summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitmodules3
-rw-r--r--doc/Commit_Messages_Guideline.md4
-rw-r--r--kartei/krebs/default.nix5
-rw-r--r--kartei/lass/blue.nix40
-rw-r--r--kartei/lass/coaxmetal.nix42
-rw-r--r--kartei/lass/daedalus.nix33
-rw-r--r--kartei/lass/default.nix903
-rw-r--r--kartei/lass/dishfire.nix40
-rw-r--r--kartei/lass/domsen-pixel.nix16
-rw-r--r--kartei/lass/echelon.nix42
-rw-r--r--kartei/lass/green.nix40
-rw-r--r--kartei/lass/hilum.nix43
-rw-r--r--kartei/lass/icarus.nix35
-rw-r--r--kartei/lass/lasspi.nix42
-rw-r--r--kartei/lass/littleT.nix51
-rw-r--r--kartei/lass/massulus.nix44
-rw-r--r--kartei/lass/mors.nix35
-rw-r--r--kartei/lass/neoprism.nix38
-rw-r--r--kartei/lass/phone.nix17
-rw-r--r--kartei/lass/prism.nix123
-rw-r--r--kartei/lass/radio.nix40
-rw-r--r--kartei/lass/shodan.nix36
-rw-r--r--kartei/lass/skynet.nix35
-rw-r--r--kartei/lass/ssh/red.ed255191
-rw-r--r--kartei/lass/styx.nix43
-rw-r--r--kartei/lass/tablet.nix16
-rw-r--r--kartei/lass/xerxes.nix52
-rw-r--r--kartei/lass/yellow.nix42
-rw-r--r--kartei/makefu/default.nix18
-rw-r--r--kartei/mic92/default.nix4
-rw-r--r--kartei/others/default.nix3
-rw-r--r--kartei/tv/default.nix403
-rw-r--r--kartei/tv/hosts/alnus.nix23
-rw-r--r--kartei/tv/hosts/au.nix24
-rw-r--r--kartei/tv/hosts/bu.nix24
-rw-r--r--kartei/tv/hosts/hu.nix23
-rw-r--r--kartei/tv/hosts/mu.nix23
-rw-r--r--kartei/tv/hosts/ni.nix68
-rw-r--r--kartei/tv/hosts/nomic.nix25
-rw-r--r--kartei/tv/hosts/querel.nix27
-rw-r--r--kartei/tv/hosts/umz.nix3
-rw-r--r--kartei/tv/hosts/wu.nix25
-rw-r--r--kartei/tv/hosts/xu.nix28
-rw-r--r--kartei/tv/hosts/zu.nix23
-rw-r--r--krebs/0tests/data/test-config.nix1
-rw-r--r--krebs/2configs/default.nix1
-rw-r--r--krebs/2configs/ircd.nix1
-rw-r--r--krebs/2configs/reaktor2.nix3
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/exim-smarthost.nix2
-rw-r--r--krebs/3modules/iptables.nix8
-rw-r--r--krebs/3modules/repo-sync.nix4
-rw-r--r--krebs/3modules/systemd.nix82
-rw-r--r--krebs/3modules/tinc.nix1
-rw-r--r--krebs/5pkgs/simple/generate-secrets/default.nix1
-rw-r--r--krebs/5pkgs/simple/git-assembler.nix24
-rw-r--r--lass/1systems/coaxmetal/config.nix2
-rw-r--r--lass/1systems/green/config.nix2
-rw-r--r--lass/1systems/mors/config.nix1
-rw-r--r--lass/1systems/neoprism/config.nix18
-rw-r--r--lass/1systems/neoprism/disk.nix116
-rw-r--r--lass/1systems/neoprism/physical.nix42
-rw-r--r--lass/1systems/prism/config.nix48
-rw-r--r--lass/1systems/radio/config.nix24
-rw-r--r--lass/1systems/radio/physical.nix7
-rw-r--r--lass/1systems/shodan/config.nix2
-rw-r--r--lass/1systems/yellow/config.nix154
-rw-r--r--lass/2configs/AP.nix4
-rw-r--r--lass/2configs/autotether.nix16
-rw-r--r--lass/2configs/c-base.nix188
-rw-r--r--lass/2configs/container-networking.nix4
-rw-r--r--lass/2configs/default.nix41
-rw-r--r--lass/2configs/gg23.nix91
-rw-r--r--lass/2configs/hfos.nix24
-rw-r--r--lass/2configs/libvirt.nix4
-rw-r--r--lass/2configs/radio/container-host.nix23
-rw-r--r--lass/2configs/radio/default.nix96
-rw-r--r--lass/2configs/radio/radio.liq6
-rw-r--r--lass/2configs/radio/weather.nix23
-rw-r--r--lass/2configs/radio/weather_for_ips.py52
-rw-r--r--lass/2configs/retiolum.nix9
-rw-r--r--lass/2configs/riot.nix59
-rw-r--r--lass/2configs/sync/the_playlist.nix2
-rw-r--r--lass/2configs/wiregrill.nix21
-rw-r--r--lass/2configs/yellow-host.nix14
-rw-r--r--lass/2configs/yellow-mounts/samba.nix (renamed from lass/2configs/prism-mounts/samba.nix)4
-rw-r--r--lass/3modules/sync-containers3.nix108
-rw-r--r--lass/5pkgs/bruellwuerfel/default.nix26
-rw-r--r--lass/5pkgs/install-system/default.nix26
-rw-r--r--lass/5pkgs/l-gen-secrets/default.nix103
-rw-r--r--lib/default.nix26
-rw-r--r--lib/haskell.nix7
-rw-r--r--lib/types.nix19
-rw-r--r--makefu/2configs/tools/init-host/default.nix1
m---------submodules/disko0
-rw-r--r--tv/1systems/xu/config.nix1
-rw-r--r--tv/2configs/autotether.nix19
-rw-r--r--tv/2configs/retiolum.nix10
-rw-r--r--tv/3modules/ejabberd/default.nix2
-rw-r--r--tv/3modules/x0vncserver.nix2
-rw-r--r--tv/5pkgs/simple/alacritty-tv.nix3
101 files changed, 2468 insertions, 1716 deletions
diff --git a/.gitmodules b/.gitmodules
index 5825f86da..4779748c8 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -7,3 +7,6 @@
[submodule "lass/5pkgs/autowifi"]
path = lass/5pkgs/autowifi
url = https://github.com/Lassulus/autowifi
+[submodule "submodules/disko"]
+ path = submodules/disko
+ url = https://github.com/nix-community/disko
diff --git a/doc/Commit_Messages_Guideline.md b/doc/Commit_Messages_Guideline.md
index e704ee575..63d479cf7 100644
--- a/doc/Commit_Messages_Guideline.md
+++ b/doc/Commit_Messages_Guideline.md
@@ -21,11 +21,11 @@ rather fuzzy and may mean different things, just choose what would fit best.
Here are a numbers of samples for defining the component:
-* Change `gum` in `krebs/3modules/makefu/default.nix`: `gum.r: change ip`
+* Change `gum` in `krebs/3modules/makefu/default.nix`: `gum: change ip`
* Change `prepare.sh` in `krebs/4libs/infest`: `infest: prepare stockholm ISO`
* Remove `concat` in `krebs/5pkgs`: `concat: RIP`, this commit may like some `<rationale>`
* Update `types` in `krebs/3modules`: `lib/types: add managed bool to host type`
-* Change host `gum` in `makefu/1systems/gum`: `ma gum.r: add taskserver`
+* Change host `gum` in `makefu/1systems/gum`: `ma gum: add taskserver`
* Change `tinc` module in `krebs/3modules`: `tinc module: add option enableLegacy`
## `<rationale>`
diff --git a/kartei/krebs/default.nix b/kartei/krebs/default.nix
index e5626d923..7419ba13f 100644
--- a/kartei/krebs/default.nix
+++ b/kartei/krebs/default.nix
@@ -15,7 +15,6 @@ with import ../../lib;
"test-all-krebs-modules"
] (name: {
inherit name;
- cores = 1;
nets = {
retiolum = {
ip4.addr = "10.243.73.57";
@@ -36,7 +35,6 @@ in {
hosts = mapAttrs hostDefaults ({
filebitch = {
ci = true;
- cores = 4;
nets = {
shack = {
ip4 = {
@@ -134,7 +132,6 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo ";
};
onebutton = {
- cores = 1;
nets = {
retiolum = {
ip4.addr = "10.243.0.101";
@@ -163,7 +160,6 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe ";
};
ponte = {
- cores = 1;
owner = config.krebs.users.krebs;
extraZones = {
"krebsco.de" = /* bindzone */ ''
@@ -212,7 +208,6 @@ in {
};
puyak = {
ci = true;
- cores = 4;
nets = {
retiolum = {
ip4.addr = "10.243.77.2";
diff --git a/kartei/lass/blue.nix b/kartei/lass/blue.nix
new file mode 100644
index 000000000..ddec9553d
--- /dev/null
+++ b/kartei/lass/blue.nix
@@ -0,0 +1,40 @@
+{ r6, w6, ... }:
+{
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.0.77";
+ ip6.addr = r6 "b1ce";
+ aliases = [
+ "blue.r"
+ ];
+ tinc = {
+ pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA28b+WMiQaWbwUPcJlacd
+ QwyX4PvVm9WItPmmNy+RE2y0Mf04LxZ7RLm5+e0wPuhXXQyhZ06CNd6tjeaKfXUc
+ sNeC1Vjuh1hsyYJLR5Xf/YRNJQKoaHjbkXGt+rSK7PPuCcsUPOSZSEAgHYVvcFzM
+ wWE4kTDcBZeISB4+yLmPIZXhnDImRRMEurFNRiocoMmEIu/zyYVq8rnlTl972Agu
+ PMGo1HqVxCouEWstRvtX5tJmV8yruRbH4tADAruLXErLLwUAx/AYDNRjY1TYYetJ
+ RoaxejmZVVIvR+hWaDLkHZO89+to6wS5IVChs1anFxMNN6Chq2v8Bb2Nyy1oG/H/
+ HzXxj1Rn7CN9es5Wl0UX4h9Zg+hfspoI75lQ509GLusYOyFwgmFF02eMpxgHBiWm
+ khSJzPkFdYJKUKaZI0nQEGGsFJOe/Se5jj70x3Q5XEuUoQqyahAqwQIYh6uwhbuP
+ 49RBPHpE+ry6smhUPLTitrRsqeBU4RZRNsUAYyCbwyAH1i+K3Q5PSovgPtlHVr2N
+ w+VZCzsrtOY2fxXw0e+mncrx/Qga62s4m6a/dyukA5RytA9f6bBsvSTqr7/EQTs6
+ ZEBoPudk7ULNEbfjmJtBkeG7wKIlpgzVg/JaCAwMuSgVjrpIHrZmjOVvmOwB8W6J
+ Ch/o7chVljAwW4JmyRnhZbMCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ pubkey_ed25519 = "vf3JzuLpEkjcwZtuJ/0M9Zjfp5ChKXvkORMXsZ4nJKL";
+ };
+ };
+ wiregrill = {
+ ip6.addr = w6 "b1ce";
+ aliases = [
+ "blue.w"
+ ];
+ wireguard.pubkey = "emftvx8v8GdoKe68MFVL53QZ187Ei0zhMmvosU1sr3U=";
+ };
+ };
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILSBxtPf8yJfzzI7/iYpoRSc/TT+zYmE/HM9XWS3MZlv";
+ syncthing.id = "J2LMIPD-PBEPVKL-A3MN6NQ-KL6DZ4N-K4GGWZB-E2EPLFN-PDLVAOC-DCSZHAD";
+}
diff --git a/kartei/lass/coaxmetal.nix b/kartei/lass/coaxmetal.nix
new file mode 100644
index 000000000..d32f279fe
--- /dev/null
+++ b/kartei/lass/coaxmetal.nix
@@ -0,0 +1,42 @@
+{ r6, w6, ... }:
+{
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.0.17";
+ ip6.addr = r6 "17";
+ aliases = [
+ "coaxmetal.r"
+ ];
+ tinc = {
+ pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwcuMl/W6DZ7UMK4RHrxA
+ xCc8CkqpUTYldPdB9KJmcH6OpbQqCcPxGOvRe42NdOfCyy11WjAjUMRGnzMyi4MK
+ gMEjcrl5CnQd9nF9f8Mom8cuSOVm1j46qY7Trl/MsEKsKHiYAHtLFpHz2+UI+HBU
+ WbSeDLLA8g79SZq/pqWHfp3YKzqP4p+dmi8j+aOZJWkGu9l+Q40qQrTJQCxYgEek
+ ODeBFCY3DGfJRn79IFGuhF1/jGiAwF3/1j2Rxlesazl6/Lyvmtioplsqn8J94z32
+ G5wyGpqn/BcXkJTlWtwb3Rrg6OOALJAqy2H5EoIVT26gwmvkEStMtvgLfAeYjL8F
+ G2bAtaeQGzwQZNuVJAMI9Qtb+PHw322Wz+P8U669C/HCdGCumMf+M7UDHP79kXOO
+ IFs1NvkU3z/iO/5bj41v8u0W8+b9NWe++dI8N8q0hWLPgnz5PI998xW06Dul7pAX
+ K1OMIMfTTGgAZHAF1Kdn1BSXezgwkutwzy5h8XkYclyHB2nPXkXIYmahi1XgWeAE
+ 7B4NmefbS6H8dLOU7yMEWuxmYl41UOybtyrsp1za5wtERpQgzl6EWfIXISEdx1Ly
+ bmb3SGtB85RyqqCe2O9DzVZCw7mXgN69R5efyEuq3HIIN9udLNrybPNNyD/OlAqo
+ l/xwDxiSCEsO6yY5lGc0MCMCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ pubkey_ed25519 = "bEGgA5Wupw+Dgh6Ub7V21Y3wOmyspW1rKGrZsVhi3cO";
+ };
+ };
+ wiregrill = {
+ ip6.addr = w6 "17";
+ aliases = [
+ "coaxmetal.w"
+ ];
+ wireguard.pubkey = ''
+ lkjR14oOVKl03/0sUzOmddf28ps+v5qRxrbRY03Pg38=
+ '';
+ };
+ };
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO9vAYuTv07c9bOjDJId3ShXJ1qIEuyrjkVYkJn9yMET ";
+ syncthing.id = "W5BJ4TL-GAQ46WS-ZB72HFS-XOURLBA-RNBVMYC-POFH4UA-CBORQID-BMIHNQZ";
+}
diff --git a/kartei/lass/daedalus.nix b/kartei/lass/daedalus.nix
new file mode 100644
index 000000000..891cbd293
--- /dev/null
+++ b/kartei/lass/daedalus.nix
@@ -0,0 +1,33 @@
+{ r6, w6, ... }:
+{
+ nets = rec {
+ retiolum = {
+ ip4.addr = "10.243.133.115";
+ ip6.addr = r6 "daed";
+ aliases = [
+ "daedalus.r"
+ ];
+ tinc = {
+ pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAzlIJfYIoQGXishIQGFNOcaVoeelqy7a731FJ+VfrqeR8WURQ6D+8
+ 5hz7go+l3Z7IhTc/HbpGFJ5QJJNFSuSpLfZVyi+cKAUVheTivIniHFIRw37JbJ4+
+ qWTlVe3uvOiZ0cA9S6LrbzqAUTLbH0JlWj36mvGIPICDr9YSEkIUKbenxjJlIpX8
+ ECEBm8RU1aq3PUo/cVjmpqircynVJBbRCXZiHoxyLXNmh23d0fCPCabEYWhJhgaR
+ arkYRls5A14HGMI52F3ehnhED3k0mU8/lb4OzYgk34FjuZGmyRWIfrEKnqL4Uu2w
+ 3pmEvswG1WYG/3+YE80C5OpCE4BUKAzYSwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ pubkey_ed25519 = "ybmNcRLtZ0NxlxIRE3bdc2G4lLXtTGXu+iRaXMTKCNG";
+ };
+ };
+ wiregrill = {
+ ip6.addr = w6 "daed";
+ aliases = [
+ "daedalus.w"
+ ];
+ wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI=";
+ };
+ };
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g";
+}
diff --git a/kartei/lass/default.nix b/kartei/lass/default.nix
index e17e000dd..de776fca0 100644
--- a/kartei/lass/default.nix
+++ b/kartei/lass/default.nix
@@ -3,6 +3,12 @@ with import ../../lib;
r6 = ip: (krebs.genipv6 "retiolum" "lass" ip).address;
w6 = ip: (krebs.genipv6 "wiregrill" "lass" ip).address;
+ hostFiles =
+ builtins.map (lib.removeSuffix ".nix") (
+ builtins.filter
+ (x: lib.hasSuffix ".nix" x && x != "default.nix")
+ (lib.attrNames (builtins.readDir ./.))
+ );
in {
dns.providers = {
@@ -13,895 +19,10 @@ in {
consul = true;
ci = true;
monitoring = true;
- }) {
- dishfire = {
- cores = 4;
- nets = rec {
- internet = {
- ip4 = rec {
- addr = "157.90.232.92";
- prefix = "${addr}/32";
- };
- aliases = [
- "dishfire.i"
- ];
- ssh.port = 45621;
- };
- retiolum = {
- via = internet;
- ip4.addr = "10.243.133.99";
- ip6.addr = r6 "d15f:1233";
- aliases = [
- "dishfire.r"
- "grafana.lass.r"
- "prometheus.lass.r"
- "alert.lass.r"
- ];
- tinc = {
- pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAwKi49fN+0s5Cze6JThM7f7lj4da27PSJ/3w3tDFPvtQco11ksNLs
- Xd3qPaQIgmcNVCR06aexae3bBeTx9y3qHvKqZVE1nCtRlRyqy1LVKSj15J1D7yz7
- uS6u/BSZiCzmdZwu3Fq5qqoK0nfzWe/NKEDWNa5l4Mz/BZQyI/hbOpn6UfFD0LpK
- R4jzc9Dbk/IFNAvwb5yrgEYtwBzlXzeDvHW2JcPq3qQjK2byQYNiIyV3g0GHppEd
- vDbIPDFhTn3Hv5zz/lX+/We8izzRge7MEd+Vn9Jwb5NAzwDsOHl6ExpqASv9H49U
- HwgPw5pstabyrsDWXybSYUb+8LcZf+unGwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- pubkey_ed25519 = "P+bhzhgTNdohWdec//t/e+8cI7zUOsS+Kq/AOtineAO";
- };
- };
- };
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv0JMp0y+E5433GRSFKVK3cQmP0AAlS9aH9fk49yFxy";
- };
- prism = rec {
- cores = 4;
- extraZones = {
- "krebsco.de" = ''
- cache 60 IN A ${nets.internet.ip4.addr}
- p 60 IN A ${nets.internet.ip4.addr}
- c 60 IN A ${nets.internet.ip4.addr}
- paste 60 IN A ${nets.internet.ip4.addr}
- prism 60 IN A ${nets.internet.ip4.addr}
- social 60 IN A ${nets.internet.ip4.addr}
- '';
- "lassul.us" = ''