[microvm] fix use of same macaddr

[vpn] add sops key
2024-12-17 16:24:34 +01:00 · 2024-12-17 15:32:46 +01:00
3 changed files with 30 additions and 5 deletions
--- a/machines/.sops.yaml
+++ b/machines/.sops.yaml
@@ -9,6 +9,7 @@ keys:
  - &machine_moderatio 3b7027ab1933c4c5e0eb935f8f9b3c058aa6d4c2
  - &machine_lucia 3474196f3adf27cfb70f8f56bcd52d1ed55033db
  - &machine_durruti 4095412245b6efc14cf92ca25911def5a4218567
  - &machine_vpn 66d360f3e1164bf664e8f2d9f90b44ccf8ff89a6
 creation_rules:
  - path_regex: moderatio/secrets/secrets.yaml$
    key_groups:
@@ -34,10 +35,18 @@ creation_rules:
      - *machine_durruti
      age:
      - *admin_atlan
  - path_regex: vpn/secrets.yaml$
    key_groups:
    - pgp:
      - *admin_kalipso
      - *admin_kalipso_dsktp
      - *machine_vpn
      age:
      - *admin_atlan
  - path_regex: secrets/keys/wireguard/.*
    key_groups:
    - pgp:
      - *admin_kalipso
      - *admin_kalipso_dsktp
      age:
-      - *admin_atlan
+      - *admin_atlan
--- a/machines/configuration.nix
+++ b/machines/configuration.nix
@@ -41,7 +41,7 @@ let
  ];
  defaultModules = baseModules;
-  makeMicroVM = hostName: ipv4Addr: modules: [
+  makeMicroVM = hostName: ipv4Addr: macAddr: modules: [
    inputs.microvm.nixosModules.microvm
    {
      microvm = {
@@ -75,7 +75,7 @@ let
          {
            type = "tap";
            id = "vm-${hostName}";
-            mac = "02:00:00:00:00:01";
+            mac = "${macAddr}";
          }
        ];
      };
@@ -127,7 +127,7 @@ in
    system = "x86_64-linux";
    specialArgs.inputs = inputs;
    specialArgs.self = self;
-    modules = makeMicroVM "durruti" "10.0.0.5" [
+    modules = makeMicroVM "durruti" "10.0.0.5" "13:12:AC:AB:23:00" [
      ./durruti/configuration.nix
    ];
  };
@@ -136,7 +136,7 @@ in
    system = "x86_64-linux";
    specialArgs.inputs = inputs;
    specialArgs.self = self;
-    modules = makeMicroVM "vpn" "10.0.0.10" [
+    modules = makeMicroVM "vpn" "10.0.0.10" "13:12:AC:AB:23:01" [
      self.nixosModules.malobeo
      ./vpn/configuration.nix
    ];
--- a/machines/secrets/keys/hosts/vpn.asc
+++ b/machines/secrets/keys/hosts/vpn.asc
@@ -0,0 +1,16 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 xsFNBAAAAAABEACzyM+e0odv6+r3/n2eFJN02f0WAQJAUFflB6c94gx5pGEC4Hme
 6nzQktuCkJSres+DxIAxB0Vwjz4so8rC6mdvruCTOU6QF6ksMVOBouf0Rv25rmaj
 oQO5vzWEcu2mTBQrV9tO+aDe37SJxZYS7Dr6y2J8hCehHWN2h7fIQdpiQExRImwj
 ZFG0WgeqxxRiCp08aBAQB4xPiagjNLSU2BeaQwVcIPLKSfRYB/7LNrnPDFyG2pKZ
 SCGFDb6aaKwYs+7WyhUxijf1vB+xavzzgEhdh4sW4qxF4tMJ7/8yQC3FxYICI2se
 MpA6gxtFFGa9Aw+QG6iBEd8MN/ReBbA3PfuxhXBix7O4OsQ+KRFQ+yvhSDtLBe6Z
 iPkbWZhAfKMVuw2vYx2tb38pxvEhP2CWQhBwmLyKE/8rg6K1hdXXseL/R2Qia27X
 QuQ8FdBkGnRdOqjRDPhCqTFdLR8cqVO2uNGQEVQ3RSN99gCDND0C6dx0nhHsGIRZ
 2zh8ts2jc9gJ/hXPxgXDlMg5y/OESEoOgEpxyftVMnvFDSXyF/Iz5eyhLFROv50p
 /poJmdBazkR6glh+KZuLQvt7QU74Y/5yn90d+oAizCWt9taHAlGdpFFv7zjZASea
 Y4GS0Y/C9+4YPcNB5w/hmO/DKkGOoWXaye6XekJ6BcOwq6+KwBSqcRYNGwARAQAB
 zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0Pg==
 =770m
 -----END PGP PUBLIC KEY BLOCK-----
Author	SHA1	Message	Date
kalipso	79082a5e4e	[microvm] fix use of same macaddr All checks were successful Evaluate Hydra Jobs / eval-hydra-jobs (push) Successful in 3m59s Details	2024-12-17 16:24:34 +01:00
kalipso	074ad306ac	[vpn] add sops key	2024-12-17 15:32:46 +01:00