diff options
| -rw-r--r-- | krebs/3modules/tv/default.nix | 48 | ||||
| -rw-r--r-- | lass/2configs/exim-smarthost.nix | 1 | ||||
| -rw-r--r-- | tv/1systems/cd/config.nix | 17 |
3 files changed, 17 insertions, 49 deletions
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 6e5f522dc..60827d589 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -9,6 +9,7 @@ with import <stockholm/lib>; hosts = mapAttrs (_: setAttr "owner" config.krebs.users.tv) { alnus = { cores = 2; + managed = true; nets = { retiolum = { ip4.addr = "10.243.21.1"; @@ -31,47 +32,6 @@ with import <stockholm/lib>; ssh.privkey.path = <secrets/ssh.id_rsa>; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q=="; }; - caxi = { - cores = 2; - extraZones = { - "krebsco.de" = '' - caxi 60 IN A ${config.krebs.hosts.caxi.nets.internet.ip4.addr} - ''; - }; - nets = { - internet = { - ip4 = { - addr = "104.233.124.70"; - prefix = "104.233.124.0/24"; - }; - aliases = [ - "caxi.i" - "caxi.krebsco.de" - ]; - ssh.port = 11423; - }; - retiolum = { - via = config.krebs.hosts.caxi.nets.internet; - ip4.addr = "10.243.113.226"; - ip6.addr = "42:4522:25f8:36bb:8ccb:150:231a:2af6"; - aliases = [ - "caxi.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAxNh1xhvCFzjUOmBq+F6NjUdntKh/7qo7LrsXjPVn92r1hGTVHJO1 - E+XP5dabZ/mFWySY8GvG7XlZ27wsjkvHEyb16IhOqYrnaONf9LifAWQ3qBlHtp1T - eZeP6wcXLhR/pOPy0pT6EABmDHbOzErjYv4pdrXHuxlM10Ljtpp3mClNeXY9eby+ - HekEE8LY8/zWqJ90lMaxPhLh1VqEvTVTnem5e1F8HDzNvRWa0kWUYG33zPQMyKgR - BCvp1DR7Y2LwDmGKnhzBm4JTcP+fcs+z/eGie/CEIgFM0BFJaTBAYZOtUlhBSe0y - UYE2W9CJkPN2Uepf53nPnshjKC64fgTr7wIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdJ4xGi+qn4IfMZJ3Kv7AGZGbhlR+GrkD87z2tcyRZy"; - }; cd = { cores = 2; extraZones = { @@ -80,6 +40,7 @@ with import <stockholm/lib>; cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} ''; }; + managed = true; nets = { internet = { ip4.addr = "45.62.237.203"; @@ -182,6 +143,7 @@ with import <stockholm/lib>; }; mu = { cores = 2; + managed = true; nets = { retiolum = { ip4.addr = "10.243.20.1"; @@ -251,6 +213,7 @@ with import <stockholm/lib>; }; nomic = { cores = 2; + managed = true; nets = { gg23 = { ip4.addr = "10.23.1.110"; @@ -306,6 +269,7 @@ with import <stockholm/lib>; }; wu = { cores = 4; + managed = true; nets = { gg23 = { ip4.addr = "10.23.1.37"; @@ -343,6 +307,7 @@ with import <stockholm/lib>; pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s="; }; cores = 4; + managed = true; nets = { gg23 = { ip4.addr = "10.23.1.38"; @@ -377,6 +342,7 @@ with import <stockholm/lib>; }; zu = { cores = 4; + managed = true; nets = { gg23 = { ip4.addr = "10.23.1.39"; diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index fe3aa20bf..e4a8fd861 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -36,6 +36,7 @@ with import <stockholm/lib>; { from = "shack@lassul.us"; to = lass.mail; } { from = "nix@lassul.us"; to = lass.mail; } { from = "c-base@lassul.us"; to = lass.mail; } + { from = "paypal@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/tv/1systems/cd/config.nix b/tv/1systems/cd/config.nix index f78bcafeb..341a62e45 100644 --- a/tv/1systems/cd/config.nix +++ b/tv/1systems/cd/config.nix @@ -1,8 +1,9 @@ -{ config, lib, pkgs, ... }: - with import <stockholm/lib>; +{ config, pkgs, ... }: let + + bestGuessGateway = addr: elemAt (match "(.*)(\.[^.])" addr) 0 + ".1"; -{ +in { krebs.build.host = config.krebs.hosts.cd; imports = [ @@ -13,14 +14,14 @@ with import <stockholm/lib>; <stockholm/tv/2configs/retiolum.nix> ]; - networking = { + networking = let + address = config.krebs.build.host.nets.internet.ip4.addr; + in { + defaultGateway = bestGuessGateway address; interfaces.enp2s1.ip4 = singleton { - address = let - addr = "45.62.237.203"; - in assert config.krebs.build.host.nets.internet.ip4.addr == addr; addr; + inherit address; prefixLength = 24; }; - defaultGateway = "45.62.237.1"; nameservers = ["8.8.8.8"]; }; |