summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--flake.lock50
-rw-r--r--flake.nix2
-rw-r--r--kartei/feliks/default.nix24
-rw-r--r--kartei/kmein/default.nix7
-rw-r--r--kartei/krebs/default.nix31
-rw-r--r--kartei/lass/daedalus.nix23
-rw-r--r--kartei/lass/neoprism.nix1
-rw-r--r--kartei/lass/shodan.nix24
-rw-r--r--kartei/lass/yellow.nix1
-rw-r--r--kartei/makefu/default.nix50
-rw-r--r--kartei/makefu/wiregrill/telex.pub2
-rw-r--r--kartei/mic92/default.nix101
-rw-r--r--kartei/palo/default.nix24
-rw-r--r--krebs/1systems/filebitch/config.nix1
-rw-r--r--krebs/1systems/news/config.nix25
-rw-r--r--krebs/1systems/puyak/config.nix84
-rw-r--r--krebs/1systems/wolf/config.nix1
-rw-r--r--krebs/2configs/buildbot/worker.nix4
-rw-r--r--krebs/2configs/default.nix1
-rw-r--r--krebs/2configs/hw/x220.nix2
-rw-r--r--krebs/2configs/mastodon.nix1
-rw-r--r--krebs/2configs/news-host.nix7
-rw-r--r--krebs/2configs/news.nix207
-rw-r--r--krebs/2configs/reaktor2.nix19
-rw-r--r--krebs/3modules/go.nix10
-rw-r--r--krebs/3modules/iptables.nix4
-rw-r--r--krebs/3modules/reaktor2.nix4
-rw-r--r--krebs/5pkgs/simple/rss-bridge/default.nix33
-rw-r--r--krebs/5pkgs/simple/vicuna-chat/default.nix33
29 files changed, 294 insertions, 482 deletions
diff --git a/flake.lock b/flake.lock
index 85e508e47..57993d8f1 100644
--- a/flake.lock
+++ b/flake.lock
@@ -3,17 +3,18 @@
"buildbot-nix": {
"inputs": {
"flake-parts": "flake-parts",
+ "hercules-ci-effects": "hercules-ci-effects",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
- "lastModified": 1719326738,
- "narHash": "sha256-9gEgR/teWxH1E3JUUunLrcgOpMel19nw//eK3XKU6RQ=",
+ "lastModified": 1732578586,
+ "narHash": "sha256-kR2RwG4H32zRkyVVfDKUnoPxORb6DzztE16oc98ZzSg=",
"owner": "Mic92",
"repo": "buildbot-nix",
- "rev": "6e342155745f68b6d7ccc5557fa3d320b8aa3273",
+ "rev": "037344cad03e933ea370c0766b39b959820446e5",
"type": "github"
},
"original": {
@@ -30,11 +31,11 @@
]
},
"locked": {
- "lastModified": 1717285511,
- "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
+ "lastModified": 1730504689,
+ "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
+ "rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
@@ -43,6 +44,31 @@
"type": "github"
}
},
+ "hercules-ci-effects": {
+ "inputs": {
+ "flake-parts": [
+ "buildbot-nix",
+ "flake-parts"
+ ],
+ "nixpkgs": [
+ "buildbot-nix",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1730903510,
+ "narHash": "sha256-mnynlrPeiW0nUQ8KGZHb3WyxAxA3Ye/BH8gMjdoKP6E=",
+ "owner": "hercules-ci",
+ "repo": "hercules-ci-effects",
+ "rev": "b89ac4d66d618b915b1f0a408e2775fe3821d141",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "hercules-ci-effects",
+ "type": "github"
+ }
+ },
"nix-writers": {
"flake": false,
"locked": {
@@ -61,11 +87,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1719254875,
- "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
+ "lastModified": 1732014248,
+ "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
+ "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"type": "github"
},
"original": {
@@ -90,11 +116,11 @@
]
},
"locked": {
- "lastModified": 1718522839,
- "narHash": "sha256-ULzoKzEaBOiLRtjeY3YoGFJMwWSKRYOic6VNw2UyTls=",
+ "lastModified": 1730321837,
+ "narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=",
"owner": "numtide",
"repo": "treefmt-nix",
- "rev": "68eb1dc333ce82d0ab0c0357363ea17c31ea1f81",
+ "rev": "746901bb8dba96d154b66492a29f5db0693dbfcc",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
index d4f8b2b33..76e47b731 100644
--- a/flake.nix
+++ b/flake.nix
@@ -13,7 +13,7 @@
description = "stockholm";
- outputs = { self, nixpkgs, nix-writers, buildbot-nix, ... }@inputs: {
+ outputs = { self, nixpkgs, nix-writers, buildbot-nix, ... }: {
nixosConfigurations = nixpkgs.lib.mapAttrs (machineName: _: nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs.stockholm = self;
diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix
index 9f9866c71..6ce95f587 100644
--- a/kartei/feliks/default.nix
+++ b/kartei/feliks/default.nix
@@ -18,6 +18,30 @@ in {
mail = "feliks@flipdot.org";
};
hosts = mapAttrs hostDefaults {
+ ioka = {
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.10.242";
+ aliases = [ "ioka.r" "ioka.feliks.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAwmwpsohYq/KJTXvUmacsFqolf3Me2dG5NypdosJT5jIVjQMa5M6U
+ HWpkfOFi3v0NTiUN8OP3714N1hF7x+Lq/EVYSSxT1bB4IWSIyaVLmSjs+sycHRKK
+ zvOL249iOqdyFjAeGVXmLw/zYOH6uzdJpRvlgMcGT5BPL+Jx+G5KUZgeqkDDDpcy
+ 1j+6nCyBRn9yK0yfZ5z6LJQqLCJzZ4KE5ym6t8RqgRXWchewQP/aYxtk1dn03GEn
+ NSiJmjb3QtKM1ZWAMNSCJ0xdPNQtMp7Xi4EdwDcyNAmu+Tk48MSV/G4TL5PXAV1p
+ WYWS6KxAc/huwKW/HCGFAj7d7cTMd4XzcN7fMg6gAs4GQTVn7AYelMb6teAGZj5Y
+ ifHmhl5Sy2umuDBhUWAfLDZu97gmF2ZlpO48VG/ZJjKejw9gP8u3Qek3+4iO22wM
+ xrj1ZZEuxhEyJu1OYNr/MES6h5l+FdiVpV6JMpzOCGhiVRN4z4FzUHcUixFIgJni
+ zlr0h6c0fJh4mEmOSu2WwNV7xMmqWe7SAcLOnvRaAqBfAprIvy/rpcB7Ji1gFcMq
+ 4k/GkbKD+8/NZxujAJhyUo08JNHb0TACZiVIhbaafsEEgRQZBs9wa0u7MMzqlwXP
+ 1ewjfwmfEQa7yEt0BQVjYm2C017IWngXv0dU49gVDGh9MMG9EBcS4scCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "jhPsb07ilQDliw8H9lQ1JQ5Potj+//HwNSD7+OHdFvD";
+ };
+ };
+ };
papawhakaaro = {
nets = {
retiolum = {
diff --git a/kartei/kmein/default.nix b/kartei/kmein/default.nix
index c840019b5..084d796a7 100644
--- a/kartei/kmein/default.nix
+++ b/kartei/kmein/default.nix
@@ -34,7 +34,12 @@ in
hosts = mapAttrs hostDefaults {
ful = {
nets.retiolum = {
- aliases = [ "ful.r" ];
+ aliases = [
+ "brockman.r"
+ "ful.r"
+ "news.r"
+ "rss.r"
+ ];
ip4.addr = "10.243.2.107";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/kartei/krebs/default.nix b/kartei/krebs/default.nix
index 7e3f1b542..555dadcbe 100644
--- a/kartei/krebs/default.nix
+++ b/kartei/krebs/default.nix
@@ -102,37 +102,6 @@ in {
};
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp";
};
- news = {
- ci = true;
- nets = {
- retiolum = {
- ip4.addr = "10.243.0.5";
- aliases = [
- "news.r"
- "brockman.r"
- "go.r"
- "rss.r"
- ];
- tinc.pubkey = ''
- -----BEGIN PUBLIC KEY-----
- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc
- cgPezX8yGmA0nuTyCUPtXbWyWee9HnzYqekzJYvBHwgBDvZ8UhLZTCXD15agDfaf
- cbzd4uM5bCDgqI8sezzD95tqj7mzvIEurIShDXYSWC6YRat1h1Opp86JngBJRvHZ
- Gb6NAyfnr4v2eyMrmH9/j+sECxjCAaC5QLpJWyoDPilFU8dXBarmiZNYYlXQt1pn
- yxZSF5pElmrdiZ6vlKlnEHwFtExm1gv63ZjAlusrXM+bKMvdVKRnhahq76A5VXjc
- kbOhQi+wYGaVK4jB2a1UilmKYh1wKLE7HULoHDRrqEe4jemNZg+JOBPTU+jM/JzM
- XdPy0KAMxHOUZCe8IX0LgF1snVaMF05Qkoe3QKr0YJ3KTD7UdsJpa1Br216Z/w2f
- koz+cRn/Z/8TO8SIRKvy5TfXeH+ra6rp/CvwryNlNL4FB+25LFDkJtLIZGqAsz3G
- vRXUiGN4l1FR4TbX7XaK2rvIlA/+4isJ02bBdnZhe7kmuuBeECyPaR1+Ui6pElXe
- ZamnxTAmj86Q8pDx6Wn2cg8YAJlVV3UCfhda34DZokJmmmKucGupg/6Xt0Bhm9d5
- exNrTIDG3lXTxmg2mfiZJeg/fsnalvtN0j/VB+NmmKzie+ZohMK4nUfslq8o5CO9
- j7ZLmZzm062GzX0RenxNkwUCAwEAAQ==
- -----END PUBLIC KEY-----
- '';
- };
- };
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo ";
- };
onebutton = {
nets = {
retiolum = {
diff --git a/kartei/lass/daedalus.nix b/kartei/lass/daedalus.nix
index 891cbd293..865f378b9 100644
--- a/kartei/lass/daedalus.nix
+++ b/kartei/lass/daedalus.nix
@@ -10,15 +10,20 @@
tinc = {
pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAzlIJfYIoQGXishIQGFNOcaVoeelqy7a731FJ+VfrqeR8WURQ6D+8
- 5hz7go+l3Z7IhTc/HbpGFJ5QJJNFSuSpLfZVyi+cKAUVheTivIniHFIRw37JbJ4+
- qWTlVe3uvOiZ0cA9S6LrbzqAUTLbH0JlWj36mvGIPICDr9YSEkIUKbenxjJlIpX8
- ECEBm8RU1aq3PUo/cVjmpqircynVJBbRCXZiHoxyLXNmh23d0fCPCabEYWhJhgaR
- arkYRls5A14HGMI52F3ehnhED3k0mU8/lb4OzYgk34FjuZGmyRWIfrEKnqL4Uu2w
- 3pmEvswG1WYG/3+YE80C5OpCE4BUKAzYSwIDAQAB
+ MIICCgKCAgEA5SYx0hfmZ25mFzlnzdeoB46nMfJcyEuiJvMqNjRaeTRGe1UYFMOV
+ KdLYRqioMBbvIwU+7+1jslI3Tjfs9kWtt57p4ZqTUmfKZYkhA6onvKZUtQrv8M9c
+ sMOUhrY4p/QRvON4b9o9bZGdzDAX43EsAfDMW8YZvS6P+SQNeGORX3pimQ5ODY5N
+ P0rnFuYjGt3wAWcwyzmfKFedxcB/eDyYSjmhnkIwrODdS5rQyaCDKALSGBQ6bF4S
+ rvgy7PbwP71o8jVlhndOGyvZJPyx4yjwENrRWh6Wgwy/i2GYXWuc0+/Lvjq/X2k5
+ C2LPGTfZ4rJaRdaS8EvOAy7uADemSymIGn3EM7qgLb2ogcQOFVtBHwWXYepLmbQi
+ lnGiE83eDcXKUs8lmnZQTP8C+Ho/SQCVXpgOg29BdwIZJ26Gv1ueVlhOKIvF7Pay
+ huRbQywgo7jnvNKk5TEGAX3bhUctT+UBJ+7JDHUJdqgJYKilYWwrK0jBVLSRqGTa
+ UHPCyM5zLdX6G8CXK7v+CbH66GsZxSkfxYjv049CWdbQ/BAW5hWUW77xTnP81/yi
+ 3a2XxtxxmCiGxl3+eqtXh5q2bOB/JKffGYfblHXJ3NK6HH5qVpcjT7CHKO21gqsb
+ hdPbKKD5aB2EJm+DYOnxS1UYsj7R/SmKGmNuQVfBm6jsBmjc4XmZQWECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
- pubkey_ed25519 = "ybmNcRLtZ0NxlxIRE3bdc2G4lLXtTGXu+iRaXMTKCNG";
+ pubkey_ed25519 = "+xM97iA8eIB58bfsEjMfK7aqv+Emzajx5CYqSGjRR/K";
};
};
wiregrill = {
@@ -26,8 +31,8 @@
aliases = [
"daedalus.w"
];
- wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI=";
+ wireguard.pubkey = "1/ZN/YvIBpWJGIwf0EE5NpxnQVCsde8f5WR3LExRW0M=";
};
};
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g";
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAjmN3oUAj/3AFH0t4JdCjWn+AzyYyr8Dhp0oqq9Nzbu";
}
diff --git a/kartei/lass/neoprism.nix b/kartei/lass/neoprism.nix
index 63d608e46..73eda0762 100644
--- a/kartei/lass/neoprism.nix
+++ b/kartei/lass/neoprism.nix
@@ -21,6 +21,7 @@
aliases = [
"neoprism.r"
"cache.neoprism.r"
+ "go.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/kartei/lass/shodan.nix b/kartei/lass/shodan.nix
index 50ab86e6e..202fc9e70 100644
--- a/kartei/lass/shodan.nix
+++ b/kartei/lass/shodan.nix
@@ -10,15 +10,20 @@
tinc = {
pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA9bUSItw8rEu2Cm2+3IGHyRxopre9lqpFjZNG2QTnjXkZ97QlDesT
- YYZgM2lBkYcDN3/LdGaFFKrQQSGiF90oXA2wFqPuIfycx+1+TENGCzF8pExwbTd7
- ROSVnISbghXYDgr3TqkjpPmnM+piFKymMDBGhxWuy1bw1AUfvRzhQwPAvtjB4VvF
- 7AVN/Z9dAZ/LLmYfYq7fL8V7PzQNvR+f5DP6+Eubx0xCuyuo63bWuGgp3pqKupx4
- xsixtMQPuqMBvOUo0SBCCPa9a+6I8dSwqAmKWM5BhmNlNCRDi37mH/m96av7SIiZ
- V29hwypVnmLoJEFiDzPMCdiH9wJNpHuHuQIDAQAB
+ MIICCgKCAgEAzttBobc7FsMm3ngFeOwnY0sB/lC9Y+JHHfLlh9j8kROjBhIzu+Ky
+ 3OVr5Zs3iAUw4yOtMVdEQX9kTkN993qcIUriBMsPBnnQPvPX9hlLvLJ80Mputqdq
+ xUmnjn29DYff56VEzAfOEYeaXX63XUovQmALIk4DvAWxzCL6yyth8IJKQDnsieHN
+ QmhAgQN4/rqHzaqkdN4pcnjff3Xw2dHZd0zhnQBA6pMKuBTmu0wV1HMKWHmjNUXG
+ lMtXKZ8rsJsNxo9NKKxYfMX5LNf497rZHC7iMDsNSGmMa8Rhw/By94Tax7MQ2++w
+ dGg0A8ON6eyM9qcLbFgNbkslEC9ustb3bWqHZJyHRyvTJ0CnTSYoeqyDtdzAL+tg
+ FBqiWbDrxUDYD4kdsIt6waPx2pmVjvO/z5njbiuLYSmrICpQkRlu3SOBXPbgouoG
+ 6DmwakOvpHA9pPlRUCa0koAkSM2iwaICsbsdk8KghfbjX5Kbu2b8oK1V7FKpYnKF
+ lLrRJk1G3tc3JV5slsbiaV/zL/JZ8IhNY1m6DYIyLeCGKLmc844o3ZoRVPqfMpDc
+ a4RSEoORv3oUAc4fWXPil+AjvTSxfRSRX6L/1STJ4HtUqSwuAinCZx4ecP/qqCv6
+ KpVr4zMR/x+6o5DBCHNriW8uVnOEzuxaq1k9tIUDuawED3XodTzGKtECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
- pubkey_ed25519 = "Ptc5VuYkRd5+zHibZwNe3DEgGHHvAk0Ul00dW1YXsrC";
+ pubkey_ed25519 = "v3VPuvfH/2JS5aUx2C9MtYoYoBU9J5LkvUdbyabKgrL";
};
};
wiregrill = {
@@ -27,10 +32,9 @@
aliases = [
"shodan.w"
];
- wireguard.pubkey = "0rI/I8FYQ3Pba7fQ9oyvtP4a54GWsPa+3zAiGIuyV30=";
+ wireguard.pubkey = "J1RTYvWmWZrLe+IqOrmy+wYxGyc2j6sUjIGgM1No2AQ=";
};
};
secure = true;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC9vup68R0I+62FK+8LNtwM90V9P4ukBmU7G7d54wf4C";
- syncthing.id = "AU5RTWC-HXNMDRT-TN4ZHXY-JMQ6EQB-4ZPOZL7-AICZMCZ-LNS2XXQ-DGTI2Q6";
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGkp+Fw9S/Af31vUP+n24cQLzbteUYosVFmV+7RSJm18";
}
diff --git a/kartei/lass/yellow.nix b/kartei/lass/yellow.nix
index 1873e02dc..ce365133d 100644
--- a/kartei/lass/yellow.nix
+++ b/kartei/lass/yellow.nix
@@ -10,6 +10,7 @@
"flix.r"
"radar.r"
"sonar.r"
+ "jellyseer.r"
"transmission.r"
];
tinc = {
diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix
index 6dd59be55..2baf6ef5a 100644
--- a/kartei/makefu/default.nix
+++ b/kartei/makefu/default.nix
@@ -205,53 +205,56 @@ in {
gum = rec {
extraZones = {
"krebsco.de" = ''
- rss.euer IN A ${nets.internet.ip4.addr}
- o.euer IN A ${nets.internet.ip4.addr}
- bw.euer IN A ${nets.internet.ip4.addr}
+ admin.work.euer IN A ${nets.internet.ip4.addr}
+ api.work.euer IN A ${nets.internet.ip4.addr}
+ atuin.euer IN A ${nets.internet.ip4.addr}
+ board.euer IN A ${nets.internet.ip4.addr}
bookmark.euer IN A ${nets.internet.ip4.addr}
boot IN A ${nets.internet.ip4.addr}
boot.euer IN A ${nets.internet.ip4.addr}
- build.euer IN A ${nets.internet.ip4.addr}
+ build.euer IN A ${nets.internet.ip4.addr}
+ bw.euer IN A ${nets.internet.ip4.addr}
cache.euer IN A ${nets.internet.ip4.addr}
cache.gum IN A ${nets.internet.ip4.addr}
cgit.euer IN A ${nets.internet.ip4.addr}
dl.euer IN A ${nets.internet.ip4.addr}
dns.euer IN A ${nets.internet.ip4.addr}
dockerhub IN A ${nets.internet.ip4.addr}
+ etherpad.euer IN A ${nets.internet.ip4.addr}
euer IN A ${nets.internet.ip4.addr}
- euer IN MX 1 aspmx.l.google.com.
+ feed.euer IN A ${nets.internet.ip4.addr}
ghook IN A ${nets.internet.ip4.addr}
git.euer IN A ${nets.internet.ip4.addr}
gold IN A ${nets.internet.ip4.addr}
graph IN A ${nets.internet.ip4.addr}
gum IN A ${nets.internet.ip4.addr}
- io IN NS gum.krebsco.de.
iso.euer IN A ${nets.internet.ip4.addr}
- feed.euer IN A ${nets.internet.ip4.addr}
- board.euer IN A ${nets.internet.ip4.addr}
- etherpad.euer IN A ${nets.internet.ip4.addr}
- mediengewitter IN CNAME over.dose.io.
+ maps.work.euer IN A ${nets.internet.ip4.addr}
+ meet.euer IN A ${nets.internet.ip4.addr}
mon.euer IN A ${nets.internet.ip4.addr}
+ music.euer IN A ${nets.internet.ip4.addr}
netdata.euer IN A ${nets.internet.ip4.addr}
- nixos.unstable IN CNAME krebscode.github.io.
+ ntfy.euer IN A ${nets.internet.ip4.addr}
+ o.euer IN A ${nets.internet.ip4.addr}
+ paper.euer IN A ${nets.internet.ip4.addr}
photostore IN A ${nets.internet.ip4.addr}
- pigstarter IN CNAME makefu.github.io.
+ play.work.euer IN A ${nets.internet.ip4.addr}
+ push.work.euer IN A ${nets.internet.ip4.addr}
+ rss.euer IN A ${nets.internet.ip4.addr}
share.euer IN A ${nets.internet.ip4.addr}
+ ul.work.euer IN A ${nets.internet.ip4.addr}
wg.euer IN A ${nets.internet.ip4.addr}
wiki.euer IN A ${nets.internet.ip4.addr}
wikisearch IN A ${nets.internet.ip4.addr}
-
- meet.euer IN A ${nets.internet.ip4.addr}
work.euer IN A ${nets.internet.ip4.addr}
- admin.work.euer IN A ${nets.internet.ip4.addr}
- push.work.euer IN A ${nets.internet.ip4.addr}
- api.work.euer IN A ${nets.internet.ip4.addr}
- maps.work.euer IN A ${nets.internet.ip4.addr}
- play.work.euer IN A ${nets.internet.ip4.addr}
- ul.work.euer IN A ${nets.internet.ip4.addr}
- music.euer IN A ${nets.internet.ip4.addr}
- ntfy.euer IN A ${nets.internet.ip4.addr}
- paper.euer IN A ${nets.internet.ip4.addr}
+
+ mediengewitter IN CNAME over.dose.io.
+ nixos.unstable IN CNAME krebscode.github.io.
+ pigstarter IN CNAME makefu.github.io.
+
+ euer IN MX 1 aspmx.l.google.com.
+
+ io IN NS gum.krebsco.de.
'';
};
nets = rec {
@@ -284,6 +287,7 @@ in {
"blog.makefu.r"
"cache.gum.r"
"cgit.gum.r"
+ "git.gum.r"
"dcpp.gum.r"
"dcpp.nextgum.r"
"graph.makefu.r"
diff --git a/kartei/makefu/wiregrill/telex.pub b/kartei/makefu/wiregrill/telex.pub
index 4a5f666cc..668d7ca68 100644
--- a/kartei/makefu/wiregrill/telex.pub
+++ b/kartei/makefu/wiregrill/telex.pub
@@ -1 +1 @@
-yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=
+Y6fOW2QDt0SsHT7hSVzzJYQVB3JI/txO4/FDB54Z52A=
diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix
index ef37cc760..2a4593e72 100644
--- a/kartei/mic92/default.nix
+++ b/kartei/mic92/default.nix
@@ -782,7 +782,6 @@ in {
aliases = [
"jack.r"
"stable-confusion.r"
- "vicuna.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -991,6 +990,106 @@ in {
};
};
};
+
+ tegan = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ internet = {
+ # tegan.dos.cit.tum.de
+ ip4.addr = "131.159.38.2";
+ ip6.addr = "2a09:80c0:38::2";
+ aliases = [ "tegan.i" ];
+ };
+ retiolum = {
+ via = internet;
+ aliases = [ "tegan.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEA0Rg6R8RZkQ8lYMegQDOy8OB6y31jfcVufBHx/QWFzzX/aaoyJDNo
+ QPVwn7qWnArqXvvwMYT6boPLJPmEFfxt9mwHX3lTEQKj82FT86hjG5axujIx1EAa
+ 5v1A5UbZiBwntQPhHP+ULaQLPhwRfU+NftCpf3NC1frP0xd4U0fzdmO86jVp9Mwr
+ T07IvJzaSg1tIodT8F4CYktRCC9u8uQmtOrU/8FoPcWHMFxYMLR+qB3KQ3WF4EPU
+ qw3vtADATjDpagFr5+E12dc//04iTJc9sQ254WcLH9kfb+i+AFJ9G8H24iM9Iyal
+ YuEAYPV1XOQ8SZ9PNrKcSJxvMebzOkhvmQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "7AlLnzY96NqA9I0og/RaY+HekMSUGlxoDFNy5VRzE+L";
+ };
+ };
+ };
+
+ xavier = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ internet = {
+ # xavier.dos.cit.tum.de
+ ip4.addr = "131.159.102.27";
+ ip6.addr = "2a09:80c0:102::27";
+ aliases = [ "xavier.i" ];
+ };
+ retiolum = {
+ via = internet;
+ aliases = [ "xavier.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEA4mAnaYD/tImIFmpDVK819M8XqY5j6i85E1FuBfqkx4FFRY4qHlpT
+ 1ykybkPPI64y0B2Nr698vg52LQB9jclbo8sm5q8X/kkgwOM7jS9uwO2k8XnUqi3l
+ bV22v5xTXjqPklP71Bc5dlvjVUfX5KwkEpzrSQ+NqIPrlzs9/nIeQONVdhrEsRBk
+ kMaSGHzRcBBP+rbsi+GqIN4VKUKlUmP3XiDGj9yGUnTSDbMf0CoOksmle9i6s2rV
+ J5Kp78LhIZ5el7Gd+wMtwWQYKcHbZJwpFt4ODlefKknLeDV0uJgJpUmF0r32Hlj0
+ OAkmtpaRdweKj/Va31jNvhgJidDe/qgrFwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "CkupwxlJG2SH5FkqxathLC4PSZCsrDMpOTOtvCqid3A";
+ };
+ };
+ };
+
+ #vicky = {
+ # owner = config.krebs.users.mic92;
+ # nets = rec {
+ # internet = {
+ # ip4.addr = "";
+ # ip6.addr = "";
+ # aliases = [ "vicky.i" ];
+ # };
+ # retiolum = {
+ # via = internet;
+ # aliases = [ "vicky.r" ];
+ # tinc.pubkey = ''
+ # '';
+ # tinc.pubkey_ed25519 = "";
+ # };
+ # };
+ #};
+
+ irene = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ internet = {
+ # irene.dos.cit.tum.de
+ ip4.addr = "131.159.102.28";
+ ip6.addr = "2a09:80c0:102::28";
+ aliases = [ "irene.i" ];
+ };
+ retiolum = {
+ via = internet;
+ aliases = [ "irene.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEA2P7QtdfRmrI1gDBKQJv+kAJBeNz5/bDuJfCcLJ6fkOt3MduZvLDt
+ qCj2LBhdXBAEcIKzrvzgR9r9mfEU38hr6JgO01xBvyEHg9YSJJ/5iGu17ZdyeS96
+ 3RRpUs2WtepA3vrhSH7xgncXXC3xoercdUGs2GK3qlx9VAcAR0hy5teQmkBGJecm
+ C2wXwwEajOL4HAAvv7gyEp6S5ow1DHSJXxe32FQb18YnR2WHXh40RfWJnvs+zeaV
+ QYN4v6XNJKGC3hux1QyGQbfABUeEnNzl9bDmVICpcNPAy09VWX10UCymmWX6612L
+ EYXB0lt3PhcsvRcXNlV8ZZrukY8EU+UY1wIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "CAyCg6zgO14v5oI4sV9dpwmjS7jy9Ttb4SiuKI5OQyN";
+ };
+ };
+ };
+
};
users = {
mic92 = {
diff --git a/kartei/palo/default.nix b/kartei/palo/default.nix
index bdb61ec5d..6c8fb72ee 100644
--- a/kartei/palo/default.nix
+++ b/kartei/palo/default.nix
@@ -51,20 +51,20 @@ in
aliases = [ "cream.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAxqrCGJriL5L1ehBf7CrdpL6Ao/ssyj5ZoPdlTP47WtBRahQcp8e0
- xWkAACyiSW2rdvK9hBE4Z7cXHenm8obABl69Q6rLdkxIOM7GBK08cX7ZZrRAdyA1
- Bp9FQWoeHZFq4zBayp889HjPgauglguVlPiXaxh5NhqQkKX4Bkcp4f+OtBMvV0Uf
- kf80J5pknliV/I85VDt0Ofyuuvot9p4GAegeaGaTgIpMrbGvqdpnB+ZiI9lFylCf
- tubRvrX1TsaqrWzFu8B2XL6ZXGCY0IrJXs7P0RsG9OysCK7N9WPVrpX+zGFSCCk+
- 3UuKan9AFVOWA72Jj+glIU2i2d3D+Re8kvNmLCQ9GCM2c8Gy+r38UPN1/WTEe7az
- 94ivkczOgg4tIzMCN2JuAYLtoy3JK46Bbexk3i9KgtX5acNrKilQBDKHktqr0oJ8
- Bz53kFP/X7oY+0RIPePL9OPQu8LRyFXeWeuQQUBgqDmttoWBtHEO6vicKFgwN0bl
- 5J6urUJQYC7aabfYO4aDfgVSRr7cELZkbIsx6Lkj5bOrraaJ2pS5H3QGSBUFifAq
- mUdKKkBsYltKe8BsqKvQEysT3cGaGlkeP5OaKHN4qG7hGvLk71YjrYlWlIswdMAp
- D2UgJ5/fcDswSAnFBlLYIqQwC7vMLoqTZPkQ0AN/DxHJCuXfRoU2vhkCAwEAAQ==
+ MIICCgKCAgEAnzhalF1rqLdSsT6HAGuQ6x1kC9Ty3FjoKR2Y5RCO9YIyEgRE8qfR
+ jkne+wIIleODUDMZYuvUe9X5hm8w6wDzxlwCPitwhDlOxoSBnXfbL6YL9rZBn3lC
+ JFkpEPtAJYnfM64R4/UjSndHlCVuH7tltD/1tmfG6IbSsIeDVz+pWZdEmBJfCiDl
+ aqP2gb1oIwe9TgJX2EC2ugW+6Jh9oPNIOP2Q5eLvty5WPhUSGQDWVMr5u0Rgc1oU
+ hhAvrfue7MFqUwX+o0Zq93eVAu/51dhTtqwwVgZVlHK7Wkak4yTRGPAP9v9vbKeK
+ 7GpQuvbiI5OphhSFPjyCN1XMqVgFxqsnLsflIPbQdxCkBgFxhmNf31BDlXWHWD5e
+ 7BfFYc1tZFcEWKhguoCSesJvh1BVsiZzfya96lGd/+ttcKBUKX4tdznEQsV/MVhC
+ cVnQD6k8PN4BIWVJtcq5oM9h6Yt6avtv8TeuaLp/Janco4JmYYFIfRETnz6ye/fG
+ OiKJnGQ1yohSE6n8ZUK1QYdYezZfI8QhF7GHK7he9x13L9xmXoybV+REXlRvh4S2
+ bi9lWTKhQVIHb/qLIdQuaAnK1xg4tdNzL43KEpPstGlAnG8uUNL8hCJL3m220RPK
+ lEbtLhayRzQ9zgj/hBQZa/hMGGyiqV1hiTbEEWAusJdGTUPYhjAelOkCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
- tinc.pubkey_ed25519 = "lkvs1E4lCXt+Q7lvg/vU2JQyDfqseYo68Ecbb/Hg8YA";
+ tinc.pubkey_ed25519 = "B3EKYRxqFjIGR2VYajjDqX0gltPJNwcno5PUhafKWKB";
};
};
};
diff --git a/krebs/1systems/filebitch/config.nix b/krebs/1systems/filebitch/config.nix
index 254306ecb..44c14674e 100644
--- a/krebs/1systems/filebitch/config.nix
+++ b/krebs/1systems/filebitch/config.nix
@@ -28,7 +28,6 @@ in
];
krebs.build.host = config.krebs.hosts.filebitch;
- sound.enable = false;
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="60:a4:4c:3d:52:cf", NAME="et0"
diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix
deleted file mode 100644
index 290870fce..000000000
--- a/krebs/1systems/news/config.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
- imports = [
- ../../../krebs
- ../../../krebs/2configs
-
- ../../../krebs/2configs/ircd.nix
- ../../../krebs/2configs/go.nix
-
- #### NEWS ####
- ../../../krebs/2configs/ircd.nix
- ../../../krebs/2configs/news.nix
- ];
-
- krebs.build.host = config.krebs.hosts.news;
- krebs.hosts.news.ssh.privkey.path = "${config.krebs.secret.directory}/ssh.id_ed25519";
-
- boot.isContainer = true;
- networking.useDHCP = lib.mkForce true;
- krebs.sync-containers3.inContainer = {
- enable = true;
- pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBVZomw68WDQy0HsHhNbWK1KpzaR5aRUG1oioE7IgCv";
- };
-}
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index d3891af82..542106d5f 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -2,51 +2,52 @@
{
imports = [
./net.nix
- <stockholm/krebs>
- <stockholm/krebs/2configs>
- <stockholm/krebs/2configs/secret-passwords.nix>
- <stockholm/krebs/2configs/hw/x220.nix>
+ ../../../krebs
+ ../../../krebs/2configs
+ ../../2configs/secret-passwords.nix
+ ../../2configs/hw/x220.nix
# see documentation in included getty-for-esp.nix:
# brain hosts/puyak/root
- <stockholm/krebs/2configs/hw/getty-for-esp.nix>
+ ../../2configs/hw/getty-for-esp.nix
+ ../../2configs/buildbot/worker.nix
## initrd unlocking
- # (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase'
- <stockholm/krebs/2configs/tor/initrd.nix>
+ # (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat /crypt-ramfs/passphrase'
+ ../../2configs/tor/initrd.nix
- <stockholm/krebs/2configs/binary-cache/nixos.nix>
- <stockholm/krebs/2configs/binary-cache/prism.nix>
+ ../../2configs/binary-cache/nixos.nix
+ ../../2configs/binary-cache/prism.nix
## news host
- <stockholm/krebs/2configs/container-networking.nix>
- <stockholm/krebs/2configs/syncthing.nix>
+ ../../2configs/container-networking.nix
+ ../../2configs/syncthing.nix
### shackspace ###
# handle the worlddomination map via coap
- <stockholm/krebs/2configs/shack/worlddomination.nix>
- <stockholm/krebs/2configs/shack/ssh-keys.nix>
+ ../../2configs/shack/worlddomination.nix
+ ../../2configs/shack/ssh-keys.nix
# drivedroid.shack for shackphone
- <stockholm/krebs/2configs/shack/drivedroid.nix>
- # <stockholm/krebs/2configs/shack/nix-cacher.nix>
+ ../../2configs/shack/drivedroid.nix
+ # ../../2configs/shack/nix-cacher.nix
# Say if muell will be collected
- <stockholm/krebs/2configs/shack/muell_caller.nix>
+ ../../2configs/shack/muell_caller.nix
# provide muellshack api: muell.shack
- <stockholm/krebs/2configs/shack/muellshack.nix>
+ ../../2configs/shack/muellshack.nix
# send mail if muell was not handled
- <stockholm/krebs/2configs/shack/muell_mail.nix>
+ ../../2configs/shack/muell_mail.nix
# provide light control api
- <stockholm/krebs/2configs/shack/node-light.nix> # light.shack lounge.light.shack power.light.shack openhab.shack lightapi.shack
+ ../../2configs/shack/node-light.nix # light.shack lounge.light.shack power.light.shack openhab.shack lightapi.shack
# light.shack web-ui
- <stockholm/krebs/2configs/shack/light.shack.nix> #light.shack
+ ../../2configs/shack/light.shack.nix #light.shack
# fetch the u300 power stats
- <stockholm/krebs/2configs/shack/power/u300-power.nix>
+ ../../2configs/shack/power/u300-power.nix
{ # do not log to /var/spool/log
@@ -66,56 +67,55 @@
}
# create samba share for anonymous usage with the laser and 3d printer pc
- <stockholm/krebs/2configs/shack/share.nix>
+ ../../2configs/shack/share.nix
# mobile.lounge.mpd.shack
- <stockholm/krebs/2configs/shack/mobile.mpd.nix>
+ ../../2configs/shack/mobile.mpd.nix
# hass.shack
- <stockholm/krebs/2configs/shack/glados>
- <stockholm/krebs/2configs/shack/esphome.nix>
+ ../../2configs/shack/glados
+ ../../2configs/shack/esphome.nix
# connect to git.shackspace.de as group runner for rz
- <stockholm/krebs/2configs/shack/gitlab-runner.nix>
+ ../../2configs/shack/gitlab-runner.nix
# Statistics collection and visualization
- # <stockholm/krebs/2configs/shack/graphite.nix> # graphiteApi is broken and unused(hopefully)
+ # ../../2configs/shack/graphite.nix # graphiteApi is broken and unused(hopefully)
## Collect data from mqtt.shack and store in graphite database
- <stockholm/krebs/2configs/shack/mqtt_sub.nix>
+ ../../2configs/shack/mqtt_sub.nix
## Collect radioactive data and put into graphite
- <stockholm/krebs/2configs/shack/radioactive.nix>
+ ../../2configs/shack/radioactive.nix
## mqtt.shack
- <stockholm/krebs/2configs/shack/mqtt.nix>
+ ../../2configs/shack/mqtt.nix
## influx.shack
- <stockholm/krebs/2configs/shack/influx.nix>
+ ../../2configs/shack/influx.nix
## Collect local statistics via collectd a