Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'orange/master'

Browse Source
This commit is contained in:
tv 2023-10-10 22:30:48 +02:00
commit 90eb0891c2
10 changed files with 49 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
kartei/lass/default.nix
View File

@ -25,36 +25,11 @@ in {
inherit (slib) krebs; inherit (slib) krebs;
}) })
); );
users = rec { users = {
lass = lass-yubikey; lass = {
lass-yubikey = {
mail = "lass@green.r"; mail = "lass@green.r";
pubkey = builtins.readFile ./ssh/yubikey.rsa; pubkey = builtins.readFile ./ssh/yubikey.rsa;
pgp.pubkeys.default = builtins.readFile ./pgp/yubikey.pgp; pgp.pubkeys.default = builtins.readFile ./pgp/yubikey.pgp;
}; };
lass-blue = {
mail = "lass@blue.r";
pubkey = builtins.readFile ./ssh/blue.rsa;
};
lass-green = {
mail = "lass@green.r";
pubkey = builtins.readFile ./ssh/green.ed25519;
};
lass-red = {
mail = "lass@red.r";
pubkey = builtins.readFile ./ssh/red.ed25519;
};
lass-mors = {
mail = "lass@mors.r";
pubkey = builtins.readFile ./ssh/mors.rsa;
pgp.pubkeys.default = builtins.readFile ./pgp/mors.pgp;
};
lass-android = {
mail = "lassulus@gmail.com";
pubkey = builtins.readFile ./ssh/android.ed25519;
};
lass-tablet = {
pubkey = builtins.readFile ./ssh/tablet.ed25519;
};
}; };
} }

19
kartei/lass/ignavia.nix Normal file
View File

@ -0,0 +1,19 @@
{ r6, w6, ... }:
{
ci = false;
nets = {
retiolum = {
ip4.addr = "10.243.0.25";
ip6.addr = r6 "16a2";
aliases = [
"ignavia.r"
];
tinc = {
pubkey = builtins.readFile ./ignavia/retiolum.rsa_key.pub;
pubkey_ed25519 = builtins.replaceStrings [ "Ed25519PublicKey = " ] [ "" ] (builtins.readFile ./ignavia/retiolum.ed25519_key.pub);
};
};
};
ssh.pubkey = builtins.readFile ./ignavia/ssh.id_ed25519.pub;
syncthing.id = builtins.replaceStrings [ "\n" ] [ "" ] (builtins.readFile ./ignavia/syncthing.pub);
}

1
kartei/lass/ignavia/retiolum.ed25519_key.pub Normal file
View File

@ -0,0 +1 @@
Ed25519PublicKey = iuu6UcJpUu+72IywGkeGh/PpJJZ9UidbsdTR00JbFQL

13
kartei/lass/ignavia/retiolum.rsa_key.pub Normal file
View File

@ -0,0 +1,13 @@
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAx362jbzjyKsPG4zAeZW1mgDWzaBoTz6JpJlN6ycsTLkrAAQrHiCs
Dz6sbE0zkQUcdFFuagqwROrQU81kx663azBAlHHsMs/vkVmbQk/ilXHHOYYbkRUS
zCfBe1JwXNPUyZ+v46IgOuvLLBfO00prcDj69sIqWdRMGAvKqYssSHuelBO3UdMl
7r5nQ+Kc5hOqfHjf1xW7eSL3BsAA1GP/nuHkhUJN4TOKXqlywTxpcJQKI35k1gR/
zCH53qZQ6/GHe6lHEWIjrKdzg51h7cu6UbyfpVN0zoFSY3gcFemRNKk/LI8DxVZs
DjBQCpNVzRkrbmRIS0jTpzwSIvA7O204Z4Z7Q7ocrlFP5gKKT7M+Hk18CU0DIHwp
e5shYBGLPAswmWJQJUyXRyMjS580+ymxw5DRIym2Ogu8w3ztSOxbcWunvLAn9I84
U6/njQxdKHeuCYBqlO1YHOJ+qKvU4HsV3EYjwGvVzxL4XVg24KvQJ4M6QZvjLYfS
oysx64tLBW4hYv4dTA0vLSa9/0zreNKucJRAaHYGw9rC6FZDK3b8AZiNOCSz2tWC
I/C/sw/UgZMev66MHVuO/K6xR5hpi1tW6ONZ3ecFp4N+MS8lUOQrCQ/L6UU58Qgr
AmAP6hM3FM1TCHEOC2jpLcUIHAdLf+xdzdp2ExPZJiMAUeV310i/dlECAwEAAQ==
-----END RSA PUBLIC KEY-----

1
kartei/lass/ignavia/ssh.id_ed25519.pub Normal file
View File

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJjhIyEbkirWJcsuJHwnZx4QcFhIDNGGsMzJOp4lVnQY lass@aergia

1
kartei/lass/ignavia/syncthing.pub Normal file
View File

@ -0,0 +1 @@
NWYGIWH-M2HDGLM-32HL27Z-DGO3ALT-QVCWEET-P436GDZ-4ELEB67-7OE6XQ2

2
krebs/2configs/default.nix
View File

@ -48,9 +48,7 @@ with import ../../lib/pure.nix { inherit lib; };
users.mutableUsers = false; users.mutableUsers = false;
users.extraUsers.root.openssh.authorizedKeys.keys = [ users.extraUsers.root.openssh.authorizedKeys.keys = [
config.krebs.users.jeschli-brauerei.pubkey
config.krebs.users.lass.pubkey config.krebs.users.lass.pubkey
config.krebs.users.lass-mors.pubkey
config.krebs.users.makefu.pubkey config.krebs.users.makefu.pubkey
config.krebs.users.tv.pubkey config.krebs.users.tv.pubkey
config.krebs.users.kmein.pubkey config.krebs.users.kmein.pubkey

2
krebs/2configs/tor/initrd.nix
View File

@ -7,9 +7,7 @@
enable = true; enable = true;
port = 22; port = 22;
authorizedKeys = [ authorizedKeys = [
config.krebs.users.jeschli-brauerei.pubkey
config.krebs.users.lass.pubkey config.krebs.users.lass.pubkey
config.krebs.users.lass-mors.pubkey
config.krebs.users.makefu.pubkey config.krebs.users.makefu.pubkey
config.krebs.users.tv.pubkey config.krebs.users.tv.pubkey
]; ];

20
krebs/3modules/sync-containers3.nix
View File

@ -32,6 +32,17 @@ in {
type = lib.types.bool; type = lib.types.bool;
default = true; default = true;
}; };
startCommand = lib.mkOption {
type = lib.types.str;
default = ''
set -efu
mkdir -p /var/state/var_src
ln -Tfrs /var/state/var_src /var/src
if test -e /var/src/nixos-config; then
/run/current-system/sw/bin/nixos-rebuild -I /var/src switch || :
fi
'';
};
}; };
})); }));
}; };
@ -52,14 +63,7 @@ in {
NIX_REMOTE = "daemon"; NIX_REMOTE = "daemon";
}; };
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" '' serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" ctr.startCommand;
set -efu
mkdir -p /var/state/var_src
ln -Tfrs /var/state/var_src /var/src
if test -e /var/src/nixos-config; then
/run/current-system/sw/bin/nixos-rebuild -I /var/src switch || :
fi
'';
unitConfig.X-StopOnRemoval = false; unitConfig.X-StopOnRemoval = false;
}; };
}; };

1
submodules/disko

@ -1 +0,0 @@
Subproject commit 7b186e0f812a7c54a1fa86b8f7c0f01afecc69c2