summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/default.nix32
-rw-r--r--makefu/1systems/tsp.nix7
2 files changed, 37 insertions, 2 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 467cc4459..35ccd278d 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -335,9 +335,37 @@ let
};
};
};
+ pornocauster = {
+ cores = 2;
+ dc = "makefu"; #x220
+ nets = {
+ retiolum = {
+ addrs4 = ["10.243.0.91"];
+ addrs6 = ["42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"];
+ aliases = [
+ "pornocauster.retiolum"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAwW+RjRcp3uarkfXZ+FcCYY2GFcfI595GDpLRuiS/YQAB3JZEirHi
+ HFhDJN80fZ9qHqtq9Af462xSx+cIb282TxAqCM1Z9buipOcYTYo0m8xIqkT10dB3
+ mR87B+Ed1H6G3J6isdwEb9ZMegyGIIeyR53FJQYMZXjxdJbAmGMDKqjZSk1D5mo+
+ n5Vx3lGzTuDy84VyphfO2ypG48RHCxHUAx4Yt3o84LKoiy/y5E66jaowCOjZ6SqG
+ R0cymuhoBhMIk2xAXk0Qn7MZ1AOm9N7Wru7FXyoLc7B3+Gb0/8jXOJciysTG7+Gr
+ Txza6fJvq2FaH8iBnfezSELmicIYhc8Ynlq4xElcHhQEmRTQavVe/LDhJ0i6xJSi
+ aOu0njnK+9xK+MyDkB7n8dO1Iwnn7aG4n3CjVBB4BDO08lrovD3zdpDX0xhWgPRo
+ ReOJ3heRO/HsVpzxKlqraKWoHuOXXcREfU9cj3F6CRd0ECOhqtFMEr6TnuSc8GaE
+ KCKxY1oN45NbEFOCv2XKd2wEZFH37LFO6xxzSRr1DbVuKRYIPjtOiFKpwN1TIT8v
+ XGzTT4TJpBGnq0jfhFwhVjfCjLuGj29MCkvg0nqObQ07qYrjdQI4W1GnGOuyXkvQ
+ teyxjUXYbp0doTGxKvQaTWp+JapeEaJPN2MDOhrRFjPrzgo3aW9+97UCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
pigstarter = {
cores = 1;
- dc = "makefu"; #x200
+ dc = "frontrange"; #vps
nets = {
internet = {
addrs4 = ["192.40.56.122"];
@@ -375,7 +403,7 @@ let
};
users = addNames {
makefu = {
- mail = "root@euer.krebsco.de";
+ mail = "root@tsp.retiolum";
pubkey = readFile ../../Zpubkeys/makefu_arch.ssh.pub;
};
};
diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix
index f19dbfea6..6e93df51e 100644
--- a/makefu/1systems/tsp.nix
+++ b/makefu/1systems/tsp.nix
@@ -18,6 +18,13 @@
krebs.build.user = config.krebs.users.makefu;
krebs.build.target = "root@tsp";
+ krebs.exim-retiolum.enable = true;
+ networking.firewall.allowedTCPPorts = [
+ # nginx runs on 80
+ # graphite-web runs on 8080, carbon cache runs on 2003 tcp and udp
+ 25
+ ];
+
krebs.build.deps = {
nixpkgs = {
#url = https://github.com/NixOS/nixpkgs;