From c2d2e0e01d1d99cc68af22dcc87ee3ae56655d9d Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 5 Dec 2018 16:06:32 +0100 Subject: move external hosts from lass to external --- krebs/3modules/external/default.nix | 312 ++++++++++++++++++++++++++++++++++++ 1 file changed, 312 insertions(+) create mode 100644 krebs/3modules/external/default.nix (limited to 'krebs/3modules/external/default.nix') diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix new file mode 100644 index 000000000..0aef25317 --- /dev/null +++ b/krebs/3modules/external/default.nix @@ -0,0 +1,312 @@ +{ config, ... }: + +with import ; + +{ + hosts = mapAttrs (_: recursiveUpdate { + ci = false; + external = true; + monitoring = false; + }) { + sokrateslaptop = { + owner = config.krebs.users.sokratess; + nets = { + retiolum = { + ip4.addr = "10.243.142.104"; + ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc"; + aliases = [ + "sokrateslaptop.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2 + t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ + rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW + egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5 + aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V + VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + kruck = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.29.201"; + ip6.addr = "42:4234:6a6d:600::1"; + aliases = [ + "kruck.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh + QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA + EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U + uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/ + /RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR + 9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s + qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH + gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj + jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs + fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5 + TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + scardanelli = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.2"; + ip6.addr = "42:2:5ca:da:3111::1"; + aliases = [ + "scardanelli.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM93+YgGhk5PtcOrE7E/ + MAOMF/c9c4Ps6m8xd4VZat3ru07yH8Yfox1yM6jwZBwIwK2AC9DK0/k3WIvZQUge + UKSTiXpE4z/0ceaesugLQ9KTjUty1e/2vQ78bOqmd7EG3aPV2QsjlgpjJ6qQxeFi + kjlHoFi9NNBLVkIyaAdlAhwvZuYFmAY/FQEmm6+XOb+Nmo+fccQlG6+NinA2GOg0 + gdY/dKYxa04Ns/yu7TK3sBQIt6cg/YUk9VpyC4yIIRPMdyVcAPz3Kd2mp23fhSvx + we80prWXYtdct4vXaBZm9FUY5y4SL3c0TEScuM73VXtr2tPAxjD5W4XMWhrjnIiY + QzoyAquVS9rR4fCaoP+hw3Tjy7Att3voa/YlHEDaendxjZ3nuO0m0vcgOa+SfCNm + SqLsqb8to1y8yJ8LnR2og4MbtasxqSe1L9VLTsb4k/AGfmAdlqyG4Q1h5pCBh0GL + 2F6FbYHzwrwqBvVCz4DTPygPtta5o7THpP50PgojtzNLm1yKWpfdcWeMgGQJSI0f + m3yenytM1u0jjw7KbBG79Z3etFNIYZy4Uq/dryEJnwpTFls+zZn9Q3tDEnO4a38Q + FgzV0VLQpRM/uf1powSDzoWp+/JYgB9464OKcTsSlVJpi3crxF86xFqqc39U2/u5 + lM61fOMcVW1KREdWypiDtu8CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + homeros = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.1"; + ip6.addr = "42:2::0:3:05::1"; + aliases = [ + "homeros.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd + ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc + 6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v + RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd + vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3 + +LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc + QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm + fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh + VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7 + k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX + gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N + mJ/hywVtvLxNkNimyztoKKMCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + turingmachine = { + owner = config.krebs.users.Mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.168"; + ip6.addr = "42:4992:6a6d:600::1"; + aliases = [ + "turingmachine.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C + t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9 + 6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8 + ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g + nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06 + 5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT + 1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1 + gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl + DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL + W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW + OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + eddie = { + owner = config.krebs.users.Mic92; + nets = rec { + internet = { + # eddie.thalheim.io + ip4.addr = "129.215.197.11"; + aliases = [ "eddie.i" ]; + }; + retiolum = rec { + via = internet; + addrs = [ + ip4.addr + ip6.addr + ]; + ip4.addr = "10.243.29.170"; + ip6.addr = "42:4992:6a6d:700::1"; + aliases = [ "eddie.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d + j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm + 3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF + 2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua + KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq + iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t + 6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD + kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u + hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay + pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ + lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.subnets = [ + # edinburgh university + "129.215.0.0/16" + ]; + }; + }; + }; + rock = { + owner = config.krebs.users.Mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.171"; + ip6.addr = "42:4992:6a6d:700::2"; + aliases = [ "rock.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM + DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7 + HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh + mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf + Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M + Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD + 91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4 + fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv + 3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav + ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q + cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + inspector = { + owner = config.krebs.users.Mic92; + nets = rec { + internet = { + ip4.addr = "141.76.44.154"; + aliases = [ "inspector.i" ]; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.29.172"; + ip6.addr = "42:4992:6a6d:800::1"; + aliases = [ "inspector.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG + EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ + 7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF + m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw + WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd + eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03 + OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau + ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x + B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG + q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj + 7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + dpdkm = { + owner = config.krebs.users.Mic92; + nets = rec { + retiolum = { + ip4.addr = "10.243.29.173"; + ip6.addr = "42:4992:6a6d:900::1"; + aliases = [ "dpdkm.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj + NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp + qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP + X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn + f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa + bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL + Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T + B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w + tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n + dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls + mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + eve = { + owner = config.krebs.users.Mic92; + nets = rec { + internet = { + # eve.thalheim.io + ip4.addr = "188.68.39.17"; + ip6.addr = "2a03:4000:13:31e::1"; + aliases = [ "eve.i" ]; + }; + retiolum = rec { + via = internet; + addrs = [ + ip4.addr + ip6.addr + ]; + ip4.addr = "10.243.29.174"; + ip6.addr = "42:4992:6a6d:a00::1"; + aliases = [ "eve.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH + XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82 + 08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk + 6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI + +xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3 + dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW + pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP + c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi + YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI + 61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13 + Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + }; + users = { + Mic92 = { + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE"; + mail = "joerg@higgsboson.tk"; + }; + kmein = { + }; + palo = { + }; + sokratess = { + }; + }; +} + -- cgit v1.3.1 From 313712ebc2fc70adefd577f09f0d1795450b0b00 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 11 Dec 2018 21:41:11 +0100 Subject: hosts.*.net.retiolum.ip6.addr: use genipv6 --- krebs/3modules/external/default.nix | 36 +++++++++++--------------- krebs/3modules/jeschli/default.nix | 20 +++++++-------- krebs/3modules/krebs/default.nix | 24 ++++++++---------- krebs/3modules/lass/default.nix | 36 +++++++++----------------- krebs/3modules/makefu/default.nix | 50 ++++++++++--------------------------- krebs/3modules/tv/default.nix | 22 ++++++++-------- 6 files changed, 70 insertions(+), 118 deletions(-) (limited to 'krebs/3modules/external/default.nix') diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 0aef25317..02d28ddc8 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -1,19 +1,22 @@ -{ config, ... }: - with import ; +{ config, ... }: let -{ - hosts = mapAttrs (_: recursiveUpdate { + hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; external = true; monitoring = false; - }) { + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + }); + +in { + hosts = mapAttrs hostDefaults { sokrateslaptop = { owner = config.krebs.users.sokratess; nets = { retiolum = { ip4.addr = "10.243.142.104"; - ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc"; aliases = [ "sokrateslaptop.r" ]; @@ -35,7 +38,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.29.201"; - ip6.addr = "42:4234:6a6d:600::1"; aliases = [ "kruck.r" ]; @@ -62,7 +64,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.2.2"; - ip6.addr = "42:2:5ca:da:3111::1"; aliases = [ "scardanelli.r" ]; @@ -90,7 +91,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.2.1"; - ip6.addr = "42:2::0:3:05::1"; aliases = [ "homeros.r" ]; @@ -118,7 +118,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.29.168"; - ip6.addr = "42:4992:6a6d:600::1"; aliases = [ "turingmachine.r" ]; @@ -148,14 +147,13 @@ with import ; ip4.addr = "129.215.197.11"; aliases = [ "eddie.i" ]; }; - retiolum = rec { + retiolum = { via = internet; addrs = [ - ip4.addr - ip6.addr + config.krebs.hosts.eddie.nets.retiolum.ip4.addr + config.krebs.hosts.eddie.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.170"; - ip6.addr = "42:4992:6a6d:700::1"; aliases = [ "eddie.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -184,7 +182,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.29.171"; - ip6.addr = "42:4992:6a6d:700::2"; aliases = [ "rock.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -214,7 +211,6 @@ with import ; retiolum = { via = internet; ip4.addr = "10.243.29.172"; - ip6.addr = "42:4992:6a6d:800::1"; aliases = [ "inspector.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -239,7 +235,6 @@ with import ; nets = rec { retiolum = { ip4.addr = "10.243.29.173"; - ip6.addr = "42:4992:6a6d:900::1"; aliases = [ "dpdkm.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -268,14 +263,13 @@ with import ; ip6.addr = "2a03:4000:13:31e::1"; aliases = [ "eve.i" ]; }; - retiolum = rec { + retiolum = { via = internet; addrs = [ - ip4.addr - ip6.addr + config.krebs.hosts.eve.nets.retiolum.ip4.addr + config.krebs.hosts.eve.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.174"; - ip6.addr = "42:4992:6a6d:a00::1"; aliases = [ "eve.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix index c0cb601bc..4a8af435b 100644 --- a/krebs/3modules/jeschli/default.nix +++ b/krebs/3modules/jeschli/default.nix @@ -1,17 +1,20 @@ -{ config, ... }: - with import ; +{ config, ... }: let -{ - hosts = mapAttrs (_: recursiveUpdate { - owner = config.krebs.users.jeschli; + hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = true; - }) { + owner = config.krebs.users.jeschli; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "jeschli" { inherit hostName; }).address; + }); + +in { + hosts = mapAttrs hostDefaults { brauerei = { nets = { retiolum = { ip4.addr = "10.243.27.29"; - ip6.addr = "42::29"; aliases = [ "brauerei.r" ]; @@ -48,7 +51,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.27.27"; - ip6.addr = "42::27"; aliases = [ "reagenzglas.r" ]; @@ -92,7 +94,6 @@ with import ; retiolum = { via = internet; ip4.addr = "10.243.27.30"; - ip6.addr = "42::30"; aliases = [ "enklave.r" "cgit.enklave.r" @@ -131,7 +132,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.27.31"; - ip6.addr = "42::31"; aliases = [ "bolide.r" ]; diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 889ee2817..59fc43af8 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -1,20 +1,24 @@ -{ config, ... }: - with import ; -let +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + owner = config.krebs.users.krebs; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "krebs" { inherit hostName; }).address; + }); + testHosts = genAttrs [ "test-arch" "test-centos6" "test-centos7" "test-all-krebs-modules" ] (name: { - owner = config.krebs.users.krebs; inherit name; cores = 1; nets = { retiolum = { ip4.addr = "10.243.73.57"; - ip6.addr = "42:0:0:0:0:0:0:7357"; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd @@ -29,14 +33,12 @@ let }; }); in { - hosts = { + hosts = mapAttrs hostDefaults { hotdog = { ci = true; - owner = config.krebs.users.krebs; nets = { retiolum = { ip4.addr = "10.243.77.3"; - ip6.addr = "42:0:0:0:0:0:77:3"; aliases = [ "hotdog.r" "build.r" @@ -61,11 +63,9 @@ in { }; onebutton = { cores = 1; - owner = config.krebs.users.krebs; nets = { retiolum = { ip4.addr = "10.243.0.101"; - ip6.addr = "42:0:0:0:0:0:0:101"; aliases = [ "onebutton.r" ]; @@ -92,11 +92,9 @@ in { }; puyak = { ci = true; - owner = config.krebs.users.krebs; nets = { retiolum = { ip4.addr = "10.243.77.2"; - ip6.addr = "42:0:0:0:0:0:77:2"; aliases = [ "puyak.r" "build.puyak.r" @@ -120,7 +118,6 @@ in { }; wolf = { ci = true; - owner = config.krebs.users.krebs; nets = { shack = { ip4.addr = "10.42.2.150" ; @@ -135,7 +132,6 @@ in { }; retiolum = { ip4.addr = "10.243.77.1"; - ip6.addr = "42:0:0:0:0:0:77:1"; aliases = [ "wolf.r" "build.wolf.r" diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index f06d62586..0d8513a69 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -1,20 +1,22 @@ -{ config, ... }: with import ; -let +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = true; + monitoring = true; + owner = config.krebs.users.lass; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "lass" { inherit hostName; }).address; + }); - rip6 = krebs.genipv6 "retiolum" "lass"; wip6 = krebs.genipv6 "wirelum" "lass"; -in -{ +in { dns.providers = { "lassul.us" = "zones"; }; - hosts = mapAttrs (_: recursiveUpdate { - owner = config.krebs.users.lass; - ci = true; - monitoring = true; - }) { + hosts = mapAttrs hostDefaults { prism = rec { cores = 4; extraZones = { @@ -54,7 +56,6 @@ in retiolum = { via = internet; ip4.addr = "10.243.0.103"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:15ab"; aliases = [ "prism.r" "cache.prism.r" @@ -118,7 +119,6 @@ in retiolum = { via = internet; ip4.addr = "10.243.0.123"; - ip6.addr = "42:0:0:0:0:0:0:123"; aliases = [ "archprism.r" ]; @@ -150,7 +150,6 @@ in nets = { retiolum = { ip4.addr = "10.243.81.176"; - ip6.addr = "42:dc25:60cf:94ef:759b:d2b6:98a9:2e56"; aliases = [ "uriel.r" "cgit.uriel.r" @@ -176,7 +175,6 @@ in nets = { retiolum = { ip4.addr = "10.243.0.2"; - ip6.addr = "42:0:0:0:0:0:0:dea7"; aliases = [ "mors.r" "cgit.mors.r" @@ -209,7 +207,6 @@ in nets = { retiolum = { ip4.addr = "10.243.0.4"; - ip6.addr = "42:0:0:0:0:0:0:50d4"; aliases = [ "shodan.r" "cgit.shodan.r" @@ -242,7 +239,6 @@ in nets = rec { retiolum = { ip4.addr = "10.243.133.114"; - ip6.addr = "42:0:0:0:0:0:01ca:1205"; aliases = [ "icarus.r" "cgit.icarus.r" @@ -275,7 +271,6 @@ in nets = rec { retiolum = { ip4.addr = "10.243.133.115"; - ip6.addr = "42:0:0:0:0:0:daed:a105"; aliases = [ "daedalus.r" "cgit.daedalus.r" @@ -301,7 +296,6 @@ in nets = rec { retiolum = { ip4.addr = "10.243.133.116"; - ip6.addr = "42:0:0:0:0:0:0:1101"; aliases = [ "skynet.r" "cgit.skynet.r" @@ -327,7 +321,6 @@ in nets = { retiolum = { ip4.addr = "10.243.133.77"; - ip6.addr = "42:0:0:0:0:0:717:7137"; aliases = [ "littleT.r" ]; @@ -368,7 +361,6 @@ in nets = rec { retiolum = { ip4.addr = "10.243.1.3"; - ip6.addr = "42::1:3"; aliases = [ "xerxes.r" ]; @@ -410,7 +402,6 @@ in nets = { retiolum = { ip4.addr = "10.243.0.13"; - ip6.addr = "42:0:0:0:0:0:0:12ed"; aliases = [ "red.r" ]; @@ -440,7 +431,6 @@ in nets = { retiolum = { ip4.addr = "10.243.0.14"; - ip6.addr = "42:0:0:0:0:0:0:14"; aliases = [ "yellow.r" ]; @@ -477,7 +467,6 @@ in nets = { retiolum = { ip4.addr = "10.243.0.77"; - ip6.addr = "42:0:0:0:0:0:0:77"; aliases = [ "blue.r" ]; @@ -521,7 +510,6 @@ in nets = { retiolum = { ip4.addr = "10.243.0.19"; - ip6.addr = "42::19"; aliases = [ "morpheus.r" ]; diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 188fbc461..d6c1f0b61 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -1,20 +1,27 @@ -{ config, ... }: - -with import ; ## generate keys with: # tinc generate-keys # ssh-keygen -f ssh.id_ed25519 -t ed25519 -C host -let + +with import ; +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + owner = config.krebs.users.makefu; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "makefu" { inherit hostName; }).address; + }); + pub-for = name: builtins.readFile (./ssh + "/${name}.pub"); + in { - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { + hosts = mapAttrs hostDefaults { cake = rec { cores = 4; ci = false; nets = { retiolum = { ip4.addr = "10.243.136.236"; - ip6.addr = "42:b3b2:9552:eef0:ee67:f3b3:8d33:eee1"; aliases = [ "cake.r" ]; @@ -39,7 +46,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.136.237"; - ip6.addr = "42:b3b2:9552:eef0:ee67:f3b3:8d33:eee2"; aliases = [ "crapi.r" ]; @@ -65,7 +71,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.177.9"; - ip6.addr = "42:f63:ddf8:7520:cfec:9b61:d807:1dce"; aliases = [ "drop.r" ]; @@ -90,7 +95,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.227.163"; - ip6.addr = "42:e23f:ae0e:ea25:72ff:4ab8:9bd9:38a6"; aliases = [ "studio.r" ]; @@ -116,7 +120,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.113.98"; - # ip6.addr = "42:5cf1:e7f2:3fd:cd4c:a1ee:ec71:7096"; aliases = [ "fileleech.r" ]; @@ -147,7 +150,6 @@ in { }; retiolum = { ip4.addr = "10.243.80.249"; - ip6.addr = "42:ecb0:376:b37d:cf47:1ecf:f32b:a3b9"; aliases = [ "latte.r" ]; @@ -171,7 +173,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.0.210"; - ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0001"; aliases = [ "pnp.r" "cgit.pnp.r" @@ -195,7 +196,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.0.84"; - ip6.addr = "42:ff6b:5f0b:460d:2cee:4d05:73f7:5566"; aliases = [ "darth.r" ]; @@ -267,7 +267,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.0.212"; - ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0002"; aliases = [ "tsp.r" ]; @@ -295,7 +294,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.0.91"; - ip6.addr = "42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"; aliases = [ "x.r" ]; @@ -329,7 +327,6 @@ in { ''; }; #wiregrill = { - # ip6.addr = "42:4200:0000:0000:0000:0000:0000:a4db"; # aliases = [ # "x.w" # ]; @@ -347,7 +344,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.1.91"; - ip6.addr = "42:0b2c:d90e:e717:03dd:9ac1:0000:a400"; aliases = [ "vbob.r" ]; @@ -386,7 +382,6 @@ in { }; retiolum = { ip4.addr = "10.243.0.153"; - ip6.addr = "42:9143:b4c0:f981:6030:7aa2:8bc5:4110"; aliases = [ "pigstarter.r" ]; @@ -422,7 +417,6 @@ in { retiolum = { via = internet; ip4.addr = "10.243.29.169"; - ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad"; aliases = [ "wry.r" "graph.wry.r" @@ -460,7 +454,6 @@ in { }; retiolum = { ip4.addr = "10.243.153.102"; - ip6.addr = "42:4b0b:d990:55ba:8da8:630f:dc0e:aae0"; aliases = [ "filepimp.r" ]; @@ -491,7 +484,6 @@ in { }; retiolum = { ip4.addr = "10.243.0.89"; - ip6.addr = "42:f9f0::10"; aliases = [ "omo.r" "dcpp.omo.r" @@ -536,7 +528,6 @@ in { }; retiolum = { ip4.addr = "10.243.214.15"; - # ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; aliases = [ "wbob.r" "hydra.wbob.r" @@ -596,7 +587,6 @@ in { }; #wiregrill = { # via = internet; - # ip6.addr = "42:4200:0000:0000:0000:0000:0000:70d3"; # aliases = [ # "gum.w" # ]; @@ -605,7 +595,6 @@ in { retiolum = { via = internet; ip4.addr = "10.243.0.213"; - ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3"; aliases = [ "nextgum.r" "graph.r" @@ -673,7 +662,6 @@ in { }; retiolum = { ip4.addr = "10.243.205.131"; - ip6.addr = "42:490d:cd82:d2bb:56d5:abd1:b88b:e8b4"; aliases = [ "shoney.r" ]; @@ -698,7 +686,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.83.237"; - ip6.addr = "42:af50:99cf:c185:f1a8:14d5:acb:8101"; aliases = [ "sdev.r" ]; @@ -736,7 +723,6 @@ in { }; retiolum = { ip4.addr = "10.243.211.172"; - ip6.addr = "42:472a:3d01:bbe4:4425:567e:592b:065d"; aliases = [ "flap.r" ]; @@ -759,7 +745,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.231.219"; - ip6.addr = "42:f7bf:178d:4b68:1c1b:42e8:6b27:6a72"; aliases = [ "nukular.r" ]; @@ -782,7 +767,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.124.21"; - ip6.addr = "42:9898:a8be:ce56:0ee3:b99c:42c5:109e"; aliases = [ "heidi.r" ]; @@ -872,7 +856,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.189.130"; - ip6.addr = "42:c64e:011f:9755:31e1:c3e6:73c0:af2d"; aliases = [ "filebitch.r" ]; @@ -895,7 +878,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.26.29"; - ip6.addr = "42:927a:3d59:1cb3:29d6:1a08:78d3:812e"; aliases = [ "excobridge.r" ]; @@ -918,7 +900,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.226.213"; - ip6.addr = "42:432e:2379:0cd2:8486:f3b5:335a:5d83"; aliases = [ "horisa.r" ]; @@ -947,7 +928,6 @@ in { }; retiolum = { ip4.addr = "10.243.57.85"; - ip6.addr = "42:2f06:b899:a3b5:1dcf:51a4:a02b:8731"; aliases = [ "wooki.r" ]; @@ -970,7 +950,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.0.163"; - ip6.addr = "42:b67b:5752:a730:5f28:d80d:6b37:5bda"; aliases = [ "senderechner.r" ]; @@ -995,7 +974,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.144.142"; - ip6.addr = "42:4bf8:94b:eec5:69e2:c837:686e:f278"; aliases = [ "tcac-0-1.r" ]; @@ -1025,7 +1003,6 @@ in { }; retiolum = { ip4.addr = "10.243.139.184"; - ip6.addr = "42:d568:6106:ba30:753b:0f2a:8225:b1fb"; aliases = [ "muhbaasu.r" ]; @@ -1048,7 +1025,6 @@ in { nets = { retiolum = { ip4.addr = "10.243.183.236"; - ip6.addr = "42:8ca8:d2e4:adf6:5c0f:38cb:e9ef:eb3c"; aliases = [ "tpsw.r" ]; diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 71670d336..0683492bc 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -1,19 +1,24 @@ -{ config, ... }: - with import ; +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + owner = config.krebs.users.tv; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; + }); -{ +in { dns.providers = { "viljetic.de" = "regfish"; }; - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.tv) { + hosts = mapAttrs hostDefaults { alnus = { ci = true; cores = 2; nets = { retiolum = { ip4.addr = "10.243.21.1"; - ip6.addr = "42::2101"; aliases = [ "alnus.r" ]; @@ -38,7 +43,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.20.1"; - ip6.addr = "42::2001"; aliases = [ "mu.r" ]; @@ -79,7 +83,6 @@ with import ; retiolum = { via = config.krebs.hosts.ni.nets.internet; ip4.addr = "10.243.113.223"; - ip6.addr = "42:4522:25f8:36bb:8ccb:150:231a:2af4"; aliases = [ "ni.r" "cgit.ni.r" @@ -114,7 +117,6 @@ with import ; }; retiolum = { ip4.addr = "10.243.0.110"; - ip6.addr = "42:2d5:733f:d6da:c0f5:2bb7:2b18:9ec"; aliases = [ "nomic.r" "cgit.nomic.r" @@ -158,7 +160,6 @@ with import ; }; retiolum = { ip4.addr = "10.243.13.37"; - ip6.addr = "42::1337"; aliases = [ "wu.r" "cgit.wu.r" @@ -185,7 +186,6 @@ with import ; nets = { retiolum = { ip4.addr = "10.243.22.22"; - ip6.addr = "42::2222"; aliases = [ "querel.r" ]; @@ -226,7 +226,6 @@ with import ; }; retiolum = { ip4.addr = "10.243.13.38"; - ip6.addr = "42::1338"; aliases = [ "xu.r" "cgit.xu.r" @@ -261,7 +260,6 @@ with import ; }; retiolum = { ip4.addr = "10.243.13.40"; - ip6.addr = "42::1340"; aliases = [ "zu.r" ]; -- cgit v1.3.1