diff options
| author | Dhananjay Balan <mail@dbalan.in> | 2023-10-10 22:17:58 +0200 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2023-10-10 22:31:33 +0200 |
| commit | 6bff3fe5d8bfd2c58f2b3b1a7680e0b2ae68249d (patch) | |
| tree | 8aadf6a243a50f2d1c4a9503706e71b95b86b57a | |
| parent | 90eb0891c25177b427da5224138f26f6549bdc75 (diff) | |
kartei dbalan: init tofu
| -rw-r--r-- | kartei/dbalan/default.nix | 62 |
1 files changed, 45 insertions, 17 deletions
diff --git a/kartei/dbalan/default.nix b/kartei/dbalan/default.nix index 6bf10b921..1f7e22aca 100644 --- a/kartei/dbalan/default.nix +++ b/kartei/dbalan/default.nix @@ -2,29 +2,57 @@ let inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; slib = import ../../lib/pure.nix { inherit lib; }; - hostDefaults = hostName: host: flip recursiveUpdate host ({ - ci = false; - external = true; - monitoring = false; - owner = config.krebs.users.dbalan; - } // optionalAttrs (host.nets?retiolum) { - nets.retiolum = { - ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; - }; - } // optionalAttrs (host.nets?wiregrill) { - nets.wiregrill = { - ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; - }; - }); -in -{ + hostDefaults = hostName: host: + flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + owner = config.krebs.users.dbalan; + } // optionalAttrs (host.nets ? retiolum) { + nets.retiolum = { + ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { + inherit hostName; + }).address; + }; + } // optionalAttrs (host.nets ? wiregrill) { + nets.wiregrill = { + ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { + inherit hostName; + }).address; + }; + }); +in { users = rec { dbalan = { mail = "dbalan@thaum.space"; - pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60"; + pubkey = + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60"; }; }; hosts = mapAttrs hostDefaults { + tofu = { + nets.retiolum = { + aliases = [ "tofu.dbalan.r" ]; + ip4.addr = "10.243.43.12"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAlBMwSkdI+3CWPVazfDoPCoqYJH1MLd8Z/ZQCTFx4MhLO/DvJrb7H + HJEwvFuImk2yy4oYfcRz8pK+ymBDArdVT5aeTwztTbjkcWa5RTm2d2xuYppTUPZB + L0/yY+a+mP1eRa8O6HAoNx3ETvC5euJS40qISTh6grPGFV7i1HhGNPUkvYFlNF6q + rJs7RgC8Y2/OSNed5WdJfNYNBeB4xUiKtg3sShKQGO++860yNV4G+J+PtBVnMs8/ + MnxQbJxnMbhAHNQt5nV+Z66Ewy/2qcn4clrGB3SG1v9fFizzh9mAFK3Udfa+6s8r + JaM4BL41uOgHxiiKovmudxIRtts31cKzwPkMyThQpK8hdxJxrCzSQSbiDUkckE+5 + CeLgAh5jMwEkT6OvYOGZbyeqvZX5gX+yErJyRlsjgYs5TTlfUnpg1BKz2BErzb1b + +lWsZXjO03BpNXsuWhC2sspKfuB3+fjlNwR+ov8/UDTOwhzBz15TlufcxiqzA08d + yJiNylm07C19qxlffqSZ5KSZGTT+DZg53ror1PLMoxLApV5MgHiM6oltDxemSegb + yySGz/EFDDbQQYLYOPu6seLt+ktudvFTERmetV0Bn37Ok8Avs2y6BIgXWjVxcb5p + EDbE5tAvX/MZIU9rAXRqDAOulumfvsyFpK8RkXDEoIQEt+gDoZ5OzJsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "b355fDYFQgFFj3KfzUCv4DPSfoFTKklsB12imwci7fH"; + }; + }; + v60 = { nets.retiolum = { aliases = [ "v60.dbalan.r" ]; |