Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

makefu: pornocauster -> x

Browse Source
This commit is contained in:
makefu 2016-07-28 12:58:54 +02:00
parent 8c465870fc
commit b156915805
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
5 changed files with 27 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
krebs/3modules/makefu/default.nix
View File

@ -126,15 +126,15 @@ with config.krebs.lib;
}; };
}; };
}; };
pornocauster = { x = {
cores = 2; cores = 2;
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.0.91"; ip4.addr = "10.243.0.91";
ip6.addr = "42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"; ip6.addr = "42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db";
aliases = [ aliases = [
"pornocauster.retiolum" "x.retiolum"
"pornocauster.r" "x.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -167,7 +167,7 @@ with config.krebs.lib;
}; };
}; };
ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@pornocauster"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x";
}; };
@ -441,8 +441,9 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
}; };
shoney = rec { shoney = rec {
cores = 1; cores = 1;
nets = { nets = rec {
siem = { siem = {
via = internet;
ip4.addr = "10.8.10.1"; ip4.addr = "10.8.10.1";
ip4.prefix = "10.8.10.0/24"; ip4.prefix = "10.8.10.0/24";
aliases = [ aliases = [
@ -459,6 +460,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
L+xhIsiMXQIo2hv8aOUnf/7Ac9DXNR83GwIDAQAB L+xhIsiMXQIo2hv8aOUnf/7Ac9DXNR83GwIDAQAB
-----END RSA PUBLIC KEY----- -----END RSA PUBLIC KEY-----
''; '';
tinc.port = 1655;
}; };
internet = { internet = {
ip4.addr = "64.137.234.215"; ip4.addr = "64.137.234.215";
@ -790,8 +792,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
}; };
users = rec { users = rec {
makefu = { makefu = {
mail = "makefu@pornocauster.retiolum"; mail = "makefu@x.retiolum";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@pornocauster"; pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@x";
pgp.pubkeys.default = builtins.readFile ./default.pgp; pgp.pubkeys.default = builtins.readFile ./default.pgp;
pgp.pubkeys.brain = builtins.readFile ./brain.pgp; pgp.pubkeys.brain = builtins.readFile ./brain.pgp;
}; };

2
lass/2configs/buildbot-standalone.nix
View File

@ -95,7 +95,7 @@ in {
method=build \ method=build \
system={}".format(i)]) system={}".format(i)])
for i in [ "pornocauster", "wry", "vbob", "wbob", "shoney" ]: for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
addShell(f,name="build-{}".format(i),env=env_makefu, addShell(f,name="build-{}".format(i),env=env_makefu,
command=nixshell + \ command=nixshell + \
["make \ ["make \

2
makefu/1systems/wbob.nix
View File

@ -66,7 +66,7 @@ in {
client = { client = {
enable = true; enable = true;
screenName = "wbob"; screenName = "wbob";
serverAddress = "pornocauster.r"; serverAddress = "x.r";
}; };
}; };
} }

16
makefu/1systems/pornocauster.nix → makefu/1systems/x.nix
View File

@ -43,16 +43,8 @@
../2configs/temp/share-samba.nix ../2configs/temp/share-samba.nix
# ../2configs/temp/elkstack.nix # ../2configs/temp/elkstack.nix
# ../2configs/temp/sabnzbd.nix # ../2configs/temp/sabnzbd.nix
../2configs/tinc/siem.nix
]; ];
services.tinc.networks.siem = {
name = "makefu";
extraConfig = ''
ConnectTo = sdarth
ConnectTo = sjump
'';
};
krebs.nginx = { krebs.nginx = {
default404 = false; default404 = false;
servers.default.listen = [ "80 default_server" ]; servers.default.listen = [ "80 default_server" ];
@ -65,10 +57,10 @@
# configure pulseAudio to provide a HDMI sink as well # configure pulseAudio to provide a HDMI sink as well
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 80 24800 ]; networking.firewall.allowedTCPPorts = [ 80 24800 26061 ];
networking.firewall.allowedUDPPorts = [ 665 ]; networking.firewall.allowedUDPPorts = [ 665 26061 ];
krebs.build.host = config.krebs.hosts.pornocauster; krebs.build.host = config.krebs.hosts.x;
krebs.hosts.omo.nets.retiolum.via.ip4.addr = "192.168.1.11"; krebs.hosts.omo.nets.retiolum.via.ip4.addr = "192.168.1.11";
krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ]; krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ];

12
makefu/2configs/tinc/siem.nix Normal file
View File

@ -0,0 +1,12 @@
{lib, config, ... }:
{
# TODO do not know why we need to force it, port is only set via default to 655
krebs.build.host.nets.siem.tinc.port = lib.mkForce 1655;
networking.firewall.allowedUDPPorts = [ 1665 ];
networking.firewall.allowedTCPPorts = [ 1655 ];
krebs.tinc.siem = {
enable = true;
connectTo = [ "shoney" ];
};
}