init hope.r

This commit is contained in:
lassulus 2017-08-26 17:18:58 +02:00
parent d970e20a5a
commit d6aee94277
3 changed files with 76 additions and 0 deletions

View File

@ -0,0 +1,41 @@
with import <stockholm/lib>;
{ config, pkgs, ... }: let
ip = config.krebs.build.host.nets.internet.ip4.addr;
bestGuessGateway = addr: elemAt (match "(.*)(\.[^.])" addr) 0 + ".1";
in {
imports = [
<stockholm/krebs>
<stockholm/krebs/2configs>
<stockholm/krebs/2configs/os-templates/CAC-CentOS-7-64bit.nix>
<stockholm/krebs/2configs/secret-passwords.nix>
{
users.extraUsers = {
satan = {
name = "satan";
uid = 1338;
home = "/home/satan";
group = "users";
createHome = true;
useDefaultShell = true;
initialPassword = "test";
};
};
}
];
krebs.build.host = config.krebs.hosts.hope;
networking = let
address = config.krebs.build.host.nets.internet.ip4.addr;
in {
defaultGateway = bestGuessGateway address;
interfaces.enp2s1.ip4 = singleton {
inherit address;
prefixLength = 24;
};
nameservers = ["8.8.8.8"];
};
}

View File

@ -0,0 +1,3 @@
import <stockholm/krebs/source.nix> {
name = "hope";
}

View File

@ -30,6 +30,38 @@ let
}); });
in { in {
hosts = { hosts = {
hope = {
owner = config.krebs.users.krebs;
managed = true;
nets = {
internet = {
ip4.addr = "45.62.225.18";
aliases = [
"hope.i"
];
ssh.port = 45621;
};
retiolum = {
ip4.addr = "10.243.77.4";
ip6.addr = "42:0:0:0:0:0:77:4";
aliases = [
"hope.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAsQVWCoNZZd77tYw1qEDlUsfcF0ld+jVorq2uR5il1D8sqER644l5
uaWxPQjSl27xdq5kvzIH24Ab6/xF2EDgE2fUTwpO5coBYafeiGyi5AwURQmYMp2a
2CV7uUAagFQaSzD0Aj796r1BXPn1IeE+uRSBmmc/+/7L0hweRGLiha34NOMZkq+4
A0pwI/CjnyRXdV4AqfORHXkelykJPATm+m3bC+KYogPBeNMP2AV2aYgY8a0UJPMK
fjAJCzxYJjiYxm8faJlm2U1bWytZODQa8pRZOrYQa4he2UoU6x78CNcrQkYLPOFC
K2Q7+B5WJNKV6CqYztXuU/6LTHJRmV0FiwIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdLHRI29xJj1jmfSidE2Dh7EsDNszm+WH3Kj4zYBkP/";
};
hotdog = { hotdog = {
owner = config.krebs.users.krebs; owner = config.krebs.users.krebs;
managed = true; managed = true;