Merge branch 'master' of prism.r:stockholm
This commit is contained in:
commit
06b6454af7
484
krebs/3modules/external/default.nix
vendored
484
krebs/3modules/external/default.nix
vendored
|
@ -8,132 +8,34 @@ with import <stockholm/lib>;
|
|||
} // optionalAttrs (host.nets?retiolum) {
|
||||
nets.retiolum.ip6.addr =
|
||||
(krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
|
||||
} // optionalAttrs (host.nets?wiregrill) {
|
||||
nets.wiregrill.ip6.addr =
|
||||
(krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
|
||||
});
|
||||
ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
|
||||
tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
|
||||
|
||||
in {
|
||||
hosts = mapAttrs hostDefaults {
|
||||
sokrateslaptop = {
|
||||
owner = config.krebs.users.sokratess;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.142.104";
|
||||
aliases = [
|
||||
"sokrateslaptop.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2
|
||||
t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ
|
||||
rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW
|
||||
egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5
|
||||
aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V
|
||||
VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
kruck = {
|
||||
owner = config.krebs.users.palo;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.201";
|
||||
aliases = [
|
||||
"kruck.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
|
||||
QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
|
||||
EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
|
||||
uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
|
||||
/RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
|
||||
9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
|
||||
qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
|
||||
gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
|
||||
jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
|
||||
fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
|
||||
TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
scardanelli = {
|
||||
owner = config.krebs.users.kmein;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.2.2";
|
||||
aliases = [
|
||||
"scardanelli.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM93+YgGhk5PtcOrE7E/
|
||||
MAOMF/c9c4Ps6m8xd4VZat3ru07yH8Yfox1yM6jwZBwIwK2AC9DK0/k3WIvZQUge
|
||||
UKSTiXpE4z/0ceaesugLQ9KTjUty1e/2vQ78bOqmd7EG3aPV2QsjlgpjJ6qQxeFi
|
||||
kjlHoFi9NNBLVkIyaAdlAhwvZuYFmAY/FQEmm6+XOb+Nmo+fccQlG6+NinA2GOg0
|
||||
gdY/dKYxa04Ns/yu7TK3sBQIt6cg/YUk9VpyC4yIIRPMdyVcAPz3Kd2mp23fhSvx
|
||||
we80prWXYtdct4vXaBZm9FUY5y4SL3c0TEScuM73VXtr2tPAxjD5W4XMWhrjnIiY
|
||||
QzoyAquVS9rR4fCaoP+hw3Tjy7Att3voa/YlHEDaendxjZ3nuO0m0vcgOa+SfCNm
|
||||
SqLsqb8to1y8yJ8LnR2og4MbtasxqSe1L9VLTsb4k/AGfmAdlqyG4Q1h5pCBh0GL
|
||||
2F6FbYHzwrwqBvVCz4DTPygPtta5o7THpP50PgojtzNLm1yKWpfdcWeMgGQJSI0f
|
||||
m3yenytM1u0jjw7KbBG79Z3etFNIYZy4Uq/dryEJnwpTFls+zZn9Q3tDEnO4a38Q
|
||||
FgzV0VLQpRM/uf1powSDzoWp+/JYgB9464OKcTsSlVJpi3crxF86xFqqc39U2/u5
|
||||
lM61fOMcVW1KREdWypiDtu8CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
homeros = {
|
||||
owner = config.krebs.users.kmein;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.2.1";
|
||||
aliases = [
|
||||
"homeros.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd
|
||||
ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc
|
||||
6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v
|
||||
RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd
|
||||
vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3
|
||||
+LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc
|
||||
QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm
|
||||
fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh
|
||||
VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7
|
||||
k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX
|
||||
gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N
|
||||
mJ/hywVtvLxNkNimyztoKKMCAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
turingmachine = {
|
||||
dpdkm = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = {
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.168";
|
||||
aliases = [
|
||||
"turingmachine.r"
|
||||
];
|
||||
ip4.addr = "10.243.29.173";
|
||||
aliases = [ "dpdkm.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
|
||||
t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
|
||||
6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
|
||||
ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
|
||||
nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
|
||||
5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
|
||||
1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
|
||||
gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
|
||||
DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
|
||||
W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
|
||||
OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
|
||||
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
|
||||
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
|
||||
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
|
||||
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
|
||||
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
|
||||
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
|
||||
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
|
||||
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
|
||||
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
|
||||
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
|
||||
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
|
@ -177,83 +79,6 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
rock = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.171";
|
||||
aliases = [ "rock.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
|
||||
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
|
||||
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
|
||||
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
|
||||
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
|
||||
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
|
||||
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
|
||||
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
|
||||
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
|
||||
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
|
||||
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
inspector = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4.addr = "141.76.44.154";
|
||||
aliases = [ "inspector.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
ip4.addr = "10.243.29.172";
|
||||
aliases = [ "inspector.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG
|
||||
EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ
|
||||
7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF
|
||||
m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw
|
||||
WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd
|
||||
eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03
|
||||
OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau
|
||||
ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x
|
||||
B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG
|
||||
q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj
|
||||
7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
dpdkm = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.173";
|
||||
aliases = [ "dpdkm.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
|
||||
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
|
||||
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
|
||||
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
|
||||
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
|
||||
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
|
||||
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
|
||||
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
|
||||
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
|
||||
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
|
||||
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
eve = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
|
@ -289,18 +114,281 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
homeros = {
|
||||
owner = config.krebs.users.kmein;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.2.1";
|
||||
aliases = [
|
||||
"homeros.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd
|
||||
ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc
|
||||
6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v
|
||||
RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd
|
||||
vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3
|
||||
+LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc
|
||||
QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm
|
||||
fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh
|
||||
VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7
|
||||
k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX
|
||||
gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N
|
||||
mJ/hywVtvLxNkNimyztoKKMCAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
justraute = {
|
||||
owner = config.krebs.users.raute; # laptop
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.183.231";
|
||||
aliases = [
|
||||
"justraute.r"
|
||||
];
|
||||
tinc.pubkey = tinc-for "justraute";
|
||||
};
|
||||
};
|
||||
};
|
||||
kruck = {
|
||||
owner = config.krebs.users.palo;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.201";
|
||||
aliases = [
|
||||
"kruck.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
|
||||
QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
|
||||
EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
|
||||
uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
|
||||
/RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
|
||||
9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
|
||||
qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
|
||||
gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
|
||||
jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
|
||||
fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
|
||||
TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
qubasa = {
|
||||
owner = config.krebs.users.qubasa;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.175";
|
||||
aliases = [ "qubasa.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ioASTOx6Vndp316u89Z
|
||||
f+9WgfyVGw9deP2pQjoHnsPjBqRrsDCQGFO/U1ILQn0AWskQpHWHRir7Q6cI90jm
|
||||
8MqqGVymVFbeYbrOLHLjp+2fle9iU9DfST4O76TQwF/3elLf3tpGFS8EB+qF3Ig7
|
||||
aVOf5TuHPWWj6VtGTuWW9I8MsPnNykyRstlWXEztIs2zQrc0cO1IGd1QVarDGqTs
|
||||
KR4Zm7PvF7U193NzPLaH6jcdjF37FETLrNxAu88M+YnvXBp4oRHeJmvBloazpH0v
|
||||
aSb3+vNRlViMSlf9ImpAHlFRyvYYDAWlIY0nyeNUJna1ImGloSStLtBAhFAwc65j
|
||||
kmrXeK3TVAoGZQOvSbjFmI/nBgfHEOnz/9aRVHGUNoQ/nAM6UhALFEZV6sdjX6W4
|
||||
3p670DEO5fiI3fqqErkscbv8zSEjfmxV4YGMXVMw8Ub87fGwQEF17uDLeqD0k9AB
|
||||
7umwrWP53YffauAqinma0I6RcLRVRfJ2vhyBH1mKwAAW55WU6DpBTydy46kxy/Oz
|
||||
k9Cnxw7oMydUAAdnf5Axgs+dcx43lnXvGsoHi4lZycYhqtPe2YI152HAbGfmrixV
|
||||
Slzh8aiinBkLYW2VzJNTRmHvB3njjeua4/guXwe00G7MIs3UDMIieJNcVxb+E07v
|
||||
vF2rqhqU9b+1MQRhIPsBf4cCAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
rock = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.171";
|
||||
aliases = [ "rock.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
|
||||
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
|
||||
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
|
||||
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
|
||||
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
|
||||
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
|
||||
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
|
||||
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
|
||||
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
|
||||
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
|
||||
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
scardanelli = {
|
||||
owner = config.krebs.users.kmein;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.2.2";
|
||||
aliases = [
|
||||
"scardanelli.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM93+YgGhk5PtcOrE7E/
|
||||
MAOMF/c9c4Ps6m8xd4VZat3ru07yH8Yfox1yM6jwZBwIwK2AC9DK0/k3WIvZQUge
|
||||
UKSTiXpE4z/0ceaesugLQ9KTjUty1e/2vQ78bOqmd7EG3aPV2QsjlgpjJ6qQxeFi
|
||||
kjlHoFi9NNBLVkIyaAdlAhwvZuYFmAY/FQEmm6+XOb+Nmo+fccQlG6+NinA2GOg0
|
||||
gdY/dKYxa04Ns/yu7TK3sBQIt6cg/YUk9VpyC4yIIRPMdyVcAPz3Kd2mp23fhSvx
|
||||
we80prWXYtdct4vXaBZm9FUY5y4SL3c0TEScuM73VXtr2tPAxjD5W4XMWhrjnIiY
|
||||
QzoyAquVS9rR4fCaoP+hw3Tjy7Att3voa/YlHEDaendxjZ3nuO0m0vcgOa+SfCNm
|
||||
SqLsqb8to1y8yJ8LnR2og4MbtasxqSe1L9VLTsb4k/AGfmAdlqyG4Q1h5pCBh0GL
|
||||
2F6FbYHzwrwqBvVCz4DTPygPtta5o7THpP50PgojtzNLm1yKWpfdcWeMgGQJSI0f
|
||||
m3yenytM1u0jjw7KbBG79Z3etFNIYZy4Uq/dryEJnwpTFls+zZn9Q3tDEnO4a38Q
|
||||
FgzV0VLQpRM/uf1powSDzoWp+/JYgB9464OKcTsSlVJpi3crxF86xFqqc39U2/u5
|
||||
lM61fOMcVW1KREdWypiDtu8CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
sokrateslaptop = {
|
||||
owner = config.krebs.users.sokratess;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.142.104";
|
||||
aliases = [
|
||||
"sokrateslaptop.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2
|
||||
t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ
|
||||
rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW
|
||||
egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5
|
||||
aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V
|
||||
VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
tpsw = {
|
||||
cores = 2;
|
||||
owner = config.krebs.users.ciko; # main laptop
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.183.236";
|
||||
aliases = [
|
||||
"tpsw.r"
|
||||
];
|
||||
tinc.pubkey = tinc-for "tpsw";
|
||||
};
|
||||
};
|
||||
};
|
||||
turingmachine = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.168";
|
||||
aliases = [
|
||||
"turingmachine.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
|
||||
t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
|
||||
6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
|
||||
ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
|
||||
nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
|
||||
5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
|
||||
1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
|
||||
gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
|
||||
DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
|
||||
W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
|
||||
OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
inspector = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4.addr = "141.76.44.154";
|
||||
aliases = [ "inspector.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
ip4.addr = "10.243.29.172";
|
||||
aliases = [ "inspector.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG
|
||||
EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ
|
||||
7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF
|
||||
m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw
|
||||
WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd
|
||||
eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03
|
||||
OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau
|
||||
ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x
|
||||
B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG
|
||||
q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj
|
||||
7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
miaoski = {
|
||||
owner = config.krebs.users.miaoski;
|
||||
nets = {
|
||||
wiregrill = {
|
||||
aliases = [ "miaoski.w" ];
|
||||
wireguard = {
|
||||
pubkey = "8haz9JX5nAMORzNy89VdHC1Z9XA94ogaZsY3d2Rfkl4=";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
users = {
|
||||
Mic92 = {
|
||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE";
|
||||
mail = "joerg@higgsboson.tk";
|
||||
ciko = {
|
||||
mail = "wieczorek.stefan@googlemail.com";
|
||||
};
|
||||
exco = {
|
||||
mail = "dickbutt@excogitation.de";
|
||||
pubkey = ssh-for "exco";
|
||||
};
|
||||
kmein = {
|
||||
mail = "kieran.meinhardt@gmail.com";
|
||||
pubkey = ssh-for "kmein";
|
||||
};
|
||||
Mic92 = {
|
||||
mail = "joerg@higgsboson.tk";
|
||||
pubkey = ssh-for "Mic92";
|
||||
};
|
||||
palo = {
|
||||
};
|
||||
qubasa = {
|
||||
mail = "luis.nixos@gmail.com";
|
||||
};
|
||||
raute = {
|
||||
mail = "macxylo@gmail.com";
|
||||
pubkey = ssh-for "raute";
|
||||
};
|
||||
sokratess = {
|
||||
};
|
||||
ulrich = {
|
||||
mail = "shackspace.de@myvdr.de";
|
||||
pubkey = ssh-for "ulrich";
|
||||
};
|
||||
miaoski = {
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
|
|
1
krebs/3modules/external/ssh/Mic92.pub
vendored
Normal file
1
krebs/3modules/external/ssh/Mic92.pub
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE
|
1
krebs/3modules/external/ssh/kmein.pub
vendored
Normal file
1
krebs/3modules/external/ssh/kmein.pub
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com
|
1
krebs/3modules/external/ssh/raute.pub
vendored
Normal file
1
krebs/3modules/external/ssh/raute.pub
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH385gr3BAKJ92k1FaOLx2wFMgDFTmupOcww5g/bEAsO raute@wolf
|
14
krebs/3modules/external/tinc/justraute.pub
vendored
Normal file
14
krebs/3modules/external/tinc/justraute.pub
vendored
Normal file
|
@ -0,0 +1,14 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0FJ2Wh7y8lgXOLXR2VQh
|
||||
BsERf4uoWQ2UZexxv5bo6H9aYmyc+pA7q9ScP+ljKIXHLG3RbskIDFJLfs2HHS2u
|
||||
rCD3Pv71Ihx8fgmP7VdJktvFV8uBbDk2YF28Kd198ggEPL9ki1+LKzauTv0CCBcK
|
||||
O78VgN8v+l42v+oQSFk30FBYCpvld39dv74etb4/T4zmn7H3RNH+gPU1T0dge4yu
|
||||
xdlCk4TmNXWcw3cDvcCDDJFblH100IWRZ8enH4wHC5LvSKcYCqiiILsKAPuS8/J0
|
||||
cUePfRln1ZJDvR8AlO8ejRU7PC7550JbyqRbu0oAro2fLz7BOAJi6v8SbPU4GUaT
|
||||
uFDwJsIqcRnnC8a7N4DouDyUUnTWdTtuDtl0R/I9SYY/u4MhgmFI8bribhwDMmdC
|
||||
V7UM+023cC/mM9TqCPP0xdy3oiTXRyWk9aNEWep4box/VXmNsJ0hjeIi/W06eXBZ
|
||||
0j5T3wKnuxSzktyhq8Jt4zJEuarBfwGBcxNf+3CHuKjfN7SAxmQZCRwS/2cPcNDS
|
||||
HkApVsqTdOuLaXnoCJQyxvMQt70OCXmOs/bk0ZAcqNRJ+gYot1duplB+15+ro07j
|
||||
3sLbwUMsfpC40CnHd3s1w74/5l1DAc9Mo4I5xX0QH7PCgVzJ9wEctonaItWzT/q4
|
||||
vElG9ULoGQb0prlJC35i738CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
8
krebs/3modules/external/tinc/tpsw.pub
vendored
Normal file
8
krebs/3modules/external/tinc/tpsw.pub
vendored
Normal file
|
@ -0,0 +1,8 @@
|
|||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ
|
||||
Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML
|
||||
WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl
|
||||
OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM
|
||||
0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd
|
||||
pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
|
@ -91,14 +91,16 @@ in {
|
|||
};
|
||||
wiregrill = {
|
||||
via = internet;
|
||||
ip4.addr = "10.244.1.1";
|
||||
ip6.addr = w6 "1";
|
||||
aliases = [
|
||||
"prism.w"
|
||||
];
|
||||
wireguard = {
|
||||
pubkey = "oKJotppdEJqQBjrqrommEUPw+VFryvEvNJr/WikXohk=";
|
||||
subnets = [ "10.244.1.0/24" "42:1::/32" ];
|
||||
subnets = [
|
||||
(krebs.genipv6 "wiregrill" "external" 0).subnetCIDR
|
||||
(krebs.genipv6 "wiregrill" "lass" 0).subnetCIDR
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -274,7 +276,7 @@ in {
|
|||
nets = rec {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.133.115";
|
||||
ip6.addr = r6 "dead";
|
||||
ip6.addr = r6 "daed";
|
||||
aliases = [
|
||||
"daedalus.r"
|
||||
"cgit.daedalus.r"
|
||||
|
@ -290,8 +292,14 @@ in {
|
|||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
wiregrill = {
|
||||
ip6.addr = w6 "daed";
|
||||
aliases = [
|
||||
"daedalus.w"
|
||||
];
|
||||
wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI=";
|
||||
};
|
||||
};
|
||||
secure = true;
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g";
|
||||
};
|
||||
|
@ -470,7 +478,6 @@ in {
|
|||
phone = {
|
||||
nets = {
|
||||
wiregrill = {
|
||||
ip4.addr = "10.244.1.2";
|
||||
ip6.addr = w6 "a";
|
||||
aliases = [
|
||||
"phone.w"
|
||||
|
|
|
@ -992,57 +992,6 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
} // { # hosts only maintained in stockholm, not owned by me
|
||||
muhbaasu = rec {
|
||||
owner = config.krebs.users.root;
|
||||
cores = 1;
|
||||
nets = {
|
||||
internet = {
|
||||
ip4.addr = "217.160.206.154";
|
||||
aliases = [
|
||||
"muhbaasu.i"
|
||||
];
|
||||
};
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.139.184";
|
||||
aliases = [
|
||||
"muhbaasu.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA0f4C4xKXpnyV1ig03O2Kef8ag+/5WGkW90uxEBb/h5NY9barex+Z
|
||||
KqVbkPdHhwoCIINuCVcOnJXzeo0FZtSEq3zVhscVm0PVdNfjct8a9KMsK0iUmuul
|
||||
5WD9Glh5/1wkEmbRfVxDErhssz1b8YmFOAGQn+ujO/Znn3BLv36uKQvpqU2y5bzb
|
||||
+rVnq3eE1bCSeuj41bgEve8+vxpforjLO6gbE91mwp3Ol6nkkp6CjpG+aFTuLCAj
|
||||
YR0MIl2gGwskOGSI38QxlLouOlIGwus5f+KfC94ZP0pMwu5pT45UOUkVnlBXuZ9E
|
||||
igNHG2Vtm76nB3yYHndOvuDTOufatX61dQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
tpsw = {
|
||||
cores = 2;
|
||||
owner = config.krebs.users.ciko; # main laptop
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.183.236";
|
||||
aliases = [
|
||||
"tpsw.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ
|
||||
Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML
|
||||
WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl
|
||||
OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM
|
||||
0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd
|
||||
pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
users = rec {
|
||||
makefu = {
|
||||
|
@ -1079,16 +1028,5 @@ in {
|
|||
inherit (makefu) mail pgp;
|
||||
pubkey = pub-for "makefu.bob";
|
||||
};
|
||||
ciko = {
|
||||
mail = "wieczorek.stefan@googlemail.com";
|
||||
};
|
||||
ulrich = {
|
||||
pubkey = pub-for "ulrich";
|
||||
mail = "shackspace.de@myvdr.de";
|
||||
};
|
||||
exco = {
|
||||
mail = "dickbutt@excogitation.de";
|
||||
pubkey = pub-for "exco";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,12 +1,30 @@
|
|||
with import <stockholm/lib>;
|
||||
{ config, ... }: let
|
||||
|
||||
hostDefaults = hostName: host: flip recursiveUpdate host ({
|
||||
owner = config.krebs.users.tv;
|
||||
} // optionalAttrs (host.nets?retiolum) {
|
||||
nets.retiolum.ip6.addr =
|
||||
(krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address;
|
||||
});
|
||||
hostDefaults = hostName: host: foldl' recursiveUpdate {} [
|
||||
{
|
||||
owner = config.krebs.users.tv;
|
||||
}
|
||||
(optionalAttrs (host.nets?retiolum) {
|
||||
nets.retiolum = {
|
||||
ip6.addr =
|
||||
(krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address;
|
||||
};
|
||||
})
|
||||
(let
|
||||
pubkey-path = ./wiregrill + "/${hostName}.pub";
|
||||
in optionalAttrs (pathExists pubkey-path) {
|
||||
nets.wiregrill = {
|
||||
aliases = [
|
||||
"${hostName}.w"
|
||||
];
|
||||
ip6.addr =
|
||||
(krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address;
|
||||
wireguard.pubkey = readFile pubkey-path;
|
||||
};
|
||||
})
|
||||
host
|
||||
];
|
||||
|
||||
in {
|
||||
dns.providers = {
|
||||
|
@ -103,6 +121,9 @@ in {
|
|||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
wiregrill.wireguard.subnets = [
|
||||
(krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
|
||||
];
|
||||
};
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb";
|
||||
};
|
||||
|
|
1
krebs/3modules/tv/wiregrill/alnus.pub
Normal file
1
krebs/3modules/tv/wiregrill/alnus.pub
Normal file
|
@ -0,0 +1 @@
|
|||
w7+6kMf1P3Ka0kXXY4CCbr80TrWPYpe/zd13yuvz9SE=
|
1
krebs/3modules/tv/wiregrill/mu.pub
Normal file
1
krebs/3modules/tv/wiregrill/mu.pub
Normal file
|
@ -0,0 +1 @@
|
|||
4bboT+cZM1BYvNho9oKbO0MFnPFTvmASR+1IdV4/fwQ=
|
1
krebs/3modules/tv/wiregrill/ni.pub
Normal file
1
krebs/3modules/tv/wiregrill/ni.pub
Normal file
|
@ -0,0 +1 @@
|
|||
KiIiwkuin+E4FXqFajJjnoGKkHW3H3FzIx5EQrF1+lw=
|
1
krebs/3modules/tv/wiregrill/nomic.pub
Normal file
1
krebs/3modules/tv/wiregrill/nomic.pub
Normal file
|
@ -0,0 +1 @@
|
|||
UgvgarDtuSvbciNx5SU2NDbctb9/OTQ9Kr8H/O3931A=
|
1
krebs/3modules/tv/wiregrill/querel.pub
Normal file
1
krebs/3modules/tv/wiregrill/querel.pub
Normal file
|
@ -0,0 +1 @@
|
|||
sxaqrsqcDgdM3+QH6mxzqDs3SLWgm7J8AytpIbRZ2n0=
|
1
krebs/3modules/tv/wiregrill/wu.pub
Normal file
1
krebs/3modules/tv/wiregrill/wu.pub
Normal file
|
@ -0,0 +1 @@
|
|||
68bL6l3/sjbirva80tm0Dw6/PJu1S95nJC58gWCh42E=
|
1
krebs/3modules/tv/wiregrill/xu.pub
Normal file
1
krebs/3modules/tv/wiregrill/xu.pub
Normal file
|
@ -0,0 +1 @@
|
|||
XU76RFN0jG/YjffAPg3e3VuHF/iKMvVoRhHmixvLL1s=
|
1
krebs/3modules/tv/wiregrill/zu.pub
Normal file
1
krebs/3modules/tv/wiregrill/zu.pub
Normal file
|
@ -0,0 +1 @@
|
|||
WrILdnsketejrJuYM/sLEh89GdSVbddv8BG/D3sW7kw=
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||
"rev": "5d4a1a3897e2d674522bcb3aa0026c9e32d8fd7c",
|
||||
"date": "2018-11-24T00:40:22-05:00",
|
||||
"sha256": "19kryzx9a6x68mpyxks3dajraf92hkbnw1zf952k73s2k4qw9jlq",
|
||||
"rev": "b9fa31cea0e119ecf1867af4944ddc2f7633aacd",
|
||||
"date": "2018-12-22T15:37:52+00:00",
|
||||
"sha256": "1iqdra7nvcwbydjirjsk71rpzk4ljc0gzqy33fcp8l18y8iwh47k",
|
||||
"fetchSubmodules": false
|
||||
}
|
||||
|
|
|
@ -6,9 +6,8 @@ with import <stockholm/lib>;
|
|||
<stockholm/lass>
|
||||
|
||||
<stockholm/lass/2configs/retiolum.nix>
|
||||
<stockholm/lass/2configs/games.nix>
|
||||
<stockholm/lass/2configs/steam.nix>
|
||||
<stockholm/lass/2configs/backup.nix>
|
||||
<stockholm/lass/2configs/nfs-dl.nix>
|
||||
{
|
||||
# bubsy config
|
||||
users.users.bubsy = {
|
||||
|
@ -72,6 +71,7 @@ with import <stockholm/lib>;
|
|||
#remote control
|
||||
environment.systemPackages = with pkgs; [
|
||||
x11vnc
|
||||
torbrowser
|
||||
];
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-p tcp -i retiolum --dport 5900"; target = "ACCEPT"; }
|
||||
|
|
|
@ -147,6 +147,7 @@ with import <stockholm/lib>;
|
|||
OnCalendar = "00:37";
|
||||
};
|
||||
|
||||
nixpkgs.config.android_sdk.accept_license = true;
|
||||
programs.adb.enable = true;
|
||||
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||
virtualisation.docker.enable = true;
|
||||
|
|
|
@ -82,6 +82,13 @@ with import <stockholm/lib>;
|
|||
];
|
||||
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ];
|
||||
};
|
||||
users.users.kmein = {
|
||||
uid = genid_uint31 "kmein";
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.kmein.pubkey
|
||||
];
|
||||
};
|
||||
}
|
||||
{
|
||||
#hotdog
|
||||
|
@ -309,7 +316,7 @@ with import <stockholm/lib>;
|
|||
{ precedence = 1000; predicate = "-i retiolum -o wiregrill"; target = "ACCEPT"; }
|
||||
];
|
||||
krebs.iptables.tables.nat.POSTROUTING.rules = [
|
||||
{ v4 = false; predicate = "-s 42:1:ce16::/48 ! -d 42:1:ce16::48"; target = "MASQUERADE"; }
|
||||
{ v4 = false; predicate = "-s 42:1::/32 ! -d 42:1::/48"; target = "MASQUERADE"; }
|
||||
{ v6 = false; predicate = "-s 10.244.1.0/24 ! -d 10.244.1.0/24"; target = "MASQUERADE"; }
|
||||
];
|
||||
services.dnsmasq = {
|
||||
|
@ -390,6 +397,28 @@ with import <stockholm/lib>;
|
|||
ln -fnsT /var/lib/containers/yellow/var/download/finished /var/download/finished || :
|
||||
chown download: /var/download/finished
|
||||
'';
|
||||
|
||||
fileSystems."/export/download" = {
|
||||
device = "/var/lib/containers/yellow/var/download";
|
||||
options = [ "bind" ];
|
||||
};
|
||||
services.nfs.server = {
|
||||
enable = true;
|
||||
exports = ''
|
||||
/export 42::/16(insecure,ro,crossmnt)
|
||||
'';
|
||||
lockdPort = 4001;
|
||||
mountdPort = 4002;
|
||||
statdPort = 4000;
|
||||
};
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p udp --dport 2049"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p tcp --dport 4000:4002"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ in {
|
|||
./power-action.nix
|
||||
./copyq.nix
|
||||
./urxvt.nix
|
||||
./nfs-dl.nix
|
||||
{
|
||||
hardware.pulseaudio = {
|
||||
enable = true;
|
||||
|
|
|
@ -95,6 +95,7 @@ with import <stockholm/lib>;
|
|||
{ from = "lesswrong@lassul.us"; to = lass.mail; }
|
||||
{ from = "nordvpn@lassul.us"; to = lass.mail; }
|
||||
{ from = "csv-direct@lassul.us"; to = lass.mail; }
|
||||
{ from = "nintendo@lassul.us"; to = lass.mail; }
|
||||
];
|
||||
system-aliases = [
|
||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||
|
|
7
lass/2configs/nfs-dl.nix
Normal file
7
lass/2configs/nfs-dl.nix
Normal file
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
fileSystems."/mnt/prism" = {
|
||||
device = "prism.w:/export";
|
||||
fsType = "nfs";
|
||||
};
|
||||
}
|
||||
|
|
@ -135,6 +135,7 @@ in {
|
|||
"jla-trading.com"
|
||||
"ubikmedia.eu"
|
||||
"ubikmedia.de"
|
||||
"alewis.de"
|
||||
];
|
||||
ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem";
|
||||
ssl_key = "/var/lib/acme/lassul.us/key.pem";
|
||||
|
|
|
@ -63,6 +63,9 @@ in {
|
|||
locations."= /retiolum.hosts".extraConfig = ''
|
||||
alias ${pkgs.retiolum-hosts};
|
||||
'';
|
||||
locations."= /wireguard-key".extraConfig = ''
|
||||
alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey};
|
||||
'';
|
||||
locations."/tinc".extraConfig = ''
|
||||
alias ${config.krebs.tinc_graphs.workingDir}/external;
|
||||
'';
|
||||
|
|
|
@ -20,9 +20,7 @@
|
|||
|
||||
lass.mysqlBackup = {
|
||||
enable = true;
|
||||
config.all = {
|
||||
password = toString (<secrets/mysql_rootPassword>);
|
||||
};
|
||||
config.all = {};
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ in mkIf (hasAttr "wiregrill" config.krebs.build.host.nets) {
|
|||
;
|
||||
endpoint = mkIf (!isNull host.nets.wiregrill.via) (host.nets.wiregrill.via.ip4.addr + ":${toString host.nets.wiregrill.wireguard.port}");
|
||||
persistentKeepalive = mkIf (!isNull host.nets.wiregrill.via) 61;
|
||||
publicKey = host.nets.wiregrill.wireguard.pubkey;
|
||||
publicKey = (replaceStrings ["\n"] [""] host.nets.wiregrill.wireguard.pubkey);
|
||||
})
|
||||
(filterAttrs (_: h: hasAttr "wiregrill" h.nets) config.krebs.hosts);
|
||||
};
|
||||
|
|
|
@ -41,7 +41,7 @@ let
|
|||
};
|
||||
location = mkOption {
|
||||
type = str;
|
||||
default = "/bku/sql_dumps";
|
||||
default = "/backups/sql_dumps";
|
||||
};
|
||||
};
|
||||
}));
|
||||
|
@ -51,11 +51,9 @@ let
|
|||
|
||||
imp = {
|
||||
|
||||
#systemd.timers =
|
||||
# mapAttrs (_: plan: {
|
||||
# wantedBy = [ "timers.target" ];
|
||||
# timerConfig = plan.timerConfig;
|
||||
#}) cfg.config;
|
||||
services.mysql.ensureUsers = [
|
||||
{ ensurePermissions = { "*.*" = "ALL"; }; name = "root"; }
|
||||
];
|
||||
|
||||
systemd.services =
|
||||
mapAttrs' (_: plan: nameValuePair "mysqlBackup-${plan.name}" {
|
||||
|
@ -75,8 +73,10 @@ let
|
|||
|
||||
|
||||
start = plan: let
|
||||
backupScript = plan: db:
|
||||
"mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz";
|
||||
backupScript = plan: db: ''
|
||||
mkdir -p ${plan.location}
|
||||
mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz
|
||||
'';
|
||||
|
||||
in pkgs.pkgs.writeDash "mysqlBackup.${plan.name}" ''
|
||||
${concatMapStringsSep "\n" (backupScript plan) plan.databases}
|
||||
|
|
|
@ -11,10 +11,7 @@ pkgs.writeHaskellPackage "xmonad-lass" {
|
|||
"xmonad-stockholm"
|
||||
];
|
||||
text = /* haskell */ ''
|
||||
{-# LANGUAGE DeriveDataTypeable #-} -- for XS
|
||||
{-# LANGUAGE FlexibleContexts #-} -- for xmonad'
|
||||
{-# LANGUAGE LambdaCase #-}
|
||||
{-# LANGUAGE ScopedTypeVariables #-}
|
||||
|
||||
|
||||
module Main where
|
||||
|
@ -28,7 +25,7 @@ import System.Environment (getArgs, lookupEnv)
|
|||
import System.Exit (exitFailure)
|
||||
import System.IO (hPutStrLn, stderr)
|
||||
import System.Posix.Process (executeFile)
|
||||
import XMonad.Actions.CopyWindow (copy, kill1)
|
||||
import XMonad.Actions.CopyWindow (copy, copyToAll, kill1)
|
||||
import XMonad.Actions.CycleWS (toggleWS)
|
||||
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
|
||||
import XMonad.Actions.DynamicWorkspaces (withWorkspace)
|
||||
|
@ -149,6 +146,8 @@ myKeyMap =
|
|||
|
||||
, ("M4-d", floatNext True >> spawn "${pkgs.copyq}/bin/copyq show")
|
||||
|
||||
, ("M4-<F2>", windows copyToAll)
|
||||
|
||||
, ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" ''
|
||||
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
|
||||
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
|
||||
|
|
|
@ -21,6 +21,7 @@ in {
|
|||
];
|
||||
};
|
||||
}
|
||||
<stockholm/makefu/2configs/support-nixos.nix>
|
||||
# <stockholm/makefu/2configs/stats/client.nix>
|
||||
<stockholm/makefu/2configs/stats/netdata-server.nix>
|
||||
|
||||
|
@ -131,6 +132,7 @@ in {
|
|||
<stockholm/makefu/2configs/deployment/boot-euer.nix>
|
||||
<stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>
|
||||
<stockholm/makefu/2configs/bgt/hidden_service.nix>
|
||||
<stockholm/makefu/2configs/bgt/backup.nix>
|
||||
|
||||
# <stockholm/makefu/2configs/logging/client.nix>
|
||||
|
||||
|
|
|
@ -11,6 +11,7 @@ in {
|
|||
./hw/omo.nix
|
||||
#./hw/tsp.nix
|
||||
<stockholm/makefu>
|
||||
<stockholm/makefu/2configs/support-nixos.nix>
|
||||
<stockholm/makefu/2configs/zsh-user.nix>
|
||||
<stockholm/makefu/2configs/backup/state.nix>
|
||||
<stockholm/makefu/2configs/exim-retiolum.nix>
|
||||
|
|
20
makefu/2configs/bgt/backup.nix
Normal file
20
makefu/2configs/bgt/backup.nix
Normal file
|
@ -0,0 +1,20 @@
|
|||
{
|
||||
# Manual steps:
|
||||
# 1. ssh-copy-id root ssh-key to the remotes you want to back up
|
||||
# 2. run `rsnapshot hourly` manually as root to check if everything works
|
||||
services.rsnapshot = {
|
||||
enable = true;
|
||||
cronIntervals = {
|
||||
daily = "50 21 * * *";
|
||||
hourly = "0 */4 * * *";
|
||||
};
|
||||
extraConfig = ''
|
||||
retain hourly 5
|
||||
retain daily 365
|
||||
snapshot_root /var/backup
|
||||
backup root@binaergewitter.jit.computer:/opt/isso jit
|
||||
backup root@binaergewitter.jit.computer:/etc/systemd/system/isso.service jit
|
||||
backup root@binaergewitter.jit.computer:/etc/nginx/conf.d/isso.conf jit
|
||||
'';
|
||||
};
|
||||
}
|
4
makefu/2configs/hw/ssd.nix
Normal file
4
makefu/2configs/hw/ssd.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
{
|
||||
# ssd trimming
|
||||
services.fstrim.enable = true;
|
||||
}
|
|
@ -4,6 +4,7 @@ with import <stockholm/lib>;
|
|||
{
|
||||
imports = [
|
||||
./tpm.nix
|
||||
./ssd.nix
|
||||
];
|
||||
|
||||
boot.kernelModules = [
|
||||
|
@ -50,6 +51,7 @@ with import <stockholm/lib>;
|
|||
CPU_MAX_PERF_ON_BAT=30
|
||||
'';
|
||||
|
||||
|
||||
powerManagement.resumeCommands = ''
|
||||
${pkgs.rfkill}/bin/rfkill unblock all
|
||||
'';
|
||||
|
|
1
makefu/2configs/support-nixos.nix
Normal file
1
makefu/2configs/support-nixos.nix
Normal file
|
@ -0,0 +1 @@
|
|||
{ makefu.distrobump.enable = true; }
|
31
makefu/3modules/bump-distrowatch.nix
Normal file
31
makefu/3modules/bump-distrowatch.nix
Normal file
|
@ -0,0 +1,31 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.makefu.distrobump;
|
||||
|
||||
imp = {
|
||||
systemd.services.distrobump = {
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.curl ];
|
||||
restartIfChanged = false;
|
||||
startAt = "daily";
|
||||
serviceConfig = {
|
||||
PrivateTmp = true;
|
||||
Type = "oneshot";
|
||||
ExecStart = pkgs.writeDash "bump-distrowatch" ''
|
||||
set -euf
|
||||
UA='Mozilla/5.0 (X11; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0'
|
||||
curl -Lvc /tmp/cookie.jar -A "$UA" 'https://distrowatch.com/' >/dev/null
|
||||
sleep $(shuf -i 3-15 -n1).$(shuf -i 0-9 -n1)
|
||||
curl -Lvc /tmp/cookie.jar -A "$UA" -e 'https://distrowatch.com/' 'https://distrowatch.com/nixos?frphr' >/dev/null
|
||||
'';
|
||||
RandomizedDelaySec = 28800;
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
options.makefu.distrobump.enable = lib.mkEnableOption "distrobump";
|
||||
config = lib.mkIf cfg.enable imp;
|
||||
}
|
|
@ -3,6 +3,7 @@ _:
|
|||
{
|
||||
imports = [
|
||||
./awesome-extra.nix
|
||||
./bump-distrowatch.nix
|
||||
./deluge.nix
|
||||
./forward-journal.nix
|
||||
./netdata.nix
|
||||
|
|
|
@ -10,15 +10,16 @@ stdenv.mkDerivation rec {
|
|||
version = "0.1";
|
||||
|
||||
src = fetchzip {
|
||||
url = "http://www.ns-atmosphere.com/media/content/ns-atmosphere-programmer-linux-v01.zip";
|
||||
sha256 = "0g2fxbirgi0lm0mi69cmknqj7626fxjkwn98bqx5pcalxplww8k0";
|
||||
url = "https://archive.org/download/ns-atmosphere-programmer/ns-atmosphere-programmer-ubuntu-64bit-v01.zip";
|
||||
# original source: http://www.ns-atmosphere.com/media/content/ns-atmosphere-programmer-ubuntu-64bit-v01.zip
|
||||
sha256 = "1cnyydsmrcpfwpdiry7qybh179499wpbvlzq5rk442hq9ak416ri";
|
||||
};
|
||||
|
||||
buildInputs = with xlibs; [ libX11 libXxf86vm libSM gnome3.gtk libpng12 ];
|
||||
nativeBuildInputs = [ autoPatchelfHook makeWrapper ];
|
||||
|
||||
installPhase = ''
|
||||
install -D -m755 NS-Atmosphere-Programmer-Linux-v0.1/NS-Atmosphere $out/bin/NS-Atmosphere
|
||||
install -D -m755 NS-Atmosphere $out/bin/NS-Atmosphere
|
||||
wrapProgram $out/bin/NS-Atmosphere --prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \
|
||||
--suffix XDG_DATA_DIRS : '${gnome3.defaultIconTheme}/share'
|
||||
'';
|
||||
|
@ -26,7 +27,7 @@ stdenv.mkDerivation rec {
|
|||
dontStrip = true;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Payload programmer for ns-atmosphere injector";
|
||||
description = "Payload programmer for ns-atmosphere injector for nintendo switch";
|
||||
homepage = http://www.ns-atmosphere.com;
|
||||
maintainers = [ maintainers.makefu ];
|
||||
platforms = platforms.linux;
|
||||
|
|
195
makefu/5pkgs/xdcc-dl/default.nix
Normal file
195
makefu/5pkgs/xdcc-dl/default.nix
Normal file
|
@ -0,0 +1,195 @@
|
|||
# generated using pypi2nix tool (version: 1.8.0)
|
||||
# See more at: https://github.com/garbas/pypi2nix
|
||||
#
|
||||
# COMMAND:
|
||||
# pypi2nix -V 3.6 -r ./lol
|
||||
#
|
||||
|
||||
{ pkgs ? import <nixpkgs> {}
|
||||
}:
|
||||
|
||||
let
|
||||
|
||||
inherit (pkgs) makeWrapper;
|
||||
inherit (pkgs.stdenv.lib) fix' extends inNixShell;
|
||||
|
||||
pythonPackages =
|
||||
import "${toString pkgs.path}/pkgs/top-level/python-packages.nix" {
|
||||
inherit pkgs;
|
||||
inherit (pkgs) stdenv;
|
||||
python = pkgs.python36;
|
||||
};
|
||||
|
||||
commonBuildInputs = [];
|
||||
commonDoCheck = false;
|
||||
|
||||
withPackages = pkgs':
|
||||
let
|
||||
pkgs = builtins.removeAttrs pkgs' ["__unfix__"];
|
||||
interpreter = pythonPackages.buildPythonPackage {
|
||||
name = "python36-interpreter";
|
||||
buildInputs = [ makeWrapper ] ++ (builtins.attrValues pkgs);
|
||||
buildCommand = ''
|
||||
mkdir -p $out/bin
|
||||
ln -s ${pythonPackages.python.interpreter} $out/bin/${pythonPackages.python.executable}
|
||||
for dep in ${builtins.concatStringsSep " " (builtins.attrValues pkgs)}; do
|
||||
if [ -d "$dep/bin" ]; then
|
||||
for prog in "$dep/bin/"*; do
|
||||
if [ -f $prog ]; then
|
||||
ln -s $prog $out/bin/`basename $prog`
|
||||
fi
|
||||
done
|
||||
fi
|
||||
done
|
||||
for prog in "$out/bin/"*; do
|
||||
wrapProgram "$prog" --prefix PYTHONPATH : "$PYTHONPATH"
|
||||
done
|
||||
pushd $out/bin
|
||||
ln -s ${pythonPackages.python.executable} python
|
||||
popd
|
||||
'';
|
||||
passthru.interpreter = pythonPackages.python;
|
||||
};
|
||||
in {
|
||||
__old = pythonPackages;
|
||||
inherit interpreter;
|
||||
mkDerivation = pythonPackages.buildPythonPackage;
|
||||
packages = pkgs;
|
||||
overrideDerivation = drv: f:
|
||||
pythonPackages.buildPythonPackage (drv.drvAttrs // f drv.drvAttrs);
|
||||
withPackages = pkgs'':
|
||||
withPackages (pkgs // pkgs'');
|
||||
};
|
||||
|
||||
python = withPackages {};
|
||||
|
||||
generated = self: {
|
||||
inherit (pythonPackages) requests irc beautifulsoup4 six pyqt5;
|
||||
"PyExecJS" = python.mkDerivation {
|
||||
name = "PyExecJS-1.5.0";
|
||||
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/1c/a0/359e179605bbf3f6c6ed96c44e056eebed39732b67427f30d56e259934f2/PyExecJS-1.5.0.tar.gz"; sha256 = "99315766f8155eea195a3f4179b35cd8dc64b2360c081ae29d92c603c26aeaaa"; };
|
||||
doCheck = commonDoCheck;
|
||||
buildInputs = commonBuildInputs;
|
||||
propagatedBuildInputs = [
|
||||
self."six"
|
||||
];
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
homepage = "";
|
||||
license = licenses.mit;
|
||||
description = "Run JavaScript code from Python";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
|
||||
"bs4" = python.mkDerivation {
|
||||
name = "bs4-0.0.1";
|
||||
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/10/ed/7e8b97591f6f456174139ec089c769f89a94a1a4025fe967691de971f314/bs4-0.0.1.tar.gz"; sha256 = "36ecea1fd7cc5c0c6e4a1ff075df26d50da647b75376626cc186e2212886dd3a"; };
|
||||
doCheck = commonDoCheck;
|
||||
buildInputs = commonBuildInputs;
|
||||
propagatedBuildInputs = [
|
||||
self."beautifulsoup4"
|
||||
];
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
homepage = "";
|
||||
license = licenses.mit;
|
||||
description = "Screen-scraping library";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
"certifi" = python.mkDerivation {
|
||||
name = "certifi-2017.11.5";
|
||||
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/23/3f/8be01c50ed24a4bd6b8da799839066ce0288f66f5e11f0367323467f0cbc/certifi-2017.11.5.tar.gz"; sha256 = "5ec74291ca1136b40f0379e1128ff80e866597e4e2c1e755739a913bbc3613c0"; };
|
||||
doCheck = commonDoCheck;
|
||||
buildInputs = commonBuildInputs;
|
||||
propagatedBuildInputs = [ ];
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
homepage = "";
|
||||
license = "MPL-2.0";
|
||||
description = "Python package for providing Mozilla's CA Bundle.";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
"cfscrape" = python.mkDerivation {
|
||||
name = "cfscrape-1.9.1";
|
||||
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/cf/9a/50d3844d67fe5507217fd47c9e382e769ab5f7d967b41c25ba3712c441c3/cfscrape-1.9.1.tar.gz"; sha256 = "9cee3708c643904eaa010a64dd1715890457bb77010d87405fc1bfeb892508d7"; };
|
||||
doCheck = commonDoCheck;
|
||||
buildInputs = commonBuildInputs;
|
||||
propagatedBuildInputs = [
|
||||
self."PyExecJS"
|
||||
self."requests"
|
||||
];
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
homepage = "";
|
||||
license = "";
|
||||
description = "A simple Python module to bypass Cloudflare's anti-bot page. See https://github.com/Anorov/cloudflare-scrape for more information.";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
"typing" = python.mkDerivation {
|
||||
name = "typing-3.6.2";
|
||||
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/ca/38/16ba8d542e609997fdcd0214628421c971f8c395084085354b11ff4ac9c3/typing-3.6.2.tar.gz"; sha256 = "d514bd84b284dd3e844f0305ac07511f097e325171f6cc4a20878d11ad771849"; };
|
||||
doCheck = commonDoCheck;
|
||||
buildInputs = commonBuildInputs;
|
||||
propagatedBuildInputs = [ ];
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
homepage = "";
|
||||
license = licenses.psfl;
|
||||
description = "Type Hints for Python";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
|
||||
"urwid" = python.mkDerivation {
|
||||
name = "urwid-1.3.1";
|
||||
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/85/5d/9317d75b7488c335b86bd9559ca03a2a023ed3413d0e8bfe18bea76f24be/urwid-1.3.1.tar.gz"; sha256 = "cfcec03e36de25a1073e2e35c2c7b0cc6969b85745715c3a025a31d9786896a1"; };
|
||||
doCheck = commonDoCheck;
|
||||
buildInputs = commonBuildInputs;
|
||||
propagatedBuildInputs = [ ];
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
homepage = "";
|
||||
license = licenses.lgpl2;
|
||||
description = "A full-featured console (xterm et al.) user interface library";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
"xdcc-dl" = python.mkDerivation {
|
||||
name = "xdcc-dl-2.1.0";
|
||||
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/52/5a/1f1c8e77c212074d508701f208440bdfac4c6366de3f74fc9772a09369ef/xdcc_dl-2.1.0.tar.gz"; sha256 = "7071fca28de83ab0944b086a6dac0af053225b5663d9cf28a8dac868d81b2fc6"; };
|
||||
doCheck = commonDoCheck;
|
||||
buildInputs = commonBuildInputs;
|
||||
propagatedBuildInputs = [
|
||||
self."bs4"
|
||||
self."cfscrape"
|
||||
self."irc"
|
||||
self."requests"
|
||||
self."typing"
|
||||
self."urwid"
|
||||
];
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
homepage = "";
|
||||
license = licenses.gpl3;
|
||||
description = "An XDCC File Downloader based on the irclib framework";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
in python.withPackages
|
||||
(fix' (pkgs.lib.fold
|
||||
extends
|
||||
generated
|
||||
[]
|
||||
)
|
||||
)
|
|
@ -8,10 +8,6 @@ with import <stockholm/lib>;
|
|||
<stockholm/tv/2configs/retiolum.nix>
|
||||
];
|
||||
|
||||
# TODO remove non-hardware stuff from ../2configs/hw/x220.nix
|
||||
# networking.wireless.enable collides with networkmanager
|
||||
networking.wireless.enable = mkForce false;
|
||||
|
||||
boot = {
|
||||
initrd = {
|
||||
availableKernelModules = [ "ahci" ];
|
||||
|
|
|
@ -5,6 +5,7 @@ with import <stockholm/lib>;
|
|||
<stockholm/tv>
|
||||
<stockholm/tv/2configs/br.nix>
|
||||
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||
<stockholm/tv/2configs/hw/x220.nix>
|
||||
<stockholm/tv/2configs/retiolum.nix>
|
||||
];
|
||||
|
||||
|
@ -13,10 +14,7 @@ with import <stockholm/lib>;
|
|||
|
||||
tv.x0vncserver.enable = true;
|
||||
|
||||
# hardware configuration
|
||||
boot.initrd.luks.devices.muca = {
|
||||
device = "/dev/disk/by-uuid/7b24a931-40b6-44a6-ba22-c805cf164e91";
|
||||
};
|
||||
boot.initrd.luks.devices.muca.device = "/dev/sda2";
|
||||
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "xts" ];
|
||||
boot.initrd.availableKernelModules = [ "ahci" ];
|
||||
boot.kernelModules = [ "fbcon" "kvm-intel" ];
|
||||
|
@ -34,7 +32,7 @@ with import <stockholm/lib>;
|
|||
options = [ "defaults" "discard" ];
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-uuid/CEB1-9743";
|
||||
device = "/dev/sda1";
|
||||
fsType = "vfat";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -64,4 +64,6 @@ with import <stockholm/lib>;
|
|||
gnupg
|
||||
tmux
|
||||
];
|
||||
|
||||
networking.wireless.enable = true;
|
||||
}
|
||||
|
|
|
@ -41,6 +41,8 @@ with import <stockholm/lib>;
|
|||
};
|
||||
};
|
||||
|
||||
networking.wireless.enable = true;
|
||||
|
||||
services.printing.enable = true;
|
||||
|
||||
services.udev.extraRules = ''
|
||||
|
|
|
@ -147,6 +147,8 @@ with import <stockholm/lib>;
|
|||
gptfdisk
|
||||
];
|
||||
|
||||
networking.wireless.enable = true;
|
||||
|
||||
#services.bitlbee.enable = true;
|
||||
#services.tor.client.enable = true;
|
||||
#services.tor.enable = true;
|
||||
|
|
|
@ -44,6 +44,8 @@ with import <stockholm/lib>;
|
|||
};
|
||||
};
|
||||
|
||||
networking.wireless.enable = true;
|
||||
|
||||
services.printing.enable = true;
|
||||
|
||||
#services.bitlbee.enable = true;
|
||||
|
|
|
@ -25,8 +25,6 @@ with import <stockholm/lib>;
|
|||
config.boot.kernelPackages.broadcom_sta
|
||||
];
|
||||
|
||||
networking.wireless.enable = true;
|
||||
|
||||
nix = {
|
||||
buildCores = 2;
|
||||
maxJobs = 2;
|
||||
|
|
|
@ -26,8 +26,6 @@
|
|||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
networking.wireless.enable = true;
|
||||
|
||||
# Required for Centrino.
|
||||
hardware.enableRedistributableFirmware = true;
|
||||
|
||||
|
|
Loading…
Reference in a new issue