From 54cc4738ec8d5d03fa7965045b1377b8097910ab Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Mar 2023 09:09:37 +0100 Subject: exim: add extraRouters option --- krebs/3modules/exim-smarthost.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index b3cf212e4..7a5a55d49 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -39,6 +39,11 @@ let default = []; }; + extraRouters = mkOption { + type = types.nullOr types.str; + default = null; + }; + internet-aliases = mkOption { type = types.listOf (types.submodule ({ options = { @@ -254,6 +259,8 @@ let transport = home_maildir cannot_route_message = Unknown user + ${lib.optionalString (cfg.extraRouters != null) cfg.extraRouters} + begin transports retiolum_smtp: -- cgit v1.2.3 From e2b4e63bb42aeccb287fc1684c2e125598c3dbc5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Mar 2023 09:11:45 +0100 Subject: exim: add empty default for internet-aliases & system-aliases --- krebs/3modules/exim-smarthost.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index 7a5a55d49..62f15027a 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -55,6 +55,7 @@ let }; }; })); + default = []; }; local_domains = mkOption { @@ -109,6 +110,7 @@ let }; }; })); + default = []; }; }; -- cgit v1.2.3 From 80459262004c8e31e4937450862e2158a3716095 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 8 Mar 2023 13:33:24 +0100 Subject: kartei/mic92: expose public tinc endpoint addresses --- kartei/mic92/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 98580100d..04aa57d1d 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -827,7 +827,14 @@ in { ruby = { owner = config.krebs.users.mic92; nets = rec { + internet = { + # of4.dse.cit.tum.de. + ip4.addr = "131.159.38.101"; + ip6.addr = "2a09:80c0:38::101"; + aliases = [ "ruby.i" ]; + }; retiolum = { + via = internet; aliases = [ "ruby.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -859,6 +866,7 @@ in { aliases = [ "amy.i" ]; }; retiolum = { + via = internet; aliases = [ "amy.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -884,6 +892,7 @@ in { aliases = [ "rose.i" ]; }; retiolum = { + via = internet; aliases = [ "rose.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -910,6 +919,7 @@ in { aliases = [ "clara.i" ]; }; retiolum = { + via = internet; aliases = [ "clara.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From 4d872e4781f6f66e1c3b38cb571ed1d923a971ff Mon Sep 17 00:00:00 2001 From: DavHau Date: Fri, 10 Mar 2023 13:10:12 +0700 Subject: kartei: init dave --- kartei/dave/default.nix | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 kartei/dave/default.nix diff --git a/kartei/dave/default.nix b/kartei/dave/default.nix new file mode 100644 index 000000000..053ec412b --- /dev/null +++ b/kartei/dave/default.nix @@ -0,0 +1,31 @@ +{ config, ... }: let + lib = import ../../lib; +in { + users.dave = { + mail = "hsngrmpf@gmail.com"; + }; + hosts.dave = { + owner = config.krebs.users.dave; + nets.retiolum = { + aliases = [ "dave.r" ]; + ip6.addr = (lib.krebs.genipv6 "retiolum" "dave" { hostName = "dave"; }).address; + ip4.addr = "10.243.0.6"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAoiR04ZkEpM14b9+r260+0+HVnVvd5YESVUiLUzXJkmOjTOeyDwUy + J/dkX5/Aeu0eIVrv6zkY6FuHoc4BsyObh9SgNWosMms4SE3M5E8xMzep5ahQWLdD + uCRraDj3XWZzq4YfZntpPGWHHzzbvWKMsPmxAbL/vvCUJLFAPFu8KxIz/TyUUTvq + vtt7tr9T5p22z9jXgqME5GfQo1hSQgEj+j/k/RGNTX6M0cctewlgD+PC708gVYbt + f7Yytqazdg6absDC/RPQfD5KRrIxmfYiHekI2IkblRKpd9PTATqdO2XZv+MmD3Fc + S57fsuoKCCGzhigdmMYuk29naVhKCq3R2wqAWrP0zjTzStCpTjyDvadncqGg6zvS + o90YNcQPdDfvl61pLE9FAoR6mGc7Dj1H56K7lAlKHr9JObcqIzw/QuYBvkpj+VSP + 9KOHpU9NVRz0xP7FXtOubWwea3NFCQW5mTiukx4wlLk2W3ZFl3Tsvtm19qu5gtHl + fvuaau/rY6OE9Dx7v9iCkIi+bN3A3tKaufi85nyOtX1B7kq9+mC7kQX8C3iV8QKj + ceqfMyNp3YlAr5h4dDgxY+GLJmSLhPCtaJ0ZZjjuVuyt1UzxhAbq8LiJ65VqJ1YZ + xFSrHaDWg7OTpeDjpAjlOTvSE502FMZka1jGGbCjbtzE9iA5b/Dh2o0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "VJNzb3ixfyANCWt9pUhHApwVRyS91PUxwmSqS88/53M"; + }; + }; +} -- cgit v1.2.3 From 9a90aa244e61698df4d1b4d62b0499930cba173c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 8 Mar 2023 13:33:24 +0100 Subject: kartei/mic92: expose public tinc endpoint addresses --- kartei/mic92/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 98580100d..04aa57d1d 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -827,7 +827,14 @@ in { ruby = { owner = config.krebs.users.mic92; nets = rec { + internet = { + # of4.dse.cit.tum.de. + ip4.addr = "131.159.38.101"; + ip6.addr = "2a09:80c0:38::101"; + aliases = [ "ruby.i" ]; + }; retiolum = { + via = internet; aliases = [ "ruby.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -859,6 +866,7 @@ in { aliases = [ "amy.i" ]; }; retiolum = { + via = internet; aliases = [ "amy.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -884,6 +892,7 @@ in { aliases = [ "rose.i" ]; }; retiolum = { + via = internet; aliases = [ "rose.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -910,6 +919,7 @@ in { aliases = [ "clara.i" ]; }; retiolum = { + via = internet; aliases = [ "clara.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From 8e4d0b73e889cc1d08d176eba7f5afeb7cbfaf74 Mon Sep 17 00:00:00 2001 From: 0x4A6F <0x4A6F@users.noreply.github.com> Date: Fri, 10 Mar 2023 15:47:23 +0100 Subject: kartei: update 0x4A6F --- kartei/0x4A6F/default.nix | 202 +++++++++++++++++++++++++++++++++++++++++++ kartei/0x4A6F/ssh/0x4A6F.pub | 1 + kartei/others/default.nix | 32 ------- kartei/others/ssh/0x4A6F.pub | 1 - 4 files changed, 203 insertions(+), 33 deletions(-) create mode 100644 kartei/0x4A6F/default.nix create mode 100644 kartei/0x4A6F/ssh/0x4A6F.pub delete mode 100644 kartei/others/ssh/0x4A6F.pub diff --git a/kartei/0x4A6F/default.nix b/kartei/0x4A6F/default.nix new file mode 100644 index 000000000..8939f267d --- /dev/null +++ b/kartei/0x4A6F/default.nix @@ -0,0 +1,202 @@ +with import ../../lib; +{ config, ... }: let + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + }); +in { + users = { + "0x4A6F" = { + mail = "0x4A6F@shackspace.de"; + pubkey = builtins.readFile ./ssh/0x4A6F.pub; + }; + }; + hosts = mapAttrs hostDefaults { + crustacea = { + owner = config.krebs.users."0x4A6F"; + nets = { + retiolum = { + aliases = [ "crustacea.r" ]; + ip4.addr = "10.243.42.63"; + ip6.addr = "42:0:4a6f::4263"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA1dA67Uq6IcWTWVVcg5kO4OUcmYY/mUzERK6WwrU7m+Qq2ovA2Fh1 + VTxfNzJg8zgyrBbUwpaLE4LuRgyrYbPABwgNMXS6wnHdunbm0x5RUcih/IRNobV1 + uf2Q/rVcrXHZD5+YL09hTZnU7PVkZm6WX0fc79rEKYIEopPpomCs2mECPSmqZPaW + L9wprtRTuQ3V0xxrCuUKX7SxANEursM8SvNfKydWdaUxjIV2iGVKuVUkAZHwx5jJ + roKEriWsIJ6FHTMb1v5yWXrvngMgYlKrpF6/m/AHEkQoPsEJ+oBkn0fop9pfyZjM + WzMhZHcKFYebSI4HqFRuQOc1scIzUdpC/sZYLYlddbwpJHj4xdJwIUN03Uga/KRQ + n1SrJnhmXonHvJZFBYcNDR6aTtdN7mJVBv8bQ7DGt1q6Gp8QItQqvpdzq314+Pw6 + 0EVKPaqdz6Cqpwn8RtJ9ZGb6BE3yUrpJkU25DyCSO86LmeCchApwssghWvPsbBDg + iF4QCyrWJ2HFnl7jJDGbEajHaE/xko2dt1F5frTWxsmDHRKSRhaGDwp5qgFUpCa0 + 2h+zZqkG4boV6CrMEjStb15EOXTUVfq0DPojFik6agCltslsJAwp+f1fb7NSee4d + TNWb1CHfIQWLPnm1LFwphSqyHY/9ehcsX3PJ7oXI+/BnV8ivvoApWA0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "DWfh6H8Qco+GURdVRhKhLBAsN5epsEYhOM2+88dTdTE"; + }; + }; + }; + mystacocarida = { + owner = config.krebs.users."0x4A6F"; + nets = { + retiolum = { + aliases = [ "mystacocarida.crustacea.r" ]; + ip4.addr = "10.243.42.64"; + ip6.addr = "42:0:4a6f::4264"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAs3B22OzRE7kPInW901npOyRlIuk/vMb834a2BEKSb6+taXqf5rXm + r4isRaZsoQACNS8b/vpvQGDITyA4Ji4S0WpbpTklYdx0VxLM33ezuvxeR4ZyPtrW + le47/kgJd2E/0e5QuU10P0i7VuauFdG6y9Iajts0pz5h7XJNU1pMoww3MF8+4iJ/ + KvZjWHy6d+5gQ888do7vxbuAhaGK42KE+i9g0v5xtPzdFmJ9YdR8E2Ru3jH1DzWC + UdsOkqKmlBVaLSwmKIZ4c5JgSF/UuQxxJ0Yb/eZzPdltc1fa9aB/us3oFNhIsU0I + nJ0nW8LYferV9dl8w2v8Utvy6mPKObz0cBmFbXBIPMIrnVuJOpkulEei8W31m2cS + RcQOMFRBHvH4TugRvgbAwylrPH+aQ9+49g1RIMFyWBF/8Rt5H3ncFuWUvv8SQneQ + hJMOrEX5E4cfZMPvGNXNjinzngUzfh/QKaNxRBo0bXF4kyuZFcZ4Q7H9TiYchuwn + s5ZoaTmQ6WU0OpyUC6aUyKhB34+nJF/ySvzPnfpecAjN7NHXWgBzqLgCmHskrtgU + ukQ6Yy/8tF1hbrRrN3p+ZXk+9Fmqa4dD517UX6B2XXh5h7fOHCzQyOW+6mRHzbdB + wclhjSKW1+HxV9T1q1RP162v/CD1ozjDuXvLX6awPZ+AQf6lBAG/NbECAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "6owOO5CReYHueN4v2joTy31NzrqLHe858TOvzeg0G+G"; + }; + }; + }; + tantulocarida = { + owner = config.krebs.users."0x4A6F"; + nets = { + retiolum = { + aliases = [ "tantulocarida.crustacea.r" ]; + ip4.addr = "10.243.42.65"; + ip6.addr = "42:0:4a6f::4265"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA45SZZbq5HBG98oY8p3ZJFSfoMwopfLHMQ0fFvn7O0FOOPsTomsD1 + S61HTSsGqHJ35TfNV+lh4jrldN1wPkSl8yhD6+SKoiVlM+UqJ2HQLQhFL6ZoOlOe + YSZ2Ws5ydnP32G61oV/1nfIp/q/jzrT0yWepol+HJth2YSHkDuBU1zA4ESkNhnj8 + o9Qnryxq6PjLqqWq6y+grcR8eer/IlDTTJn0Mb6lk6gDivan2k0ryzSwWCZt5B9o + s10oIJqS1LxyrS35MP/vEI/FgcA1SX0TaVjMKbu4RwBqIXXC6Mb36PjRPbBf2P5J + 5ZMOf1uwesnlUsWgmzEVFUnflqHTpRb/2kjDngvP8Ed7Q/tN0csWPl8mj8ghpwr1 + +d7utmpjgW+glVPpFVGniGq5DVkXYBU6Wfg84weyyDDYP65R/81fRgesx14ikJqI + ML89G9hd/FiIjNk3sW3v5gj1FNl0R/sgsDjTnmvgTr3t8bBgsB2SSFa9VxgHToO0 + rfRPYlAtN9YwIizgUImB6fhqMNzXRJnZsDcMqUmaAaKa1x6wwSR/QQlds9sPJDB+ + ggkEaKpYsAzwZ7vjOFDdqH40zqCGM767UoPliThSfn4DPQnTSHzSyuR2dS8n26/r + wXTwb2yDDO6pNzHqgXS+whB2PCUrhfJUKfW60H3Lyn6umxjZ2rFspI0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "eoyCx4PvqsFpsyJq5X8J7zb+2oytliv0w3MIDIiaSTI"; + }; + }; + }; + thecostraca = { + owner = config.krebs.users."0x4A6F"; + nets = { + retiolum = { + aliases = [ "thecostraca.crustacea.r" ]; + ip4.addr = "10.243.42.66"; + ip6.addr = "42:0:4a6f::4266"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAoLm9vVoUg79egwX5KDYdJLJvEygz5bh7r0/BcCrGeWUBn+S8HzPY + aVBEW/rcLK7blksGhnqo6HfncKlYH43AUzt3HTcjlfhMCeC4VLn+0f+QiW/HV4H4 + k3IC9S8Imo7t5eDqHjchPqTyh2AuilbDHM6VoIgD95ozR8dtvWy9NL7dIOAxyrVF + m3WdHg5i7G+xus5u/Q35rCSCxpSsmkUBfEjixSC9lpQdMfc5Vvqy8qD/unLVNs1G + nFoFTtxrz9EVRz9fmYx/mFMC9FHuUD6qmG5YNjS5wWcOGw04GGRnwwT9rnuI3NOD + ttYk3b7cn3V+jOD8zCtcyH2DSIcVBIFbTULmX1Xq1462/IiyH0nQNH7DSbKGDc/V + OHYZOfiy5Wotua5BqLxZ4W3b0QDLjkLc06pD6YvOhZbs4igl4O+zDCCyE4OakEzk + 1qugSumGM/hEavJFR96CWgyiJQOV1tnNWs7QDwtdZRkGaC7sPInc56RvHWjP0jDH + tcnfSDPPLdpf9Kl5VhmXlOWvg0FCuxLVlCcG8yJDx/Xm26GU6t+avi14cl29hX0M + lQF7x/sVpdTQtsv3IZ1glt/vhS/egucSHKXJ3VcRWlQkQagqDqwINYyaS5xoWmEk + 4m6L/ndWc/y1A3zFC/4STsEyx4QuQcpMigkcz+42Ubb/wtQZGEmBND8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "Bfa9di1XiTzGTuDo+L7spfouq1WUc1pvQH9mziHVLEB"; + }; + }; + }; + branchiopoda = { + owner = config.krebs.users."0x4A6F"; + nets = { + retiolum = { + aliases = [ "branchiopoda.crustacea.r" ]; + ip4.addr = "10.243.42.67"; + ip6.addr = "42:0:4a6f::4267"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAtNKC/MIY3X1vYR2tRz4jXEmqRFmUdQfwb3Fl55Bw/5GVySDe7Rtm + 8+MyWRp18D9DVDNJ/mvhX4nYA5OR2q1m5VPX+jdkPbD+9KYVWWQpnPkKIdon1FpO + sw52BMx/jMdhq+6h510LSvFrVP4jnPaETzEMyLGdKqqq4R7D/KrkInLBtyAisjmN + 6eeBZAfr+INrkpUY7zhArtzfDbTXqCLFR3ufxlBzVL0of/oDGw1Zvc5TOiAtWmOa + iVT/jzTqqf9Yhs1ot3Bxzf0pOrWNpGF6S3H8fl4kX/hGMVowjvKW7cLou38W5dOS + uweS6a/5dT3Z9RIQvnwjTMJ2/WjiRL3Kivk22W+58eqBxBAE1Fs0ujwGlGLYLATF + RSoD9N15agfiycqzy044Hg7CCBdyFcJF3aTWZ/59XmMIav3Liv52lmE/KdQyTnsL + p6dBjuyPGnrfrBZv/WDWEmWEkSFkh2oKCJYysIDxh1XfxxczacD4UTEjUce0ehbn + rTjkO5E2n5rMLYzsnC2XwolmXiHNdvhp4rl4lv+GzmJhsJFtJjx13WtI0XjnyPd9 + WfJs7HHR8mK7FC0J2f1Rqsji9lxHVRMCu27jAaEuCi3Gsk33+UpgR2XvO9oxkMRz + RVIDXMl6NXy/nLaUmNKp8sPMfXycikY89ur9Z2OcgQ9/Q4tCPTS6GQ8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "Y/1hm0pGCElydpV23tQy5ibTBTNgs1fqHl4qPARAyRC"; + }; + }; + }; + copepoda = { + owner = config.krebs.users."0x4A6F"; + nets = { + retiolum = { + aliases = [ "copepoda.crustacea.r" ]; + ip4.addr = "10.243.42.68"; + ip6.addr = "42:0:4a6f::4268"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA9eLYq5DVkWeFiqXz+OPENj5VljBoOOBDSwRlD/+aABFGNd/g+gSh + l3BUzkGNeH9gY8fHTSE4GzhkPRlK5+pRvx1xE3jWOT1iU+VIP8IKXGOIithZgWfg + T2aEejOvhB+qn2Be6T6PZkTa8hLJorYRNbe+npZTll8iW0h7f3FZNKGSGYIfeRYI + WHjtl0onv2lIGHi3fucUq2QTTd1G4GX7R2nI5XNvYLruSVj0dK2OU3oR4zNGWmlJ + QryM1QY6l3trFmdAxLQeTtNWcgUSKQozlCg6yTVCB3roFzdQe+P6ltpj3XM3LPKy + Vijk/tRvPozRZ87xVbuVcIVRYkvFewoAWmi8hITBxUTl4OG8qvXp8QAig/+ZpZN3 + dYPqFmv0zdPp+Jd77Qz72f2ZFjKU1fvL8dyh1Uyc2PZRgnWEWrxNXlswybMPKrmX + rIEV3OMnqCcdI5JJFslUxiV5qGCcWTNF8yt0+OLe9gxS8G41hcxkENW50QgoZHon + h4pJsrb7/7d4ReFFit6K/S01V3lOOtFIDxHCwwnG7gLyc4bIXZmAu85JxSisPUt0 + QJAxbSSKt9jduSpoqwXHXRtQdsPmFeClE9kVd3PAWHEFmqLLOdjvMxVVdVhGUabK + lL1kGoidqPMU3IXLjsxfHb/rVtGWi9yXSUM3a0vJt6+bNVt4bGvrtTkCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "HWfJMJfiiNXBywI0hvSbiep1/O9VpPu0T6cc/mU6dOI"; + }; + }; + }; + malacostraca = { + owner = config.krebs.users."0x4A6F"; + nets = { + retiolum = { + aliases = [ "malacostraca.crustacea.r" ]; + ip4.addr = "10.243.42.69"; + ip6.addr = "42:0:4a6f::4269"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA0yIBnzkM8cJDEC5d/J8Pj/wT27PAMu7r1DLc9O1RkgD24tPhxq1k + W8Eo/NnirjcLjoJLG4V/GFRdVwLNEpngmRTGaqHknOZzGcFYUDLbrKGYULTjXheP + a3fU+ZNlH9YVurzgXNA5suNXzQAp0eY4DqydYvdk1o6HSrbo0uyiEP48tx38rAS0 + N+V+kiQidtT45o+KrbEAAT/4znlsGLyB8u7U54Alrtukf86z70j3R2eUOleP2MDi + 5UPdCnoKZKDLQWs23vXeMCcpnLqUXyLdVPrDmZKq9tGLgxsK2CC9Xu3brjAV3wLp + MeN1U55lxti+bkInFBMCjO8xS3clJ0W5DEtDV5QYCi78Niu99pe4KgRfDEA4PqK+ + aykv1ljpI43NlQBtJKsqXUtzDEpYs5zSmy/tqLxeXqmvSYd3/+5JRWzLvQZ4YxlJ + EwjB6fxsBTe1eftohD2LiRWsjmvf0JWlb6+rfBoxMtX+wfI0yDR8Ozm8QRk9WgHO + aUP28fzqoFCim7ti+QwT5EqwGcARh6jyGXmycx9swI4b/hfCAe39KsPNQ6jdeXYR + 1J9mmIM88ythaWypwieOqbCAul4pJosTFjMRiExnV7zvjFn/csVyqt3FkoJFrqmM + 37AxGyDKRLFV9aN7CNoaAfcNkaOhFNzPB9Q7PoXlPspdxvrATv3WU6ECAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "BEtuMBeKGXYWODlDIwlGU1eGZ7OqryxgDqnx1cJX8ZE"; + }; + }; + }; + }; +} diff --git a/kartei/0x4A6F/ssh/0x4A6F.pub b/kartei/0x4A6F/ssh/0x4A6F.pub new file mode 100644 index 000000000..1ea084bad --- /dev/null +++ b/kartei/0x4A6F/ssh/0x4A6F.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKMoQSUz0wcV8tnTKsYO3sO6XG6EHap8R63ihfMHkxPS diff --git a/kartei/others/default.nix b/kartei/others/default.nix index de0bd2f7f..203a25a0b 100644 --- a/kartei/others/default.nix +++ b/kartei/others/default.nix @@ -377,34 +377,6 @@ in { }; }; }; - crustacea = { - owner = config.krebs.users."0x4A6F"; - nets = { - retiolum = { - ip4.addr = "10.243.42.63"; - ip6.addr = "42:0:4a6f::4263"; - aliases = [ - "crustacea.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEA1dA67Uq6IcWTWVVcg5kO4OUcmYY/mUzERK6WwrU7m+Qq2ovA2Fh1 - VTxfNzJg8zgyrBbUwpaLE4LuRgyrYbPABwgNMXS6wnHdunbm0x5RUcih/IRNobV1 - uf2Q/rVcrXHZD5+YL09hTZnU7PVkZm6WX0fc79rEKYIEopPpomCs2mECPSmqZPaW - L9wprtRTuQ3V0xxrCuUKX7SxANEursM8SvNfKydWdaUxjIV2iGVKuVUkAZHwx5jJ - roKEriWsIJ6FHTMb1v5yWXrvngMgYlKrpF6/m/AHEkQoPsEJ+oBkn0fop9pfyZjM - WzMhZHcKFYebSI4HqFRuQOc1scIzUdpC/sZYLYlddbwpJHj4xdJwIUN03Uga/KRQ - n1SrJnhmXonHvJZFBYcNDR6aTtdN7mJVBv8bQ7DGt1q6Gp8QItQqvpdzq314+Pw6 - 0EVKPaqdz6Cqpwn8RtJ9ZGb6BE3yUrpJkU25DyCSO86LmeCchApwssghWvPsbBDg - iF4QCyrWJ2HFnl7jJDGbEajHaE/xko2dt1F5frTWxsmDHRKSRhaGDwp5qgFUpCa0 - 2h+zZqkG4boV6CrMEjStb15EOXTUVfq0DPojFik6agCltslsJAwp+f1fb7NSee4d - TNWb1CHfIQWLPnm1LFwphSqyHY/9ehcsX3PJ7oXI+/BnV8ivvoApWA0CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "DWfh6H8Qco+GURdVRhKhLBAsN5epsEYhOM2+88dTdTE"; - }; - }; - }; unnamed = { owner = config.krebs.users.pie_; nets = { @@ -746,10 +718,6 @@ in { mail = "neos@shackspace.de"; pubkey = ssh-for "neos"; }; - "0x4A6F" = { - mail = "0x4a6f@shackspace.de"; - pubkey = ssh-for "0x4A6F"; - }; xq = { mail = "xq@shackspace.de"; pubkey = ssh-for "xq"; diff --git a/kartei/others/ssh/0x4A6F.pub b/kartei/others/ssh/0x4A6F.pub deleted file mode 100644 index 1ea084bad..000000000 --- a/kartei/others/ssh/0x4A6F.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKMoQSUz0wcV8tnTKsYO3sO6XG6EHap8R63ihfMHkxPS -- cgit v1.2.3 From ed7c330026e48bbde759253f0952a94fdb7e2de6 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 13 Mar 2023 10:53:48 +0100 Subject: krops: 1.28.1 -> 1.28.2 --- submodules/krops | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/krops b/submodules/krops index 3ebbfc626..59aa5d0e4 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 3ebbfc62615d4ba253a4dd96bac0f4b2128a2b6d +Subproject commit 59aa5d0e41cf4a6d4356673feb1adbd0fcf68936 -- cgit v1.2.3 From b2eb88a67e771a93efead57ec13cb9c00e118d62 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2023 06:34:12 +0100 Subject: l orange.r: add git/cgit --- lass/1systems/orange/config.nix | 3 +++ lass/2configs/services/git/default.nix | 11 +++++++++++ lass/2configs/services/git/proxy.nix | 13 +++++++++++++ 3 files changed, 27 insertions(+) create mode 100644 lass/2configs/services/git/default.nix create mode 100644 lass/2configs/services/git/proxy.nix diff --git a/lass/1systems/orange/config.nix b/lass/1systems/orange/config.nix index 5e975dba8..47867c31f 100644 --- a/lass/1systems/orange/config.nix +++ b/lass/1systems/orange/config.nix @@ -6,10 +6,13 @@ with import ; + ]; krebs.build.host = config.krebs.hosts.orange; + services.nginx.enable = true; + networking.firewall.allowedTCPPorts = [ 80 443 ]; security.acme = { acceptTerms = true; defaults.email = "acme@lassul.us"; diff --git a/lass/2configs/services/git/default.nix b/lass/2configs/services/git/default.nix new file mode 100644 index 000000000..096f73c03 --- /dev/null +++ b/lass/2configs/services/git/default.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: +{ + imports = [ + ../../git.nix + ]; + services.nginx.virtualHosts."cgit.lassul.us" = { + enableACME = true; + addSSL = true; + locations = config.services.nginx.virtualHosts.cgit.locations; + }; +} diff --git a/lass/2configs/services/git/proxy.nix b/lass/2configs/services/git/proxy.nix new file mode 100644 index 000000000..cb05c3f6c --- /dev/null +++ b/lass/2configs/services/git/proxy.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: +{ + services.nginx.virtualHosts."cgit.lassul.us" = { + forceSSL = true; + enableACME = true; + acmeFallbackHost = "orange.r"; + locations."/" = { + proxyPass = "http://orange.r"; + proxyWebsockets = true; + recommendedProxySettings = true; + }; + }; +} -- cgit v1.2.3 From e53b37e2cd43c75be30ae527410ef48e932c08c0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2023 06:36:10 +0100 Subject: l git: announce from orange.r --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 891aefcfd..16260b77b 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -145,7 +145,7 @@ let channel = "#xxx"; # TODO define refs in some kind of option per repo server = "irc.r"; - verbose = config.krebs.build.host.name == "prism"; + verbose = config.krebs.build.host.name == "orange"; }} ${cgit-clear-cache}/bin/cgit-clear-cache ''; -- cgit v1.2.3 From f80203660a5643cf23be1bea3e982e0b3090a8f2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2023 06:37:59 +0100 Subject: orange.r: add cgit.orange.r alias --- kartei/lass/orange.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/kartei/lass/orange.nix b/kartei/lass/orange.nix index 7f656c260..7c511d5b1 100644 --- a/kartei/lass/orange.nix +++ b/kartei/lass/orange.nix @@ -6,6 +6,7 @@ ip6.addr = r6 "012a"; aliases = [ "orange.r" + "cgit.orange.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From e869a76444e82558dff78267b0eb5e09ed83387d Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2023 06:38:56 +0100 Subject: buildbot-ci: prism.r -> orange.r --- krebs/2configs/buildbot-stockholm.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 9fc6a79e5..f0b6c324d 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -21,21 +21,21 @@ disko.urls = [ "http://cgit.gum.r/disko" "http://cgit.ni.r/disko" - "http://cgit.prism.r/disko" + "http://cgit.orange.r/disko" ]; krops.urls = [ "http://cgit.ni.r/krops" - "http://cgit.prism.r/krops" + "http://cgit.orange.r/krops" "https://github.com/krebs/krops.git" ]; nix_writers.urls = [ "http://cgit.ni.r/nix-writers" - "http://cgit.prism.r/nix-writers" + "http://cgit.orange.r/nix-writers" ]; stockholm.urls = [ "http://cgit.gum.r/stockholm" "http://cgit.ni.r/stockholm" - "http://cgit.prism.r/stockholm" + "http://cgit.orange.r/stockholm" ]; }; }; -- cgit v1.2.3 From ffbdcfefa731b3c1a5de5e2fae9bacd6edb9cf67 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2023 06:42:13 +0100 Subject: hotdog.r: disable github-hosts-sync --- krebs/1systems/hotdog/config.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 70307a96b..a20878487 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -21,7 +21,6 @@ ]; krebs.build.host = config.krebs.hosts.hotdog; - krebs.github-hosts-sync.enable = true; krebs.pages.enable = true; boot.isContainer = true; -- cgit v1.2.3 From a2f5e6ff8766465a3582fc77f946976122feae98 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2023 07:17:27 +0100 Subject: l coms: proxy also ipv6 --- lass/2configs/services/coms/proxy.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix index 57e132151..e8555f9b7 100644 --- a/lass/2configs/services/coms/proxy.nix +++ b/lass/2configs/services/coms/proxy.nix @@ -16,6 +16,7 @@ in services.nginx.streamConfig = '' ${lib.concatMapStringsSep "\n" (port: '' server { + listen [::]:${toString port}; listen ${toString port}; proxy_pass ${target}:${toString port}; } -- cgit v1.2.3 From d873abf0a92c709ec9f79b49fa5d2e5bd244f0ad Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 15 Mar 2023 18:49:24 +0100 Subject: tv ru: replace zfs by btrfs --- tv/1systems/ru/config.nix | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/tv/1systems/ru/config.nix b/tv/1systems/ru/config.nix index e66cddead..0fc62167e 100644 --- a/tv/1systems/ru/config.nix +++ b/tv/1systems/ru/config.nix @@ -12,20 +12,23 @@ with import ./lib; boot.loader.systemd-boot.enable = true; fileSystems."/" = { - device = "main/root"; - fsType = "zfs"; + device = "/dev/mapper/ruvg0-root"; + fsType = "btrfs"; + options = ["defaults" "noatime" "compress=zstd"]; }; fileSystems."/boot" = { device = "/dev/nvme0n1p1"; fsType = "vfat"; }; fileSystems."/home" = { - device = "main/home"; - fsType = "zfs"; + device = "/dev/mapper/ruvg0-home"; + fsType = "btrfs"; + options = ["defaults" "noatime" "compress=zstd"]; }; fileSystems."/bku" = { - device = "main/bku"; - fsType = "zfs"; + device = "/dev/mapper/ruvg0-bku"; + fsType = "btrfs"; + options = ["defaults" "noatime" "compress=zstd"]; }; krebs.build.host = config.krebs.hosts.ru; -- cgit v1.2.3 From 8787babf92a051f0e55871511c78e8b119191873 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Mar 2023 11:18:19 +0100 Subject: nixpkgs: 0218941 -> e2c9779 --- krebs/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 20b1237dc..118415785 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "0218941ea68b4c625533bead7bbb94ccce52dceb", - "date": "2023-01-31T16:39:44+08:00", - "path": "/nix/store/82grl4czg5pgacsa93nqssf5m7qrmmna-nixpkgs", - "sha256": "0vwszpqs1x9sgnabvj3413mvcrj7k2ix4wv4hfvw6nmp6k4z6ic1", + "rev": "e2c97799da5f5cd87adfa5017fba971771e123ef", + "date": "2023-03-20T14:29:52+01:00", + "path": "/nix/store/vxca9w313d1bzw9dx4yaw8c0vrqjxa0p-nixpkgs", + "sha256": "0qff1r8k0m19z1ppzb8gk5xrnlvabjdl3pqwpc3y5bm15qxzk25s", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, -- cgit v1.2.3 From 782c8652366c173626c2f1ddd40eb1b220bd97d6 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 22 Mar 2023 18:04:21 +0100 Subject: tv fzmenu: admit symlinks --- tv/5pkgs/simple/fzmenu/bin/otpmenu | 11 +++++++---- tv/5pkgs/simple/fzmenu/bin/passmenu | 12 ++++++++---- tv/5pkgs/simple/fzmenu/default.nix | 6 ++++-- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/tv/5pkgs/simple/fzmenu/bin/otpmenu b/tv/5pkgs/simple/fzmenu/bin/otpmenu index 12bd60a9d..273a408e6 100755 --- a/tv/5pkgs/simple/fzmenu/bin/otpmenu +++ b/tv/5pkgs/simple/fzmenu/bin/otpmenu @@ -10,14 +10,17 @@ case ${FZMENU_PHASE-0} in ;; 1) if result=$( + PASSWORD_STORE_DIR=${PASSWORD_STORE_DIR-$HOME/.password-store} FZF_DEFAULT_OPTS=${FZMENU_FZF_DEFAULT_OPTS-} if test -n "$FZF_DEFAULT_OPTS"; then export FZF_DEFAULT_OPTS fi - pass git ls-files '*/otp.gpg' | \ - sed ' - - s/\/otp\.gpg$// + find -L "$PASSWORD_STORE_DIR" -type f -name 'otp.gpg' | + awk -F / -v PASSWORD_STORE_DIR="$PASSWORD_STORE_DIR" ' + { n = length(PASSWORD_STORE_DIR "/") } + $NF == "otp.gpg" { + print substr($0, 1 + n, length($0)-length("/otp.gpg")-n) + } ' | exec fzf \ --history=/dev/null \ diff --git a/tv/5pkgs/simple/fzmenu/bin/passmenu b/tv/5pkgs/simple/fzmenu/bin/passmenu index da8e739ee..76153f53e 100755 --- a/tv/5pkgs/simple/fzmenu/bin/passmenu +++ b/tv/5pkgs/simple/fzmenu/bin/passmenu @@ -10,14 +10,18 @@ case ${FZMENU_PHASE-0} in ;; 1) if result=$( + PASSWORD_STORE_DIR=${PASSWORD_STORE_DIR-$HOME/.password-store} FZF_DEFAULT_OPTS=${FZMENU_FZF_DEFAULT_OPTS-} if test -n "$FZF_DEFAULT_OPTS"; then export FZF_DEFAULT_OPTS fi - pass git ls-files '*/*.gpg' | \ - sed ' - /\/otp\.gpg$:/d - s/\.gpg$// + find -L "$PASSWORD_STORE_DIR" -type f -name '*.gpg' | + awk -F / -v PASSWORD_STORE_DIR="$PASSWORD_STORE_DIR" ' + { n = length(PASSWORD_STORE_DIR "/") } + $NF == "otp.gpg" { next } + /.*\.gpg$/ { + print substr($0, 1 + n, length($0)-length(".gpg")-n) + } ' | exec fzf \ --history=/dev/null \ diff --git a/tv/5pkgs/simple/fzmenu/default.nix b/tv/5pkgs/simple/fzmenu/default.nix index 7e19505c1..1a285ee99 100644 --- a/tv/5pkgs/simple/fzmenu/default.nix +++ b/tv/5pkgs/simple/fzmenu/default.nix @@ -21,8 +21,9 @@ pkgs.runCommand "fzmenu" { --replace '#PATH=' PATH=${lib.makeBinPath [ pkgs.coreutils pkgs.dash + pkgs.findutils pkgs.fzf - pkgs.gnused + pkgs.gawk (pkgs.pass.withExtensions (ext: [ ext.pass-otp ])) @@ -36,8 +37,9 @@ pkgs.runCommand "fzmenu" { --replace '#PATH=' PATH=${lib.makeBinPath [ pkgs.coreutils pkgs.dash + pkgs.findutils pkgs.fzf - pkgs.gnused + pkgs.gawk (pkgs.pass.withExtensions (ext: [ ext.pass-otp ])) -- cgit v1.2.3 From 016b809400b18128149b776903ddf4763f750696 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 24 Mar 2023 05:03:02 +0100 Subject: nixpkgs-unstable: 2caf4ef -> 19cf008 --- krebs/nixpkgs-unstable.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 96c23d47c..885672736 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "2caf4ef5005ecc68141ecb4aac271079f7371c44", - "date": "2023-01-30T22:55:03+01:00", - "path": "/nix/store/mkif1y61ndjfi6fl2hzm7gmgqn40rchn-nixpkgs", - "sha256": "1f8d0v4q687r4z3qpg54asglgi3v07ac75hzxzxl0qxjyh0asdz3", + "rev": "19cf008bb18e47b6e3b4e16e32a9a4bdd4b45f7e", + "date": "2023-03-21T23:16:58+01:00", + "path": "/nix/store/rg3f6v4f7mba0kqnhiarj7yg6066cc5v-nixpkgs", + "sha256": "0myq7fnykna5qazbk6hdgahy148yd7f5l8nrxhzllj67y86a5sxw", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, -- cgit v1.2.3 From e1df63807bd97209535319e573ebe9200103095d Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 24 Mar 2023 08:27:20 +0100 Subject: l coaxmetal.r: disable xonsh --- lass/1systems/coaxmetal/config.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/lass/1systems/coaxmetal/config.nix b/lass/1systems/coaxmetal/config.nix index 1df56f591..7fd76974b 100644 --- a/lass/1systems/coaxmetal/config.nix +++ b/lass/1systems/coaxmetal/config.nix @@ -20,8 +20,6 @@ - - # -- cgit v1.2.3 From 18b7ea4675e69fd564604a845bb60db3794e3042 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 24 Mar 2023 12:53:36 +0100 Subject: github: update rsa key --- krebs/3modules/github/known-hosts.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/github/known-hosts.nix b/krebs/3modules/github/known-hosts.nix index c0d0b588a..3725ff2b8 100644 --- a/krebs/3modules/github/known-hosts.nix +++ b/krebs/3modules/github/known-hosts.nix @@ -6,6 +6,6 @@ # update known-hosts.json using ./update lib.importJSON ./known-hosts.json ; - publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="; + publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk="; }; } -- cgit v1.2.3 From c550360305765350257d92fb792baa7f8b86a986 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 24 Mar 2023 18:24:48 +0100 Subject: kartei/srounce: init --- kartei/srounce/default.nix | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 kartei/srounce/default.nix diff --git a/kartei/srounce/default.nix b/kartei/srounce/default.nix new file mode 100644 index 000000000..ef37cbcd1 --- /dev/null +++ b/kartei/srounce/default.nix @@ -0,0 +1,34 @@ +{ config, ... }: let + lib = import ../../lib; + + hostDefaults = hostName: host: lib.flip lib.recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + } // lib.optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (lib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + }); + +in { + users.srounce.mail = "samuelrounce@gmail.com"; + hosts = lib.mapAttrs hostDefaults { + workbox = { + owner = config.krebs.users.srounce; + nets.retiolum = { + aliases = [ "srounce.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAsLQ4ZEwEbgHCh7yQvZWms6586Q3Ni+dF6pmkQdxrNb/BLlplB2Db + sDYVMAfamXDd/jPKpoevwRaXoImxk1IHSN4ZJ2liaZNDBOJJ0CnXdJHGQ3SnV50x + 9ABAeP/lmT95lhWuCg0qS0xY60ax3EDhTVYk51dPwwoBNE6dwO/lJr6vgtKBI7fV + /IgoF7L8G7AEPz61vS0sCHld537bEPfZ3Us4gUC6/V+xKnkBRDuCgFxemOjNdu0F + cqEyxwrPcQoFtOt9ZDF8817qdFsRQsgM8LsnDti8mhxDR/0deTYARkWIoRjLU+p9 + XLCdDBEGsbl4Bb6tYT9jz9RCNNJeXogE2wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "E9bMsS3w72hIjp2fYicwgpdwSJDUQbh2dHEDk6F5JdO"; + }; + }; + }; +} -- cgit v1.2.3 From 14f814c23622cb7c127553d5eb1f872f97fa50b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 25 Mar 2023 19:38:52 +0100 Subject: kartei/mic92: add llama.r --- kartei/mic92/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 04aa57d1d..78206a241 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -788,6 +788,7 @@ in { aliases = [ "jack.r" "stable-confusion.r" + "llama.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From 74f0f1a78c798c8a52b2eb3d66c87871d1f4205c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 26 Mar 2023 11:29:42 +0200 Subject: brockman: 4.0.4 -> 5.1.1 --- krebs/5pkgs/haskell/brockman/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/haskell/brockman/default.nix b/krebs/5pkgs/haskell/brockman/default.nix index 6a0c7f9df..a902b5fb1 100644 --- a/krebs/5pkgs/haskell/brockman/default.nix +++ b/krebs/5pkgs/haskell/brockman/default.nix @@ -7,12 +7,12 @@ }: mkDerivation rec { pname = "brockman"; - version = "4.0.4"; + version = "5.1.1"; src = fetchFromGitHub { owner = "kmein"; repo = "brockman"; rev = version; - sha256 = "sha256-GOEEUjehFgMMf6cNpi0AP/Rz74sTDEcpKRbLD+6YEz0="; + sha256 = "sha256-5/2Xjh6YqV3+kkQr8CiXay9Dd8IAnL8D4dc8afnlki4="; }; isLibrary = false; isExecutable = true; -- cgit v1.2.3 From 8d670a2e63d4d79e215372a8c53d7507dbd9b884 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 26 Mar 2023 20:19:05 +0200 Subject: kartei/feliks: add papawhakaaro, iti, ... --- kartei/feliks/default.nix | 84 +++++++++++++++++++++++++++++++++++++++++++++++ kartei/others/default.nix | 50 ---------------------------- 2 files changed, 84 insertions(+), 50 deletions(-) create mode 100644 kartei/feliks/default.nix diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix new file mode 100644 index 000000000..acb4e08fa --- /dev/null +++ b/kartei/feliks/default.nix @@ -0,0 +1,84 @@ +{ config, ... }: let + lib = import ../../lib; +in { + users.feliks = { + mail = "feliks@flipdot.org"; + }; + hosts = { + papawhakaaro = { + owner = config.krebs.users.feliks; + nets = { + retiolum = { + ip4.addr = "10.243.10.243"; + aliases = [ "papawhakaaro.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA4bd0lVUVlzFmM8TuH77C5VctcK4lkw02LbMVQDJ5U+Ww075nNahw + oRHqPgJRwfGW0Tgu/1s5czZ2tAFU3lXoOSBYldAspM3KRZ4DKQsFrL9B0oWarGsK + sUgsuOJprlX4mkfj/eBNINqTqf2kVIH+p43VENQ9ioKmc+qJKm4xfRONRLp871GV + 5jmIvRvQ6JP0RtNd2KpNLaeplzx8M61D9PBOAZkNYAUTpBs4LZBNJj4eFnXBugrz + GkBjmm3Rk7olz0uOZzbeTc6Slv2tgtN5FrQifdy4XIlsKcBTzMkYHEZstmldJgd9 + pGvfmem6uPcXrF+eDJzqUn0ArH7eOIS4F0+DzugJz4qX+ytvE4ag7r2Vx0Pa9TCY + hpn0lqwW+ly1clM0SKt59v1nQ4oRW4UIbAZaIgp4UJbb3IGSwbq7NuadvHpNICHi + 4pqQD+1sSEbGLAZ0bFjLIYFg9zzNjLeAxXpn49WHOEyRlq3h+SUQcG2EuVMI28DX + lILKSoOJsuQupURPubaxkiNEa5neYk9hZ8CWgwSG/VlyRLuNsVDVn2dBma43Mr10 + LHMkX2/a9t7ghokugvV2XMP9Es9A9TGFShM9UtFAlovdad+SQ8FBPNheDwIhjCJe + l5NIrMrmQIveq7QJ1szxYhqfl1ifU0c+YxeMkg3tvEuQV/tk/oki/aECAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "5G49yQPjkkoGZxM6CeDy87y6tB/abtelUAk55wJ4GpP"; + }; + }; + }; + iti = { + owner = config.krebs.users.feliks; + nets = { + retiolum = { + ip4.addr = "10.243.10.244"; + aliases = [ "iti.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA5TXEmw3F3lCekITBPW8QYF1ciKHN8RSi47k1vW+jXb6gdWcVo5KL + Ithq3T2+jWJJQoOJEDl5Tvo9ilF0oE0AqSNnvfgS/t8xfFVEsNvHodbonXXku5cF + N7oFooAgQRXAUJpEQLtcfx9kJutSYgGeEvoRGZkWaqY6tzPL45U2WEna+MJ/P1Cd + 57JMOLeJJEjZKtC/XqPOQ81KNcm161RKekHas5ZNK30QEVP9QsjTDoLesYwm1ywt + 4LiHRHSSHd65pKXJvi1haEYw25BxIun7kY4IQHrfEuK3DNs0kyYJj2rKL4C9kHgT + hYd+fFl1i/X1BjPzo+ZY91ahLVX3UPpOsB8vC9Q7Ctm1Nkc/bCfKRUNbamkS0Bwf + tngak3heGvuek6Y7qWQUkvMkPLhZwZUXUz+DBXGWXabP5LL8Z/y3V+Qqj0snEsZ3 + 9iOF+eeDw2/9hBzRzBPGtwL1DREgd+1J/XlHLcjF4jzkMhweIXw2Yh0Jq7D5Nqf3 + kPF9n/50zbQneSGEiKFeHm1ykag/KV0ebWHUOy1Gydbs7+RxT9GUiZofI6kyjJUI + g1w1ajkZYIIqhIvhMHudLay5h4kLkdGN9yuRNO/BG5sGk5MywZHyMploIX0ZRVui + +H3Sx2y268r/Fs6JcaddmzFwFqNmdRTRv/KBp91QGnjcaJDzQPKg/IsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "uG9D7hrWNx+9otDFlZ8Yi31L6xxC7dzGlqXBLkzJCwE"; + }; + }; + }; + tumaukainga = { + owner = config.krebs.users.feliks; + nets = { + retiolum = { + ip4.addr = "10.243.10.245"; + aliases = [ "tumaukainga.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAj1q28QzUlag0i+2ZEpZyQEbrtuODj6pCCt2IX1Uz1B83outO2l/n + 2g096QLhCT/h5QwPtoa5YihYrANH1wWc/RKjgVLfVdcdHzZvge2Z9UE22XbH5G5O + D3AmGFDfuZa9KEmqoDqUnuBVvctywHkbf2bqye9Cje2DqXe9h0EJhR2agVwwi41Z + I2EGLSI6/oA+ySymVhP1dDzr+keWVIbxfbBtRO2OFWg5IQ/H+d3ZP4yUumu7rJsN + h+mBOdLL8PACGDKRj76Gp2+1raXYyfsnn9OI4+sFiQ0F/J2FjbXser1O6z6fRwY4 + s9R4vLtkUXix2YjCOzjAIBHsR9UtC+tYpzmlGyY51CNGNXoklWUsfS6ZIKyPKRwJ + +Bsi/zZCqTT1BKC5X9dQU7C46JHHRAwn8EUE3r5dja4rHAlU064ow/1EGrbWzjIj + LyZ+e5vMLIc99T3g2nlF6x2Vo9L5hYiUVej+qk4i869JNxZRQ5fTG8HJDxf67Wvj + K+By7fN6XaTiN28E1PLL6562Vj4sJUiFdkGVyW3bdw4IYaqKiabyjT6TZ33AK+VC + V4jB5VplSo8QVv73OjkS8Iaicrdcb8YuhIKnpIStwxeaLc8KGnstOfFIJCoFuXfb + ktTeB0OBZ/bZpSRlzGI7tMX+7coYFqr7uv3wB+/D3Wck47vcxz9woxMCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "li5wJeMjS+fNAMjrn3KVxZby/kGfH6ZoWArYSGMFAQD"; + }; + }; + }; + }; +} diff --git a/kartei/others/default.nix b/kartei/others/default.nix index 203a25a0b..5a162ea6b 100644 --- a/kartei/others/default.nix +++ b/kartei/others/default.nix @@ -561,56 +561,6 @@ in { syncthing.id = "22NLFY5-QMRM3BH-76QIBYI-OPMKVGM-DU4FNZI-3KN2POF-V4WIC6M-2SFFUAC"; nets = {}; }; - papawhakaaro = { - owner = config.krebs.users.feliks; - nets = { - retiolum = { - ip4.addr = "10.243.10.243"; - aliases = [ "papawhakaaro.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEA4bd0lVUVlzFmM8TuH77C5VctcK4lkw02LbMVQDJ5U+Ww075nNahw - oRHqPgJRwfGW0Tgu/1s5czZ2tAFU3lXoOSBYldAspM3KRZ4DKQsFrL9B0oWarGsK - sUgsuOJprlX4mkfj/eBNINqTqf2kVIH+p43VENQ9ioKmc+qJKm4xfRONRLp871GV - 5jmIvRvQ6JP0RtNd2KpNLaeplzx8M61D9PBOAZkNYAUTpBs4LZBNJj4eFnXBugrz - GkBjmm3Rk7olz0uOZzbeTc6Slv2tgtN5FrQifdy4XIlsKcBTzMkYHEZstmldJgd9 - pGvfmem6uPcXrF+eDJzqUn0ArH7eOIS4F0+DzugJz4qX+ytvE4ag7r2Vx0Pa9TCY - hpn0lqwW+ly1clM0SKt59v1nQ4oRW4UIbAZaIgp4UJbb3IGSwbq7NuadvHpNICHi - 4pqQD+1sSEbGLAZ0bFjLIYFg9zzNjLeAxXpn49WHOEyRlq3h+SUQcG2EuVMI28DX - lILKSoOJsuQupURPubaxkiNEa5neYk9hZ8CWgwSG/VlyRLuNsVDVn2dBma43Mr10 - LHMkX2/a9t7ghokugvV2XMP9Es9A9TGFShM9UtFAlovdad+SQ8FBPNheDwIhjCJe - l5NIrMrmQIveq7QJ1szxYhqfl1ifU0c+YxeMkg3tvEuQV/tk/oki/aECAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "5G49yQPjkkoGZxM6CeDy87y6tB/abtelUAk55wJ4GpP"; - }; - }; - }; - iti = { - owner = config.krebs.users.feliks; - nets = { - retiolum = { - ip4.addr = "10.243.10.244"; - aliases = [ "iti.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEA5TXEmw3F3lCekITBPW8QYF1ciKHN8RSi47k1vW+jXb6gdWcVo5KL - Ithq3T2+jWJJQoOJEDl5Tvo9ilF0oE0AqSNnvfgS/t8xfFVEsNvHodbonXXku5cF - N7oFooAgQRXAUJpEQLtcfx9kJutSYgGeEvoRGZkWaqY6tzPL45U2WEna+MJ/P1Cd - 57JMOLeJJEjZKtC/XqPOQ81KNcm161RKekHas5ZNK30QEVP9QsjTDoLesYwm1ywt - 4LiHRHSSHd65pKXJvi1haEYw25BxIun7kY4IQHrfEuK3DNs0kyYJj2rKL4C9kHgT - hYd+fFl1i/X1BjPzo+ZY91ahLVX3UPpOsB8vC9Q7Ctm1Nkc/bCfKRUNbamkS0Bwf - tngak3heGvuek6Y7qWQUkvMkPLhZwZUXUz+DBXGWXabP5LL8Z/y3V+Qqj0snEsZ3 - 9iOF+eeDw2/9hBzRzBPGtwL1DREgd+1J/XlHLcjF4jzkMhweIXw2Yh0Jq7D5Nqf3 - kPF9n/50zbQneSGEiKFeHm1ykag/KV0ebWHUOy1Gydbs7+RxT9GUiZofI6kyjJUI - g1w1ajkZYIIqhIvhMHudLay5h4kLkdGN9yuRNO/BG5sGk5MywZHyMploIX0ZRVui - +H3Sx2y268r/Fs6JcaddmzFwFqNmdRTRv/KBp91QGnjcaJDzQPKg/IsCAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "uG9D7hrWNx+9otDFlZ8Yi31L6xxC7dzGlqXBLkzJCwE"; - }; - }; - }; hydrogen = { owner = config.krebs.users.sandro; nets = rec { -- cgit v1.2.3 From 751cda6f6da2785023a3c915b45749cbc67eac07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 26 Mar 2023 22:18:06 +0200 Subject: kartei/feliks: add ipv6 addresses --- kartei/feliks/default.nix | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index acb4e08fa..5ea921d2c 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -1,10 +1,19 @@ +with import ../../lib; { config, ... }: let - lib = import ../../lib; + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + }); +in { in { users.feliks = { mail = "feliks@flipdot.org"; }; - hosts = { + hosts = mapAttrs hostDefaults { papawhakaaro = { owner = config.krebs.users.feliks; nets = { -- cgit v1.2.3 From 01c1afd4df463f454d1ee75e1e7be9cadd5a301a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 26 Mar 2023 22:18:38 +0200 Subject: kartei/felix: fix eval --- kartei/feliks/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index 5ea921d2c..33f7f9663 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -8,7 +8,6 @@ with import ../../lib; nets.retiolum.ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; }); -in { in { users.feliks = { mail = "feliks@flipdot.org"; -- cgit v1.2.3 From c4bf35d8e13d1258fcbacd118a0fc75197b9fe7e Mon Sep 17 00:00:00 2001 From: xkey Date: Sat, 1 Apr 2023 18:32:13 +0200 Subject: kartei/xkey: new and re-added hosts, restructured this patch adds cybercube.xkey.w, re-adds aland as aland.xkey.w and restructures alias, so that affiliation is clearly visibile. also fixes an old typo... --- kartei/xkey/default.nix | 39 ++++++++++++++------------------------- 1 file changed, 14 insertions(+), 25 deletions(-) diff --git a/kartei/xkey/default.nix b/kartei/xkey/default.nix index a8a6648ce..939e04c7b 100644 --- a/kartei/xkey/default.nix +++ b/kartei/xkey/default.nix @@ -6,7 +6,7 @@ let ci = false; external = true; monitoring = false; - owner = config.krebs.users.kmein; + owner = config.krebs.users.xkey; } // optionalAttrs (host.nets?retiolum) { nets.retiolum = { ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; @@ -27,34 +27,17 @@ in }; hosts = mapAttrs hostDefaults { aland = { - nets = { - retiolum = { - ip4.addr = "10.243.12.34"; - aliases = [ "aland.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAwR1e8/4Lx7gqSyFhA5WpfT4LsnXqYARR6y+gYAOSre6wMvBm/OBY - CKEYCCfqQD3naukID9FqleXaZdIxp6xxBIYZ1yi1Xn032MPP0S37oZAxJlXvlEaU - plG9ct6Zh6qTzpghP2UyYD4RxhLwvsRTycwLF93D+a1z1/CNNDLSoTS11BLtvhDb - DmxTVY/1hWJUiVR4KyRsYnJ3N1Heg/4R/Su4oFm+DatfFYdzhaNsk9q3YYIRdRcx - aHLF65ygVTjG/rUJp/OvkeU1G5rc0ldpd7zR8N8kkjgI1lmZe50mUGghKr1zexV+ - OkIjXGrwTk4RZk3kZO6PZu56rrsR8HZirfrtJWRy7UgAm3S/lZku7X4SN3+7pfL1 - ero6/XB4CHeQ9OpQemcR5o6AR0ncE0TApqeoLd1U710XmwM09ifawAO3jm9ER19X - TKFHeBzqsToPmternXnAKgg2NYyKStkavQu6JTl/uOXdfqfMc9TU6mzV8aBo7ZDa - aLdlg0phcFCcZT8zJGzA3des70AHWmQ7G49pBysnXk8p+1l3SPazGAlIWBCT6oZX - zUUauGEgsuTkDC+JijUm/1HrrMfiigHeBTZKPLqe/75MkumukXqTzd3zfUEcA5Vf - VgEnL2jNVFfocJtmhLQdkmnSiIQslRSOHMC94ZWa0ku0kHZ3XawwwY0CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "gOEzoUsuJyaGIjoZIyS9uZa+zLYfN6BEZrbCTeAWW7A"; - }; + nets.wiregrill = { + ip4.addr = "10.244.12.34"; + aliases = [ "aland.xkey.w" ]; + wireguard.pubkey = "m2IymGYQiRma2cyZbwRsOw1rCpB5ZdFkfYII1hnHzGE="; }; }; catalonia = { nets = { retiolum = { ip4.addr = "10.243.13.12"; - aliases = [ "catalonia.r" ]; + aliases = [ "catalonia.xkey.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y @@ -74,11 +57,17 @@ in }; }; }; + cybercube = { + nets.wiregrill = { + aliases = [ "cybercube.xkey.w" ]; + wireguard.pubkey = "ZPOCyThKQUlR/gPFWoJ4XICHYFMNtI70XH+y5v2f6VQ="; + }; + }; rojava = { nets = { retiolum = { ip4.addr = "10.243.23.42"; - aliases = [ "rojava.r" ]; + aliases = [ "rojava.xkey.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEA3Xafx5PYDNRxRwWGo25paveBgEFQYWWOg5YYcqSlBsUzWkEwZPdd @@ -102,7 +91,7 @@ in nets = { retiolum = { ip4.addr = "10.243.161.1"; - aliases = [ "sicily.r" "mukke.r" ]; + aliases = [ "sicily.xkey.r" "mukke.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEAzjCrsMRptg22QJTXsNgrxE/CjpGiDD9NYExqiDQ7kyKJ7+nrjtJg -- cgit v1.2.3