add siem internal network

2016-06-23 16:45:44 +02:00 · 2016-06-23 16:45:44 +02:00 · 5894ecc942
parent a7310f526d
commit 5894ecc942
2 changed files with 49 additions and 4 deletions
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@ -48,6 +48,12 @@ with config.krebs.lib;
            -----END RSA PUBLIC KEY-----
          '';
        };
+        siem = {
+          ip4.addr = "10.8.10.2";
+          aliases = [
+            "darth.siem"
+          ];
+        };
      };
    };
    tsp = {
@ -98,6 +104,12 @@ with config.krebs.lib;
            -----END RSA PUBLIC KEY-----
          '';
        };
+        siem = {
+          ip4.addr = "10.8.10.4";
+          aliases = [
+            "arch.siem"
+          ];
+        };
      };
      ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
      ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@pornocauster";
@ -184,6 +196,8 @@ with config.krebs.lib;
        internet = {
          ip4.addr = "104.233.87.86";
          aliases = [
+            "wry.i"
+            "paste.i"
            "wry.internet"
            "paste.internet"
          ];
@ -194,10 +208,10 @@ with config.krebs.lib;
          ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad";
          aliases = [
            "graphs.wry.retiolum"
-            "graphs.retiolum"
+            "graphs.r" "graphs.retiolum"
            "paste.wry.retiolum"
-            "paste.retiolum"
-            "wry.retiolum"
+            "paste.r" "paste.retiolum"
+            "wry.r" "wry.retiolum"
            "wiki.makefu.retiolum"
            "wiki.wry.retiolum"
            "blog.makefu.retiolum"
@ -343,6 +357,13 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
    shoney = rec {
      cores = 1;
      nets = {
+        siem = {
+          ip4.addr = "10.8.10.1";
+          aliases = [
+            "sjump.siem"
+            "graphs.siem"
+          ];
+        };
        internet = {
          ip4.addr = "64.137.234.215";
          aliases = [
@ -456,6 +477,28 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
    };


+    lariat = rec {
+      cores = 2;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.64.7";
+          aliases = [
+            "lariat.r"
+          ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEAqiDzxADQYY8cWBH+R5aKSoxaFHLvPvVMgB7R1Y6QVTqD5YUCuINX
+            eBLFV9idHnHzdZU+xo/c8EFQf0hvyP0z3bcXaiw+RlpEYdK6tuaypJ3870toqWmA
+            269H8ufA3DA0hxlY7dwnhg8Rb7KGIlNN8fy4RMGe73PupF5aAmiDiEhPalv4E0qJ
+            unmk5y1OHQFPxYm++yLo5SVFlcO89jDtGpvg5papp8JvtxTkrshby1lXf/sph3Cv
+            d1z6h7S+HgT+BMwTZY5dIrwYAcob/t1sRmWsY62P1n02RbiJFm27wg0t/ZcfsI2o
+            yBjRTiK5ACJaIdpM99/902gJsuJASPGB2QIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
+
    soundflower = rec {
      cores = 1;
      nets = {
@ -598,6 +641,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
      };
    };

+  } // { # hosts only maintained in stockholm, not owned by me
    muhbaasu = rec {
      cores = 1;
      nets = {
@ -626,7 +670,6 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
        };
      };
    };
-  } // { # hosts only maintained in stockholm, not owned by me
    tpsw = {
      cores = 2;
      owner = config.krebs.users.ciko; # main laptop
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@ -16,6 +16,8 @@ with config.krebs.lib;
  nixpkgs.config.allowUnfreePredicate =  (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name);
  krebs = {
    enable = true;
+
+    dns.providers.siem = "hosts";
    search-domain = "retiolum";
    build =  {
      user = config.krebs.users.makefu;