From 579c68e876e3a2134bff91b1d949930b15f12a4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 18 Sep 2023 15:06:59 +0200 Subject: [PATCH 1/6] kartei ruby: 131.159.38.101 -> 131.159.38.70 --- kartei/mic92/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 720b362fd..e7d1150c6 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -844,9 +844,9 @@ in { owner = config.krebs.users.mic92; nets = rec { internet = { - # of4.dse.cit.tum.de. - ip4.addr = "131.159.38.101"; - ip6.addr = "2a09:80c0:38::101"; + # ruby.dse.cit.tum.de. + ip4.addr = "131.159.38.70"; + ip6.addr = "2a09:80c0:38::70"; aliases = [ "ruby.i" ]; }; retiolum = { From b1e6d6f95259c88c5fee826ccb2c80c5b3356598 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 27 Sep 2023 11:30:04 +0200 Subject: [PATCH 2/6] kartei Ra33it0: fix unispore name and alias --- kartei/Ra33it0/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kartei/Ra33it0/default.nix b/kartei/Ra33it0/default.nix index 64e40182a..d08fe27d1 100644 --- a/kartei/Ra33it0/default.nix +++ b/kartei/Ra33it0/default.nix @@ -4,10 +4,10 @@ in { users.Ra33it0 = { mail = "Ra33it0@posteo.net"; }; - hosts.DUMMYHOST = { + hosts.unispore = { owner = config.krebs.users.Ra33it0; nets.retiolum = { - aliases = [ "Ra33it0.Ra33it0.r" ]; + aliases = [ "unispore.Ra33it0.r" ]; ip6.addr = (slib.krebs.genipv6 "retiolum" "Ra33it0" { hostName = "unispore"; }).address; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- From c0090dd2b1919f3aa3c7fe0e930ed5685d352e68 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 27 Sep 2023 11:30:49 +0200 Subject: [PATCH 3/6] kartei Ra33it0: normalize retiolum RSA key --- kartei/Ra33it0/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kartei/Ra33it0/default.nix b/kartei/Ra33it0/default.nix index d08fe27d1..e4389b32d 100644 --- a/kartei/Ra33it0/default.nix +++ b/kartei/Ra33it0/default.nix @@ -10,7 +10,7 @@ in { aliases = [ "unispore.Ra33it0.r" ]; ip6.addr = (slib.krebs.genipv6 "retiolum" "Ra33it0" { hostName = "unispore"; }).address; tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- +-----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEA6Cb+b+snYpsQv1J0yMPSL4P0iKs2EkDtqtt6kBOvqFTr2lRB2thp mu9fRbz/CFmcvFXoEMWQEEkKcyhgJEola2+7Ra49iMNX55o/I0iZ499ZI5rIK/JG +A60ijPCh5TSGYIMiD7VWRsxoAtzB1DZ6n4z94KN0wQB5dXKuLPjk/TDfJPuzMrS @@ -22,7 +22,7 @@ CWYM/HzSffzztK8bF0DwhdWzjtNcwZ05XfA2krGZyMj9UxpwN84o1syCnnYC1Xzg 4r48fUhubXXE4SbdnN68pCNCct9DT8exPeYeJL2FHi6s+EsfBY+NGEAaQGJTeQEW zUSnX/txoZV6xGUKZ4iOgfQ4MBCVVdtPAaurNP/esVwOr0WF0DTuBDPGBaOqo+Us Ef5cREwrCE8nEY8tu3xl4M9iuCTwBuT79YFhfNI3jr1lcg6f8wGaTYsCAwEAAQ== - -----END RSA PUBLIC KEY----- +-----END RSA PUBLIC KEY----- ''; tinc.pubkey_ed25519 = "cFCAfLbDYv/Ty3m34aHgHr1dXGp2DSwfP0K7GG1TA7D"; }; From edc9552c6a2f75912cfbc15386d1835a1fbc9dc6 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 27 Sep 2023 20:25:08 +0200 Subject: [PATCH 4/6] kartei tv: init zoppo --- kartei/tv/hosts/zoppo.nix | 24 ++++++++++++++++++++++++ kartei/tv/wiregrill/zoppo.pub | 1 + 2 files changed, 25 insertions(+) create mode 100644 kartei/tv/hosts/zoppo.nix create mode 100644 kartei/tv/wiregrill/zoppo.pub diff --git a/kartei/tv/hosts/zoppo.nix b/kartei/tv/hosts/zoppo.nix new file mode 100644 index 000000000..4fcbe76c2 --- /dev/null +++ b/kartei/tv/hosts/zoppo.nix @@ -0,0 +1,24 @@ +{ + nets = { + retiolum = { + ip4.addr = "10.243.13.43"; + aliases = [ + "zoppo.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAtMzW+RL4mik0JHLL2p21bWy81bVv84mi/NKHyewXxx9EahD3cyOP + D/2gLipJnzyjxvM7HzR0FQpBCD5VLmRk2MrRENUGYzrNFhSu36gVg5bGngr0pZld + Fosd5wemGx6SUoXMzuBT/st0sg1Azg5mtA1joQTr47NlcwfFrUe7YT8i67szxJSO + Qo6BP+Zl6uVr9m8zSVwrj7TAoC7DQLhCTb3QJdpyYibHwpo0bMyyJjeuL/NpnOpH + Bv1pZ0oXr/nzCo+8jyQY4L2NonJnHtlzYOQf1cHJ+v+P1jOgGgBGqjo0LOE29Tvx + cfQYGLLZc4mRjVQJF3NYW6kHFqKmuu/y5QIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "nVIMNp7r21MYneV24x6qVesCjQYM/pvF6nzaihH7GfD"; + }; + }; + secure = true; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMk5DVtgzKmbJTsJs81GIMYE3YblnJJTc/FtVukKJK4J root@zoppo"; + syncthing.id = "F4GDV3I-QX6QAA5-32MXHXE-2RJDYBO-RFXGDFR-EGMN4IQ-OJDKL62-NCUWOAQ"; +} diff --git a/kartei/tv/wiregrill/zoppo.pub b/kartei/tv/wiregrill/zoppo.pub new file mode 100644 index 000000000..7574c4792 --- /dev/null +++ b/kartei/tv/wiregrill/zoppo.pub @@ -0,0 +1 @@ +5YFGAb9Tg/5HH+XHSKanh4P6jE7KTrViwqVuEkmQeSg= From 6bff3fe5d8bfd2c58f2b3b1a7680e0b2ae68249d Mon Sep 17 00:00:00 2001 From: Dhananjay Balan Date: Tue, 10 Oct 2023 22:17:58 +0200 Subject: [PATCH 5/6] kartei dbalan: init tofu --- kartei/dbalan/default.nix | 62 ++++++++++++++++++++++++++++----------- 1 file changed, 45 insertions(+), 17 deletions(-) diff --git a/kartei/dbalan/default.nix b/kartei/dbalan/default.nix index 6bf10b921..1f7e22aca 100644 --- a/kartei/dbalan/default.nix +++ b/kartei/dbalan/default.nix @@ -2,29 +2,57 @@ let inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; slib = import ../../lib/pure.nix { inherit lib; }; - hostDefaults = hostName: host: flip recursiveUpdate host ({ - ci = false; - external = true; - monitoring = false; - owner = config.krebs.users.dbalan; - } // optionalAttrs (host.nets?retiolum) { - nets.retiolum = { - ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; - }; - } // optionalAttrs (host.nets?wiregrill) { - nets.wiregrill = { - ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; - }; - }); -in -{ + hostDefaults = hostName: host: + flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + owner = config.krebs.users.dbalan; + } // optionalAttrs (host.nets ? retiolum) { + nets.retiolum = { + ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { + inherit hostName; + }).address; + }; + } // optionalAttrs (host.nets ? wiregrill) { + nets.wiregrill = { + ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { + inherit hostName; + }).address; + }; + }); +in { users = rec { dbalan = { mail = "dbalan@thaum.space"; - pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60"; + pubkey = + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60"; }; }; hosts = mapAttrs hostDefaults { + tofu = { + nets.retiolum = { + aliases = [ "tofu.dbalan.r" ]; + ip4.addr = "10.243.43.12"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAlBMwSkdI+3CWPVazfDoPCoqYJH1MLd8Z/ZQCTFx4MhLO/DvJrb7H + HJEwvFuImk2yy4oYfcRz8pK+ymBDArdVT5aeTwztTbjkcWa5RTm2d2xuYppTUPZB + L0/yY+a+mP1eRa8O6HAoNx3ETvC5euJS40qISTh6grPGFV7i1HhGNPUkvYFlNF6q + rJs7RgC8Y2/OSNed5WdJfNYNBeB4xUiKtg3sShKQGO++860yNV4G+J+PtBVnMs8/ + MnxQbJxnMbhAHNQt5nV+Z66Ewy/2qcn4clrGB3SG1v9fFizzh9mAFK3Udfa+6s8r + JaM4BL41uOgHxiiKovmudxIRtts31cKzwPkMyThQpK8hdxJxrCzSQSbiDUkckE+5 + CeLgAh5jMwEkT6OvYOGZbyeqvZX5gX+yErJyRlsjgYs5TTlfUnpg1BKz2BErzb1b + +lWsZXjO03BpNXsuWhC2sspKfuB3+fjlNwR+ov8/UDTOwhzBz15TlufcxiqzA08d + yJiNylm07C19qxlffqSZ5KSZGTT+DZg53ror1PLMoxLApV5MgHiM6oltDxemSegb + yySGz/EFDDbQQYLYOPu6seLt+ktudvFTERmetV0Bn37Ok8Avs2y6BIgXWjVxcb5p + EDbE5tAvX/MZIU9rAXRqDAOulumfvsyFpK8RkXDEoIQEt+gDoZ5OzJsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "b355fDYFQgFFj3KfzUCv4DPSfoFTKklsB12imwci7fH"; + }; + }; + v60 = { nets.retiolum = { aliases = [ "v60.dbalan.r" ]; From b5c9c677e3cd2e2f5576b468402486255e43000e Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 11 Oct 2023 19:58:47 +0200 Subject: [PATCH 6/6] zones: add NS _acme-challenge.krebsco.de --- krebs/3modules/zones.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/3modules/zones.nix b/krebs/3modules/zones.nix index 29c0b0f23..7a9cf5be1 100644 --- a/krebs/3modules/zones.nix +++ b/krebs/3modules/zones.nix @@ -17,6 +17,8 @@ with lib; { @ 3600 IN NS ns3.he.net. @ 3600 IN NS ns2.hosting.de. + _acme-challenge IN NS ns1 + panda NS panda panda A 130.61.237.100 '';