From 8d2358ddc4bd06f63f9fb5ee176b38d398b82291 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2023 15:18:21 +0200 Subject: submodules: remove disko --- submodules/disko | 1 - 1 file changed, 1 deletion(-) delete mode 160000 submodules/disko diff --git a/submodules/disko b/submodules/disko deleted file mode 160000 index 7b186e0f8..000000000 --- a/submodules/disko +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 7b186e0f812a7c54a1fa86b8f7c0f01afecc69c2 -- cgit v1.2.3 From 353875a4168790ceb1f96449ffa3cc62d01d1d35 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2023 17:53:01 +0200 Subject: kartei lass: init ignavia --- kartei/lass/ignavia.nix | 19 +++++++++++++++++++ kartei/lass/ignavia/retiolum.ed25519_key.pub | 1 + kartei/lass/ignavia/retiolum.rsa_key.pub | 13 +++++++++++++ kartei/lass/ignavia/ssh.id_ed25519.pub | 1 + kartei/lass/ignavia/syncthing.pub | 1 + 5 files changed, 35 insertions(+) create mode 100644 kartei/lass/ignavia.nix create mode 100644 kartei/lass/ignavia/retiolum.ed25519_key.pub create mode 100644 kartei/lass/ignavia/retiolum.rsa_key.pub create mode 100644 kartei/lass/ignavia/ssh.id_ed25519.pub create mode 100644 kartei/lass/ignavia/syncthing.pub diff --git a/kartei/lass/ignavia.nix b/kartei/lass/ignavia.nix new file mode 100644 index 000000000..228be1912 --- /dev/null +++ b/kartei/lass/ignavia.nix @@ -0,0 +1,19 @@ +{ r6, w6, ... }: +{ + ci = false; + nets = { + retiolum = { + ip4.addr = "10.243.0.25"; + ip6.addr = r6 "16a2"; + aliases = [ + "ignavia.r" + ]; + tinc = { + pubkey = builtins.readFile ./ignavia/retiolum.rsa_key.pub; + pubkey_ed25519 = builtins.replaceStrings [ "Ed25519PublicKey = " ] [ "" ] (builtins.readFile ./ignavia/retiolum.ed25519_key.pub); + }; + }; + }; + ssh.pubkey = builtins.readFile ./ignavia/ssh.id_ed25519.pub; + syncthing.id = builtins.readFile ./ignavia/syncthing.pub; +} diff --git a/kartei/lass/ignavia/retiolum.ed25519_key.pub b/kartei/lass/ignavia/retiolum.ed25519_key.pub new file mode 100644 index 000000000..cbe130fd5 --- /dev/null +++ b/kartei/lass/ignavia/retiolum.ed25519_key.pub @@ -0,0 +1 @@ +Ed25519PublicKey = iuu6UcJpUu+72IywGkeGh/PpJJZ9UidbsdTR00JbFQL diff --git a/kartei/lass/ignavia/retiolum.rsa_key.pub b/kartei/lass/ignavia/retiolum.rsa_key.pub new file mode 100644 index 000000000..1627ec7e1 --- /dev/null +++ b/kartei/lass/ignavia/retiolum.rsa_key.pub @@ -0,0 +1,13 @@ +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEAx362jbzjyKsPG4zAeZW1mgDWzaBoTz6JpJlN6ycsTLkrAAQrHiCs +Dz6sbE0zkQUcdFFuagqwROrQU81kx663azBAlHHsMs/vkVmbQk/ilXHHOYYbkRUS +zCfBe1JwXNPUyZ+v46IgOuvLLBfO00prcDj69sIqWdRMGAvKqYssSHuelBO3UdMl +7r5nQ+Kc5hOqfHjf1xW7eSL3BsAA1GP/nuHkhUJN4TOKXqlywTxpcJQKI35k1gR/ +zCH53qZQ6/GHe6lHEWIjrKdzg51h7cu6UbyfpVN0zoFSY3gcFemRNKk/LI8DxVZs +DjBQCpNVzRkrbmRIS0jTpzwSIvA7O204Z4Z7Q7ocrlFP5gKKT7M+Hk18CU0DIHwp +e5shYBGLPAswmWJQJUyXRyMjS580+ymxw5DRIym2Ogu8w3ztSOxbcWunvLAn9I84 +U6/njQxdKHeuCYBqlO1YHOJ+qKvU4HsV3EYjwGvVzxL4XVg24KvQJ4M6QZvjLYfS +oysx64tLBW4hYv4dTA0vLSa9/0zreNKucJRAaHYGw9rC6FZDK3b8AZiNOCSz2tWC +I/C/sw/UgZMev66MHVuO/K6xR5hpi1tW6ONZ3ecFp4N+MS8lUOQrCQ/L6UU58Qgr +AmAP6hM3FM1TCHEOC2jpLcUIHAdLf+xdzdp2ExPZJiMAUeV310i/dlECAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/kartei/lass/ignavia/ssh.id_ed25519.pub b/kartei/lass/ignavia/ssh.id_ed25519.pub new file mode 100644 index 000000000..9e6c348f8 --- /dev/null +++ b/kartei/lass/ignavia/ssh.id_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJjhIyEbkirWJcsuJHwnZx4QcFhIDNGGsMzJOp4lVnQY lass@aergia diff --git a/kartei/lass/ignavia/syncthing.pub b/kartei/lass/ignavia/syncthing.pub new file mode 100644 index 000000000..9c38cbda1 --- /dev/null +++ b/kartei/lass/ignavia/syncthing.pub @@ -0,0 +1 @@ +NWYGIWH-M2HDGLM-32HL27Z-DGO3ALT-QVCWEET-P436GDZ-4ELEB67-7OE6XQ2 -- cgit v1.2.3 From 5cc5e2d1e6d33279a90caf15cb8d72ea437393c9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2023 21:25:19 +0200 Subject: kartei lass: remove legacy keys --- kartei/lass/default.nix | 29 ++--------------------------- krebs/2configs/default.nix | 2 -- krebs/2configs/tor/initrd.nix | 2 -- 3 files changed, 2 insertions(+), 31 deletions(-) diff --git a/kartei/lass/default.nix b/kartei/lass/default.nix index fac48a8ba..fe3725809 100644 --- a/kartei/lass/default.nix +++ b/kartei/lass/default.nix @@ -25,36 +25,11 @@ in { inherit (slib) krebs; }) ); - users = rec { - lass = lass-yubikey; - lass-yubikey = { + users = { + lass = { mail = "lass@green.r"; pubkey = builtins.readFile ./ssh/yubikey.rsa; pgp.pubkeys.default = builtins.readFile ./pgp/yubikey.pgp; }; - lass-blue = { - mail = "lass@blue.r"; - pubkey = builtins.readFile ./ssh/blue.rsa; - }; - lass-green = { - mail = "lass@green.r"; - pubkey = builtins.readFile ./ssh/green.ed25519; - }; - lass-red = { - mail = "lass@red.r"; - pubkey = builtins.readFile ./ssh/red.ed25519; - }; - lass-mors = { - mail = "lass@mors.r"; - pubkey = builtins.readFile ./ssh/mors.rsa; - pgp.pubkeys.default = builtins.readFile ./pgp/mors.pgp; - }; - lass-android = { - mail = "lassulus@gmail.com"; - pubkey = builtins.readFile ./ssh/android.ed25519; - }; - lass-tablet = { - pubkey = builtins.readFile ./ssh/tablet.ed25519; - }; }; } diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index bd4f36cbe..905eaaef7 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -48,9 +48,7 @@ with import ../../lib/pure.nix { inherit lib; }; users.mutableUsers = false; users.extraUsers.root.openssh.authorizedKeys.keys = [ - config.krebs.users.jeschli-brauerei.pubkey config.krebs.users.lass.pubkey - config.krebs.users.lass-mors.pubkey config.krebs.users.makefu.pubkey config.krebs.users.tv.pubkey config.krebs.users.kmein.pubkey diff --git a/krebs/2configs/tor/initrd.nix b/krebs/2configs/tor/initrd.nix index 21c46a0a7..768439734 100644 --- a/krebs/2configs/tor/initrd.nix +++ b/krebs/2configs/tor/initrd.nix @@ -7,9 +7,7 @@ enable = true; port = 22; authorizedKeys = [ - config.krebs.users.jeschli-brauerei.pubkey config.krebs.users.lass.pubkey - config.krebs.users.lass-mors.pubkey config.krebs.users.makefu.pubkey config.krebs.users.tv.pubkey ]; -- cgit v1.2.3 From 84818541d5db5a1c129c29506a6eca8e8faf6522 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 5 Oct 2023 21:25:37 +0200 Subject: sync-containers3: add startComamnd option --- krebs/3modules/sync-containers3.nix | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix index c88dd5919..6d3a71324 100644 --- a/krebs/3modules/sync-containers3.nix +++ b/krebs/3modules/sync-containers3.nix @@ -32,6 +32,17 @@ in { type = lib.types.bool; default = true; }; + startCommand = lib.mkOption { + type = lib.types.str; + default = '' + set -efu + mkdir -p /var/state/var_src + ln -Tfrs /var/state/var_src /var/src + if test -e /var/src/nixos-config; then + /run/current-system/sw/bin/nixos-rebuild -I /var/src switch || : + fi + ''; + }; }; })); }; @@ -52,14 +63,7 @@ in { NIX_REMOTE = "daemon"; }; wantedBy = [ "multi-user.target" ]; - serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" '' - set -efu - mkdir -p /var/state/var_src - ln -Tfrs /var/state/var_src /var/src - if test -e /var/src/nixos-config; then - /run/current-system/sw/bin/nixos-rebuild -I /var/src switch || : - fi - ''; + serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" ctr.startCommand; unitConfig.X-StopOnRemoval = false; }; }; -- cgit v1.2.3 From 4f4b7a63da0758d80b74e26dd9d65cd69d200bb2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 6 Oct 2023 12:21:40 +0200 Subject: ignavia: fix syncthing pubkey --- kartei/lass/ignavia.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kartei/lass/ignavia.nix b/kartei/lass/ignavia.nix index 228be1912..88d290e70 100644 --- a/kartei/lass/ignavia.nix +++ b/kartei/lass/ignavia.nix @@ -15,5 +15,5 @@ }; }; ssh.pubkey = builtins.readFile ./ignavia/ssh.id_ed25519.pub; - syncthing.id = builtins.readFile ./ignavia/syncthing.pub; + syncthing.id = builtins.replaceStrings [ "\n" ] [ "" ] (builtins.readFile ./ignavia/syncthing.pub); } -- cgit v1.2.3