <github@syntax-fehler.de> 2022-02-14 19:48:45 +0100
commit: a677e709924001ff1b1b591b6011184fb90addd9 (patch)
tree: 7aa00fc6012deef486b5e4c154fb51cd6c8e368d /krebs
parent: bf3c158391b982ed660fd968d4bb2a19590bf5bd (diff)
parent: 29dbbbb453bd4fabd91a21f9c3a1f37521b2aec8 (diff)
7 files changed, 75 insertions, 20 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 1b51f022..cc67c1a0 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -563,6 +563,31 @@ in {
         };
       };
     };
+    alsace = {
+      owner = config.krebs.users.xkey;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.73.31";
+          aliases = [ "alsace.r" ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIICCgKCAgEAn9mZHXfUcR1/oby6KB1Z8s1AAuie4l5G624r0UqbWu+4xowFIeZs
+            kv2dqd+yiqammAA9P207ooLbGBp+P6i4f5VMCemkCnv0sC1TJ+DNwYqWYcFRZE7I
+            j00fw/QI9d6L1c4CqZHJPQXEHG3v46qPuUow8FDJ6fjoBmy6biHjSd0XC7oHGqRh
+            GE5RolnqUiQhW0b4TkHJV4yUfVki+olxQtYd4xIHs1hcSqoMK898jsPX5cLgoCzR
+            NPZVyHf2BM0urPn4mu/th4ZDKpQtrqeI7h6yhnzJ0onhtValwHiA3/DcHcWmYvHC
+            vw6umyiCqFDx2kmzOnpkBWv65ugKUwDSZR8ibp3q7W9iPBiCPv0FtKXsQW9EngSS
+            asQWC8U6cB23nKuMYQrtD33fVwYn58FBIY6+avroc7XN5cPM/9VBHqyXSDZNAWtt
+            TwC/sXFWqT6AbTwLV6zY1TW4jiwKOh3KAVnHqQhUhNlEMk6EFOjR1CABSwUVXleR
+            5whr1RbKAsrhqMprGKHndvxLXjbKSh6A0bVdOLOzSs7BME2Oi1OdHd6tqqYmcyuV
+            XQnFcOYKxF0RM83/V8rEgvVisIxXTGVrGw8Kse7PGFA1dGldptTC6kofLUxzADNw
+            bRnXtRk8VR0BBzTuPNDgUXL2XQLht6FwDKCA/En2vId98yc2uuDk468CAwEAAQ==
+            -----END RSA PUBLIC KEY-----
+          '';
+          tinc.pubkey_ed25519 = "lPvwNm2mfF+rX3noqt+80c7nlDCpC+98JPLWx2jJRLN";
+        };
+      };
+    };
     papawhakaaro = {
       owner = config.krebs.users.feliks;
       nets = {
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix
index dd6f4f45..db57b594 100644
--- a/krebs/3modules/external/mic92.nix
+++ b/krebs/3modules/external/mic92.nix
@@ -95,7 +95,6 @@ in {
       owner = config.krebs.users.mic92;
       nets = {
         retiolum = {
-          ip4.addr = "10.243.29.189";
           aliases = [
             "dimitriosxps.r"
           ];
@@ -173,7 +172,12 @@ in {
         };
         retiolum = {
           via = internet;
-          aliases = [ "eve.r" "tts.r" ];
+          aliases = [
+            "eve.r"
+            "tts.r"
+            "flood.r"
+            "navidrome.r"
+          ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----
             MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
@@ -865,5 +869,24 @@ in {
         };
       };
     };
+    hal9000 = {
+      owner = config.krebs.users.mic92;
+      nets = rec {
+        retiolum = {
+          aliases = [ "hal9000.r" ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEA5aunzoz6WIjeQgfibml6T+UNsXXcoglhCqRkun7WaSHE93SQcCil
+            CDoUoq2aeiGTZ189LgdSyeRL7qmBzgVExIT4NlhfBCkNbHB/sz6epBb9qx49hLh5
+            K/tJfUBYKRd06ymSXPK+cCiO0/gM8fjzI+3GMlYvcbZ+ow11zTRgX/QB2lE1G8cW
+            Obh/nS0af7G6wmovHsKEpry5AxoAPLLi5JaP4hlc/i0iCbebMqb+szF0KBAbmDg3
+            JQ4MYIyQOw9kk7hfqTNFEvJhpbV66id2+ZIHX6QAw7OHBpaY6ZWFd/w2BkJHeayb
+            2jRnsJd0YgautgBGrBrjRWiVmn/f+lJ4XQIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+          tinc.pubkey_ed25519 = "krVYgJo5OFZkyUOgasH9dFve4OI3ewpt8IFhCPan7mB";
+        };
+      };
+    };
   };
 }
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index 31371af5..bc85aa0a 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -26,7 +26,7 @@ with import <stockholm/lib>;
                 ${tinc.config.extraConfig}
               '';
               "tinc-up" = pkgs.writeDash "${netname}-tinc-up" ''
-                ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up
+                ip link set ${netname} up
                 ${tinc.config.tincUp}
               '';
             });
@@ -58,15 +58,14 @@ with import <stockholm/lib>;
           type = types.str;
           default = let
             net = tinc.config.host.nets.${netname};
-            iproute = tinc.config.iproutePackage;
           in ''
             ${optionalString (net.ip4 != null) /* sh */ ''
-              ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname}
-              ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname}
+              ip -4 addr add ${net.ip4.addr} dev ${netname}
+              ip -4 route add ${net.ip4.prefix} dev ${netname}
             ''}
             ${optionalString (net.ip6 != null) /* sh */ ''
-              ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname}
-              ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname}
+              ip -6 addr add ${net.ip6.addr} dev ${netname}
+              ip -6 route add ${net.ip6.prefix} dev ${netname}
             ''}
             ${tinc.config.tincUpExtra}
           '';
@@ -176,7 +175,7 @@ with import <stockholm/lib>;
         connectTo = mkOption {
           type = types.listOf types.str;
           ${if netname == "retiolum" then "default" else null} = [
-            "gum"
+            "eve"
             "ni"
             "prism"
           ];
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 4e40561c..e096118c 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -200,9 +200,13 @@ in {
           '';
           tinc.pubkey_ed25519 = "nDuK96NlNhcxzlX7G30w/706RxItb+FhkFkz/VhUgCE";
         };
-        wiregrill.wireguard.subnets = [
-          (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
-        ];
+        wiregrill = {
+          via = config.krebs.hosts.ni.nets.internet;
+          ip4.addr = "10.244.3.1";
+          wireguard.subnets = [
+            (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
+          ];
+        };
       };
       ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb";
     };
@@ -345,6 +349,9 @@ in {
       ssh.privkey.path = <secrets/ssh.id_rsa>;
       ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu";
     };
+    umz = {
+      nets.wiregrill.ip4.addr = "10.244.3.101";
+    };
   };
   sitemap = {
     "http://cgit.krebsco.de" = {
diff --git a/krebs/3modules/tv/wiregrill/umz.pub b/krebs/3modules/tv/wiregrill/umz.pub
new file mode 100644
index 00000000..c041b5ee
--- /dev/null
+++ b/krebs/3modules/tv/wiregrill/umz.pub
@@ -0,0 +1 @@
+FpghL2Drdg+xwqcOsDgePgUx3X3XsX9f56BPLuF690g=
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index e8b6076a..12afe0e9 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,9 +1,9 @@
 {
   "url": "https://github.com/NixOS/nixpkgs",
-  "rev": "689b76bcf36055afdeb2e9852f5ecdd2bf483f87",
-  "date": "2022-01-23T03:10:13+01:00",
-  "path": "/nix/store/s6kxwpz8k02mg1wqsf06bsjygwi6xr6j-nixpkgs",
-  "sha256": "08d38db4707jdm3gws82y6bynh6k8qal4s1cms9zqd9cdwcmylyj",
+  "rev": "60c52a73f1d5858020ac4f161cd5bf1c9650f8b8",
+  "date": "2022-02-07T23:59:33+00:00",
+  "path": "/nix/store/5w1yn77d2b44wq0w7b8cqqqfap2897n2-nixpkgs",
+  "sha256": "1xyi4xag084ikcbis3iixpvfsmlfm2s105j58770x7k24mkrif7n",
   "fetchLFS": false,
   "fetchSubmodules": false,
   "deepClone": false,
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 00137182..22d465b2 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,9 +1,9 @@
 {
   "url": "https://github.com/NixOS/nixpkgs",
-  "rev": "604c44137d97b5111be1ca5c0d97f6e24fbc5c2c",
-  "date": "2022-01-23T10:04:55-08:00",
-  "path": "/nix/store/r22j0r232a5y02yhd1avaw27zqdbhx1x-nixpkgs",
-  "sha256": "0gzhigyn8f7vps4a5vc1c8wbim59724s179a7d0h3gv6ss9avdj4",
+  "rev": "521e4d7d13b09bc0a21976b9d19abd197d4e3b1e",
+  "date": "2022-02-07T00:29:53+00:00",
+  "path": "/nix/store/pvmrsiy8k37nwg18g7230g5kasbsf132-nixpkgs",
+  "sha256": "156b4wnm6y6lg0gz09mp48rd0mhcdazr5s888c4lbhlpn3j8h042",
   "fetchLFS": false,
   "fetchSubmodules": false,
   "deepClone": false,
author	makefu <github@syntax-fehler.de>	2022-02-14 19:48:45 +0100
committer	makefu <github@syntax-fehler.de>	2022-02-14 19:48:45 +0100
commit	a677e709924001ff1b1b591b6011184fb90addd9 (patch)
tree	7aa00fc6012deef486b5e4c154fb51cd6c8e368d /krebs
parent	bf3c158391b982ed660fd968d4bb2a19590bf5bd (diff)
parent	29dbbbb453bd4fabd91a21f9c3a1f37521b2aec8 (diff)