From eba696c5d2d8e25f1cd4a00007c3c1521fcc6e6f Mon Sep 17 00:00:00 2001 From: miefda Date: Wed, 30 Dec 2015 18:15:11 +0100 Subject: miefda: init with bobby --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 740ba67b..dddb2df5 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -81,6 +81,7 @@ let imp = mkMerge [ { krebs = import ./lass { inherit lib; }; } { krebs = import ./makefu { inherit lib; }; } + { krebs = import ./miefda { inherit lib; }; } { krebs = import ./mv { inherit lib; }; } { krebs = import ./shared { inherit lib; }; } { krebs = import ./tv { inherit lib; }; } -- cgit v1.2.3 From df89fb7e9121d395357885e00a24a616eb1fef57 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 6 Feb 2016 15:43:24 +0100 Subject: krebs.retiolum: don't generate extraHosts --- krebs/3modules/default.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index ba1f425d..7418434e 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -96,7 +96,6 @@ let retiolum = "hosts"; }; - # XXX This overlaps with krebs.retiolum networking.extraHosts = concatStringsSep "\n" (flatten ( mapAttrsToList (hostname: host: mapAttrsToList (netname: net: -- cgit v1.2.3 From a1f7f5e510ddc7a35bebe4ec7698e19d83d57c3f Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 6 Feb 2016 15:57:43 +0100 Subject: krebs: DRY up shorts of the networking.extraHosts generator --- krebs/3modules/default.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 7418434e..20eb944e 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -103,10 +103,8 @@ let aliases = longs ++ shorts; providers = dns.split-by-provider net.aliases cfg.dns.providers; longs = providers.hosts; - shorts = - map (removeSuffix ".${cfg.search-domain}") - (filter (hasSuffix ".${cfg.search-domain}") - longs); + shorts = let s = ".${cfg.search-domain}"; in + map (removeSuffix s) (filter (hasSuffix s) longs); in map (addr: "${addr} ${toString aliases}") net.addrs ) (filterAttrs (name: host: host.aliases != []) host.nets) -- cgit v1.2.3 From c4655c3baad28525550e7c1d0fb9589e06663a2b Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 6 Feb 2016 16:21:30 +0100 Subject: krebs.dns.providers: add i and r --- krebs/3modules/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 20eb944e..52950690 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -92,7 +92,9 @@ let de.krebsco = "zones"; gg23 = "hosts"; shack = "hosts"; + i = "hosts"; internet = "hosts"; + r = "hosts"; retiolum = "hosts"; }; -- cgit v1.2.3 From f1ebd4e4e1bdc76bfca894ace336064b81cc98a1 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 06:43:26 +0100 Subject: krebs knownHosts: add-port everywhere --- krebs/3modules/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 52950690..e11d40a0 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -179,7 +179,6 @@ let (mapAttrsToList (net-name: net: let - aliases = shorts ++ longs; longs = net.aliases; shorts = map (removeSuffix ".${cfg.search-domain}") @@ -190,7 +189,7 @@ let then "[${a}]:${toString net.ssh.port}" else a; in - aliases ++ map add-port net.addrs) + map add-port (shorts ++ longs ++ net.addrs)) host.nets); publicKey = host.ssh.pubkey; -- cgit v1.2.3 From 4c40eba8161d4afaa85984737c6f03adf861be7a Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 15:58:49 +0100 Subject: krebs: add localhost to knownHosts --- krebs/3modules/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index e11d40a0..e4e5642c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -155,7 +155,16 @@ let let inherit (config.krebs.build.host.ssh) privkey; in mkIf (privkey != null) (mkForce [privkey]); + # TODO use imports for merging services.openssh.knownHosts = + (let inherit (config.krebs.build.host.ssh) pubkey; in + optionalAttrs (pubkey != null) { + localhost = { + hostNames = ["localhost" "127.0.0.1" "::1"]; + publicKey = pubkey; + }; + }) + // # GitHub's IPv4 address range is 192.30.252.0/22 # Refs https://help.github.com/articles/what-ip-addresses-does-github-use-that-i-should-whitelist/ # 192.30.252.0/22 = 192.30.252.0-192.30.255.255 (1024 addresses) -- cgit v1.2.3 From 8b130a66287b829e7b6f9be0130df7231c7a6605 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 10 Feb 2016 19:06:32 +0100 Subject: krebs.nixpkgs.allowUnfreePredicate: init --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 62db9a5a..3d51076c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -21,6 +21,7 @@ let ./go.nix ./iptables.nix ./nginx.nix + ./nixpkgs.nix ./per-user.nix ./Reaktor.nix ./retiolum-bootstrap.nix -- cgit v1.2.3