From 647550f3e747a024044bda9f49a6bac5669dd60b Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 13 Aug 2015 12:03:59 +0200 Subject: [PATCH 1/3] types: add zones --- krebs/4lib/types.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix index 92410dd58..975c36b08 100644 --- a/krebs/4lib/types.nix +++ b/krebs/4lib/types.nix @@ -20,6 +20,7 @@ types // rec { type = attrsOf net; apply = x: assert hasAttr "retiolum" x; x; }; + secure = mkOption { type = bool; default = false; @@ -73,6 +74,11 @@ types // rec { })); default = null; }; + zones = mkOption { + default = []; + # TODO: string is either MX, NS, A or AAAA + type = with types; listOf (attrsOf str); + }; }; }); From 978d5cc9f07ccfcca2cc53cb45ccb5ee0c801869 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 13 Aug 2015 17:15:09 +0200 Subject: [PATCH 2/3] makefu/tsp: add exim --- makefu/1systems/tsp.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix index f19dbfea6..6e93df51e 100644 --- a/makefu/1systems/tsp.nix +++ b/makefu/1systems/tsp.nix @@ -18,6 +18,13 @@ krebs.build.user = config.krebs.users.makefu; krebs.build.target = "root@tsp"; + krebs.exim-retiolum.enable = true; + networking.firewall.allowedTCPPorts = [ + # nginx runs on 80 + # graphite-web runs on 8080, carbon cache runs on 2003 tcp and udp + 25 + ]; + krebs.build.deps = { nixpkgs = { #url = https://github.com/NixOS/nixpkgs; From bdc58a02f93661796d8816818c0792cbab65f7c1 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 13 Aug 2015 17:45:43 +0200 Subject: [PATCH 3/3] krebs: add pigstarter,mail --- krebs/3modules/default.nix | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 467cc4459..35ccd278d 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -335,9 +335,37 @@ let }; }; }; + pornocauster = { + cores = 2; + dc = "makefu"; #x220 + nets = { + retiolum = { + addrs4 = ["10.243.0.91"]; + addrs6 = ["42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"]; + aliases = [ + "pornocauster.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAwW+RjRcp3uarkfXZ+FcCYY2GFcfI595GDpLRuiS/YQAB3JZEirHi + HFhDJN80fZ9qHqtq9Af462xSx+cIb282TxAqCM1Z9buipOcYTYo0m8xIqkT10dB3 + mR87B+Ed1H6G3J6isdwEb9ZMegyGIIeyR53FJQYMZXjxdJbAmGMDKqjZSk1D5mo+ + n5Vx3lGzTuDy84VyphfO2ypG48RHCxHUAx4Yt3o84LKoiy/y5E66jaowCOjZ6SqG + R0cymuhoBhMIk2xAXk0Qn7MZ1AOm9N7Wru7FXyoLc7B3+Gb0/8jXOJciysTG7+Gr + Txza6fJvq2FaH8iBnfezSELmicIYhc8Ynlq4xElcHhQEmRTQavVe/LDhJ0i6xJSi + aOu0njnK+9xK+MyDkB7n8dO1Iwnn7aG4n3CjVBB4BDO08lrovD3zdpDX0xhWgPRo + ReOJ3heRO/HsVpzxKlqraKWoHuOXXcREfU9cj3F6CRd0ECOhqtFMEr6TnuSc8GaE + KCKxY1oN45NbEFOCv2XKd2wEZFH37LFO6xxzSRr1DbVuKRYIPjtOiFKpwN1TIT8v + XGzTT4TJpBGnq0jfhFwhVjfCjLuGj29MCkvg0nqObQ07qYrjdQI4W1GnGOuyXkvQ + teyxjUXYbp0doTGxKvQaTWp+JapeEaJPN2MDOhrRFjPrzgo3aW9+97UCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; pigstarter = { cores = 1; - dc = "makefu"; #x200 + dc = "frontrange"; #vps nets = { internet = { addrs4 = ["192.40.56.122"]; @@ -375,7 +403,7 @@ let }; users = addNames { makefu = { - mail = "root@euer.krebsco.de"; + mail = "root@tsp.retiolum"; pubkey = readFile ../../Zpubkeys/makefu_arch.ssh.pub; }; };