tv: configure the wiregrill

2018-12-18 21:05:51 +01:00 · 2018-12-18 21:05:51 +01:00 · 0b57526d4f
commit 0b57526d4f
parent f7e0cdbc14
9 changed files with 35 additions and 6 deletions
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@ -1,12 +1,30 @@
 with import <stockholm/lib>;
 { config, ... }: let

-  hostDefaults = hostName: host: flip recursiveUpdate host ({
-    owner = config.krebs.users.tv;
-  } // optionalAttrs (host.nets?retiolum) {
-    nets.retiolum.ip6.addr =
-      (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address;
-  });
+  hostDefaults = hostName: host: foldl' recursiveUpdate {} [
+    {
+      owner = config.krebs.users.tv;
+    }
+    (optionalAttrs (host.nets?retiolum) {
+      nets.retiolum = {
+        ip6.addr =
+          (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address;
+      };
+    })
+    (let
+      pubkey-path = ./wiregrill + "/${hostName}.pub";
+    in optionalAttrs (pathExists pubkey-path) {
+      nets.wiregrill = {
+        aliases = [
+          "${hostName}.w"
+        ];
+        ip6.addr =
+          (krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address;
+        wireguard.pubkey = readFile pubkey-path;
+      };
+    })
+    host
+  ];

 in {
  dns.providers = {
@ -103,6 +121,9 @@ in {
            -----END RSA PUBLIC KEY-----
          '';
        };
+        wiregrill.wireguard.subnets = [
+          (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
+        ];
      };
      ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb";
    };
--- a/krebs/3modules/tv/wiregrill/alnus.pub
+++ b/krebs/3modules/tv/wiregrill/alnus.pub
@ -0,0 +1 @@
+w7+6kMf1P3Ka0kXXY4CCbr80TrWPYpe/zd13yuvz9SE=
--- a/krebs/3modules/tv/wiregrill/mu.pub
+++ b/krebs/3modules/tv/wiregrill/mu.pub
@ -0,0 +1 @@
+4bboT+cZM1BYvNho9oKbO0MFnPFTvmASR+1IdV4/fwQ=
--- a/krebs/3modules/tv/wiregrill/ni.pub
+++ b/krebs/3modules/tv/wiregrill/ni.pub
@ -0,0 +1 @@
+KiIiwkuin+E4FXqFajJjnoGKkHW3H3FzIx5EQrF1+lw=
--- a/krebs/3modules/tv/wiregrill/nomic.pub
+++ b/krebs/3modules/tv/wiregrill/nomic.pub
@ -0,0 +1 @@
+UgvgarDtuSvbciNx5SU2NDbctb9/OTQ9Kr8H/O3931A=
--- a/krebs/3modules/tv/wiregrill/querel.pub
+++ b/krebs/3modules/tv/wiregrill/querel.pub
@ -0,0 +1 @@
+sxaqrsqcDgdM3+QH6mxzqDs3SLWgm7J8AytpIbRZ2n0=
--- a/krebs/3modules/tv/wiregrill/wu.pub
+++ b/krebs/3modules/tv/wiregrill/wu.pub
@ -0,0 +1 @@
+68bL6l3/sjbirva80tm0Dw6/PJu1S95nJC58gWCh42E=
--- a/krebs/3modules/tv/wiregrill/xu.pub
+++ b/krebs/3modules/tv/wiregrill/xu.pub
@ -0,0 +1 @@
+XU76RFN0jG/YjffAPg3e3VuHF/iKMvVoRhHmixvLL1s=
--- a/krebs/3modules/tv/wiregrill/zu.pub
+++ b/krebs/3modules/tv/wiregrill/zu.pub
@ -0,0 +1 @@
+WrILdnsketejrJuYM/sLEh89GdSVbddv8BG/D3sW7kw=
				`@ -0,0 +1 @@`
				`w7+6kMf1P3Ka0kXXY4CCbr80TrWPYpe/zd13yuvz9SE=`
				`@ -0,0 +1 @@`
				`4bboT+cZM1BYvNho9oKbO0MFnPFTvmASR+1IdV4/fwQ=`
				`@ -0,0 +1 @@`
				`KiIiwkuin+E4FXqFajJjnoGKkHW3H3FzIx5EQrF1+lw=`
				`@ -0,0 +1 @@`
				`UgvgarDtuSvbciNx5SU2NDbctb9/OTQ9Kr8H/O3931A=`
				`@ -0,0 +1 @@`
				`sxaqrsqcDgdM3+QH6mxzqDs3SLWgm7J8AytpIbRZ2n0=`
				`@ -0,0 +1 @@`
				`68bL6l3/sjbirva80tm0Dw6/PJu1S95nJC58gWCh42E=`
				`@ -0,0 +1 @@`
				`XU76RFN0jG/YjffAPg3e3VuHF/iKMvVoRhHmixvLL1s=`
				`@ -0,0 +1 @@`
				`WrILdnsketejrJuYM/sLEh89GdSVbddv8BG/D3sW7kw=`