Merge remote-tracking branch 'lassul.us/master'

This commit is contained in:
makefu 2023-04-02 18:42:50 +02:00
commit 7239ec83c5
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
27 changed files with 467 additions and 143 deletions

202
kartei/0x4A6F/default.nix Normal file
View File

@ -0,0 +1,202 @@
with import ../../lib;
{ config, ... }: let
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
external = true;
monitoring = false;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
(krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
});
in {
users = {
"0x4A6F" = {
mail = "0x4A6F@shackspace.de";
pubkey = builtins.readFile ./ssh/0x4A6F.pub;
};
};
hosts = mapAttrs hostDefaults {
crustacea = {
owner = config.krebs.users."0x4A6F";
nets = {
retiolum = {
aliases = [ "crustacea.r" ];
ip4.addr = "10.243.42.63";
ip6.addr = "42:0:4a6f::4263";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA1dA67Uq6IcWTWVVcg5kO4OUcmYY/mUzERK6WwrU7m+Qq2ovA2Fh1
VTxfNzJg8zgyrBbUwpaLE4LuRgyrYbPABwgNMXS6wnHdunbm0x5RUcih/IRNobV1
uf2Q/rVcrXHZD5+YL09hTZnU7PVkZm6WX0fc79rEKYIEopPpomCs2mECPSmqZPaW
L9wprtRTuQ3V0xxrCuUKX7SxANEursM8SvNfKydWdaUxjIV2iGVKuVUkAZHwx5jJ
roKEriWsIJ6FHTMb1v5yWXrvngMgYlKrpF6/m/AHEkQoPsEJ+oBkn0fop9pfyZjM
WzMhZHcKFYebSI4HqFRuQOc1scIzUdpC/sZYLYlddbwpJHj4xdJwIUN03Uga/KRQ
n1SrJnhmXonHvJZFBYcNDR6aTtdN7mJVBv8bQ7DGt1q6Gp8QItQqvpdzq314+Pw6
0EVKPaqdz6Cqpwn8RtJ9ZGb6BE3yUrpJkU25DyCSO86LmeCchApwssghWvPsbBDg
iF4QCyrWJ2HFnl7jJDGbEajHaE/xko2dt1F5frTWxsmDHRKSRhaGDwp5qgFUpCa0
2h+zZqkG4boV6CrMEjStb15EOXTUVfq0DPojFik6agCltslsJAwp+f1fb7NSee4d
TNWb1CHfIQWLPnm1LFwphSqyHY/9ehcsX3PJ7oXI+/BnV8ivvoApWA0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "DWfh6H8Qco+GURdVRhKhLBAsN5epsEYhOM2+88dTdTE";
};
};
};
mystacocarida = {
owner = config.krebs.users."0x4A6F";
nets = {
retiolum = {
aliases = [ "mystacocarida.crustacea.r" ];
ip4.addr = "10.243.42.64";
ip6.addr = "42:0:4a6f::4264";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAs3B22OzRE7kPInW901npOyRlIuk/vMb834a2BEKSb6+taXqf5rXm
r4isRaZsoQACNS8b/vpvQGDITyA4Ji4S0WpbpTklYdx0VxLM33ezuvxeR4ZyPtrW
le47/kgJd2E/0e5QuU10P0i7VuauFdG6y9Iajts0pz5h7XJNU1pMoww3MF8+4iJ/
KvZjWHy6d+5gQ888do7vxbuAhaGK42KE+i9g0v5xtPzdFmJ9YdR8E2Ru3jH1DzWC
UdsOkqKmlBVaLSwmKIZ4c5JgSF/UuQxxJ0Yb/eZzPdltc1fa9aB/us3oFNhIsU0I
nJ0nW8LYferV9dl8w2v8Utvy6mPKObz0cBmFbXBIPMIrnVuJOpkulEei8W31m2cS
RcQOMFRBHvH4TugRvgbAwylrPH+aQ9+49g1RIMFyWBF/8Rt5H3ncFuWUvv8SQneQ
hJMOrEX5E4cfZMPvGNXNjinzngUzfh/QKaNxRBo0bXF4kyuZFcZ4Q7H9TiYchuwn
s5ZoaTmQ6WU0OpyUC6aUyKhB34+nJF/ySvzPnfpecAjN7NHXWgBzqLgCmHskrtgU
ukQ6Yy/8tF1hbrRrN3p+ZXk+9Fmqa4dD517UX6B2XXh5h7fOHCzQyOW+6mRHzbdB
wclhjSKW1+HxV9T1q1RP162v/CD1ozjDuXvLX6awPZ+AQf6lBAG/NbECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "6owOO5CReYHueN4v2joTy31NzrqLHe858TOvzeg0G+G";
};
};
};
tantulocarida = {
owner = config.krebs.users."0x4A6F";
nets = {
retiolum = {
aliases = [ "tantulocarida.crustacea.r" ];
ip4.addr = "10.243.42.65";
ip6.addr = "42:0:4a6f::4265";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA45SZZbq5HBG98oY8p3ZJFSfoMwopfLHMQ0fFvn7O0FOOPsTomsD1
S61HTSsGqHJ35TfNV+lh4jrldN1wPkSl8yhD6+SKoiVlM+UqJ2HQLQhFL6ZoOlOe
YSZ2Ws5ydnP32G61oV/1nfIp/q/jzrT0yWepol+HJth2YSHkDuBU1zA4ESkNhnj8
o9Qnryxq6PjLqqWq6y+grcR8eer/IlDTTJn0Mb6lk6gDivan2k0ryzSwWCZt5B9o
s10oIJqS1LxyrS35MP/vEI/FgcA1SX0TaVjMKbu4RwBqIXXC6Mb36PjRPbBf2P5J
5ZMOf1uwesnlUsWgmzEVFUnflqHTpRb/2kjDngvP8Ed7Q/tN0csWPl8mj8ghpwr1
+d7utmpjgW+glVPpFVGniGq5DVkXYBU6Wfg84weyyDDYP65R/81fRgesx14ikJqI
ML89G9hd/FiIjNk3sW3v5gj1FNl0R/sgsDjTnmvgTr3t8bBgsB2SSFa9VxgHToO0
rfRPYlAtN9YwIizgUImB6fhqMNzXRJnZsDcMqUmaAaKa1x6wwSR/QQlds9sPJDB+
ggkEaKpYsAzwZ7vjOFDdqH40zqCGM767UoPliThSfn4DPQnTSHzSyuR2dS8n26/r
wXTwb2yDDO6pNzHqgXS+whB2PCUrhfJUKfW60H3Lyn6umxjZ2rFspI0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "eoyCx4PvqsFpsyJq5X8J7zb+2oytliv0w3MIDIiaSTI";
};
};
};
thecostraca = {
owner = config.krebs.users."0x4A6F";
nets = {
retiolum = {
aliases = [ "thecostraca.crustacea.r" ];
ip4.addr = "10.243.42.66";
ip6.addr = "42:0:4a6f::4266";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAoLm9vVoUg79egwX5KDYdJLJvEygz5bh7r0/BcCrGeWUBn+S8HzPY
aVBEW/rcLK7blksGhnqo6HfncKlYH43AUzt3HTcjlfhMCeC4VLn+0f+QiW/HV4H4
k3IC9S8Imo7t5eDqHjchPqTyh2AuilbDHM6VoIgD95ozR8dtvWy9NL7dIOAxyrVF
m3WdHg5i7G+xus5u/Q35rCSCxpSsmkUBfEjixSC9lpQdMfc5Vvqy8qD/unLVNs1G
nFoFTtxrz9EVRz9fmYx/mFMC9FHuUD6qmG5YNjS5wWcOGw04GGRnwwT9rnuI3NOD
ttYk3b7cn3V+jOD8zCtcyH2DSIcVBIFbTULmX1Xq1462/IiyH0nQNH7DSbKGDc/V
OHYZOfiy5Wotua5BqLxZ4W3b0QDLjkLc06pD6YvOhZbs4igl4O+zDCCyE4OakEzk
1qugSumGM/hEavJFR96CWgyiJQOV1tnNWs7QDwtdZRkGaC7sPInc56RvHWjP0jDH
tcnfSDPPLdpf9Kl5VhmXlOWvg0FCuxLVlCcG8yJDx/Xm26GU6t+avi14cl29hX0M
lQF7x/sVpdTQtsv3IZ1glt/vhS/egucSHKXJ3VcRWlQkQagqDqwINYyaS5xoWmEk
4m6L/ndWc/y1A3zFC/4STsEyx4QuQcpMigkcz+42Ubb/wtQZGEmBND8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "Bfa9di1XiTzGTuDo+L7spfouq1WUc1pvQH9mziHVLEB";
};
};
};
branchiopoda = {
owner = config.krebs.users."0x4A6F";
nets = {
retiolum = {
aliases = [ "branchiopoda.crustacea.r" ];
ip4.addr = "10.243.42.67";
ip6.addr = "42:0:4a6f::4267";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAtNKC/MIY3X1vYR2tRz4jXEmqRFmUdQfwb3Fl55Bw/5GVySDe7Rtm
8+MyWRp18D9DVDNJ/mvhX4nYA5OR2q1m5VPX+jdkPbD+9KYVWWQpnPkKIdon1FpO
sw52BMx/jMdhq+6h510LSvFrVP4jnPaETzEMyLGdKqqq4R7D/KrkInLBtyAisjmN
6eeBZAfr+INrkpUY7zhArtzfDbTXqCLFR3ufxlBzVL0of/oDGw1Zvc5TOiAtWmOa
iVT/jzTqqf9Yhs1ot3Bxzf0pOrWNpGF6S3H8fl4kX/hGMVowjvKW7cLou38W5dOS
uweS6a/5dT3Z9RIQvnwjTMJ2/WjiRL3Kivk22W+58eqBxBAE1Fs0ujwGlGLYLATF
RSoD9N15agfiycqzy044Hg7CCBdyFcJF3aTWZ/59XmMIav3Liv52lmE/KdQyTnsL
p6dBjuyPGnrfrBZv/WDWEmWEkSFkh2oKCJYysIDxh1XfxxczacD4UTEjUce0ehbn
rTjkO5E2n5rMLYzsnC2XwolmXiHNdvhp4rl4lv+GzmJhsJFtJjx13WtI0XjnyPd9
WfJs7HHR8mK7FC0J2f1Rqsji9lxHVRMCu27jAaEuCi3Gsk33+UpgR2XvO9oxkMRz
RVIDXMl6NXy/nLaUmNKp8sPMfXycikY89ur9Z2OcgQ9/Q4tCPTS6GQ8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "Y/1hm0pGCElydpV23tQy5ibTBTNgs1fqHl4qPARAyRC";
};
};
};
copepoda = {
owner = config.krebs.users."0x4A6F";
nets = {
retiolum = {
aliases = [ "copepoda.crustacea.r" ];
ip4.addr = "10.243.42.68";
ip6.addr = "42:0:4a6f::4268";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA9eLYq5DVkWeFiqXz+OPENj5VljBoOOBDSwRlD/+aABFGNd/g+gSh
l3BUzkGNeH9gY8fHTSE4GzhkPRlK5+pRvx1xE3jWOT1iU+VIP8IKXGOIithZgWfg
T2aEejOvhB+qn2Be6T6PZkTa8hLJorYRNbe+npZTll8iW0h7f3FZNKGSGYIfeRYI
WHjtl0onv2lIGHi3fucUq2QTTd1G4GX7R2nI5XNvYLruSVj0dK2OU3oR4zNGWmlJ
QryM1QY6l3trFmdAxLQeTtNWcgUSKQozlCg6yTVCB3roFzdQe+P6ltpj3XM3LPKy
Vijk/tRvPozRZ87xVbuVcIVRYkvFewoAWmi8hITBxUTl4OG8qvXp8QAig/+ZpZN3
dYPqFmv0zdPp+Jd77Qz72f2ZFjKU1fvL8dyh1Uyc2PZRgnWEWrxNXlswybMPKrmX
rIEV3OMnqCcdI5JJFslUxiV5qGCcWTNF8yt0+OLe9gxS8G41hcxkENW50QgoZHon
h4pJsrb7/7d4ReFFit6K/S01V3lOOtFIDxHCwwnG7gLyc4bIXZmAu85JxSisPUt0
QJAxbSSKt9jduSpoqwXHXRtQdsPmFeClE9kVd3PAWHEFmqLLOdjvMxVVdVhGUabK
lL1kGoidqPMU3IXLjsxfHb/rVtGWi9yXSUM3a0vJt6+bNVt4bGvrtTkCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "HWfJMJfiiNXBywI0hvSbiep1/O9VpPu0T6cc/mU6dOI";
};
};
};
malacostraca = {
owner = config.krebs.users."0x4A6F";
nets = {
retiolum = {
aliases = [ "malacostraca.crustacea.r" ];
ip4.addr = "10.243.42.69";
ip6.addr = "42:0:4a6f::4269";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA0yIBnzkM8cJDEC5d/J8Pj/wT27PAMu7r1DLc9O1RkgD24tPhxq1k
W8Eo/NnirjcLjoJLG4V/GFRdVwLNEpngmRTGaqHknOZzGcFYUDLbrKGYULTjXheP
a3fU+ZNlH9YVurzgXNA5suNXzQAp0eY4DqydYvdk1o6HSrbo0uyiEP48tx38rAS0
N+V+kiQidtT45o+KrbEAAT/4znlsGLyB8u7U54Alrtukf86z70j3R2eUOleP2MDi
5UPdCnoKZKDLQWs23vXeMCcpnLqUXyLdVPrDmZKq9tGLgxsK2CC9Xu3brjAV3wLp
MeN1U55lxti+bkInFBMCjO8xS3clJ0W5DEtDV5QYCi78Niu99pe4KgRfDEA4PqK+
aykv1ljpI43NlQBtJKsqXUtzDEpYs5zSmy/tqLxeXqmvSYd3/+5JRWzLvQZ4YxlJ
EwjB6fxsBTe1eftohD2LiRWsjmvf0JWlb6+rfBoxMtX+wfI0yDR8Ozm8QRk9WgHO
aUP28fzqoFCim7ti+QwT5EqwGcARh6jyGXmycx9swI4b/hfCAe39KsPNQ6jdeXYR
1J9mmIM88ythaWypwieOqbCAul4pJosTFjMRiExnV7zvjFn/csVyqt3FkoJFrqmM
37AxGyDKRLFV9aN7CNoaAfcNkaOhFNzPB9Q7PoXlPspdxvrATv3WU6ECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "BEtuMBeKGXYWODlDIwlGU1eGZ7OqryxgDqnx1cJX8ZE";
};
};
};
};
}

31
kartei/dave/default.nix Normal file
View File

@ -0,0 +1,31 @@
{ config, ... }: let
lib = import ../../lib;
in {
users.dave = {
mail = "hsngrmpf@gmail.com";
};
hosts.dave = {
owner = config.krebs.users.dave;
nets.retiolum = {
aliases = [ "dave.r" ];
ip6.addr = (lib.krebs.genipv6 "retiolum" "dave" { hostName = "dave"; }).address;
ip4.addr = "10.243.0.6";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAoiR04ZkEpM14b9+r260+0+HVnVvd5YESVUiLUzXJkmOjTOeyDwUy
J/dkX5/Aeu0eIVrv6zkY6FuHoc4BsyObh9SgNWosMms4SE3M5E8xMzep5ahQWLdD
uCRraDj3XWZzq4YfZntpPGWHHzzbvWKMsPmxAbL/vvCUJLFAPFu8KxIz/TyUUTvq
vtt7tr9T5p22z9jXgqME5GfQo1hSQgEj+j/k/RGNTX6M0cctewlgD+PC708gVYbt
f7Yytqazdg6absDC/RPQfD5KRrIxmfYiHekI2IkblRKpd9PTATqdO2XZv+MmD3Fc
S57fsuoKCCGzhigdmMYuk29naVhKCq3R2wqAWrP0zjTzStCpTjyDvadncqGg6zvS
o90YNcQPdDfvl61pLE9FAoR6mGc7Dj1H56K7lAlKHr9JObcqIzw/QuYBvkpj+VSP
9KOHpU9NVRz0xP7FXtOubWwea3NFCQW5mTiukx4wlLk2W3ZFl3Tsvtm19qu5gtHl
fvuaau/rY6OE9Dx7v9iCkIi+bN3A3tKaufi85nyOtX1B7kq9+mC7kQX8C3iV8QKj
ceqfMyNp3YlAr5h4dDgxY+GLJmSLhPCtaJ0ZZjjuVuyt1UzxhAbq8LiJ65VqJ1YZ
xFSrHaDWg7OTpeDjpAjlOTvSE502FMZka1jGGbCjbtzE9iA5b/Dh2o0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "VJNzb3ixfyANCWt9pUhHApwVRyS91PUxwmSqS88/53M";
};
};
}

92
kartei/feliks/default.nix Normal file
View File

@ -0,0 +1,92 @@
with import ../../lib;
{ config, ... }: let
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
external = true;
monitoring = false;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
(krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
});
in {
users.feliks = {
mail = "feliks@flipdot.org";
};
hosts = mapAttrs hostDefaults {
papawhakaaro = {
owner = config.krebs.users.feliks;
nets = {
retiolum = {
ip4.addr = "10.243.10.243";
aliases = [ "papawhakaaro.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA4bd0lVUVlzFmM8TuH77C5VctcK4lkw02LbMVQDJ5U+Ww075nNahw
oRHqPgJRwfGW0Tgu/1s5czZ2tAFU3lXoOSBYldAspM3KRZ4DKQsFrL9B0oWarGsK
sUgsuOJprlX4mkfj/eBNINqTqf2kVIH+p43VENQ9ioKmc+qJKm4xfRONRLp871GV
5jmIvRvQ6JP0RtNd2KpNLaeplzx8M61D9PBOAZkNYAUTpBs4LZBNJj4eFnXBugrz
GkBjmm3Rk7olz0uOZzbeTc6Slv2tgtN5FrQifdy4XIlsKcBTzMkYHEZstmldJgd9
pGvfmem6uPcXrF+eDJzqUn0ArH7eOIS4F0+DzugJz4qX+ytvE4ag7r2Vx0Pa9TCY
hpn0lqwW+ly1clM0SKt59v1nQ4oRW4UIbAZaIgp4UJbb3IGSwbq7NuadvHpNICHi
4pqQD+1sSEbGLAZ0bFjLIYFg9zzNjLeAxXpn49WHOEyRlq3h+SUQcG2EuVMI28DX
lILKSoOJsuQupURPubaxkiNEa5neYk9hZ8CWgwSG/VlyRLuNsVDVn2dBma43Mr10
LHMkX2/a9t7ghokugvV2XMP9Es9A9TGFShM9UtFAlovdad+SQ8FBPNheDwIhjCJe
l5NIrMrmQIveq7QJ1szxYhqfl1ifU0c+YxeMkg3tvEuQV/tk/oki/aECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "5G49yQPjkkoGZxM6CeDy87y6tB/abtelUAk55wJ4GpP";
};
};
};
iti = {
owner = config.krebs.users.feliks;
nets = {
retiolum = {
ip4.addr = "10.243.10.244";
aliases = [ "iti.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA5TXEmw3F3lCekITBPW8QYF1ciKHN8RSi47k1vW+jXb6gdWcVo5KL
Ithq3T2+jWJJQoOJEDl5Tvo9ilF0oE0AqSNnvfgS/t8xfFVEsNvHodbonXXku5cF
N7oFooAgQRXAUJpEQLtcfx9kJutSYgGeEvoRGZkWaqY6tzPL45U2WEna+MJ/P1Cd
57JMOLeJJEjZKtC/XqPOQ81KNcm161RKekHas5ZNK30QEVP9QsjTDoLesYwm1ywt
4LiHRHSSHd65pKXJvi1haEYw25BxIun7kY4IQHrfEuK3DNs0kyYJj2rKL4C9kHgT
hYd+fFl1i/X1BjPzo+ZY91ahLVX3UPpOsB8vC9Q7Ctm1Nkc/bCfKRUNbamkS0Bwf
tngak3heGvuek6Y7qWQUkvMkPLhZwZUXUz+DBXGWXabP5LL8Z/y3V+Qqj0snEsZ3
9iOF+eeDw2/9hBzRzBPGtwL1DREgd+1J/XlHLcjF4jzkMhweIXw2Yh0Jq7D5Nqf3
kPF9n/50zbQneSGEiKFeHm1ykag/KV0ebWHUOy1Gydbs7+RxT9GUiZofI6kyjJUI
g1w1ajkZYIIqhIvhMHudLay5h4kLkdGN9yuRNO/BG5sGk5MywZHyMploIX0ZRVui
+H3Sx2y268r/Fs6JcaddmzFwFqNmdRTRv/KBp91QGnjcaJDzQPKg/IsCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "uG9D7hrWNx+9otDFlZ8Yi31L6xxC7dzGlqXBLkzJCwE";
};
};
};
tumaukainga = {
owner = config.krebs.users.feliks;
nets = {
retiolum = {
ip4.addr = "10.243.10.245";
aliases = [ "tumaukainga.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAj1q28QzUlag0i+2ZEpZyQEbrtuODj6pCCt2IX1Uz1B83outO2l/n
2g096QLhCT/h5QwPtoa5YihYrANH1wWc/RKjgVLfVdcdHzZvge2Z9UE22XbH5G5O
D3AmGFDfuZa9KEmqoDqUnuBVvctywHkbf2bqye9Cje2DqXe9h0EJhR2agVwwi41Z
I2EGLSI6/oA+ySymVhP1dDzr+keWVIbxfbBtRO2OFWg5IQ/H+d3ZP4yUumu7rJsN
h+mBOdLL8PACGDKRj76Gp2+1raXYyfsnn9OI4+sFiQ0F/J2FjbXser1O6z6fRwY4
s9R4vLtkUXix2YjCOzjAIBHsR9UtC+tYpzmlGyY51CNGNXoklWUsfS6ZIKyPKRwJ
+Bsi/zZCqTT1BKC5X9dQU7C46JHHRAwn8EUE3r5dja4rHAlU064ow/1EGrbWzjIj
LyZ+e5vMLIc99T3g2nlF6x2Vo9L5hYiUVej+qk4i869JNxZRQ5fTG8HJDxf67Wvj
K+By7fN6XaTiN28E1PLL6562Vj4sJUiFdkGVyW3bdw4IYaqKiabyjT6TZ33AK+VC
V4jB5VplSo8QVv73OjkS8Iaicrdcb8YuhIKnpIStwxeaLc8KGnstOfFIJCoFuXfb
ktTeB0OBZ/bZpSRlzGI7tMX+7coYFqr7uv3wB+/D3Wck47vcxz9woxMCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "li5wJeMjS+fNAMjrn3KVxZby/kGfH6ZoWArYSGMFAQD";
};
};
};
};
}

View File

@ -6,6 +6,7 @@
ip6.addr = r6 "012a"; ip6.addr = r6 "012a";
aliases = [ aliases = [
"orange.r" "orange.r"
"cgit.orange.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----

View File

@ -788,6 +788,7 @@ in {
aliases = [ aliases = [
"jack.r" "jack.r"
"stable-confusion.r" "stable-confusion.r"
"llama.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -827,7 +828,14 @@ in {
ruby = { ruby = {
owner = config.krebs.users.mic92; owner = config.krebs.users.mic92;
nets = rec { nets = rec {
internet = {
# of4.dse.cit.tum.de.
ip4.addr = "131.159.38.101";
ip6.addr = "2a09:80c0:38::101";
aliases = [ "ruby.i" ];
};
retiolum = { retiolum = {
via = internet;
aliases = [ "ruby.r" ]; aliases = [ "ruby.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -859,6 +867,7 @@ in {
aliases = [ "amy.i" ]; aliases = [ "amy.i" ];
}; };
retiolum = { retiolum = {
via = internet;
aliases = [ "amy.r" ]; aliases = [ "amy.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -884,6 +893,7 @@ in {
aliases = [ "rose.i" ]; aliases = [ "rose.i" ];
}; };
retiolum = { retiolum = {
via = internet;
aliases = [ "rose.r" ]; aliases = [ "rose.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -910,6 +920,7 @@ in {
aliases = [ "clara.i" ]; aliases = [ "clara.i" ];
}; };
retiolum = { retiolum = {
via = internet;
aliases = [ "clara.r" ]; aliases = [ "clara.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----

View File

@ -377,34 +377,6 @@ in {
}; };
}; };
}; };
crustacea = {
owner = config.krebs.users."0x4A6F";
nets = {
retiolum = {
ip4.addr = "10.243.42.63";
ip6.addr = "42:0:4a6f::4263";
aliases = [
"crustacea.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA1dA67Uq6IcWTWVVcg5kO4OUcmYY/mUzERK6WwrU7m+Qq2ovA2Fh1
VTxfNzJg8zgyrBbUwpaLE4LuRgyrYbPABwgNMXS6wnHdunbm0x5RUcih/IRNobV1
uf2Q/rVcrXHZD5+YL09hTZnU7PVkZm6WX0fc79rEKYIEopPpomCs2mECPSmqZPaW
L9wprtRTuQ3V0xxrCuUKX7SxANEursM8SvNfKydWdaUxjIV2iGVKuVUkAZHwx5jJ
roKEriWsIJ6FHTMb1v5yWXrvngMgYlKrpF6/m/AHEkQoPsEJ+oBkn0fop9pfyZjM
WzMhZHcKFYebSI4HqFRuQOc1scIzUdpC/sZYLYlddbwpJHj4xdJwIUN03Uga/KRQ
n1SrJnhmXonHvJZFBYcNDR6aTtdN7mJVBv8bQ7DGt1q6Gp8QItQqvpdzq314+Pw6
0EVKPaqdz6Cqpwn8RtJ9ZGb6BE3yUrpJkU25DyCSO86LmeCchApwssghWvPsbBDg
iF4QCyrWJ2HFnl7jJDGbEajHaE/xko2dt1F5frTWxsmDHRKSRhaGDwp5qgFUpCa0
2h+zZqkG4boV6CrMEjStb15EOXTUVfq0DPojFik6agCltslsJAwp+f1fb7NSee4d
TNWb1CHfIQWLPnm1LFwphSqyHY/9ehcsX3PJ7oXI+/BnV8ivvoApWA0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "DWfh6H8Qco+GURdVRhKhLBAsN5epsEYhOM2+88dTdTE";
};
};
};
unnamed = { unnamed = {
owner = config.krebs.users.pie_; owner = config.krebs.users.pie_;
nets = { nets = {
@ -589,56 +561,6 @@ in {
syncthing.id = "22NLFY5-QMRM3BH-76QIBYI-OPMKVGM-DU4FNZI-3KN2POF-V4WIC6M-2SFFUAC"; syncthing.id = "22NLFY5-QMRM3BH-76QIBYI-OPMKVGM-DU4FNZI-3KN2POF-V4WIC6M-2SFFUAC";
nets = {}; nets = {};
}; };
papawhakaaro = {
owner = config.krebs.users.feliks;
nets = {
retiolum = {
ip4.addr = "10.243.10.243";
aliases = [ "papawhakaaro.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA4bd0lVUVlzFmM8TuH77C5VctcK4lkw02LbMVQDJ5U+Ww075nNahw
oRHqPgJRwfGW0Tgu/1s5czZ2tAFU3lXoOSBYldAspM3KRZ4DKQsFrL9B0oWarGsK
sUgsuOJprlX4mkfj/eBNINqTqf2kVIH+p43VENQ9ioKmc+qJKm4xfRONRLp871GV
5jmIvRvQ6JP0RtNd2KpNLaeplzx8M61D9PBOAZkNYAUTpBs4LZBNJj4eFnXBugrz
GkBjmm3Rk7olz0uOZzbeTc6Slv2tgtN5FrQifdy4XIlsKcBTzMkYHEZstmldJgd9
pGvfmem6uPcXrF+eDJzqUn0ArH7eOIS4F0+DzugJz4qX+ytvE4ag7r2Vx0Pa9TCY
hpn0lqwW+ly1clM0SKt59v1nQ4oRW4UIbAZaIgp4UJbb3IGSwbq7NuadvHpNICHi
4pqQD+1sSEbGLAZ0bFjLIYFg9zzNjLeAxXpn49WHOEyRlq3h+SUQcG2EuVMI28DX
lILKSoOJsuQupURPubaxkiNEa5neYk9hZ8CWgwSG/VlyRLuNsVDVn2dBma43Mr10
LHMkX2/a9t7ghokugvV2XMP9Es9A9TGFShM9UtFAlovdad+SQ8FBPNheDwIhjCJe
l5NIrMrmQIveq7QJ1szxYhqfl1ifU0c+YxeMkg3tvEuQV/tk/oki/aECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "5G49yQPjkkoGZxM6CeDy87y6tB/abtelUAk55wJ4GpP";
};
};
};
iti = {
owner = config.krebs.users.feliks;
nets = {
retiolum = {
ip4.addr = "10.243.10.244";
aliases = [ "iti.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA5TXEmw3F3lCekITBPW8QYF1ciKHN8RSi47k1vW+jXb6gdWcVo5KL
Ithq3T2+jWJJQoOJEDl5Tvo9ilF0oE0AqSNnvfgS/t8xfFVEsNvHodbonXXku5cF
N7oFooAgQRXAUJpEQLtcfx9kJutSYgGeEvoRGZkWaqY6tzPL45U2WEna+MJ/P1Cd
57JMOLeJJEjZKtC/XqPOQ81KNcm161RKekHas5ZNK30QEVP9QsjTDoLesYwm1ywt
4LiHRHSSHd65pKXJvi1haEYw25BxIun7kY4IQHrfEuK3DNs0kyYJj2rKL4C9kHgT
hYd+fFl1i/X1BjPzo+ZY91ahLVX3UPpOsB8vC9Q7Ctm1Nkc/bCfKRUNbamkS0Bwf
tngak3heGvuek6Y7qWQUkvMkPLhZwZUXUz+DBXGWXabP5LL8Z/y3V+Qqj0snEsZ3
9iOF+eeDw2/9hBzRzBPGtwL1DREgd+1J/XlHLcjF4jzkMhweIXw2Yh0Jq7D5Nqf3
kPF9n/50zbQneSGEiKFeHm1ykag/KV0ebWHUOy1Gydbs7+RxT9GUiZofI6kyjJUI
g1w1ajkZYIIqhIvhMHudLay5h4kLkdGN9yuRNO/BG5sGk5MywZHyMploIX0ZRVui
+H3Sx2y268r/Fs6JcaddmzFwFqNmdRTRv/KBp91QGnjcaJDzQPKg/IsCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "uG9D7hrWNx+9otDFlZ8Yi31L6xxC7dzGlqXBLkzJCwE";
};
};
};
hydrogen = { hydrogen = {
owner = config.krebs.users.sandro; owner = config.krebs.users.sandro;
nets = rec { nets = rec {
@ -746,10 +668,6 @@ in {
mail = "neos@shackspace.de"; mail = "neos@shackspace.de";
pubkey = ssh-for "neos"; pubkey = ssh-for "neos";
}; };
"0x4A6F" = {
mail = "0x4a6f@shackspace.de";
pubkey = ssh-for "0x4A6F";
};
xq = { xq = {
mail = "xq@shackspace.de"; mail = "xq@shackspace.de";
pubkey = ssh-for "xq"; pubkey = ssh-for "xq";

View File

@ -0,0 +1,34 @@
{ config, ... }: let
lib = import ../../lib;
hostDefaults = hostName: host: lib.flip lib.recursiveUpdate host ({
ci = false;
external = true;
monitoring = false;
} // lib.optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
(lib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
});
in {
users.srounce.mail = "samuelrounce@gmail.com";
hosts = lib.mapAttrs hostDefaults {
workbox = {
owner = config.krebs.users.srounce;
nets.retiolum = {
aliases = [ "srounce.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAsLQ4ZEwEbgHCh7yQvZWms6586Q3Ni+dF6pmkQdxrNb/BLlplB2Db
sDYVMAfamXDd/jPKpoevwRaXoImxk1IHSN4ZJ2liaZNDBOJJ0CnXdJHGQ3SnV50x
9ABAeP/lmT95lhWuCg0qS0xY60ax3EDhTVYk51dPwwoBNE6dwO/lJr6vgtKBI7fV
/IgoF7L8G7AEPz61vS0sCHld537bEPfZ3Us4gUC6/V+xKnkBRDuCgFxemOjNdu0F
cqEyxwrPcQoFtOt9ZDF8817qdFsRQsgM8LsnDti8mhxDR/0deTYARkWIoRjLU+p9
XLCdDBEGsbl4Bb6tYT9jz9RCNNJeXogE2wIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "E9bMsS3w72hIjp2fYicwgpdwSJDUQbh2dHEDk6F5JdO";
};
};
};
}

View File

@ -6,7 +6,7 @@ let
ci = false; ci = false;
external = true; external = true;
monitoring = false; monitoring = false;
owner = config.krebs.users.kmein; owner = config.krebs.users.xkey;
} // optionalAttrs (host.nets?retiolum) { } // optionalAttrs (host.nets?retiolum) {
nets.retiolum = { nets.retiolum = {
ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
@ -27,34 +27,17 @@ in
}; };
hosts = mapAttrs hostDefaults { hosts = mapAttrs hostDefaults {
aland = { aland = {
nets = { nets.wiregrill = {
retiolum = { ip4.addr = "10.244.12.34";
ip4.addr = "10.243.12.34"; aliases = [ "aland.xkey.w" ];
aliases = [ "aland.r" ]; wireguard.pubkey = "m2IymGYQiRma2cyZbwRsOw1rCpB5ZdFkfYII1hnHzGE=";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAwR1e8/4Lx7gqSyFhA5WpfT4LsnXqYARR6y+gYAOSre6wMvBm/OBY
CKEYCCfqQD3naukID9FqleXaZdIxp6xxBIYZ1yi1Xn032MPP0S37oZAxJlXvlEaU
plG9ct6Zh6qTzpghP2UyYD4RxhLwvsRTycwLF93D+a1z1/CNNDLSoTS11BLtvhDb
DmxTVY/1hWJUiVR4KyRsYnJ3N1Heg/4R/Su4oFm+DatfFYdzhaNsk9q3YYIRdRcx
aHLF65ygVTjG/rUJp/OvkeU1G5rc0ldpd7zR8N8kkjgI1lmZe50mUGghKr1zexV+
OkIjXGrwTk4RZk3kZO6PZu56rrsR8HZirfrtJWRy7UgAm3S/lZku7X4SN3+7pfL1
ero6/XB4CHeQ9OpQemcR5o6AR0ncE0TApqeoLd1U710XmwM09ifawAO3jm9ER19X
TKFHeBzqsToPmternXnAKgg2NYyKStkavQu6JTl/uOXdfqfMc9TU6mzV8aBo7ZDa
aLdlg0phcFCcZT8zJGzA3des70AHWmQ7G49pBysnXk8p+1l3SPazGAlIWBCT6oZX
zUUauGEgsuTkDC+JijUm/1HrrMfiigHeBTZKPLqe/75MkumukXqTzd3zfUEcA5Vf
VgEnL2jNVFfocJtmhLQdkmnSiIQslRSOHMC94ZWa0ku0kHZ3XawwwY0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "gOEzoUsuJyaGIjoZIyS9uZa+zLYfN6BEZrbCTeAWW7A";
};
}; };
}; };
catalonia = { catalonia = {
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.13.12"; ip4.addr = "10.243.13.12";
aliases = [ "catalonia.r" ]; aliases = [ "catalonia.xkey.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y
@ -74,11 +57,17 @@ in
}; };
}; };
}; };
cybercube = {
nets.wiregrill = {
aliases = [ "cybercube.xkey.w" ];
wireguard.pubkey = "ZPOCyThKQUlR/gPFWoJ4XICHYFMNtI70XH+y5v2f6VQ=";
};
};
rojava = { rojava = {
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.23.42"; ip4.addr = "10.243.23.42";
aliases = [ "rojava.r" ]; aliases = [ "rojava.xkey.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA3Xafx5PYDNRxRwWGo25paveBgEFQYWWOg5YYcqSlBsUzWkEwZPdd MIICCgKCAgEA3Xafx5PYDNRxRwWGo25paveBgEFQYWWOg5YYcqSlBsUzWkEwZPdd
@ -102,7 +91,7 @@ in
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.161.1"; ip4.addr = "10.243.161.1";
aliases = [ "sicily.r" "mukke.r" ]; aliases = [ "sicily.xkey.r" "mukke.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAzjCrsMRptg22QJTXsNgrxE/CjpGiDD9NYExqiDQ7kyKJ7+nrjtJg MIICCgKCAgEAzjCrsMRptg22QJTXsNgrxE/CjpGiDD9NYExqiDQ7kyKJ7+nrjtJg

View File

@ -21,7 +21,6 @@
]; ];
krebs.build.host = config.krebs.hosts.hotdog; krebs.build.host = config.krebs.hosts.hotdog;
krebs.github-hosts-sync.enable = true;
krebs.pages.enable = true; krebs.pages.enable = true;
boot.isContainer = true; boot.isContainer = true;

View File

@ -21,21 +21,21 @@
disko.urls = [ disko.urls = [
"http://cgit.gum.r/disko" "http://cgit.gum.r/disko"
"http://cgit.ni.r/disko" "http://cgit.ni.r/disko"
"http://cgit.prism.r/disko" "http://cgit.orange.r/disko"
]; ];
krops.urls = [ krops.urls = [
"http://cgit.ni.r/krops" "http://cgit.ni.r/krops"
"http://cgit.prism.r/krops" "http://cgit.orange.r/krops"
"https://github.com/krebs/krops.git" "https://github.com/krebs/krops.git"
]; ];
nix_writers.urls = [ nix_writers.urls = [
"http://cgit.ni.r/nix-writers" "http://cgit.ni.r/nix-writers"
"http://cgit.prism.r/nix-writers" "http://cgit.orange.r/nix-writers"
]; ];
stockholm.urls = [ stockholm.urls = [
"http://cgit.gum.r/stockholm" "http://cgit.gum.r/stockholm"
"http://cgit.ni.r/stockholm" "http://cgit.ni.r/stockholm"
"http://cgit.prism.r/stockholm" "http://cgit.orange.r/stockholm"
]; ];
}; };
}; };

View File

@ -39,6 +39,11 @@ let
default = []; default = [];
}; };
extraRouters = mkOption {
type = types.nullOr types.str;
default = null;
};
internet-aliases = mkOption { internet-aliases = mkOption {
type = types.listOf (types.submodule ({ type = types.listOf (types.submodule ({
options = { options = {
@ -50,6 +55,7 @@ let
}; };
}; };
})); }));
default = [];
}; };
local_domains = mkOption { local_domains = mkOption {
@ -104,6 +110,7 @@ let
}; };
}; };
})); }));
default = [];
}; };
}; };
@ -254,6 +261,8 @@ let
transport = home_maildir transport = home_maildir
cannot_route_message = Unknown user cannot_route_message = Unknown user
${lib.optionalString (cfg.extraRouters != null) cfg.extraRouters}
begin transports begin transports
retiolum_smtp: retiolum_smtp:

View File

@ -6,6 +6,6 @@
# update known-hosts.json using ./update # update known-hosts.json using ./update
lib.importJSON ./known-hosts.json lib.importJSON ./known-hosts.json
; ;
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="; publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=";
}; };
} }

View File

@ -7,12 +7,12 @@
}: }:
mkDerivation rec { mkDerivation rec {
pname = "brockman"; pname = "brockman";
version = "4.0.4"; version = "5.1.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "kmein"; owner = "kmein";
repo = "brockman"; repo = "brockman";
rev = version; rev = version;
sha256 = "sha256-GOEEUjehFgMMf6cNpi0AP/Rz74sTDEcpKRbLD+6YEz0="; sha256 = "sha256-5/2Xjh6YqV3+kkQr8CiXay9Dd8IAnL8D4dc8afnlki4=";
}; };
isLibrary = false; isLibrary = false;
isExecutable = true; isExecutable = true;

View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "2caf4ef5005ecc68141ecb4aac271079f7371c44", "rev": "19cf008bb18e47b6e3b4e16e32a9a4bdd4b45f7e",
"date": "2023-01-30T22:55:03+01:00", "date": "2023-03-21T23:16:58+01:00",
"path": "/nix/store/mkif1y61ndjfi6fl2hzm7gmgqn40rchn-nixpkgs", "path": "/nix/store/rg3f6v4f7mba0kqnhiarj7yg6066cc5v-nixpkgs",
"sha256": "1f8d0v4q687r4z3qpg54asglgi3v07ac75hzxzxl0qxjyh0asdz3", "sha256": "0myq7fnykna5qazbk6hdgahy148yd7f5l8nrxhzllj67y86a5sxw",
"fetchLFS": false, "fetchLFS": false,
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,

View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "0218941ea68b4c625533bead7bbb94ccce52dceb", "rev": "e2c97799da5f5cd87adfa5017fba971771e123ef",
"date": "2023-01-31T16:39:44+08:00", "date": "2023-03-20T14:29:52+01:00",
"path": "/nix/store/82grl4czg5pgacsa93nqssf5m7qrmmna-nixpkgs", "path": "/nix/store/vxca9w313d1bzw9dx4yaw8c0vrqjxa0p-nixpkgs",
"sha256": "0vwszpqs1x9sgnabvj3413mvcrj7k2ix4wv4hfvw6nmp6k4z6ic1", "sha256": "0qff1r8k0m19z1ppzb8gk5xrnlvabjdl3pqwpc3y5bm15qxzk25s",
"fetchLFS": false, "fetchLFS": false,
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,

View File

@ -20,8 +20,6 @@
<stockholm/lass/2configs/pass.nix> <stockholm/lass/2configs/pass.nix>
<stockholm/lass/2configs/mail.nix> <stockholm/lass/2configs/mail.nix>
<stockholm/lass/2configs/bitcoin.nix> <stockholm/lass/2configs/bitcoin.nix>
<stockholm/lass/2configs/xonsh.nix>
<stockholm/lass/2configs/review.nix> <stockholm/lass/2configs/review.nix>
<stockholm/lass/2configs/dunst.nix> <stockholm/lass/2configs/dunst.nix>
# <stockholm/krebs/2configs/ircd.nix> # <stockholm/krebs/2configs/ircd.nix>

View File

@ -6,10 +6,13 @@ with import <stockholm/lib>;
<stockholm/lass/2configs> <stockholm/lass/2configs>
<stockholm/lass/2configs/retiolum.nix> <stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/mumble-reminder.nix> <stockholm/lass/2configs/mumble-reminder.nix>
<stockholm/lass/2configs/services/git>
]; ];
krebs.build.host = config.krebs.hosts.orange; krebs.build.host = config.krebs.hosts.orange;
services.nginx.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults.email = "acme@lassul.us"; defaults.email = "acme@lassul.us";

View File

@ -145,7 +145,7 @@ let
channel = "#xxx"; channel = "#xxx";
# TODO define refs in some kind of option per repo # TODO define refs in some kind of option per repo
server = "irc.r"; server = "irc.r";
verbose = config.krebs.build.host.name == "prism"; verbose = config.krebs.build.host.name == "orange";
}} }}
${cgit-clear-cache}/bin/cgit-clear-cache ${cgit-clear-cache}/bin/cgit-clear-cache
''; '';

View File

@ -16,6 +16,7 @@ in
services.nginx.streamConfig = '' services.nginx.streamConfig = ''
${lib.concatMapStringsSep "\n" (port: '' ${lib.concatMapStringsSep "\n" (port: ''
server { server {
listen [::]:${toString port};
listen ${toString port}; listen ${toString port};
proxy_pass ${target}:${toString port}; proxy_pass ${target}:${toString port};
} }

View File

@ -0,0 +1,11 @@
{ config, lib, pkgs, ... }:
{
imports = [
../../git.nix
];
services.nginx.virtualHosts."cgit.lassul.us" = {
enableACME = true;
addSSL = true;
locations = config.services.nginx.virtualHosts.cgit.locations;
};
}

View File

@ -0,0 +1,13 @@
{ config, pkgs, ... }:
{
services.nginx.virtualHosts."cgit.lassul.us" = {
forceSSL = true;
enableACME = true;
acmeFallbackHost = "orange.r";
locations."/" = {
proxyPass = "http://orange.r";
proxyWebsockets = true;
recommendedProxySettings = true;
};
};
}

@ -1 +1 @@
Subproject commit 3ebbfc62615d4ba253a4dd96bac0f4b2128a2b6d Subproject commit 59aa5d0e41cf4a6d4356673feb1adbd0fcf68936

View File

@ -12,20 +12,23 @@ with import ./lib;
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
fileSystems."/" = { fileSystems."/" = {
device = "main/root"; device = "/dev/mapper/ruvg0-root";
fsType = "zfs"; fsType = "btrfs";
options = ["defaults" "noatime" "compress=zstd"];
}; };
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/nvme0n1p1"; device = "/dev/nvme0n1p1";
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/home" = { fileSystems."/home" = {
device = "main/home"; device = "/dev/mapper/ruvg0-home";
fsType = "zfs"; fsType = "btrfs";
options = ["defaults" "noatime" "compress=zstd"];
}; };
fileSystems."/bku" = { fileSystems."/bku" = {
device = "main/bku"; device = "/dev/mapper/ruvg0-bku";
fsType = "zfs"; fsType = "btrfs";
options = ["defaults" "noatime" "compress=zstd"];
}; };
krebs.build.host = config.krebs.hosts.ru; krebs.build.host = config.krebs.hosts.ru;

View File

@ -10,14 +10,17 @@ case ${FZMENU_PHASE-0} in
;; ;;
1) 1)
if result=$( if result=$(
PASSWORD_STORE_DIR=${PASSWORD_STORE_DIR-$HOME/.password-store}
FZF_DEFAULT_OPTS=${FZMENU_FZF_DEFAULT_OPTS-} FZF_DEFAULT_OPTS=${FZMENU_FZF_DEFAULT_OPTS-}
if test -n "$FZF_DEFAULT_OPTS"; then if test -n "$FZF_DEFAULT_OPTS"; then
export FZF_DEFAULT_OPTS export FZF_DEFAULT_OPTS
fi fi
pass git ls-files '*/otp.gpg' | \ find -L "$PASSWORD_STORE_DIR" -type f -name 'otp.gpg' |
sed ' awk -F / -v PASSWORD_STORE_DIR="$PASSWORD_STORE_DIR" '
{ n = length(PASSWORD_STORE_DIR "/") }
s/\/otp\.gpg$// $NF == "otp.gpg" {
print substr($0, 1 + n, length($0)-length("/otp.gpg")-n)
}
' | ' |
exec fzf \ exec fzf \
--history=/dev/null \ --history=/dev/null \

View File

@ -10,14 +10,18 @@ case ${FZMENU_PHASE-0} in
;; ;;
1) 1)
if result=$( if result=$(
PASSWORD_STORE_DIR=${PASSWORD_STORE_DIR-$HOME/.password-store}
FZF_DEFAULT_OPTS=${FZMENU_FZF_DEFAULT_OPTS-} FZF_DEFAULT_OPTS=${FZMENU_FZF_DEFAULT_OPTS-}
if test -n "$FZF_DEFAULT_OPTS"; then if test -n "$FZF_DEFAULT_OPTS"; then
export FZF_DEFAULT_OPTS export FZF_DEFAULT_OPTS
fi fi
pass git ls-files '*/*.gpg' | \ find -L "$PASSWORD_STORE_DIR" -type f -name '*.gpg' |
sed ' awk -F / -v PASSWORD_STORE_DIR="$PASSWORD_STORE_DIR" '
/\/otp\.gpg$:/d { n = length(PASSWORD_STORE_DIR "/") }
s/\.gpg$// $NF == "otp.gpg" { next }
/.*\.gpg$/ {
print substr($0, 1 + n, length($0)-length(".gpg")-n)
}
' | ' |
exec fzf \ exec fzf \
--history=/dev/null \ --history=/dev/null \

View File

@ -21,8 +21,9 @@ pkgs.runCommand "fzmenu" {
--replace '#PATH=' PATH=${lib.makeBinPath [ --replace '#PATH=' PATH=${lib.makeBinPath [
pkgs.coreutils pkgs.coreutils
pkgs.dash pkgs.dash
pkgs.findutils
pkgs.fzf pkgs.fzf
pkgs.gnused pkgs.gawk
(pkgs.pass.withExtensions (ext: [ (pkgs.pass.withExtensions (ext: [
ext.pass-otp ext.pass-otp
])) ]))
@ -36,8 +37,9 @@ pkgs.runCommand "fzmenu" {
--replace '#PATH=' PATH=${lib.makeBinPath [ --replace '#PATH=' PATH=${lib.makeBinPath [
pkgs.coreutils pkgs.coreutils
pkgs.dash pkgs.dash
pkgs.findutils
pkgs.fzf pkgs.fzf
pkgs.gnused pkgs.gawk
(pkgs.pass.withExtensions (ext: [ (pkgs.pass.withExtensions (ext: [
ext.pass-otp ext.pass-otp
])) ]))