diff options
-rw-r--r-- | krebs/1systems/news/config.nix | 36 | ||||
-rw-r--r-- | krebs/2configs/news-host.nix | 12 | ||||
-rw-r--r-- | krebs/3modules/krebs/default.nix | 34 |
3 files changed, 80 insertions, 2 deletions
diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix new file mode 100644 index 000000000..e4059e579 --- /dev/null +++ b/krebs/1systems/news/config.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + <stockholm/krebs> + <stockholm/krebs/2configs> + + <stockholm/krebs/2configs/ircd.nix> + <stockholm/krebs/2configs/go.nix> + + #### NEWS #### + <stockholm/krebs/2configs/ircd.nix> + <stockholm/krebs/2configs/news.nix> + ]; + + krebs.build.host = config.krebs.hosts.news; + + boot.isContainer = true; + networking.useDHCP = false; + krebs.bindfs = { + "/var/lib/htgen-go" = { + source = "/var/state/htgen-go"; + options = [ + "-M ${toString config.users.users.htgen-go.uid}" + ]; + clearTarget = true; + }; + "/var/lib/brockman" = { + source = "/var/state/brockman"; + options = [ + "-M ${toString config.users.users.brockman.uid}" + ]; + clearTarget = true; + }; + }; +} diff --git a/krebs/2configs/news-host.nix b/krebs/2configs/news-host.nix new file mode 100644 index 000000000..82360a670 --- /dev/null +++ b/krebs/2configs/news-host.nix @@ -0,0 +1,12 @@ +{ + krebs.sync-containers.containers.news = { + peers = [ + "shodan" + "mors" + "styx" + ]; + hostIp = "10.233.2.101"; + localIp = "10.233.2.102"; + format = "plain"; + }; +} diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index d0648418f..434ac1dfd 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -92,6 +92,38 @@ in { ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; }; + news = { + cores = 1; + owner = config.krebs.users.krebs; + nets = { + retiolum = { + ip4.addr = "10.243.0.5"; + aliases = [ + "news.r" + "go.r" + "rss.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc + cgPezX8yGmA0nuTyCUPtXbWyWee9HnzYqekzJYvBHwgBDvZ8UhLZTCXD15agDfaf + cbzd4uM5bCDgqI8sezzD95tqj7mzvIEurIShDXYSWC6YRat1h1Opp86JngBJRvHZ + Gb6NAyfnr4v2eyMrmH9/j+sECxjCAaC5QLpJWyoDPilFU8dXBarmiZNYYlXQt1pn + yxZSF5pElmrdiZ6vlKlnEHwFtExm1gv63ZjAlusrXM+bKMvdVKRnhahq76A5VXjc + kbOhQi+wYGaVK4jB2a1UilmKYh1wKLE7HULoHDRrqEe4jemNZg+JOBPTU+jM/JzM + XdPy0KAMxHOUZCe8IX0LgF1snVaMF05Qkoe3QKr0YJ3KTD7UdsJpa1Br216Z/w2f + koz+cRn/Z/8TO8SIRKvy5TfXeH+ra6rp/CvwryNlNL4FB+25LFDkJtLIZGqAsz3G + vRXUiGN4l1FR4TbX7XaK2rvIlA/+4isJ02bBdnZhe7kmuuBeECyPaR1+Ui6pElXe + ZamnxTAmj86Q8pDx6Wn2cg8YAJlVV3UCfhda34DZokJmmmKucGupg/6Xt0Bhm9d5 + exNrTIDG3lXTxmg2mfiZJeg/fsnalvtN0j/VB+NmmKzie+ZohMK4nUfslq8o5CO9 + j7ZLmZzm062GzX0RenxNkwUCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo "; + }; onebutton = { cores = 1; nets = { @@ -131,8 +163,6 @@ in { "brockman.r" "build.puyak.r" "cgit.puyak.r" - "go.r" - "rss.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- |