blob: 8418697b2b45c270c51a49e250bf0cb01b3a7fe6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
{ config, lib, ... }:
let
inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
external = true;
monitoring = false;
owner = config.krebs.users.rtunreal;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum = {
ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
};
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill = {
ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
};
});
ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
in
{
users = rec {
rtunreal = rtunreal-spinner;
rtunreal-spinner = {
mail = "unreal@rtinf.net";
pubkey = ssh-for "rtunreal.spinner";
};
rtunreal-runner = {
inherit (rtunreal-spinner) mail;
pubkey = ssh-for "rtunreal.runner";
};
};
hosts = mapAttrs hostDefaults {
rtworker = {
nets.retiolum = {
aliases = [ "worker.rtunreal.r" ];
ip4.addr = "10.243.20.24";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAs6abzbB+Jljux8ivE8gtuYpTxP3FDcXQ+p8DKwadwXyDwehfyKpJ
nMMOBPnFzUgrN9zTx7Y1unvzjyxDUoyCBrDv6VLG+cS1wDQJTkovVjqWgZAWEg66
UteNIxZoTqkQan8UD1Hb2rStpI+1C/fgqc4Kc0KX10sBp9qpsUBWwXqsXGsGOWEm
zLqjM5o0HnK9s4vKHatxvxe1yNoFiivsYDiiStnx0jXHuWcsDcazJeTYLJAdS9mC
nMfvpp6QTlDiGxxYzQrImo+KZ5aD3ugtvChK0UyIwdD1FDjgHm/NsZ1spheBhCNA
ddmS5s5xhwh86wMnbOIdrPYJweGyw4jLX6C3nqO/WJegJsfRFPKcBc0oR2lZ3pk+
JkcvdbxiqRBEuDjttkGia4TbJ8jFHDfGDAmuIMa0Oa0GmuF+DD3Fm6GTXsKTS2jZ
sAL3b5wH1iOWCKYQhZmHlqw9DiaywsNKeH+/YtAAArH0Mle1yDP0QwSHvI3xlg5H
6igmHcK70j0ZYQKQHm5Y6FboUTZUsXkIQFdMOdHUW2KeFVQOHDpnH/dXYW97Z0fU
e4/SOdveJmF1QOygwhdddcumblBJIk0ljMkIA1fo8D4viCo6Vu0wwZbzAXhZlYkr
dXVy/bhx6xNjFMsNvmsdGx7NEulyukrApLy3JmVYZEYvcKd5lMmvxksCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "cm3VTJMq+Z9JDaIAZhgNjs5nYOHzM8m4gglX4YCFfnF";
};
};
rtspinner = {
nets.retiolum = {
aliases = [ "spinner.rtunreal.r" ];
ip4.addr = "10.243.20.18";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEApgnFW2hCP2Lf+CGMtzgiTyA9sphEKGzVtOTJy+LxZ/WchFU6QiU6
Dl5ybz/Bor25dbwvQCRsQo42gPb+xyjsoHGu2q1NVazMQobePjt/8Qzfqw+Ydz3e
CC0Lq2J7A5HkzHAevvSHjWh52EfAfu9PGnsszDyWY/oKY+JkBd3wdnE4VsZIhUU6
Zrmuq+JU53Wy4TAcd3JNStvTW3z7MK4BXxovTV3zSq9sg4a120dyrG/d/m35abvm
V20Qb9VPmG+861f7gBn45M1w9d4X+3Ev8zum60Lk9JDRETfnufbOsSWNFVk2nsc3
wpCYd+7FMq5hBf75At/pQ32kbsMkAMpQDJlHwE/xmhxYU2mzlMLY6JW1gspOt00C
iny5qqmhMoZ3r1VmGuu1aA00V+My+dj5i+pvZiUQ9DG2eYoKM43Var2XsU6lURpL
UhozcYkb+ax9mqlaPjq2BSYLNzmqTJc3FJY6CcyZxIi4aB8EhDeebYD7wIX115tf
wwMIJB9FgmvwBhL2K48P5p8lmxU0sNidvv/Gnr3Fgf1p+jEo8BC9hDK3gigD0lqo
AGmRrjHQN7AjysTMTllDj8RSoO2LhOYTxVtcMsQnPJ9hfFrgnSpSZok64y0h+QJG
q2WZRBwRYORC7JfKNbE6drRtM6DXccMxOM0eQXoDvg3D5Xg4aqWy3ikCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "eHWJxlhbUQY0rT2PLqbqb9W4hf7zHh3+gEIRaGrxAdB";
};
};
rtrunner = {
nets.retiolum = {
aliases = [ "runner.rtunreal.r" ];
ip4.addr = "10.243.20.22";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAwWSzslk21TbghFsEWk+A0FobqgxrYyyimzSw772OhIpDmCLd63Vr
x1A/ytEObngMgv/YDTZrp23uFo9uFipAIZPBFBPDPi3fa8OuaGY6MFP6961Ui30l
4cHBfhuokfdDZxaARwsUtk3RgvFjQvF//Wgj6MIMg3lBMxr00/U3bhegkhP2NyT6
NCB9xbM6iJQyzOum49u0NHXUEkDzpHWm85CcyV4UTv+MQEnXU4l2irYFu+ArTPEn
dHqbKBd8lPuLTH1ehiOTh85qC/KV36jHWwmguR96aVEplrFMgV43VnpJj5jLa1NQ
n00JiCkCVf89LkAz4ZXtQ+5cvDRSWQGYql+J3KJ28YynLPOIlVlEJ+HjhaSQT/3O
qiREOjp2KPpnSoY5561J2LfmL+shpsVzyFxO+2P0K2bE5K66LfTfmoLUiHKq4/SR
8EPBZfwvMyWbL3vxngFhZKI01LMsf0YJxu9FWCOPa2X6B7JAxr1jMn0Uzw3ZvNnq
q6QK/sJhuM1/ddmCMofKYeOtfdunnboniFzI2QValuIdmlOi7nYNqy+gSrxRSWnJ
PTzGoJB9R4/PufSGJxUr7FCRxSY/TN7fJF74YVG9iVz2ttEuwdUI3ORQVrORbpEI
wEtM64cb0Dt2WyB3Sit8UGtK59BPYJcU7PB+tMnNLynPzFdkj8gDZtsCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "YJE4KD9PhDjxucDAGrbec5Yqqf3A8/VU0J0NV8EPXuN";
};
};
rtgraphene = {
nets.wiregrill = {
aliases = [ "graphene.rtunreal.w" ];
ip4.addr = "10.244.20.20";
wireguard.pubkey = "IZ7tnD5ZVqO886hFzk6k92R70p1J6jYvyIEAWUccehU=";
};
};
};
}
|