diff options
29 files changed, 294 insertions, 482 deletions
diff --git a/flake.lock b/flake.lock index 85e508e47..57993d8f1 100644 --- a/flake.lock +++ b/flake.lock @@ -3,17 +3,18 @@ "buildbot-nix": { "inputs": { "flake-parts": "flake-parts", + "hercules-ci-effects": "hercules-ci-effects", "nixpkgs": [ "nixpkgs" ], "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1719326738, - "narHash": "sha256-9gEgR/teWxH1E3JUUunLrcgOpMel19nw//eK3XKU6RQ=", + "lastModified": 1732578586, + "narHash": "sha256-kR2RwG4H32zRkyVVfDKUnoPxORb6DzztE16oc98ZzSg=", "owner": "Mic92", "repo": "buildbot-nix", - "rev": "6e342155745f68b6d7ccc5557fa3d320b8aa3273", + "rev": "037344cad03e933ea370c0766b39b959820446e5", "type": "github" }, "original": { @@ -30,11 +31,11 @@ ] }, "locked": { - "lastModified": 1717285511, - "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -43,6 +44,31 @@ "type": "github" } }, + "hercules-ci-effects": { + "inputs": { + "flake-parts": [ + "buildbot-nix", + "flake-parts" + ], + "nixpkgs": [ + "buildbot-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1730903510, + "narHash": "sha256-mnynlrPeiW0nUQ8KGZHb3WyxAxA3Ye/BH8gMjdoKP6E=", + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "rev": "b89ac4d66d618b915b1f0a408e2775fe3821d141", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "type": "github" + } + }, "nix-writers": { "flake": false, "locked": { @@ -61,11 +87,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1719254875, - "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=", + "lastModified": 1732014248, + "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", + "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", "type": "github" }, "original": { @@ -90,11 +116,11 @@ ] }, "locked": { - "lastModified": 1718522839, - "narHash": "sha256-ULzoKzEaBOiLRtjeY3YoGFJMwWSKRYOic6VNw2UyTls=", + "lastModified": 1730321837, + "narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "68eb1dc333ce82d0ab0c0357363ea17c31ea1f81", + "rev": "746901bb8dba96d154b66492a29f5db0693dbfcc", "type": "github" }, "original": { @@ -13,7 +13,7 @@ description = "stockholm"; - outputs = { self, nixpkgs, nix-writers, buildbot-nix, ... }@inputs: { + outputs = { self, nixpkgs, nix-writers, buildbot-nix, ... }: { nixosConfigurations = nixpkgs.lib.mapAttrs (machineName: _: nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs.stockholm = self; diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index 9f9866c71..6ce95f587 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -18,6 +18,30 @@ in { mail = "feliks@flipdot.org"; }; hosts = mapAttrs hostDefaults { + ioka = { + nets = { + retiolum = { + ip4.addr = "10.243.10.242"; + aliases = [ "ioka.r" "ioka.feliks.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAwmwpsohYq/KJTXvUmacsFqolf3Me2dG5NypdosJT5jIVjQMa5M6U + HWpkfOFi3v0NTiUN8OP3714N1hF7x+Lq/EVYSSxT1bB4IWSIyaVLmSjs+sycHRKK + zvOL249iOqdyFjAeGVXmLw/zYOH6uzdJpRvlgMcGT5BPL+Jx+G5KUZgeqkDDDpcy + 1j+6nCyBRn9yK0yfZ5z6LJQqLCJzZ4KE5ym6t8RqgRXWchewQP/aYxtk1dn03GEn + NSiJmjb3QtKM1ZWAMNSCJ0xdPNQtMp7Xi4EdwDcyNAmu+Tk48MSV/G4TL5PXAV1p + WYWS6KxAc/huwKW/HCGFAj7d7cTMd4XzcN7fMg6gAs4GQTVn7AYelMb6teAGZj5Y + ifHmhl5Sy2umuDBhUWAfLDZu97gmF2ZlpO48VG/ZJjKejw9gP8u3Qek3+4iO22wM + xrj1ZZEuxhEyJu1OYNr/MES6h5l+FdiVpV6JMpzOCGhiVRN4z4FzUHcUixFIgJni + zlr0h6c0fJh4mEmOSu2WwNV7xMmqWe7SAcLOnvRaAqBfAprIvy/rpcB7Ji1gFcMq + 4k/GkbKD+8/NZxujAJhyUo08JNHb0TACZiVIhbaafsEEgRQZBs9wa0u7MMzqlwXP + 1ewjfwmfEQa7yEt0BQVjYm2C017IWngXv0dU49gVDGh9MMG9EBcS4scCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "jhPsb07ilQDliw8H9lQ1JQ5Potj+//HwNSD7+OHdFvD"; + }; + }; + }; papawhakaaro = { nets = { retiolum = { diff --git a/kartei/kmein/default.nix b/kartei/kmein/default.nix index c840019b5..084d796a7 100644 --- a/kartei/kmein/default.nix +++ b/kartei/kmein/default.nix @@ -34,7 +34,12 @@ in hosts = mapAttrs hostDefaults { ful = { nets.retiolum = { - aliases = [ "ful.r" ]; + aliases = [ + "brockman.r" + "ful.r" + "news.r" + "rss.r" + ]; ip4.addr = "10.243.2.107"; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/kartei/krebs/default.nix b/kartei/krebs/default.nix index 7e3f1b542..555dadcbe 100644 --- a/kartei/krebs/default.nix +++ b/kartei/krebs/default.nix @@ -102,37 +102,6 @@ in { }; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; }; - news = { - ci = true; - nets = { - retiolum = { - ip4.addr = "10.243.0.5"; - aliases = [ - "news.r" - "brockman.r" - "go.r" - "rss.r" - ]; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc - cgPezX8yGmA0nuTyCUPtXbWyWee9HnzYqekzJYvBHwgBDvZ8UhLZTCXD15agDfaf - cbzd4uM5bCDgqI8sezzD95tqj7mzvIEurIShDXYSWC6YRat1h1Opp86JngBJRvHZ - Gb6NAyfnr4v2eyMrmH9/j+sECxjCAaC5QLpJWyoDPilFU8dXBarmiZNYYlXQt1pn - yxZSF5pElmrdiZ6vlKlnEHwFtExm1gv63ZjAlusrXM+bKMvdVKRnhahq76A5VXjc - kbOhQi+wYGaVK4jB2a1UilmKYh1wKLE7HULoHDRrqEe4jemNZg+JOBPTU+jM/JzM - XdPy0KAMxHOUZCe8IX0LgF1snVaMF05Qkoe3QKr0YJ3KTD7UdsJpa1Br216Z/w2f - koz+cRn/Z/8TO8SIRKvy5TfXeH+ra6rp/CvwryNlNL4FB+25LFDkJtLIZGqAsz3G - vRXUiGN4l1FR4TbX7XaK2rvIlA/+4isJ02bBdnZhe7kmuuBeECyPaR1+Ui6pElXe - ZamnxTAmj86Q8pDx6Wn2cg8YAJlVV3UCfhda34DZokJmmmKucGupg/6Xt0Bhm9d5 - exNrTIDG3lXTxmg2mfiZJeg/fsnalvtN0j/VB+NmmKzie+ZohMK4nUfslq8o5CO9 - j7ZLmZzm062GzX0RenxNkwUCAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo "; - }; onebutton = { nets = { retiolum = { diff --git a/kartei/lass/daedalus.nix b/kartei/lass/daedalus.nix index 891cbd293..865f378b9 100644 --- a/kartei/lass/daedalus.nix +++ b/kartei/lass/daedalus.nix @@ -10,15 +10,20 @@ tinc = { pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAzlIJfYIoQGXishIQGFNOcaVoeelqy7a731FJ+VfrqeR8WURQ6D+8 - 5hz7go+l3Z7IhTc/HbpGFJ5QJJNFSuSpLfZVyi+cKAUVheTivIniHFIRw37JbJ4+ - qWTlVe3uvOiZ0cA9S6LrbzqAUTLbH0JlWj36mvGIPICDr9YSEkIUKbenxjJlIpX8 - ECEBm8RU1aq3PUo/cVjmpqircynVJBbRCXZiHoxyLXNmh23d0fCPCabEYWhJhgaR - arkYRls5A14HGMI52F3ehnhED3k0mU8/lb4OzYgk34FjuZGmyRWIfrEKnqL4Uu2w - 3pmEvswG1WYG/3+YE80C5OpCE4BUKAzYSwIDAQAB + MIICCgKCAgEA5SYx0hfmZ25mFzlnzdeoB46nMfJcyEuiJvMqNjRaeTRGe1UYFMOV + KdLYRqioMBbvIwU+7+1jslI3Tjfs9kWtt57p4ZqTUmfKZYkhA6onvKZUtQrv8M9c + sMOUhrY4p/QRvON4b9o9bZGdzDAX43EsAfDMW8YZvS6P+SQNeGORX3pimQ5ODY5N + P0rnFuYjGt3wAWcwyzmfKFedxcB/eDyYSjmhnkIwrODdS5rQyaCDKALSGBQ6bF4S + rvgy7PbwP71o8jVlhndOGyvZJPyx4yjwENrRWh6Wgwy/i2GYXWuc0+/Lvjq/X2k5 + C2LPGTfZ4rJaRdaS8EvOAy7uADemSymIGn3EM7qgLb2ogcQOFVtBHwWXYepLmbQi + lnGiE83eDcXKUs8lmnZQTP8C+Ho/SQCVXpgOg29BdwIZJ26Gv1ueVlhOKIvF7Pay + huRbQywgo7jnvNKk5TEGAX3bhUctT+UBJ+7JDHUJdqgJYKilYWwrK0jBVLSRqGTa + UHPCyM5zLdX6G8CXK7v+CbH66GsZxSkfxYjv049CWdbQ/BAW5hWUW77xTnP81/yi + 3a2XxtxxmCiGxl3+eqtXh5q2bOB/JKffGYfblHXJ3NK6HH5qVpcjT7CHKO21gqsb + hdPbKKD5aB2EJm+DYOnxS1UYsj7R/SmKGmNuQVfBm6jsBmjc4XmZQWECAwEAAQ== -----END RSA PUBLIC KEY----- ''; - pubkey_ed25519 = "ybmNcRLtZ0NxlxIRE3bdc2G4lLXtTGXu+iRaXMTKCNG"; + pubkey_ed25519 = "+xM97iA8eIB58bfsEjMfK7aqv+Emzajx5CYqSGjRR/K"; }; }; wiregrill = { @@ -26,8 +31,8 @@ aliases = [ "daedalus.w" ]; - wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI="; + wireguard.pubkey = "1/ZN/YvIBpWJGIwf0EE5NpxnQVCsde8f5WR3LExRW0M="; }; }; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g"; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAjmN3oUAj/3AFH0t4JdCjWn+AzyYyr8Dhp0oqq9Nzbu"; } diff --git a/kartei/lass/neoprism.nix b/kartei/lass/neoprism.nix index 63d608e46..73eda0762 100644 --- a/kartei/lass/neoprism.nix +++ b/kartei/lass/neoprism.nix @@ -21,6 +21,7 @@ aliases = [ "neoprism.r" "cache.neoprism.r" + "go.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/kartei/lass/shodan.nix b/kartei/lass/shodan.nix index 50ab86e6e..202fc9e70 100644 --- a/kartei/lass/shodan.nix +++ b/kartei/lass/shodan.nix @@ -10,15 +10,20 @@ tinc = { pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA9bUSItw8rEu2Cm2+3IGHyRxopre9lqpFjZNG2QTnjXkZ97QlDesT - YYZgM2lBkYcDN3/LdGaFFKrQQSGiF90oXA2wFqPuIfycx+1+TENGCzF8pExwbTd7 - ROSVnISbghXYDgr3TqkjpPmnM+piFKymMDBGhxWuy1bw1AUfvRzhQwPAvtjB4VvF - 7AVN/Z9dAZ/LLmYfYq7fL8V7PzQNvR+f5DP6+Eubx0xCuyuo63bWuGgp3pqKupx4 - xsixtMQPuqMBvOUo0SBCCPa9a+6I8dSwqAmKWM5BhmNlNCRDi37mH/m96av7SIiZ - V29hwypVnmLoJEFiDzPMCdiH9wJNpHuHuQIDAQAB + MIICCgKCAgEAzttBobc7FsMm3ngFeOwnY0sB/lC9Y+JHHfLlh9j8kROjBhIzu+Ky + 3OVr5Zs3iAUw4yOtMVdEQX9kTkN993qcIUriBMsPBnnQPvPX9hlLvLJ80Mputqdq + xUmnjn29DYff56VEzAfOEYeaXX63XUovQmALIk4DvAWxzCL6yyth8IJKQDnsieHN + QmhAgQN4/rqHzaqkdN4pcnjff3Xw2dHZd0zhnQBA6pMKuBTmu0wV1HMKWHmjNUXG + lMtXKZ8rsJsNxo9NKKxYfMX5LNf497rZHC7iMDsNSGmMa8Rhw/By94Tax7MQ2++w + dGg0A8ON6eyM9qcLbFgNbkslEC9ustb3bWqHZJyHRyvTJ0CnTSYoeqyDtdzAL+tg + FBqiWbDrxUDYD4kdsIt6waPx2pmVjvO/z5njbiuLYSmrICpQkRlu3SOBXPbgouoG + 6DmwakOvpHA9pPlRUCa0koAkSM2iwaICsbsdk8KghfbjX5Kbu2b8oK1V7FKpYnKF + lLrRJk1G3tc3JV5slsbiaV/zL/JZ8IhNY1m6DYIyLeCGKLmc844o3ZoRVPqfMpDc + a4RSEoORv3oUAc4fWXPil+AjvTSxfRSRX6L/1STJ4HtUqSwuAinCZx4ecP/qqCv6 + KpVr4zMR/x+6o5DBCHNriW8uVnOEzuxaq1k9tIUDuawED3XodTzGKtECAwEAAQ== -----END RSA PUBLIC KEY----- ''; - pubkey_ed25519 = "Ptc5VuYkRd5+zHibZwNe3DEgGHHvAk0Ul00dW1YXsrC"; + pubkey_ed25519 = "v3VPuvfH/2JS5aUx2C9MtYoYoBU9J5LkvUdbyabKgrL"; }; }; wiregrill = { @@ -27,10 +32,9 @@ aliases = [ "shodan.w" ]; - wireguard.pubkey = "0rI/I8FYQ3Pba7fQ9oyvtP4a54GWsPa+3zAiGIuyV30="; + wireguard.pubkey = "J1RTYvWmWZrLe+IqOrmy+wYxGyc2j6sUjIGgM1No2AQ="; }; }; secure = true; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC9vup68R0I+62FK+8LNtwM90V9P4ukBmU7G7d54wf4C"; - syncthing.id = "AU5RTWC-HXNMDRT-TN4ZHXY-JMQ6EQB-4ZPOZL7-AICZMCZ-LNS2XXQ-DGTI2Q6"; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGkp+Fw9S/Af31vUP+n24cQLzbteUYosVFmV+7RSJm18"; } diff --git a/kartei/lass/yellow.nix b/kartei/lass/yellow.nix index 1873e02dc..ce365133d 100644 --- a/kartei/lass/yellow.nix +++ b/kartei/lass/yellow.nix @@ -10,6 +10,7 @@ "flix.r" "radar.r" "sonar.r" + "jellyseer.r" "transmission.r" ]; tinc = { diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix index 6dd59be55..2baf6ef5a 100644 --- a/kartei/makefu/default.nix +++ b/kartei/makefu/default.nix @@ -205,53 +205,56 @@ in { gum = rec { extraZones = { "krebsco.de" = '' - rss.euer IN A ${nets.internet.ip4.addr} - o.euer IN A ${nets.internet.ip4.addr} - bw.euer IN A ${nets.internet.ip4.addr} + admin.work.euer IN A ${nets.internet.ip4.addr} + api.work.euer IN A ${nets.internet.ip4.addr} + atuin.euer IN A ${nets.internet.ip4.addr} + board.euer IN A ${nets.internet.ip4.addr} bookmark.euer IN A ${nets.internet.ip4.addr} boot IN A ${nets.internet.ip4.addr} boot.euer IN A ${nets.internet.ip4.addr} - build.euer IN A ${nets.internet.ip4.addr} + build.euer IN A ${nets.internet.ip4.addr} + bw.euer IN A ${nets.internet.ip4.addr} cache.euer IN A ${nets.internet.ip4.addr} cache.gum IN A ${nets.internet.ip4.addr} cgit.euer IN A ${nets.internet.ip4.addr} dl.euer IN A ${nets.internet.ip4.addr} dns.euer IN A ${nets.internet.ip4.addr} dockerhub IN A ${nets.internet.ip4.addr} + etherpad.euer IN A ${nets.internet.ip4.addr} euer IN A ${nets.internet.ip4.addr} - euer IN MX 1 aspmx.l.google.com. + feed.euer IN A ${nets.internet.ip4.addr} ghook IN A ${nets.internet.ip4.addr} git.euer IN A ${nets.internet.ip4.addr} gold IN A ${nets.internet.ip4.addr} graph IN A ${nets.internet.ip4.addr} gum IN A ${nets.internet.ip4.addr} - io IN NS gum.krebsco.de. iso.euer IN A ${nets.internet.ip4.addr} - feed.euer IN A ${nets.internet.ip4.addr} - board.euer IN A ${nets.internet.ip4.addr} - etherpad.euer IN A ${nets.internet.ip4.addr} - mediengewitter IN CNAME over.dose.io. + maps.work.euer IN A ${nets.internet.ip4.addr} + meet.euer IN A ${nets.internet.ip4.addr} mon.euer IN A ${nets.internet.ip4.addr} + music.euer IN A ${nets.internet.ip4.addr} netdata.euer IN A ${nets.internet.ip4.addr} - nixos.unstable IN CNAME krebscode.github.io. + ntfy.euer IN A ${nets.internet.ip4.addr} + o.euer IN A ${nets.internet.ip4.addr} + paper.euer IN A ${nets.internet.ip4.addr} photostore IN A ${nets.internet.ip4.addr} - pigstarter IN CNAME makefu.github.io. + play.work.euer IN A ${nets.internet.ip4.addr} + push.work.euer IN A ${nets.internet.ip4.addr} + rss.euer IN A ${nets.internet.ip4.addr} share.euer IN A ${nets.internet.ip4.addr} + ul.work.euer IN A ${nets.internet.ip4.addr} wg.euer IN A ${nets.internet.ip4.addr} wiki.euer IN A ${nets.internet.ip4.addr} wikisearch IN A ${nets.internet.ip4.addr} - - meet.euer IN A ${nets.internet.ip4.addr} work.euer IN A ${nets.internet.ip4.addr} - admin.work.euer IN A ${nets.internet.ip4.addr} - push.work.euer IN A ${nets.internet.ip4.addr} - api.work.euer IN A ${nets.internet.ip4.addr} - maps.work.euer IN A ${nets.internet.ip4.addr} - play.work.euer IN A ${nets.internet.ip4.addr} - ul.work.euer IN A ${nets.internet.ip4.addr} - music.euer IN A ${nets.internet.ip4.addr} - ntfy.euer IN A ${nets.internet.ip4.addr} - paper.euer IN A ${nets.internet.ip4.addr} + + mediengewitter IN CNAME over.dose.io. + nixos.unstable IN CNAME krebscode.github.io. + pigstarter IN CNAME makefu.github.io. + + euer IN MX 1 aspmx.l.google.com. + + io IN NS gum.krebsco.de. ''; }; nets = rec { @@ -284,6 +287,7 @@ in { "blog.makefu.r" "cache.gum.r" "cgit.gum.r" + "git.gum.r" "dcpp.gum.r" "dcpp.nextgum.r" "graph.makefu.r" diff --git a/kartei/makefu/wiregrill/telex.pub b/kartei/makefu/wiregrill/telex.pub index 4a5f666cc..668d7ca68 100644 --- a/kartei/makefu/wiregrill/telex.pub +++ b/kartei/makefu/wiregrill/telex.pub @@ -1 +1 @@ -yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo= +Y6fOW2QDt0SsHT7hSVzzJYQVB3JI/txO4/FDB54Z52A= diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index ef37cc760..2a4593e72 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -782,7 +782,6 @@ in { aliases = [ "jack.r" "stable-confusion.r" - "vicuna.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -991,6 +990,106 @@ in { }; }; }; + + tegan = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # tegan.dos.cit.tum.de + ip4.addr = "131.159.38.2"; + ip6.addr = "2a09:80c0:38::2"; + aliases = [ "tegan.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "tegan.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0Rg6R8RZkQ8lYMegQDOy8OB6y31jfcVufBHx/QWFzzX/aaoyJDNo + QPVwn7qWnArqXvvwMYT6boPLJPmEFfxt9mwHX3lTEQKj82FT86hjG5axujIx1EAa + 5v1A5UbZiBwntQPhHP+ULaQLPhwRfU+NftCpf3NC1frP0xd4U0fzdmO86jVp9Mwr + T07IvJzaSg1tIodT8F4CYktRCC9u8uQmtOrU/8FoPcWHMFxYMLR+qB3KQ3WF4EPU + qw3vtADATjDpagFr5+E12dc//04iTJc9sQ254WcLH9kfb+i+AFJ9G8H24iM9Iyal + YuEAYPV1XOQ8SZ9PNrKcSJxvMebzOkhvmQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "7AlLnzY96NqA9I0og/RaY+HekMSUGlxoDFNy5VRzE+L"; + }; + }; + }; + + xavier = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # xavier.dos.cit.tum.de + ip4.addr = "131.159.102.27"; + ip6.addr = "2a09:80c0:102::27"; + aliases = [ "xavier.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "xavier.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA4mAnaYD/tImIFmpDVK819M8XqY5j6i85E1FuBfqkx4FFRY4qHlpT + 1ykybkPPI64y0B2Nr698vg52LQB9jclbo8sm5q8X/kkgwOM7jS9uwO2k8XnUqi3l + bV22v5xTXjqPklP71Bc5dlvjVUfX5KwkEpzrSQ+NqIPrlzs9/nIeQONVdhrEsRBk + kMaSGHzRcBBP+rbsi+GqIN4VKUKlUmP3XiDGj9yGUnTSDbMf0CoOksmle9i6s2rV + J5Kp78LhIZ5el7Gd+wMtwWQYKcHbZJwpFt4ODlefKknLeDV0uJgJpUmF0r32Hlj0 + OAkmtpaRdweKj/Va31jNvhgJidDe/qgrFwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "CkupwxlJG2SH5FkqxathLC4PSZCsrDMpOTOtvCqid3A"; + }; + }; + }; + + #vicky = { + # owner = config.krebs.users.mic92; + # nets = rec { + # internet = { + # ip4.addr = ""; + # ip6.addr = ""; + # aliases = [ "vicky.i" ]; + # }; + # retiolum = { + # via = internet; + # aliases = [ "vicky.r" ]; + # tinc.pubkey = '' + # ''; + # tinc.pubkey_ed25519 = ""; + # }; + # }; + #}; + + irene = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # irene.dos.cit.tum.de + ip4.addr = "131.159.102.28"; + ip6.addr = "2a09:80c0:102::28"; + aliases = [ "irene.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "irene.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA2P7QtdfRmrI1gDBKQJv+kAJBeNz5/bDuJfCcLJ6fkOt3MduZvLDt + qCj2LBhdXBAEcIKzrvzgR9r9mfEU38hr6JgO01xBvyEHg9YSJJ/5iGu17ZdyeS96 + 3RRpUs2WtepA3vrhSH7xgncXXC3xoercdUGs2GK3qlx9VAcAR0hy5teQmkBGJecm + C2wXwwEajOL4HAAvv7gyEp6S5ow1DHSJXxe32FQb18YnR2WHXh40RfWJnvs+zeaV + QYN4v6XNJKGC3hux1QyGQbfABUeEnNzl9bDmVICpcNPAy09VWX10UCymmWX6612L + EYXB0lt3PhcsvRcXNlV8ZZrukY8EU+UY1wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "CAyCg6zgO14v5oI4sV9dpwmjS7jy9Ttb4SiuKI5OQyN"; + }; + }; + }; + }; users = { mic92 = { diff --git a/kartei/palo/default.nix b/kartei/palo/default.nix index bdb61ec5d..6c8fb72ee 100644 --- a/kartei/palo/default.nix +++ b/kartei/palo/default.nix @@ -51,20 +51,20 @@ in aliases = [ "cream.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAxqrCGJriL5L1ehBf7CrdpL6Ao/ssyj5ZoPdlTP47WtBRahQcp8e0 - xWkAACyiSW2rdvK9hBE4Z7cXHenm8obABl69Q6rLdkxIOM7GBK08cX7ZZrRAdyA1 - Bp9FQWoeHZFq4zBayp889HjPgauglguVlPiXaxh5NhqQkKX4Bkcp4f+OtBMvV0Uf - kf80J5pknliV/I85VDt0Ofyuuvot9p4GAegeaGaTgIpMrbGvqdpnB+ZiI9lFylCf - tubRvrX1TsaqrWzFu8B2XL6ZXGCY0IrJXs7P0RsG9OysCK7N9WPVrpX+zGFSCCk+ - 3UuKan9AFVOWA72Jj+glIU2i2d3D+Re8kvNmLCQ9GCM2c8Gy+r38UPN1/WTEe7az - 94ivkczOgg4tIzMCN2JuAYLtoy3JK46Bbexk3i9KgtX5acNrKilQBDKHktqr0oJ8 - Bz53kFP/X7oY+0RIPePL9OPQu8LRyFXeWeuQQUBgqDmttoWBtHEO6vicKFgwN0bl - 5J6urUJQYC7aabfYO4aDfgVSRr7cELZkbIsx6Lkj5bOrraaJ2pS5H3QGSBUFifAq - mUdKKkBsYltKe8BsqKvQEysT3cGaGlkeP5OaKHN4qG7hGvLk71YjrYlWlIswdMAp - D2UgJ5/fcDswSAnFBlLYIqQwC7vMLoqTZPkQ0AN/DxHJCuXfRoU2vhkCAwEAAQ== + MIICCgKCAgEAnzhalF1rqLdSsT6HAGuQ6x1kC9Ty3FjoKR2Y5RCO9YIyEgRE8qfR + jkne+wIIleODUDMZYuvUe9X5hm8w6wDzxlwCPitwhDlOxoSBnXfbL6YL9rZBn3lC + JFkpEPtAJYnfM64R4/UjSndHlCVuH7tltD/1tmfG6IbSsIeDVz+pWZdEmBJfCiDl + aqP2gb1oIwe9TgJX2EC2ugW+6Jh9oPNIOP2Q5eLvty5WPhUSGQDWVMr5u0Rgc1oU + hhAvrfue7MFqUwX+o0Zq93eVAu/51dhTtqwwVgZVlHK7Wkak4yTRGPAP9v9vbKeK + 7GpQuvbiI5OphhSFPjyCN1XMqVgFxqsnLsflIPbQdxCkBgFxhmNf31BDlXWHWD5e + 7BfFYc1tZFcEWKhguoCSesJvh1BVsiZzfya96lGd/+ttcKBUKX4tdznEQsV/MVhC + cVnQD6k8PN4BIWVJtcq5oM9h6Yt6avtv8TeuaLp/Janco4JmYYFIfRETnz6ye/fG + OiKJnGQ1yohSE6n8ZUK1QYdYezZfI8QhF7GHK7he9x13L9xmXoybV+REXlRvh4S2 + bi9lWTKhQVIHb/qLIdQuaAnK1xg4tdNzL43KEpPstGlAnG8uUNL8hCJL3m220RPK + lEbtLhayRzQ9zgj/hBQZa/hMGGyiqV1hiTbEEWAusJdGTUPYhjAelOkCAwEAAQ== -----END RSA PUBLIC KEY----- ''; - tinc.pubkey_ed25519 = "lkvs1E4lCXt+Q7lvg/vU2JQyDfqseYo68Ecbb/Hg8YA"; + tinc.pubkey_ed25519 = "B3EKYRxqFjIGR2VYajjDqX0gltPJNwcno5PUhafKWKB"; }; }; }; diff --git a/krebs/1systems/filebitch/config.nix b/krebs/1systems/filebitch/config.nix index 254306ecb..44c14674e 100644 --- a/krebs/1systems/filebitch/config.nix +++ b/krebs/1systems/filebitch/config.nix @@ -28,7 +28,6 @@ in ]; krebs.build.host = config.krebs.hosts.filebitch; - sound.enable = false; services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="60:a4:4c:3d:52:cf", NAME="et0" diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix deleted file mode 100644 index 290870fce..000000000 --- a/krebs/1systems/news/config.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ../../../krebs - ../../../krebs/2configs - - ../../../krebs/2configs/ircd.nix - ../../../krebs/2configs/go.nix - - #### NEWS #### - ../../../krebs/2configs/ircd.nix - ../../../krebs/2configs/news.nix - ]; - - krebs.build.host = config.krebs.hosts.news; - krebs.hosts.news.ssh.privkey.path = "${config.krebs.secret.directory}/ssh.id_ed25519"; - - boot.isContainer = true; - networking.useDHCP = lib.mkForce true; - krebs.sync-containers3.inContainer = { - enable = true; - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBVZomw68WDQy0HsHhNbWK1KpzaR5aRUG1oioE7IgCv"; - }; -} diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index d3891af82..542106d5f 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -2,51 +2,52 @@ { imports = [ ./net.nix - <stockholm/krebs> - <stockholm/krebs/2configs> - <stockholm/krebs/2configs/secret-passwords.nix> - <stockholm/krebs/2configs/hw/x220.nix> + ../../../krebs + ../../../krebs/2configs + ../../2configs/secret-passwords.nix + ../../2configs/hw/x220.nix # see documentation in included getty-for-esp.nix: # brain hosts/puyak/root - <stockholm/krebs/2configs/hw/getty-for-esp.nix> + ../../2configs/hw/getty-for-esp.nix + ../../2configs/buildbot/worker.nix ## initrd unlocking - # (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase' - <stockholm/krebs/2configs/tor/initrd.nix> + # (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat /crypt-ramfs/passphrase' + ../../2configs/tor/initrd.nix - <stockholm/krebs/2configs/binary-cache/nixos.nix> - <stockholm/krebs/2configs/binary-cache/prism.nix> + ../../2configs/binary-cache/nixos.nix + ../../2configs/binary-cache/prism.nix ## news host - <stockholm/krebs/2configs/container-networking.nix> - <stockholm/krebs/2configs/syncthing.nix> + ../../2configs/container-networking.nix + ../../2configs/syncthing.nix ### shackspace ### # handle the worlddomination map via coap - <stockholm/krebs/2configs/shack/worlddomination.nix> - <stockholm/krebs/2configs/shack/ssh-keys.nix> + ../../2configs/shack/worlddomination.nix + ../../2configs/shack/ssh-keys.nix # drivedroid.shack for shackphone - <stockholm/krebs/2configs/shack/drivedroid.nix> - # <stockholm/krebs/2configs/shack/nix-cacher.nix> + ../../2configs/shack/drivedroid.nix + # ../../2configs/shack/nix-cacher.nix # Say if muell will be collected - <stockholm/krebs/2configs/shack/muell_caller.nix> + ../../2configs/shack/muell_caller.nix # provide muellshack api: muell.shack - <stockholm/krebs/2configs/shack/muellshack.nix> + ../../2configs/shack/muellshack.nix # send mail if muell was not handled - <stockholm/krebs/2configs/shack/muell_mail.nix> + ../../2configs/shack/muell_mail.nix # provide light control api - <stockholm/krebs/2configs/shack/node-light.nix> # light.shack lounge.light.shack power.light.shack openhab.shack lightapi.shack + ../../2configs/shack/node-light.nix # light.shack lounge.light.shack power.light.shack openhab.shack lightapi.shack # light.shack web-ui - <stockholm/krebs/2configs/shack/light.shack.nix> #light.shack + ../../2configs/shack/light.shack.nix #light.shack # fetch the u300 power stats - <stockholm/krebs/2configs/shack/power/u300-power.nix> + ../../2configs/shack/power/u300-power.nix { # do not log to /var/spool/log @@ -66,56 +67,55 @@ } # create samba share for anonymous usage with the laser and 3d printer pc - <stockholm/krebs/2configs/shack/share.nix> + ../../2configs/shack/share.nix # mobile.lounge.mpd.shack - <stockholm/krebs/2configs/shack/mobile.mpd.nix> + ../../2configs/shack/mobile.mpd.nix # hass.shack - <stockholm/krebs/2configs/shack/glados> - <stockholm/krebs/2configs/shack/esphome.nix> + ../../2configs/shack/glados + ../../2configs/shack/esphome.nix # connect to git.shackspace.de as group runner for rz - <stockholm/krebs/2configs/shack/gitlab-runner.nix> + ../../2configs/shack/gitlab-runner.nix # Statistics collection and visualization - # <stockholm/krebs/2configs/shack/graphite.nix> # graphiteApi is broken and unused(hopefully) + # ../../2configs/shack/graphite.nix # graphiteApi is broken and unused(hopefully) ## Collect data from mqtt.shack and store in graphite database - <stockholm/krebs/2configs/shack/mqtt_sub.nix> + ../../2configs/shack/mqtt_sub.nix ## Collect radioactive data and put into graphite - <stockholm/krebs/2configs/shack/radioactive.nix> + ../../2configs/shack/radioactive.nix ## mqtt.shack - <stockholm/krebs/2configs/shack/mqtt.nix> + ../../2configs/shack/mqtt.nix ## influx.shack - <stockholm/krebs/2configs/shack/influx.nix> + ../../2configs/shack/influx.nix ## Collect local statistics via collectd a |