From e2ae92445cc439203427a58720fc394cf1ca4b44 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 2 Feb 2019 09:13:53 +0100
Subject: [PATCH] external: add palo.nix

---
 krebs/3modules/external/default.nix           | 14 +---
 krebs/3modules/external/palo.nix              | 81 +++++++++++++++++++
 .../external/tinc/{pepe.pub => palo.pub}      |  0
 3 files changed, 82 insertions(+), 13 deletions(-)
 create mode 100644 krebs/3modules/external/palo.nix
 rename krebs/3modules/external/tinc/{pepe.pub => palo.pub} (100%)

diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index e19ac6755..16cc84651 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -16,6 +16,7 @@ with import <stockholm/lib>;
   tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
 
 in {
+
   hosts = mapAttrs hostDefaults {
     dpdkm = {
       owner = config.krebs.users.Mic92;
@@ -225,17 +226,6 @@ in {
         };
       };
     };
-    pepe = {
-      owner = config.krebs.users.palo;
-      nets = {
-        retiolum = {
-          ip4.addr = "10.243.123.4";
-          tinc.port = 720;
-          aliases = [ "pepe.r" ];
-          tinc.pubkey = tinc-for "pepe";
-        };
-      };
-    };
     scardanelli = {
       owner = config.krebs.users.kmein;
       nets = {
@@ -404,8 +394,6 @@ in {
       mail = "joerg@thalheim.io";
       pubkey = ssh-for "Mic92";
     };
-    palo = {
-    };
     qubasa = {
       mail = "luis.nixos@gmail.com";
     };
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
new file mode 100644
index 000000000..e151ad358
--- /dev/null
+++ b/krebs/3modules/external/palo.nix
@@ -0,0 +1,81 @@
+with import <stockholm/lib>;
+{ config, ... }: let
+
+  hostDefaults = hostName: host: flip recursiveUpdate host ({
+    ci = false;
+    external = true;
+    monitoring = false;
+  } // optionalAttrs (host.nets?retiolum) {
+    nets.retiolum.ip6.addr =
+      (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+  } // optionalAttrs (host.nets?wiregrill) {
+    nets.wiregrill.ip6.addr =
+      (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+  });
+  ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
+  tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
+
+in {
+  hosts = mapAttrs hostDefaults {
+    pepe = {
+      owner = config.krebs.users.palo;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.23.1";
+          tinc.port = 720;
+          aliases = [ "pepe.r" ];
+          tinc.pubkey = tinc-for "palo";
+        };
+      };
+    };
+    kruck = {
+      owner = config.krebs.users.palo;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.23.3";
+          tinc.port = 720;
+          aliases = [ "kruck.r" ];
+          tinc.pubkey = tinc-for "palo";
+        };
+      };
+    };
+    schasch = {
+      owner = config.krebs.users.palo;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.23.2";
+          tinc.port = 720;
+          aliases = [ "schasch.r" ];
+          tinc.pubkey = tinc-for "palo";
+        };
+      };
+    };
+    workhorse = {
+      owner = config.krebs.users.palo;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.23.5";
+          tinc.port = 720;
+          aliases = [ "workhorse.r" ];
+          tinc.pubkey = tinc-for "palo";
+        };
+      };
+    };
+    workout = {
+      owner = config.krebs.users.palo;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.23.4";
+          tinc.port = 720;
+          aliases = [ "workout.r" ];
+          tinc.pubkey = tinc-for "palo";
+        };
+      };
+    };
+  };
+  users = {
+    palo = {
+    };
+  };
+}
+
diff --git a/krebs/3modules/external/tinc/pepe.pub b/krebs/3modules/external/tinc/palo.pub
similarity index 100%
rename from krebs/3modules/external/tinc/pepe.pub
rename to krebs/3modules/external/tinc/palo.pub