tv cd: RIP, thanks for alots of no fish
This commit is contained in:
tv
parent
516603010d
commit
94c57badae
|
|
@ -32,52 +32,6 @@ with import <stockholm/lib>;
|
|||
ssh.privkey.path = <secrets/ssh.id_rsa>;
|
||||
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q==";
|
||||
};
|
||||
cd = {
|
||||
ci = true;
|
||||
cores = 2;
|
||||
extraZones = {
|
||||
# TODO generate krebsco.de zone from nets and don't use extraZones at all
|
||||
"krebsco.de" = ''
|
||||
cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
|
||||
'';
|
||||
};
|
||||
nets = {
|
||||
internet = {
|
||||
ip4.addr = "45.62.237.203";
|
||||
aliases = [
|
||||
"cd.i"
|
||||
"cd.krebsco.de"
|
||||
];
|
||||
ssh.port = 11423;
|
||||
};
|
||||
retiolum = {
|
||||
via = config.krebs.hosts.cd.nets.internet;
|
||||
ip4.addr = "10.243.113.222";
|
||||
ip6.addr = "42:4522:25f8:36bb:8ccb:150:231a:2af3";
|
||||
aliases = [
|
||||
"cd.r"
|
||||
"cgit.cd.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAvmCBVNKT/Su4v9nl/Nm3STPo5QxWPg7xEkzIs3Oh39BS8+r6/7UQ
|
||||
rebib7mczb+ebZd+Rg2yFoGrWO8cmM0VcLy5bYRMK7in8XroLEjWecNNM4TRfNR4
|
||||
e53+LhcPdkxo0A3/D+yiut+A2Mkqe+4VXDm/JhAiAYkZTn7jUtj00Atrc7CWW1gN
|
||||
sP3jIgv4+CGftdSYOB4dm699B7OD9XDLci2kOaFqFl4cjDYUok03G0AduUlRx10v
|
||||
CKbKOTIdm8C36A902/3ms+Hyzkruu+VagGIZuPSwqXHJPCu7Ju+jarKQstMmpQi0
|
||||
PubweWDL0o/Dfz2qT3DuL4xDecIvGE6kv3m41hHJYiK+2/azTSehyPFbsVbL7w0V
|
||||
LgKN3usnZNcpTsBWxRGT7nMFSnX2FLDu7d9OfCuaXYxHVFLZaNrpccOq8NF/7Hbk
|
||||
DDW81W7CvLyJDlp0WLnAawSOGTUTPoYv/2wAapJ89i8QGCueGvEc6o2EcnBVMFEW
|
||||
ejWTQzyD816f4RsplnrRqLVlIMbr9Q/n5TvlgjjhX7IMEfMy4+7qLGRQkNbFzgwK
|
||||
jxNG2fFSCjOEQitm0gAtx7QRIyvYr6c7/xiHz4AwxYzBmvQsL/OK57NO4+Krwgj5
|
||||
Vk8TQ2jGO7J4bB38zaxK+Lrtfl8i1AK1171JqFMhOc34JSJ7T4LWDMECAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOd/HqZIO9Trn3eycl23GZAz21HQCISaVNfNyaLSQvJ6";
|
||||
};
|
||||
ju = {
|
||||
external = true;
|
||||
nets = {
|
||||
|
|
|
|||
|
|
@ -1,50 +0,0 @@
|
|||
with import <stockholm/lib>;
|
||||
{ config, pkgs, ... }: let
|
||||
|
||||
bestGuessGateway = addr: elemAt (match "(.*)(\.[^.])" addr) 0 + ".1";
|
||||
|
||||
in {
|
||||
krebs.build.host = config.krebs.hosts.cd;
|
||||
|
||||
imports = [
|
||||
<stockholm/tv>
|
||||
<stockholm/tv/2configs/hw/CAC-Developer-2.nix>
|
||||
<stockholm/tv/2configs/fs/CAC-CentOS-7-64bit.nix>
|
||||
# TODO see XXX below
|
||||
#<stockholm/tv/2configs/exim-smarthost.nix>
|
||||
<stockholm/tv/2configs/retiolum.nix>
|
||||
];
|
||||
|
||||
networking = let
|
||||
address = config.krebs.build.host.nets.internet.ip4.addr;
|
||||
in {
|
||||
defaultGateway = bestGuessGateway address;
|
||||
interfaces.enp2s1.ip4 = singleton {
|
||||
inherit address;
|
||||
prefixLength = 24;
|
||||
};
|
||||
nameservers = ["8.8.8.8"];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
iftop
|
||||
iotop
|
||||
iptables
|
||||
nethogs
|
||||
tcpdump
|
||||
];
|
||||
}
|
||||
|
||||
# XXX this should be unnecessary, but when security.wrappers isn't defined,
|
||||
# then install fails with:
|
||||
#
|
||||
# mktemp: failed to create directory via template '/run/wrappers/wrappers.XXXXXXXXXX': No such file or directory
|
||||
# chmod: missing operand after 'a+rx'
|
||||
# Try 'chmod --help' for more information.
|
||||
# ln: failed to create symbolic link './bin': File exists
|
||||
# cp: cannot create regular file '/run/wrappers/bin/exim': No such file or directory
|
||||
# chown: cannot access '/run/wrappers/bin/exim': No such file or directory
|
||||
# chmod: cannot access '/run/wrappers/bin/exim': No such file or directory
|
||||
# cp: cannot create regular file '/run/wrappers/bin/sendmail': No such file or directory
|
||||
# chown: cannot access '/run/wrappers/bin/sendmail': No such file or directory
|
||||
# chmod: cannot access '/run/wrappers/bin/sendmail': No such file or directory
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
import <stockholm/tv/source.nix> {
|
||||
name = "cd";
|
||||
}
|
||||
Loading…
Reference in New Issue