Merge remote-tracking branch 'nomic/master'

This commit is contained in:
lassulus 2015-10-09 13:27:02 +02:00
commit 938b6fe278
4 changed files with 16 additions and 15 deletions

View File

@ -138,6 +138,22 @@ let
mkIf (privkey != null) (mkForce [privkey]); mkIf (privkey != null) (mkForce [privkey]);
services.openssh.knownHosts = services.openssh.knownHosts =
# GitHub's IPv4 address range is 192.30.252.0/22
# Refs https://help.github.com/articles/what-ip-addresses-does-github-use-that-i-should-whitelist/
# 192.30.252.0/22 = 192.30.252.0-192.30.255.255 (1024 addresses)
# Because line length is limited by OPENSSH_LINE_MAX (= 8192),
# we split each /24 into its own entry.
listToAttrs (map
(c: {
name = "github${toString c}";
value = {
hostNames = ["github.com"] ++
map (d: "192.30.${toString c}.${toString d}") (range 0 255);
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
};
})
(range 252 255))
//
mapAttrs mapAttrs
(name: host: { (name: host: {
hostNames = hostNames =

View File

@ -13,7 +13,6 @@ rec {
genid = callPackage ./genid {}; genid = callPackage ./genid {};
get = callPackage ./get {}; get = callPackage ./get {};
github-hosts-sync = callPackage ./github-hosts-sync {}; github-hosts-sync = callPackage ./github-hosts-sync {};
github-known_hosts = callPackage ./github-known_hosts {};
hashPassword = callPackage ./hashPassword {}; hashPassword = callPackage ./hashPassword {};
jq = callPackage ./jq {}; jq = callPackage ./jq {};
krebszones = callPackage ./krebszones {}; krebszones = callPackage ./krebszones {};

View File

@ -1,13 +0,0 @@
{ lib, ... }:
with builtins;
with lib;
let
github-pubkey = removeSuffix "\n" (readFile ./github.ssh.pub);
in
toFile "github-known_hosts"
(concatMapStrings
(i: "github.com,192.30.252.${toString i} ${github-pubkey}\n")
(range 0 255))

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==