From 0a09093b4185d8fa222b0d2e37bda279aa69d2a7 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 18 Jan 2021 23:13:21 +0100 Subject: repo-sync: use cfg.privateKeyFile.path --- krebs/3modules/repo-sync.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 91111f3eb..f9877c0f8 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -176,7 +176,7 @@ let ]; environment = { - GIT_SSH_COMMAND = "${pkgs.openssh}/bin/ssh -i ${cfg.stateDir}/ssh.priv"; + GIT_SSH_COMMAND = "${pkgs.openssh}/bin/ssh -i ${cfg.privateKeyFile.path}"; REPONAME = "${name}.git"; }; -- cgit v1.2.3 From 1cd73df0c8694f491d40f93a796ea58f150e88dc Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 21 Jan 2021 17:29:01 +0100 Subject: krebs.backup fping: select fastest by elapsed time --- krebs/3modules/backup.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index c0b218c15..910324f3c 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -226,10 +226,14 @@ let # XXX Is one ping enough to determine fastest address? fastest-address = host: '' - { ${pkgs.fping}/bin/fping Date: Sat, 23 Jan 2021 14:42:26 +0100 Subject: tv hu: init --- krebs/3modules/tv/default.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 6a09cc834..92f1a5bcd 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -82,6 +82,31 @@ in { ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au"; }; + hu = { + nets = { + retiolum = { + ip4.addr = "10.243.13.41"; + aliases = [ + "hu.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwj5T9Rejp8zGVrHjqA+OeMvcVpax4VazssnRPSUznUEOdVEeSJL5 + 8gDBJPtIfxF8iunXr5K7CW036tKvYaGMDwYMOPJZXhFCmU2yUF2g4BcqEhuDdIfO + +D2Pfr4lc9xO90SKOgwJ53qhf5yqeU/WQ3dpCF/n8k4SUmdafTsvh00UrxYpHuTU + C22BRXIKR4r/sCJUitWQSWNdSQUxh3lu7sUPr+6sZyJov+eu8oBVlPgYOv6u9nZe + YhrbCPDKMGPfnQTAtWfHIxNt70Ec5AG6ddQzLeVcM2gP5qi957Fert+C2RNtbz5s + Brbw1bqZ3P+CGzvxVJZtirvR2f3HkidGPQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = + "Ed25519PublicKey = PV8Dz9ni2cPXyJGiG5oU0XWdJkUPgrMzDuzHj7kpMzO"; + }; + }; + secure = true; + ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO+Rrf9tvuusYlnSZwUiHS4O+AhrpVZ/6n7peSRKojTc root@hu"; + }; mu = { ci = true; cores = 2; -- cgit v1.2.3 From 6a29e8bfcc34b7d59957793496789909fa9e994a Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 26 Jan 2021 20:20:05 +0100 Subject: upstream modules: init --- krebs/3modules/default.nix | 1 + krebs/3modules/upstream/default.nix | 10 ++++++++++ 2 files changed, 11 insertions(+) create mode 100644 krebs/3modules/upstream/default.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index e7d04ead8..85d27459b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -55,6 +55,7 @@ let ./sync-containers.nix ./tinc.nix ./tinc_graphs.nix + ./upstream ./urlwatch.nix ./repo-sync.nix ./xresources.nix diff --git a/krebs/3modules/upstream/default.nix b/krebs/3modules/upstream/default.nix new file mode 100644 index 000000000..ce7bd1644 --- /dev/null +++ b/krebs/3modules/upstream/default.nix @@ -0,0 +1,10 @@ +with import ; + +{ + imports = + map + (name: ./. + "/${name}") + (filter + (name: name != "default.nix" && !hasPrefix "." name) + (attrNames (readDir ./.))); +} -- cgit v1.2.3 From 46f57b43888027bd245d14087fc096329729cb03 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 25 Jan 2021 01:42:51 +0100 Subject: nixos/none: don't pull in feh unconditionally --- krebs/3modules/upstream/desktop-managers/default.nix | 5 +++++ krebs/3modules/upstream/desktop-managers/none.nix | 11 +++++++++++ 2 files changed, 16 insertions(+) create mode 100644 krebs/3modules/upstream/desktop-managers/default.nix create mode 100644 krebs/3modules/upstream/desktop-managers/none.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/upstream/desktop-managers/default.nix b/krebs/3modules/upstream/desktop-managers/default.nix new file mode 100644 index 000000000..4f60ee27d --- /dev/null +++ b/krebs/3modules/upstream/desktop-managers/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./none.nix + ]; +} diff --git a/krebs/3modules/upstream/desktop-managers/none.nix b/krebs/3modules/upstream/desktop-managers/none.nix new file mode 100644 index 000000000..892def985 --- /dev/null +++ b/krebs/3modules/upstream/desktop-managers/none.nix @@ -0,0 +1,11 @@ +# Replace upstream none desktop-manager by a real none, that doesn't pull in +# any dependencies. +with import ; +{ + disabledModules = singleton "services/x11/desktop-managers/none.nix"; + config.services.xserver.desktopManager.session = singleton { + name = "none"; + bgSupport = true; + start = ""; + }; +} -- cgit v1.2.3 From 21303714afa87ca3081a9fbc4585d86badc131bb Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 25 Jan 2021 01:46:22 +0100 Subject: nixos/coma: init sleep as desktop manager --- krebs/3modules/upstream/desktop-managers/coma.nix | 21 +++++++++++++++++++++ .../3modules/upstream/desktop-managers/default.nix | 1 + 2 files changed, 22 insertions(+) create mode 100644 krebs/3modules/upstream/desktop-managers/coma.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/upstream/desktop-managers/coma.nix b/krebs/3modules/upstream/desktop-managers/coma.nix new file mode 100644 index 000000000..95db7fb5c --- /dev/null +++ b/krebs/3modules/upstream/desktop-managers/coma.nix @@ -0,0 +1,21 @@ +with import ; +{ config, pkgs, ... }: { + options = { + services.xserver.desktopManager.coma = { + enable = mkEnableOption "sleep as a desktop manager"; + }; + }; + config = mkIf config.services.xserver.desktopManager.coma.enable { + services.xserver.desktopManager.session = singleton { + name = "coma"; + bgSupport = true; + start = /* sh */ '' + if test -n "$waitPID"; then + ${pkgs.uutils-coreutils}/bin/uutils-sleep 1s && kill $waitPID & + wait $waitPID + fi + exec -a sleep ${pkgs.uutils-coreutils}/bin/uutils-sleep infinity + ''; + }; + }; +} diff --git a/krebs/3modules/upstream/desktop-managers/default.nix b/krebs/3modules/upstream/desktop-managers/default.nix index 4f60ee27d..22e75439d 100644 --- a/krebs/3modules/upstream/desktop-managers/default.nix +++ b/krebs/3modules/upstream/desktop-managers/default.nix @@ -1,5 +1,6 @@ { imports = [ + ./coma.nix ./none.nix ]; } -- cgit v1.2.3 From 6e9f5602a92933dafc1f6c0420aa4329cdd9a17d Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 25 Jan 2021 01:54:28 +0100 Subject: nixos/xmonad: import and make reloadable Import nixos/modules/services/x11/window-managers/xmonad.nix from nixpkgs de121de16ef947bc8e8bfdaa37b5c6cc506050c6 and turn it into a user service that reloads xmonad whenever its configuration changes. --- .../3modules/upstream/window-managers/default.nix | 22 +++ krebs/3modules/upstream/window-managers/xmonad.nix | 189 +++++++++++++++++++++ 2 files changed, 211 insertions(+) create mode 100644 krebs/3modules/upstream/window-managers/default.nix create mode 100644 krebs/3modules/upstream/window-managers/xmonad.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/upstream/window-managers/default.nix b/krebs/3modules/upstream/window-managers/default.nix new file mode 100644 index 000000000..eecadca7e --- /dev/null +++ b/krebs/3modules/upstream/window-managers/default.nix @@ -0,0 +1,22 @@ +{ + imports = [ + # Replace upstream xmonad module with one that will be reloaded if changed. + # + # This module is intended to be upstreamed once fully tested. + # The patch to be committed can be obtained using: + # + # diff -u \ + # + # + { + disabledModules = [ "services/x11/window-managers/xmonad.nix" ]; + imports = [ ./xmonad.nix ]; + nixpkgs.overlays = [(self: super: { + writers = super.writers // { + writeHaskellBin = name: spec: with import ; + super.writers.writeHaskellBin name (removeAttrs spec ["ghcArgs"]); + }; + })]; + } + ]; +} diff --git a/krebs/3modules/upstream/window-managers/xmonad.nix b/krebs/3modules/upstream/window-managers/xmonad.nix new file mode 100644 index 000000000..356fa46bf --- /dev/null +++ b/krebs/3modules/upstream/window-managers/xmonad.nix @@ -0,0 +1,189 @@ +{pkgs, lib, config, ...}: + +with lib; +let + inherit (lib) mkOption mkIf optionals literalExample; + cfg = config.services.xserver.windowManager.xmonad; + + ghcWithPackages = cfg.haskellPackages.ghcWithPackages; + packages = self: cfg.extraPackages self ++ + optionals cfg.enableContribAndExtras + [ self.xmonad-contrib self.xmonad-extras ]; + + xmonad-vanilla = pkgs.xmonad-with-packages.override { + inherit ghcWithPackages packages; + }; + + xmonad-config = + let + xmonadAndPackages = self: [ self.xmonad ] ++ packages self; + xmonadEnv = ghcWithPackages xmonadAndPackages; + configured = pkgs.writers.writeHaskellBin "xmonad" { + ghc = cfg.haskellPackages.ghc; + libraries = xmonadAndPackages cfg.haskellPackages; + inherit (cfg) ghcArgs; + } cfg.config; + in + pkgs.runCommandLocal "xmonad" { + nativeBuildInputs = [ pkgs.makeWrapper ]; + } '' + install -D ${xmonadEnv}/share/man/man1/xmonad.1.gz $out/share/man/man1/xmonad.1.gz + makeWrapper ${configured}/bin/xmonad $out/bin/xmonad \ + --set NIX_GHC "${xmonadEnv}/bin/ghc" \ + --set XMONAD_XMESSAGE "${pkgs.xorg.xmessage}/bin/xmessage" + ''; + + xmonad = if (cfg.config != null) then xmonad-config else xmonad-vanilla; +in { + meta.maintainers = with maintainers; [ lassulus xaverdh ivanbrennan ]; + + options = { + services.xserver.windowManager.xmonad = { + enable = mkEnableOption "xmonad"; + haskellPackages = mkOption { + default = pkgs.haskellPackages; + defaultText = "pkgs.haskellPackages"; + example = literalExample "pkgs.haskell.packages.ghc784"; + description = '' + haskellPackages used to build Xmonad and other packages. + This can be used to change the GHC version used to build + Xmonad and the packages listed in + extraPackages. + ''; + }; + + extraPackages = mkOption { + default = self: []; + defaultText = "self: []"; + example = literalExample '' + haskellPackages: [ + haskellPackages.xmonad-contrib + haskellPackages.monad-logger + ] + ''; + description = '' + Extra packages available to ghc when rebuilding Xmonad. The + value must be a function which receives the attrset defined + in haskellPackages as the sole argument. + ''; + }; + + enableContribAndExtras = mkOption { + default = false; + type = lib.types.bool; + description = "Enable xmonad-{contrib,extras} in Xmonad."; + }; + + config = mkOption { + default = null; + type = with lib.types; nullOr (either path str); + description = '' + Configuration from which XMonad gets compiled. If no value is + specified, a vanilla xmonad binary is put in PATH, which will + attempt to recompile and exec your xmonad config from $HOME/.xmonad. + This setup is then analogous to other (non-NixOS) linux distributions. + + If you do set this option, you likely want to use "launch" as your + entry point for xmonad (as in the example), to avoid xmonad's + recompilation logic on startup. Doing so will render the default + "mod+q" restart key binding dysfunctional though, because that attempts + to call your binary with the "--restart" command line option, unless + you implement that yourself. You way mant to bind "mod+q" to + (restart "xmonad" True) instead, which will just restart + xmonad from PATH. This allows e.g. switching to the new xmonad binary + after rebuilding your system with nixos-rebuild. + + If you actually want to run xmonad with a config specified here, but + also be able to recompile and restart it from a copy of that source in + $HOME/.xmonad on the fly, you will have to implement that yourself + using something like "compileRestart" from the example. + This should allow you to switch at will between the local xmonad and + the one NixOS puts in your PATH. + ''; + example = '' + import XMonad + import XMonad.Util.EZConfig (additionalKeys) + import Control.Monad (when) + import Text.Printf (printf) + import System.Posix.Process (executeFile) + import System.Info (arch,os) + import System.Environment (getArgs) + import System.FilePath (()) + + compiledConfig = printf "xmonad-%s-%s" arch os + + compileRestart resume = + whenX (recompile True) $ + when resume writeStateToFile + *> catchIO + ( do + dir <- getXMonadDataDir + args <- getArgs + executeFile (dir compiledConfig) False args Nothing + ) + + main = launch defaultConfig + { modMask = mod4Mask -- Use Super instead of Alt + , terminal = "urxvt" } + `additionalKeys` + [ ( (mod4Mask,xK_r), compileRestart True) + , ( (mod4Mask,xK_q), restart "xmonad" True ) ] + ''; + }; + + xmonadCliArgs = mkOption { + default = []; + type = with lib.types; listOf str; + description = '' + Command line arguments passed to the xmonad binary. + ''; + }; + + ghcArgs = mkOption { + default = []; + type = with lib.types; listOf str; + description = '' + Command line arguments passed to the compiler (ghc) + invocation when xmonad.config is set. + ''; + }; + + }; + }; + config = mkIf cfg.enable { + services.xserver.windowManager = { + session = [{ + name = "xmonad"; + start = '' + systemctl --user start --wait xmonad.service & + waitPID=$! + ''; + }]; + }; + + system.userActivationScripts.xmonad-reload = /* sh */ '' + if ${pkgs.systemd}/bin/systemctl --user is-active --quiet xmonad.service; then + if [ "$(readlink -f "$XDG_RUNTIME_DIR"/xmonad/xmonad)" != ${xmonad}/bin/xmonad ]; then + ${pkgs.systemd}/bin/systemctl --user reload xmonad.service + fi + fi + ''; + + systemd.user.services.xmonad = { + requisite = [ "graphical-session.target" ]; + after = [ "graphical-session.target" ]; + environment.PATH = mkForce "%t/xmonad"; + environment.XMONAD_DATA_DIR = "%t/xmonad"; + serviceConfig = rec { + ExecStartPre = [ + "${pkgs.coreutils}/bin/mkdir -p %t/xmonad" + "${pkgs.coreutils}/bin/ln -fns ${xmonad}/bin/xmonad %t/xmonad/xmonad" + ]; + ExecStart = "%t/xmonad/xmonad ${lib.escapeShellArgs cfg.xmonadCliArgs}"; + ExecReload = ExecStartPre ++ [ "${xmonad-vanilla}/bin/xmonad --restart" ]; + }; + }; + + environment.systemPackages = [ xmonad ]; + }; +} -- cgit v1.2.3 From 25505301ad773e5a1b569e2432b1e0d62815bcc5 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 2 Feb 2021 22:28:25 +0100 Subject: htgen module: add package option --- krebs/3modules/htgen.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix index 0dddca6c8..70c4fcd2b 100644 --- a/krebs/3modules/htgen.nix +++ b/krebs/3modules/htgen.nix @@ -20,6 +20,11 @@ let default = config._module.args.name; }; + package = mkOption { + default = pkgs.htgen; + type = types.package; + }; + port = mkOption { type = types.uint; }; @@ -52,7 +57,7 @@ let User = htgen.user.name; PrivateTmp = true; Restart = "always"; - ExecStart = "${pkgs.htgen}/bin/htgen --serve"; + ExecStart = "${htgen.package}/bin/htgen --serve"; }; } ) cfg; -- cgit v1.2.3 From bbbd3d6cd89cc797fab9245decca62e05eb994b7 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 5 Feb 2021 17:43:24 +0100 Subject: krebs.setuid: disambiguate `config` --- krebs/3modules/setuid.nix | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index 97cf21cdd..3e068736b 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -1,11 +1,9 @@ -{ config, pkgs, lib, ... }: with import ; -let - cfg = config.krebs.setuid; +{ config, pkgs, ... }: let out = { options.krebs.setuid = api; - config = mkIf (cfg != {}) imp; + config = mkIf (config.krebs.setuid != {}) imp; }; api = mkOption { @@ -14,11 +12,11 @@ let # TODO make wrapperDir configurable inherit (config.security) wrapperDir; inherit (config.users) groups users; - in types.attrsOf (types.submodule ({ config, ... }: { + in types.attrsOf (types.submodule (self: let cfg = self.config; in { options = { name = mkOption { type = types.filename; - default = config._module.args.name; + default = cfg._module.args.name; }; envp = mkOption { type = types.nullOr (types.attrsOf types.str); @@ -58,21 +56,21 @@ let }; }; config.activate = let - src = pkgs.exec config.name { - inherit (config) envp filename; + src = pkgs.exec cfg.name { + inherit (cfg) envp filename; }; - dst = "${wrapperDir}/${config.name}"; + dst = "${wrapperDir}/${cfg.name}"; in '' cp ${src} ${dst} - chown ${config.owner}.${config.group} ${dst} - chmod ${config.mode} ${dst} + chown ${cfg.owner}.${cfg.group} ${dst} + chmod ${cfg.mode} ${dst} ''; })); }; imp = { system.activationScripts."krebs.setuid" = stringAfter [ "wrappers" ] - (concatMapStringsSep "\n" (getAttr "activate") (attrValues cfg)); + (concatMapStringsSep "\n" (getAttr "activate") (attrValues config.krebs.setuid)); }; in out -- cgit v1.2.3 From 315dcf3cbff0980495c0899a38ecdf538651dabc Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 5 Feb 2021 17:48:54 +0100 Subject: krebs.setuid: make wrapperDir configurable --- krebs/3modules/setuid.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index 3e068736b..64fedb911 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -9,8 +9,6 @@ with import ; api = mkOption { default = {}; type = let - # TODO make wrapperDir configurable - inherit (config.security) wrapperDir; inherit (config.users) groups users; in types.attrsOf (types.submodule (self: let cfg = self.config; in { options = { @@ -49,6 +47,10 @@ with import ; merge = mergeOneOption; }; }; + wrapperDir = mkOption { + default = config.security.wrapperDir; + type = types.absolute-pathname; + }; activate = mkOption { type = types.str; visible = false; @@ -59,8 +61,9 @@ with import ; src = pkgs.exec cfg.name { inherit (cfg) envp filename; }; - dst = "${wrapperDir}/${cfg.name}"; + dst = "${cfg.wrapperDir}/${cfg.name}"; in '' + mkdir -p ${cfg.wrapperDir} cp ${src} ${dst} chown ${cfg.owner}.${cfg.group} ${dst} chmod ${cfg.mode} ${dst} -- cgit v1.2.3 From 1ff4a60b8d241230c580fc5e9a705335c9c415a6 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 5 Feb 2021 19:52:07 +0100 Subject: krebs.shadow: admit password changes --- krebs/3modules/shadow.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/shadow.nix b/krebs/3modules/shadow.nix index cff66492d..9505efb0c 100644 --- a/krebs/3modules/shadow.nix +++ b/krebs/3modules/shadow.nix @@ -4,19 +4,21 @@ with import ; cfg = config.krebs.shadow; mergeShadowsJq = pkgs.writeJq "merge-shadows.jq" '' - def fields_3_to_9: ["1", "", "", "", "", "", ""]; + def is_int: . == (. | floor); + def fields_4_to_9: ["", "", "", "", "", ""]; + def check_fields_3_to_9: (.[2] | tonumber | is_int) and .[3:] == fields_4_to_9; def read_value: split(":") | if length == 9 then - if .[2:] == fields_3_to_9 then + if check_fields_3_to_9 then . else error("unrecognized field contents") end elif length == 2 then if .[1] | test("^\\$6\\$") then - . + fields_3_to_9 + . + ["1"] + fields_4_to_9 else error("unrecognized hashed password") end -- cgit v1.2.3 From f32fcc3e4a23b4883bcf8d470041e88fc04e7e4c Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 10 Feb 2021 15:50:55 +0100 Subject: brockman module: wait 5 sec when restarting --- krebs/3modules/brockman.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix index 32aa3489b..9b2ed4a71 100644 --- a/krebs/3modules/brockman.nix +++ b/krebs/3modules/brockman.nix @@ -29,6 +29,7 @@ in { PrivateTmp = true; RuntimeDirectory = "brockman"; WorkingDirectory = "%t/brockman"; + RestartSec = 5; }; }; }; -- cgit v1.2.3 From 438567e9b1cad51515791023a424d1b5773e148f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 4 Feb 2021 14:00:44 +0100 Subject: mic92: add grandalf to tinc . --- krebs/3modules/external/mic92.nix | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 29d0b27fa..76f7d9b09 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -453,6 +453,29 @@ in { }; }; }; + + grandalf = { + owner = config.krebs.users.mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.187"; + aliases = [ + "grandalf.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAn1wLOI8DluJAKvscyImoyG0gjxyVC1/Ky8A63YO7INy0SYBg3wU7 + XPSbix5VJZdADQ382LWg31ORYjnDg40c49gCGLfR6+awgd+Rb0sb4eAz07XENXJC + qc70oQrrXLi8HIfeckCsJHe514LJOMA3pU+muaMShOiSygoTiTlEH6RRrkC8HROL + 2/V7Hm2Sg7YS+MY8bI/x61MIagfkQKH2eFyqGG54Y80bIhm5SohMkiANu78GdngI + jb+EGlT/vq3+oGNFJ7Shy/VsR5GLDoZ5KCsT45DM87lOjGB7m+bOdizZQtWmJtC/ + /btEPWJPAD9lIY2iGtPrmeMWDNTW9c0iCwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + eva = { owner = config.krebs.users.mic92; nets = rec { -- cgit v1.2.3 From b879ccaeb92b6ee725719c53d93a53427d984a2f Mon Sep 17 00:00:00 2001 From: Harshavardhan Unnibhavi Date: Thu, 4 Feb 2021 16:26:03 +0000 Subject: Add redha to tinc --- krebs/3modules/external/mic92.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 76f7d9b09..3d5672b00 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -453,6 +453,28 @@ in { }; }; }; + + redha = { + owner = config.krebs.users.mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.188"; + aliases = [ + "redha.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAx7STxTTPMxXugweHpUGOeLUrrTSCt7j5l+fjNtArIygOGKEiAC5O + s0G4WHK2IcrNnv7pxS09S5mnXywi51aAL+G2fKzcU3YgLFuoUN4Kk5LohMvBynEE + a3kZK2/D+LMeFfpK2RWBPjLnulN29ke11Iot42TC6+NIMWiZh/Y2T0mKirUJQGsH + RV3zRlR7YfIOdR1AZ5S+qrmPF8hLb7O08TTXrHo8NQk5NAVUS89OYcn1pc9hnf/e + FK5qRrQFMRFB8KGV+n3+cx3XCM2q0ZPTNf06N+Usx6vTKLASa/4GaTcbBx+9Dndm + mFVWq9JjLa8e65tojzj8PhmgxqaNCf8aKwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; grandalf = { owner = config.krebs.users.mic92; -- cgit v1.2.3 From dd6a591c752696b2238a7f7df94614551a88842e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 8 Feb 2021 11:59:58 +0100 Subject: mic92: init dimitrios-desktop --- krebs/3modules/external/mic92.nix | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 3d5672b00..e45367a54 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -97,6 +97,27 @@ in { }; }; }; + dimitrios-desktop = { + owner = config.krebs.users.mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.189"; + aliases = [ + "dimitrios-desktop.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAz9aKIhzk8+ZNBQmU054yc1yTdMyaw1aqWXYyQZoCmFaBIlMvF8I0 + dd+56cGjK8O7KkEhheDL/ijj9cCcxbqHSTktXz47ScyTaN63h13+MBUIUzDwSO4E + 9fRUUn3lbZenhGoON7hlaHb/qAR0yLxip0Tw77bcq4hvKleD74NnAJILPoP1KRDY + O5vs8C8wpdJUtnlsfkAa058wDI+7GNPb0cs0/pBQVR2GUGb1xqVJ5obO/lFKOJ/e + DKemnlg736cEaIF6v9M+w4VmL8mNudDy6RxA6/xIErP5Ru2aK5lH5UBHVCwdLLCy + 8y3It9Tgji3G9nOFbhaeKDjeIAJ8sG+WjQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; donna = { owner = config.krebs.users.mic92; nets = rec { -- cgit v1.2.3 From b144f7150a50800d498f257873891c9b03b38bb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 8 Feb 2021 12:22:39 +0100 Subject: mic92: fix tinc name --- krebs/3modules/external/mic92.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index e45367a54..d4b2e4633 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -97,13 +97,13 @@ in { }; }; }; - dimitrios-desktop = { + dimitriosxps = { owner = config.krebs.users.mic92; nets = { retiolum = { ip4.addr = "10.243.29.189"; aliases = [ - "dimitrios-desktop.r" + "dimitriosxps.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From d0e7bc46b4cdb15f7505aa069ac29588b02ddf92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 11 Feb 2021 11:37:55 +0100 Subject: mic92: fix trailing whitespace for lassulus --- krebs/3modules/external/mic92.nix | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index d4b2e4633..306ab34eb 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -474,7 +474,7 @@ in { }; }; }; - + redha = { owner = config.krebs.users.mic92; nets = { @@ -506,14 +506,14 @@ in { "grandalf.r" ]; tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAn1wLOI8DluJAKvscyImoyG0gjxyVC1/Ky8A63YO7INy0SYBg3wU7 - XPSbix5VJZdADQ382LWg31ORYjnDg40c49gCGLfR6+awgd+Rb0sb4eAz07XENXJC - qc70oQrrXLi8HIfeckCsJHe514LJOMA3pU+muaMShOiSygoTiTlEH6RRrkC8HROL - 2/V7Hm2Sg7YS+MY8bI/x61MIagfkQKH2eFyqGG54Y80bIhm5SohMkiANu78GdngI - jb+EGlT/vq3+oGNFJ7Shy/VsR5GLDoZ5KCsT45DM87lOjGB7m+bOdizZQtWmJtC/ - /btEPWJPAD9lIY2iGtPrmeMWDNTW9c0iCwIDAQAB - -----END RSA PUBLIC KEY----- + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAn1wLOI8DluJAKvscyImoyG0gjxyVC1/Ky8A63YO7INy0SYBg3wU7 + XPSbix5VJZdADQ382LWg31ORYjnDg40c49gCGLfR6+awgd+Rb0sb4eAz07XENXJC + qc70oQrrXLi8HIfeckCsJHe514LJOMA3pU+muaMShOiSygoTiTlEH6RRrkC8HROL + 2/V7Hm2Sg7YS+MY8bI/x61MIagfkQKH2eFyqGG54Y80bIhm5SohMkiANu78GdngI + jb+EGlT/vq3+oGNFJ7Shy/VsR5GLDoZ5KCsT45DM87lOjGB7m+bOdizZQtWmJtC/ + /btEPWJPAD9lIY2iGtPrmeMWDNTW9c0iCwIDAQAB + -----END RSA PUBLIC KEY----- ''; }; }; -- cgit v1.2.3