From 5894ecc94233b72003ac859fab8b12c8ade7766a Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 23 Jun 2016 16:45:44 +0200
Subject: add siem internal network

---
 krebs/3modules/makefu/default.nix | 51 ++++++++++++++++++++++++++++++++++++---
 makefu/2configs/default.nix       |  2 ++
 2 files changed, 49 insertions(+), 4 deletions(-)

diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 14cee8e1..0b58c75c 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -48,6 +48,12 @@ with config.krebs.lib;
             -----END RSA PUBLIC KEY-----
           '';
         };
+        siem = {
+          ip4.addr = "10.8.10.2";
+          aliases = [
+            "darth.siem"
+          ];
+        };
       };
     };
     tsp = {
@@ -98,6 +104,12 @@ with config.krebs.lib;
             -----END RSA PUBLIC KEY-----
           '';
         };
+        siem = {
+          ip4.addr = "10.8.10.4";
+          aliases = [
+            "arch.siem"
+          ];
+        };
       };
       ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
       ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@pornocauster";
@@ -184,6 +196,8 @@ with config.krebs.lib;
         internet = {
           ip4.addr = "104.233.87.86";
           aliases = [
+            "wry.i"
+            "paste.i"
             "wry.internet"
             "paste.internet"
           ];
@@ -194,10 +208,10 @@ with config.krebs.lib;
           ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad";
           aliases = [
             "graphs.wry.retiolum"
-            "graphs.retiolum"
+            "graphs.r" "graphs.retiolum"
             "paste.wry.retiolum"
-            "paste.retiolum"
-            "wry.retiolum"
+            "paste.r" "paste.retiolum"
+            "wry.r" "wry.retiolum"
             "wiki.makefu.retiolum"
             "wiki.wry.retiolum"
             "blog.makefu.retiolum"
@@ -343,6 +357,13 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
     shoney = rec {
       cores = 1;
       nets = {
+        siem = {
+          ip4.addr = "10.8.10.1";
+          aliases = [
+            "sjump.siem"
+            "graphs.siem"
+          ];
+        };
         internet = {
           ip4.addr = "64.137.234.215";
           aliases = [
@@ -456,6 +477,28 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
     };
 
 
+    lariat = rec {
+      cores = 2;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.64.7";
+          aliases = [
+            "lariat.r"
+          ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEAqiDzxADQYY8cWBH+R5aKSoxaFHLvPvVMgB7R1Y6QVTqD5YUCuINX
+            eBLFV9idHnHzdZU+xo/c8EFQf0hvyP0z3bcXaiw+RlpEYdK6tuaypJ3870toqWmA
+            269H8ufA3DA0hxlY7dwnhg8Rb7KGIlNN8fy4RMGe73PupF5aAmiDiEhPalv4E0qJ
+            unmk5y1OHQFPxYm++yLo5SVFlcO89jDtGpvg5papp8JvtxTkrshby1lXf/sph3Cv
+            d1z6h7S+HgT+BMwTZY5dIrwYAcob/t1sRmWsY62P1n02RbiJFm27wg0t/ZcfsI2o
+            yBjRTiK5ACJaIdpM99/902gJsuJASPGB2QIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
+
     soundflower = rec {
       cores = 1;
       nets = {
@@ -598,6 +641,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
       };
     };
 
+  } // { # hosts only maintained in stockholm, not owned by me
     muhbaasu = rec {
       cores = 1;
       nets = {
@@ -626,7 +670,6 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
         };
       };
     };
-  } // { # hosts only maintained in stockholm, not owned by me
     tpsw = {
       cores = 2;
       owner = config.krebs.users.ciko; # main laptop
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index e7366e18..a753e677 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -16,6 +16,8 @@ with config.krebs.lib;
   nixpkgs.config.allowUnfreePredicate =  (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name);
   krebs = {
     enable = true;
+
+    dns.providers.siem = "hosts";
     search-domain = "retiolum";
     build =  {
       user = config.krebs.users.makefu;
-- 
cgit v1.2.3