summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/filebitch/config.nix48
-rw-r--r--krebs/1systems/filebitch/hardware-configuration.nix96
-rw-r--r--krebs/1systems/wolf/config.nix4
-rw-r--r--krebs/2configs/buildbot-stockholm.nix1
-rw-r--r--krebs/2configs/shack/glados/automation/hass-restart.nix20
-rw-r--r--krebs/2configs/shack/glados/default.nix19
-rw-r--r--krebs/2configs/shack/glados/lib/default.nix107
-rw-r--r--krebs/2configs/shack/glados/multi/schlechte_luft.nix123
-rw-r--r--krebs/2configs/shack/glados/multi/wasser.nix17
-rw-r--r--krebs/2configs/shack/glados/sensors/hass.nix23
-rw-r--r--krebs/2configs/shack/muellshack.nix4
-rw-r--r--krebs/2configs/shack/shackDNS.nix63
-rw-r--r--krebs/2configs/shack/ssh-keys.nix1
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/external/default.nix335
-rw-r--r--krebs/3modules/external/mic92.nix347
-rw-r--r--krebs/3modules/external/ssh/xq.pub1
-rw-r--r--krebs/3modules/hidden-ssh.nix14
-rw-r--r--krebs/3modules/krebs/default.nix29
-rw-r--r--krebs/3modules/makefu/default.nix8
-rw-r--r--krebs/3modules/makefu/retiolum/filebitch.pub8
-rw-r--r--krebs/3modules/realwallpaper.nix185
-rw-r--r--krebs/3modules/tinc_graphs.nix1
-rw-r--r--krebs/5pkgs/simple/irc-announce/default.nix2
-rw-r--r--krebs/5pkgs/simple/realwallpaper/default.nix185
-rw-r--r--krebs/nixpkgs-unstable.json6
-rw-r--r--krebs/nixpkgs.json6
27 files changed, 1070 insertions, 584 deletions
diff --git a/krebs/1systems/filebitch/config.nix b/krebs/1systems/filebitch/config.nix
new file mode 100644
index 000000000..9c6a9da08
--- /dev/null
+++ b/krebs/1systems/filebitch/config.nix
@@ -0,0 +1,48 @@
+{ config, pkgs, ... }:
+let
+ shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
+in
+{
+ imports = [
+ ./hardware-configuration.nix
+ <stockholm/krebs>
+ <stockholm/krebs/2configs>
+ # <stockholm/krebs/2configs/secret-passwords.nix>
+
+ # <stockholm/krebs/2configs/binary-cache/nixos.nix>
+ # <stockholm/krebs/2configs/binary-cache/prism.nix>
+ <stockholm/krebs/2configs/shack/ssh-keys.nix>
+ <stockholm/krebs/2configs/shack/prometheus/node.nix>
+ # provides access to /home/share for smbuser via smb
+ <stockholm/krebs/2configs/shack/share.nix>
+ {
+ fileSystems."/home/share" =
+ { device = "/serve";
+ options = [ "bind" "nofail" ];
+ };
+ }
+
+ ## Collect local statistics via collectd and send to collectd
+ <stockholm/krebs/2configs/stats/shack-client.nix>
+ <stockholm/krebs/2configs/stats/shack-debugging.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.filebitch;
+ sound.enable = false;
+
+ services.udev.extraRules = ''
+ SUBSYSTEM=="net", ATTR{address}=="60:a4:4c:3d:52:cf", NAME="et0"
+ '';
+ networking = {
+ firewall.enable = true;
+ interfaces.et0.ipv4.addresses = [
+ {
+ address = shack-ip;
+ prefixLength = 20;
+ }
+ ];
+
+ defaultGateway = "10.42.0.1";
+ nameservers = [ "10.42.0.100" "10.42.0.200" ];
+ };
+}
diff --git a/krebs/1systems/filebitch/hardware-configuration.nix b/krebs/1systems/filebitch/hardware-configuration.nix
new file mode 100644
index 000000000..574618e39
--- /dev/null
+++ b/krebs/1systems/filebitch/hardware-configuration.nix
@@ -0,0 +1,96 @@
+{ config, lib, pkgs, ... }:
+let
+ byid = dev: "/dev/disk/by-id/" + dev;
+ keyFile = byid "usb-SMI_USB_DISK_AA08061700009650-0:0";
+in
+{
+ imports =
+ [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+ ];
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues
+ boot.zfs.forceImportRoot = false;
+ boot.zfs.forceImportAll = false;
+ boot.kernelParams = [
+ "boot.shell_on_fail"
+ "panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
+ ];
+ boot.tmpOnTmpfs = true;
+
+
+ boot.initrd.availableKernelModules = [
+ "xhci_pci" "ahci" "ohci_pci" "ehci_pci" "usb_storage" "usbhid" "sd_mod"
+ "raid456"
+ "usbhid"
+ "usb_storage"
+ ];
+ boot.initrd.kernelModules = [
+ "sata_sil"
+ "megaraid_sas"
+ ];
+ boot.kernelModules = [ "kvm-amd" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "tank/root";
+ fsType = "zfs";
+ };
+
+ fileSystems."/home" =
+ { device = "tank/home";
+ fsType = "zfs";
+ };
+
+ fileSystems."/nix" =
+ { device = "tank/nix";
+ fsType = "zfs";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-uuid/5266-931D";
+ fsType = "vfat";
+ };
+ fileSystems."/serve" =
+ { device = "/dev/cryptvg/serve";
+ fsType = "ext4";
+ options = [ "nofail" ];
+ };
+ fileSystems."/serve/incoming" =
+ { device = "/dev/cryptvg/incoming";
+ fsType = "ext4";
+ options = [ "nofail" ];
+
+ };
+ fileSystems."/serve/movies" =
+ { device = "/dev/cryptvg/servemovies";
+ fsType = "ext4";
+ options = [ "nofail" ];
+ };
+
+ swapDevices =
+ [ { device = "/dev/disk/by-uuid/3353c76f-50e4-471d-84bc-ff922d22b271"; }
+ ];
+
+ nix.maxJobs = lib.mkDefault 4;
+ boot.loader.grub.device = byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN";
+
+ networking.hostId = "54d97450"; # required for zfs use
+ boot.initrd.luks.devices = let
+ usbkey = name: device: {
+ inherit name device keyFile;
+ keyFileSize = 2048;
+ preLVM = true;
+ };
+ in [
+ ((usbkey "swap" (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part2"))
+ // { allowDiscards = true; } )
+ ((usbkey "root" (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part3"))
+ // { allowDiscards = true; } )
+ (usbkey "125" "/dev/md125")
+ (usbkey "126" "/dev/md126")
+ (usbkey "127" "/dev/md127")
+ ];
+
+
+}
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 059e09ac1..7a096cecf 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -69,6 +69,10 @@ in
# grafana.shack
<stockholm/krebs/2configs/shack/grafana.nix>
+ # shackdns.shack
+ # replacement for leases.shack and shackles.shack
+ <stockholm/krebs/2configs/shack/shackDNS.nix>
+
];
# use your own binary cache, fallback use cache.nixos.org (which is used by
# apt-cacher-ng in first place)
diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix
index 5784f2cdc..ca6e0922a 100644
--- a/krebs/2configs/buildbot-stockholm.nix
+++ b/krebs/2configs/buildbot-stockholm.nix
@@ -27,6 +27,7 @@
"http://cgit.ni.r/krops"
"http://cgit.prism.r/krops"
"https://git.ingolf-wagner.de/krebs/krops.git"
+ "https://github.com/krebs/krops.git"
];
nix_writers.urls = [
"http://cgit.hotdog.r/nix-writers"
diff --git a/krebs/2configs/shack/glados/automation/hass-restart.nix b/krebs/2configs/shack/glados/automation/hass-restart.nix
new file mode 100644
index 000000000..e87354978
--- /dev/null
+++ b/krebs/2configs/shack/glados/automation/hass-restart.nix
@@ -0,0 +1,20 @@
+# needs:
+# light.fablab_led
+[
+ { alias = "State on HA start-up";
+ trigger = {
+ platform = "homeassistant";
+ event = "start";
+ };
+ action = [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Rainbow";
+ color_name = "yellow";
+ };
+ }
+ ];
+ }
+]
+
diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix
index d000af397..e48a54551 100644
--- a/krebs/2configs/shack/glados/default.nix
+++ b/krebs/2configs/shack/glados/default.nix
@@ -2,6 +2,7 @@
let
shackopen = import ./multi/shackopen.nix;
wasser = import ./multi/wasser.nix;
+ badair = import ./multi/schlechte_luft.nix;
in {
services.nginx.virtualHosts."hass.shack" = {
serverAliases = [ "glados.shack" ];
@@ -44,7 +45,7 @@ in {
autoExtraComponents = true;
config = {
homeassistant = {
- name = "Bureautomation";
+ name = "Glados";
time_zone = "Europe/Berlin";
latitude = "48.8265";
longitude = "9.0676";
@@ -89,7 +90,7 @@ in {
};
};
switch = wasser.switch;
- light = [];
+ light = badair.light;
media_player = [
{ platform = "mpd";
host = "lounge.mpd.shack";
@@ -99,7 +100,8 @@ in {
sensor =
(import ./sensors/hass.nix)
++ (import ./sensors/power.nix)
- ++ shackopen.sensor;
+ ++ shackopen.sensor
+ ++ badair.sensor;
binary_sensor = shackopen.binary_sensor;
@@ -113,8 +115,9 @@ in {
trusted_proxies = "127.0.0.1";
};
#conversation = {};
- #history = {};
- #logbook = {};
+ history = {};
+ logbook = {};
+ recorder = {};
tts = [
{ platform = "google_translate";
language = "de";
@@ -123,10 +126,12 @@ in {
# language = "de-DE";
#}
];
- #recorder = {};
sun = {};
- automation = wasser.automation;
+ automation = wasser.automation
+ ++ badair.automation
+ ++ (import ./automation/hass-restart.nix);
+
device_tracker = [];
};
};
diff --git a/krebs/2configs/shack/glados/lib/default.nix b/krebs/2configs/shack/glados/lib/default.nix
new file mode 100644
index 000000000..6737af842
--- /dev/null
+++ b/krebs/2configs/shack/glados/lib/default.nix
@@ -0,0 +1,107 @@
+let
+ prefix = "glados";
+in
+{
+ esphome =
+ {
+ temp = {host, topic ? "temperature" }:
+ {
+ platform = "mqtt";
+ name = "${host} Temperature";
+ device_class = "temperature";
+ unit_of_measurement = "°C";
+ icon = "mdi:thermometer";
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ };
+ hum = {host, topic ? "humidity" }:
+ {
+ platform = "mqtt";
+ unit_of_measurement = "%";
+ icon = "mdi:water-percent";
+ device_class = "humidity";
+ name = "${host} Humidity";
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ };
+ # copied from "homeassistant/light/fablab_led/led_ring/config"
+ led = {host, topic ? "led", name ? host}:
+ { # name: fablab_led
+ # topic: led_ring
+ platform = "mqtt";
+ inherit name;
+ schema = "json";
+ brightness = true;
+ rgb = true;
+ effect = true;
+ effect_list = [ # TODO: may be different
+ "Random"
+ "Strobe"
+ "Rainbow"
+ "Color Wipe"
+ "Scan"
+ "Twinkle"
+ "Fireworks"
+ "Addressable Flicker"
+ "None"
+ ];
+ state_topic = "${prefix}/${host}/light/${topic}/state";
+ command_topic = "${prefix}/${host}/light/${topic}/command";
+ availability_topic = "${prefix}/${host}/status";
+ payload_available = "online";
+ payload_not_available = "offline";
+ qos = 1;
+ };
+ # Feinstaub
+ dust_25m = { host, name ? "${host} < 2.5µm", topic ? "particulate_matter_25m_concentration" }:
+ {
+ platform = "mqtt";
+ unit_of_measurement = "µg/m³";
+ icon = "mdi:chemical-weapon";
+ inherit name;
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ };
+ dust_100m = {host, name ? "${host} < 10µm", topic ? "particulate_matter_100m_concentration" }:
+ {
+ platform = "mqtt";
+ unit_of_measurement = "µg/m³";
+ icon = "mdi:chemical-weapon";
+ inherit name;
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ };
+ switch = {host, name ? "${host} Button", topic ? "btn" }:
+ # host: ampel
+ # name: Button 1
+ # topic: btn1
+ {
+ inherit name;
+ platform = "mqtt";
+ state_topic = "${prefix}/${host}/sensor/${topic}/state";
+ command_topic = "${prefix}/${host}/switch/${topic}/state";
+ availability_topic = "${prefix}/${host}/status";
+ };
+ };
+ tasmota =
+ {
+ plug = {host, name ? host, topic ? host}:
+ {
+ platform = "mqtt";
+ inherit name;
+ state_topic = "sonoff/stat/${topic}/POWER1";
+ command_topic = "sonoff/cmnd/${topic}/POWER1";
+ availability_topic = "sonoff/tele/${topic}/LWT";
+ payload_on= "ON";
+ payload_off= "OFF";
+ payload_available= "Online";
+ payload_not_available= "Offline";
+ retain = false;
+ qos = 1;
+ };
+ };
+}
diff --git a/krebs/2configs/shack/glados/multi/schlechte_luft.nix b/krebs/2configs/shack/glados/multi/schlechte_luft.nix
new file mode 100644
index 000000000..9cd2c56f4
--- /dev/null
+++ b/krebs/2configs/shack/glados/multi/schlechte_luft.nix
@@ -0,0 +1,123 @@
+let
+ glados = import ../lib;
+in
+{
+ # LED
+ light = [
+ (glados.esphome.led { name = "Fablab LED"; host = "fablab_led"; topic = "led_ring"; })
+
+ (glados.esphome.led { name = "Fablab LED Part A"; host = "fablab_led"; topic = "A";})
+ (glados.esphome.led { name = "Fablab LED Part B"; host = "fablab_led"; topic = "B";})
+ (glados.esphome.led { name = "Fablab LED Part C"; host = "fablab_led"; topic = "C";})
+ (glados.esphome.led { name = "Fablab LED Part D"; host = "fablab_led"; topic = "D";})
+ ];
+ sensor = [
+ (glados.esphome.temp { host = "fablab_feinstaub";})
+ (glados.esphome.dust_25m { host = "fablab_feinstaub";})
+ (glados.esphome.dust_100m { host = "fablab_feinstaub";})
+ ];
+ automation =
+ [
+ { alias = "Gute Luft Fablab";
+ trigger = [
+ {
+ platform = "numeric_state";
+ below = 25;
+ entity_id = "sensor.fablab_feinstaub_2_5um";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Twinkle";
+ color_name = "green";
+ };
+ }
+ ];
+ }
+ { alias = "mäßige Luft Fablab";
+ trigger = [
+ #{
+ # platform = "numeric_state";
+ # above = 25;
+ # entity_id = "sensor.fablab_feinstaub_25m";
+ #}
+ {
+ platform = "numeric_state";
+ above = 25;
+ below = 50;
+ entity_id = "sensor.fablab_feinstaub_2_5um";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Twinkle";
+ color_name = "yellow";
+ };
+ }
+ ];
+ }
+ { alias = "schlechte Luft Fablab";
+ trigger = [
+ {
+ platform = "numeric_state";
+ above = 50;
+ entity_id = "sensor.fablab_feinstaub_2_5um";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Twinkle";
+ color_name = "red";
+ };
+ }
+ ];
+ }
+ { alias = "Luft Sensor nicht verfügbar";
+ trigger = [
+ {
+ platform = "state";
+ to = "unavailable";
+ entity_id = "sensor.fablab_feinstaub_2_5um";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Rainbow";
+ color_name = "blue";
+ };
+ }
+ ];
+ }
+ { alias = "Fablab Licht Reboot";
+ trigger = [
+ {
+ platform = "state";
+ from = "unavailable";
+ entity_id = "light.fablab_led";
+ }
+ ];
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ entity_id = "light.fablab_led";
+ effect = "Rainbow";
+ color_name = "orange";
+ };
+ }
+ ];
+ }
+ ];
+}
diff --git a/krebs/2configs/shack/glados/multi/wasser.nix b/krebs/2configs/shack/glados/multi/wasser.nix
index 578bb0750..cdfe01405 100644
--- a/krebs/2configs/shack/glados/multi/wasser.nix
+++ b/krebs/2configs/shack/glados/multi/wasser.nix
@@ -1,23 +1,12 @@
let
- tasmota_plug = name: topic:
- { platform = "mqtt";
- inherit name;
- state_topic = "sonoff/stat/${topic}/POWER1";
- command_topic = "sonoff/cmnd/${topic}/POWER1";
- availability_topic = "sonoff/tele/${topic}/LWT";
- payload_on= "ON";
- payload_off= "OFF";
- payload_available= "Online";
- payload_not_available= "Offline";
- retain = false;
- qos = 1;
- };
+ glados = import ../lib;
seconds = 20;
in
{
switch = [
- (tasmota_plug "Wasser" "plug")
+ (glados.tasmota.plug { host = "Wasser"; topic = "plug";} )
];
+
automation =
[
{ alias = "Water the plant for ${toString seconds} seconds";
diff --git a/krebs/2configs/shack/glados/sensors/hass.nix b/krebs/2configs/shack/glados/sensors/hass.nix
index 634758701..8de0ef391 100644
--- a/krebs/2configs/shack/glados/sensors/hass.nix
+++ b/krebs/2configs/shack/glados/sensors/hass.nix
@@ -1,22 +1,5 @@
let
- esphome_temp = name:
- { platform = "mqtt";
- name = "${name} Temperature";
- device_class = "temperature";
- state_topic = "glados/${name}/sensor/temperature/state";
- availability_topic = "glados/${name}/status";
- payload_available = "online";
- payload_not_available = "offline";
- };
- esphome_hum = name:
- { platform = "mqtt";
- device_class = "humidity";
- name = "${name} Humidity";
- state_topic = "glados/${name}/sensor/humidity/state";
- availability_topic = "glados/${name}/status";
- payload_available = "online";
- payload_not_available = "offline";
- };
+ glados = import ../lib;
in
- (map esphome_temp [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
- ++ (map esphome_hum [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
+ (map (host: glados.esphome.temp {inherit host;}) [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
+ ++ (map (host: glados.esphome.hum {inherit host;}) [ "lounge" "werkstatt" "herrenklo" "dusche" "fablab" "whc" ])
diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix
index c1c957da3..c67d8f523 100644
--- a/krebs/2configs/shack/muellshack.nix
+++ b/krebs/2configs/shack/muellshack.nix
@@ -4,8 +4,8 @@ let
pkg = pkgs.callPackage (
pkgs.fetchgit {
url = "https://git.shackspace.de/rz/muellshack";
- rev = "4601f59787de090c83be6dbae6ca72d7fc84ab9f";
- sha256 = "1cshbd6ipvynbm3gmnsm58ccc1m5xc87cpd3b6jx0s6pr2j19g9j";
+ rev = "c3d1f70325e5b90f280c5be60110e14f4de653ae";
+ sha256 = "1dd4kqwdr4v413rmkvmyjzzvw8id9747nifp96pg0c2cy6bhzj24";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/muellshack";
port = "8081";
diff --git a/krebs/2configs/shack/shackDNS.nix b/krebs/2configs/shack/shackDNS.nix
new file mode 100644
index 000000000..807bb7e65
--- /dev/null
+++ b/krebs/2configs/shack/shackDNS.nix
@@ -0,0 +1,63 @@
+{ config, lib, pkgs, ... }:
+
+let
+ pkg =
+ pkgs.fetchgit {
+ url = "https://git.shackspace.de/rz/shackdns";
+ rev = "e55cc906c734b398683f9607b93f1ad6435d8575";
+ sha256 = "1hkwhf3hqb4fz06b1ckh7sl0zcyi4da5fgdlksian8lxyd19n8sq";
+ };
+ home = "/var/lib/shackDNS";
+ port = "8083";
+ config_file = pkgs.writeText "config" ''
+ # Points to a bind configuration file
+ dns-db = ${home}/db.shack
+
+ # Points to a shackles configuration file
+ # See `shackles.json` in repo
+ shackles-db = ${home}/shackles.json
+
+ # Points to a REST service with the DHCP leases
+ leases-api = http://dhcp.shack/dhcpd.leases
+
+ # Wrap this binding with https proxy or similar
+ binding = http://localhost:${port}/
+ '';
+in {
+ # receive response from light.shack / standby.shack
+ networking.firewall.allowedTCPPorts = [ ];
+
+ users.users.shackDNS = {
+ inherit home;
+ createHome = true;
+ };
+ services.nginx.virtualHosts."leases.shack" = {
+ locations."/" = {
+ proxyPass = "http://localhost:${port}/";
+ };
+ };
+ services.nginx.virtualHosts."shackdns.shack" = {
+ locations."/" = {
+ proxyPass = "http://localhost:${port}/";
+ };
+ };
+ services.nginx.virtualHosts."shackles.shack" = {
+ locations."/" = {
+ proxyPass = "http://localhost:${port}/";
+ };
+ };
+
+ systemd.services.shackDNS = {
+ description = "shackDNS provides an overview over DHCP and DNS as well as a replacement for shackles";
+ wantedBy = [ "multi-user.target" ];
+ environment.PORT = port;
+ serviceConfig = {
+ User = "shackDNS";
+ WorkingDirectory = home;
+ ExecStart = "${pkgs.mono6}/bin/mono ${pkg}/shackDNS.exe ${config_file}";
+ PrivateTmp = true;
+ Restart = "always";
+ RestartSec = "15";
+ };
+ };
+}
diff --git a/krebs/2configs/shack/ssh-keys.nix b/krebs/2configs/shack/ssh-keys.nix
index 9c7f507f1..95c869bc9 100644
--- a/krebs/2configs/shack/ssh-keys.nix
+++ b/krebs/2configs/shack/ssh-keys.nix
@@ -4,6 +4,7 @@
config.krebs.users."0x4A6F".pubkey
config.krebs.users.ulrich.pubkey
config.krebs.users.raute.pubkey
+ config.krebs.users.xq.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci
];
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index fcdbcbc19..6f06f4510 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -105,6 +105,7 @@ let
{ krebs = import ./makefu { inherit config; }; }
{ krebs = import ./nin { inherit config; }; }
{ krebs = import ./external/palo.nix { inherit config; }; }
+ { krebs = import ./external/mic92.nix { inherit config; }; }
{ krebs = import ./tv { inherit config; }; }
{
krebs.dns.providers = {
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 821859f3c..059e22866 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -68,103 +68,6 @@ in {
};
};
};
- dpdkm = {
- owner = config.krebs.users.Mic92;
- nets = rec {
- retiolum = {
- ip4.addr = "10.243.29.173";
- aliases = [ "dpdkm.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
- NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
- qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
- X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
- f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
- bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
- Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
- B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
- tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
- dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
- mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
- eddie = {
- owner = config.krebs.users.Mic92;
- nets = rec {
- internet = {
- # eddie.thalheim.io
- ip4.addr = "129.215.197.11";
- aliases = [ "eddie.i" ];
- };
- retiolum = {
- via = internet;
- addrs = [
- config.krebs.hosts.eddie.nets.retiolum.ip4.addr
- config.krebs.hosts.eddie.nets.retiolum.ip6.addr
- ];
- ip4.addr = "10.243.29.170";
- aliases = [ "eddie.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d
- j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm
- 3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF
- 2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua
- KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq
- iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t
- 6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD
- kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u
- hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay
- pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ
- lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- tinc.subnets = [
- # edinburgh university
- "129.215.0.0/16"
- ];
- };
- };
- };
- eve = {
- owner = config.krebs.users.Mic92;
- nets = rec {
- internet = {
- # eve.thalheim.io
- ip4.addr = "95.216.112.61";
- ip6.addr = "2a01:4f9:2b:1605::1";
- aliases = [ "eve.i" ];
- };
- retiolum = {
- via = internet;
- addrs = [
- config.krebs.hosts.eve.nets.retiolum.ip4.addr
- config.krebs.hosts.eve.nets.retiolum.ip6.addr
- ];
- ip4.addr = "10.243.29.174";
- aliases = [ "eve.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
- XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82
- 08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk
- 6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI
- +xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3
- dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW
- pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP
- c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi
- YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI
- 61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13
- Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
homeros = {
owner = config.krebs.users.kmein;
nets = {
@@ -255,190 +158,6 @@ in {
};
};
};
- rose = {
- owner = config.krebs.users.Mic92;
- nets = rec {
- internet = {
- ip4.addr = "129.215.165.52";
- aliases = [ "rose.i" ];
- };
- retiolum = {
- via = internet;
- addrs = [
- config.krebs.hosts.rose.nets.retiolum.ip4.addr
- config.krebs.hosts.rose.net