diff options
Diffstat (limited to 'krebs/3modules')
-rw-r--r-- | krebs/3modules/external/default.nix | 420 | ||||
-rw-r--r-- | krebs/3modules/external/ssh/Mic92.pub | 1 | ||||
-rw-r--r-- | krebs/3modules/external/ssh/exco.pub (renamed from krebs/3modules/makefu/ssh/exco.pub) | 0 | ||||
-rw-r--r-- | krebs/3modules/external/ssh/kmein.pub | 1 | ||||
-rw-r--r-- | krebs/3modules/external/ssh/raute.pub | 1 | ||||
-rw-r--r-- | krebs/3modules/external/ssh/ulrich.pub (renamed from krebs/3modules/makefu/ssh/ulrich.pub) | 0 | ||||
-rw-r--r-- | krebs/3modules/external/tinc/justraute.pub | 14 | ||||
-rw-r--r-- | krebs/3modules/external/tinc/tpsw.pub | 8 | ||||
-rw-r--r-- | krebs/3modules/lass/default.nix | 13 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 62 |
10 files changed, 285 insertions, 235 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 39922e2ee..a7ec0e158 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -8,31 +8,151 @@ with import <stockholm/lib>; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill.ip6.addr = + (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }); + ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); + tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); in { hosts = mapAttrs hostDefaults { - sokrateslaptop = { - owner = config.krebs.users.sokratess; - nets = { + dpdkm = { + owner = config.krebs.users.Mic92; + nets = rec { retiolum = { - ip4.addr = "10.243.142.104"; - aliases = [ - "sokrateslaptop.r" + ip4.addr = "10.243.29.173"; + aliases = [ "dpdkm.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj + NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp + qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP + X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn + f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa + bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL + Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T + B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w + tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n + dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls + mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + eddie = { + owner = config.krebs.users.Mic92; + nets = rec { + internet = { + # eddie.thalheim.io + ip4.addr = "129.215.197.11"; + aliases = [ "eddie.i" ]; + }; + retiolum = { + via = internet; + addrs = [ + config.krebs.hosts.eddie.nets.retiolum.ip4.addr + config.krebs.hosts.eddie.nets.retiolum.ip6.addr ]; + ip4.addr = "10.243.29.170"; + aliases = [ "eddie.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2 - t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ - rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW - egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5 - aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V - VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB + MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d + j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm + 3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF + 2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua + KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq + iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t + 6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD + kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u + hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay + pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ + lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.subnets = [ + # edinburgh university + "129.215.0.0/16" + ]; + }; + }; + }; + eve = { + owner = config.krebs.users.Mic92; + nets = rec { + internet = { + # eve.thalheim.io + ip4.addr = "188.68.39.17"; + ip6.addr = "2a03:4000:13:31e::1"; + aliases = [ "eve.i" ]; + }; + retiolum = { + via = internet; + addrs = [ + config.krebs.hosts.eve.nets.retiolum.ip4.addr + config.krebs.hosts.eve.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.174"; + aliases = [ "eve.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH + XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82 + 08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk + 6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI + +xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3 + dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW + pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP + c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi + YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI + 61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13 + Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ== -----END RSA PUBLIC KEY----- ''; }; }; }; + homeros = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.1"; + aliases = [ + "homeros.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd + ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc + 6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v + RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd + vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3 + +LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc + QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm + fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh + VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7 + k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX + gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N + mJ/hywVtvLxNkNimyztoKKMCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + justraute = { + owner = config.krebs.users.raute; # laptop + nets = { + retiolum = { + ip4.addr = "10.243.183.231"; + aliases = [ + "justraute.r" + ]; + tinc.pubkey = tinc-for "justraute"; + }; + }; + }; kruck = { owner = config.krebs.users.palo; nets = { @@ -59,6 +179,55 @@ in { }; }; }; + qubasa = { + owner = config.krebs.users.qubasa; + nets = { + retiolum = { + ip4.addr = "10.243.29.175"; + aliases = [ "qubasa.r" ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ioASTOx6Vndp316u89Z + f+9WgfyVGw9deP2pQjoHnsPjBqRrsDCQGFO/U1ILQn0AWskQpHWHRir7Q6cI90jm + 8MqqGVymVFbeYbrOLHLjp+2fle9iU9DfST4O76TQwF/3elLf3tpGFS8EB+qF3Ig7 + aVOf5TuHPWWj6VtGTuWW9I8MsPnNykyRstlWXEztIs2zQrc0cO1IGd1QVarDGqTs + KR4Zm7PvF7U193NzPLaH6jcdjF37FETLrNxAu88M+YnvXBp4oRHeJmvBloazpH0v + aSb3+vNRlViMSlf9ImpAHlFRyvYYDAWlIY0nyeNUJna1ImGloSStLtBAhFAwc65j + kmrXeK3TVAoGZQOvSbjFmI/nBgfHEOnz/9aRVHGUNoQ/nAM6UhALFEZV6sdjX6W4 + 3p670DEO5fiI3fqqErkscbv8zSEjfmxV4YGMXVMw8Ub87fGwQEF17uDLeqD0k9AB + 7umwrWP53YffauAqinma0I6RcLRVRfJ2vhyBH1mKwAAW55WU6DpBTydy46kxy/Oz + k9Cnxw7oMydUAAdnf5Axgs+dcx43lnXvGsoHi4lZycYhqtPe2YI152HAbGfmrixV + Slzh8aiinBkLYW2VzJNTRmHvB3njjeua4/guXwe00G7MIs3UDMIieJNcVxb+E07v + vF2rqhqU9b+1MQRhIPsBf4cCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + rock = { + owner = config.krebs.users.Mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.171"; + aliases = [ "rock.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM + DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7 + HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh + mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf + Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M + Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD + 91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4 + fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv + 3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav + ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q + cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; scardanelli = { owner = config.krebs.users.kmein; nets = { @@ -86,33 +255,40 @@ in { }; }; }; - homeros = { - owner = config.krebs.users.kmein; + sokrateslaptop = { + owner = config.krebs.users.sokratess; nets = { retiolum = { - ip4.addr = "10.243.2.1"; + ip4.addr = "10.243.142.104"; aliases = [ - "homeros.r" + "sokrateslaptop.r" ]; tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd - ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc - 6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v - RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd - vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3 - +LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc - QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm - fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh - VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7 - k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX - gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N - mJ/hywVtvLxNkNimyztoKKMCAwEAAQ== - -----END PUBLIC KEY----- + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2 + t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ + rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW + egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5 + aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V + VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB + -----END RSA PUBLIC KEY----- ''; }; }; }; + tpsw = { + cores = 2; + owner = config.krebs.users.ciko; # main laptop + nets = { + retiolum = { + ip4.addr = "10.243.183.236"; + aliases = [ + "tpsw.r" + ]; + tinc.pubkey = tinc-for "tpsw"; + }; + }; + }; turingmachine = { owner = config.krebs.users.Mic92; nets = { @@ -139,68 +315,6 @@ in { }; }; }; - eddie = { - owner = config.krebs.users.Mic92; - nets = rec { - internet = { - # eddie.thalheim.io - ip4.addr = "129.215.197.11"; - aliases = [ "eddie.i" ]; - }; - retiolum = { - via = internet; - addrs = [ - config.krebs.hosts.eddie.nets.retiolum.ip4.addr - config.krebs.hosts.eddie.nets.retiolum.ip6.addr - ]; - ip4.addr = "10.243.29.170"; - aliases = [ "eddie.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d - j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm - 3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF - 2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua - KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq - iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t - 6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD - kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u - hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay - pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ - lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.subnets = [ - # edinburgh university - "129.215.0.0/16" - ]; - }; - }; - }; - rock = { - owner = config.krebs.users.Mic92; - nets = { - retiolum = { - ip4.addr = "10.243.29.171"; - aliases = [ "rock.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM - DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7 - HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh - mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf - Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M - Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD - 91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4 - fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv - 3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav - ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q - cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; inspector = { owner = config.krebs.users.Mic92; nets = rec { @@ -230,105 +344,75 @@ in { }; }; }; - dpdkm = { + matchbox = { owner = config.krebs.users.Mic92; - nets = rec { + nets = { retiolum = { - ip4.addr = "10.243.29.173"; - aliases = [ "dpdkm.r" ]; + ip4.addr = "10.243.29.176"; + aliases = [ "matchbox.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj - NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp - qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP - X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn - f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa - bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL - Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T - B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w - tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n - dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls - mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ== + MIICCgKCAgEAqwB9pzV889vpMp/am+T0sfm5qO/wAWS/tv0auYK3Zyx3ChxrQX2m + VrxO5a/bjR/g1fi/t2kJIV/6tsVSRHfzKuKHprE2KxeNOmwUuSjjiM4CboASMR+w + nra6U0Ldf5vBxtEj5bj384QxwxxVLhSw8NbE43FCM07swSvAT8Y/ZmGUd738674u + TNC6zM6zwLvN0dxCDLuD5bwUq7y73JNQTm2YXv1Hfw3T8XqJK/Xson2Atv2Y5ZbE + TA0RaH3PoEkhkVeJG/EuUIJhvmunS5bBjFSiOiUZ8oEOSjo9nHUMD0u+x1BZIg/1 + yy5B5iB4YSGPAtjMJhwD/LRIoI8msWpdVCCnA+FlKCKAsgC7JbJgcOUtK9eDFdbO + 4FyzdUJbK+4PDguraPGzIX7p+K3SY8bbyo3SSp5rEb+CEWtFf26oJm7eBhDBT6K4 + Ofmzp0GjFbS8qkqEGCQcfi4cAsXMVCn4AJ6CKs89y19pLZ42fUtWg7WgUZA7GWV/ + bPE2RSBMUkGb0ovgoe7Z7NXsL3AST8EQEy+3lAEyUrPFLiwoeGJZmfTDTy1VBFI4 + nCShp7V+MSmz4DnLK1HLksLVLmGyZmouGsLjYUnEa414EI6NJF3bfEO2ZRGaswyR + /vW066YCTe7wi+YrvrMDgkdbyfn/ecMTn2iXsTb4k9/fuO0+hsqL+isCAwEAAQ== -----END RSA PUBLIC KEY----- ''; }; }; }; - eve = { - owner = config.krebs.users.Mic92; - nets = rec { - internet = { - # eve.thalheim.io - ip4.addr = "188.68.39.17"; - ip6.addr = "2a03:4000:13:31e::1"; - aliases = [ "eve.i" ]; - }; - retiolum = { - via = internet; - addrs = [ - config.krebs.hosts.eve.nets.retiolum.ip4.addr - config.krebs.hosts.eve.nets.retiolum.ip6.addr - ]; - ip4.addr = "10.243.29.174"; - aliases = [ "eve.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH - XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82 - 08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk - 6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI - +xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3 - dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW - pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP - c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi - YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI - 61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13 - Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - qubasa = { - owner = config.krebs.users.qubasa; + miaoski = { + owner = config.krebs.users.miaoski; nets = { - retiolum = { - ip4.addr = "10.243.29.175"; - aliases = [ "qubasa.r" ]; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ioASTOx6Vndp316u89Z - f+9WgfyVGw9deP2pQjoHnsPjBqRrsDCQGFO/U1ILQn0AWskQpHWHRir7Q6cI90jm - 8MqqGVymVFbeYbrOLHLjp+2fle9iU9DfST4O76TQwF/3elLf3tpGFS8EB+qF3Ig7 - aVOf5TuHPWWj6VtGTuWW9I8MsPnNykyRstlWXEztIs2zQrc0cO1IGd1QVarDGqTs - KR4Zm7PvF7U193NzPLaH6jcdjF37FETLrNxAu88M+YnvXBp4oRHeJmvBloazpH0v - aSb3+vNRlViMSlf9ImpAHlFRyvYYDAWlIY0nyeNUJna1ImGloSStLtBAhFAwc65j - kmrXeK3TVAoGZQOvSbjFmI/nBgfHEOnz/9aRVHGUNoQ/nAM6UhALFEZV6sdjX6W4 - 3p670DEO5fiI3fqqErkscbv8zSEjfmxV4YGMXVMw8Ub87fGwQEF17uDLeqD0k9AB - 7umwrWP53YffauAqinma0I6RcLRVRfJ2vhyBH1mKwAAW55WU6DpBTydy46kxy/Oz - k9Cnxw7oMydUAAdnf5Axgs+dcx43lnXvGsoHi4lZycYhqtPe2YI152HAbGfmrixV - Slzh8aiinBkLYW2VzJNTRmHvB3njjeua4/guXwe00G7MIs3UDMIieJNcVxb+E07v - vF2rqhqU9b+1MQRhIPsBf4cCAwEAAQ== - -----END PUBLIC KEY----- - ''; + wiregrill = { + aliases = [ "miaoski.w" ]; + wireguard = { + pubkey = "8haz9JX5nAMORzNy89VdHC1Z9XA94ogaZsY3d2Rfkl4="; + }; }; }; }; }; users = { - Mic92 = { - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE"; - mail = "joerg@higgsboson.tk"; + ciko = { + mail = "wieczorek.stefan@googlemail.com"; + }; + exco = { + mail = "dickbutt@excogitation.de"; + pubkey = ssh-for "exco"; }; kmein = { + mail = "kieran.meinhardt@gmail.com"; + pubkey = ssh-for "kmein"; }; - palo = { + Mic92 = { + mail = "joerg@higgsboson.tk"; + pubkey = ssh-for "Mic92"; }; - sokratess = { + palo = { }; qubasa = { mail = "luis.nixos@gmail.com"; }; + raute = { + mail = "macxylo@gmail.com"; + pubkey = ssh-for "raute"; + }; + sokratess = { + }; + ulrich = { + mail = "shackspace.de@myvdr.de"; + pubkey = ssh-for "ulrich"; + }; + miaoski = { + }; }; } diff --git a/krebs/3modules/external/ssh/Mic92.pub b/krebs/3modules/external/ssh/Mic92.pub new file mode 100644 index 000000000..600709c78 --- /dev/null +++ b/krebs/3modules/external/ssh/Mic92.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE diff --git a/krebs/3modules/makefu/ssh/exco.pub b/krebs/3modules/external/ssh/exco.pub index cab884c0c..cab884c0c 100644 --- a/krebs/3modules/makefu/ssh/exco.pub +++ b/krebs/3modules/external/ssh/exco.pub diff --git a/krebs/3modules/external/ssh/kmein.pub b/krebs/3modules/external/ssh/kmein.pub new file mode 100644 index 000000000..5711a2c1c --- /dev/null +++ b/krebs/3modules/external/ssh/kmein.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com diff --git a/krebs/3modules/external/ssh/raute.pub b/krebs/3modules/external/ssh/raute.pub new file mode 100644 index 000000000..69b4d3d10 --- /dev/null +++ b/krebs/3modules/external/ssh/raute.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH385gr3BAKJ92k1FaOLx2wFMgDFTmupOcww5g/bEAsO raute@wolf diff --git a/krebs/3modules/makefu/ssh/ulrich.pub b/krebs/3modules/external/ssh/ulrich.pub index 8ac69004c..8ac69004c 100644 --- a/krebs/3modules/makefu/ssh/ulrich.pub +++ b/krebs/3modules/external/ssh/ulrich.pub diff --git a/krebs/3modules/external/tinc/justraute.pub b/krebs/3modules/external/tinc/justraute.pub new file mode 100644 index 000000000..b4af349b7 --- /dev/null +++ b/krebs/3modules/external/tinc/justraute.pub @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0FJ2Wh7y8lgXOLXR2VQh +BsERf4uoWQ2UZexxv5bo6H9aYmyc+pA7q9ScP+ljKIXHLG3RbskIDFJLfs2HHS2u +rCD3Pv71Ihx8fgmP7VdJktvFV8uBbDk2YF28Kd198ggEPL9ki1+LKzauTv0CCBcK +O78VgN8v+l42v+oQSFk30FBYCpvld39dv74etb4/T4zmn7H3RNH+gPU1T0dge4yu +xdlCk4TmNXWcw3cDvcCDDJFblH100IWRZ8enH4wHC5LvSKcYCqiiILsKAPuS8/J0 +cUePfRln1ZJDvR8AlO8ejRU7PC7550JbyqRbu0oAro2fLz7BOAJi6v8SbPU4GUaT +uFDwJsIqcRnnC8a7N4DouDyUUnTWdTtuDtl0R/I9SYY/u4MhgmFI8bribhwDMmdC +V7UM+023cC/mM9TqCPP0xdy3oiTXRyWk9aNEWep4box/VXmNsJ0hjeIi/W06eXBZ +0j5T3wKnuxSzktyhq8Jt4zJEuarBfwGBcxNf+3CHuKjfN7SAxmQZCRwS/2cPcNDS +HkApVsqTdOuLaXnoCJQyxvMQt70OCXmOs/bk0ZAcqNRJ+gYot1duplB+15+ro07j +3sLbwUMsfpC40CnHd3s1w74/5l1DAc9Mo4I5xX0QH7PCgVzJ9wEctonaItWzT/q4 +vElG9ULoGQb0prlJC35i738CAwEAAQ== +-----END PUBLIC KEY----- diff --git a/krebs/3modules/external/tinc/tpsw.pub b/krebs/3modules/external/tinc/tpsw.pub new file mode 100644 index 000000000..38b0cb293 --- /dev/null +++ b/krebs/3modules/external/tinc/tpsw.pub @@ -0,0 +1,8 @@ +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ +Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML +WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl +OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM +0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd +pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 9d1d56ad3..630c14f18 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -91,7 +91,6 @@ in { }; wiregrill = { via = internet; - ip4.addr = "10.244.1.1"; ip6.addr = w6 "1"; aliases = [ "prism.w" @@ -99,7 +98,6 @@ in { wireguard = { pubkey = "oKJotppdEJqQBjrqrommEUPw+VFryvEvNJr/WikXohk="; subnets = [ - "10.244.1.0/24" (krebs.genipv6 "wiregrill" "external" 0).subnetCIDR (krebs.genipv6 "wiregrill" "lass" 0).subnetCIDR ]; @@ -278,7 +276,7 @@ in { nets = rec { retiolum = { ip4.addr = "10.243.133.115"; - ip6.addr = r6 "dead"; + ip6.addr = r6 "daed"; aliases = [ "daedalus.r" "cgit.daedalus.r" @@ -294,8 +292,14 @@ in { -----END RSA PUBLIC KEY----- ''; }; + wiregrill = { + ip6.addr = w6 "daed"; + aliases = [ + "daedalus.w" + ]; + wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI="; + }; }; - secure = true; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g"; }; @@ -474,7 +478,6 @@ in { phone = { nets = { wiregrill = { - ip4.addr = "10.244.1.2"; ip6.addr = w6 "a"; aliases = [ "phone.w" diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index befec2156..e60bbee70 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -992,57 +992,6 @@ in { }; }; }; - } // { # hosts only maintained in stockholm, not owned by me - muhbaasu = rec { - owner = config.krebs.users.root; - cores = 1; - nets = { - internet = { - ip4.addr = "217.160.206.154"; - aliases = [ - "muhbaasu.i" - ]; - }; - retiolum = { - ip4.addr = "10.243.139.184"; - aliases = [ - "muhbaasu.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0f4C4xKXpnyV1ig03O2Kef8ag+/5WGkW90uxEBb/h5NY9barex+Z - KqVbkPdHhwoCIINuCVcOnJXzeo0FZtSEq3zVhscVm0PVdNfjct8a9KMsK0iUmuul - 5WD9Glh5/1wkEmbRfVxDErhssz1b8YmFOAGQn+ujO/Znn3BLv36uKQvpqU2y5bzb - +rVnq3eE1bCSeuj41bgEve8+vxpforjLO6gbE91mwp3Ol6nkkp6CjpG+aFTuLCAj - YR0MIl2gGwskOGSI38QxlLouOlIGwus5f+KfC94ZP0pMwu5pT45UOUkVnlBXuZ9E - igNHG2Vtm76nB3yYHndOvuDTOufatX61dQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - tpsw = { - cores = 2; - owner = config.krebs.users.ciko; # main laptop - nets = { - retiolum = { - ip4.addr = "10.243.183.236"; - aliases = [ - "tpsw.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ - Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML - WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl - OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM - 0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd - pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; }; users = rec { makefu = { @@ -1079,16 +1028,5 @@ in { inherit (makefu) mail pgp; pubkey = pub-for "makefu.bob"; }; - ciko = { - mail = "wieczorek.stefan@googlemail.com"; - }; - ulrich = { - pubkey = pub-for "ulrich"; - mail = "shackspace.de@myvdr.de"; - }; - exco = { - mail = "dickbutt@excogitation.de"; - pubkey = pub-for "exco"; - }; }; } |