kalipso/infrastructure
1
1
Fork 1
Code Issues 42 Pull Requests 2 Actions Projects 2 Releases Wiki Activity

Compare commits

base: kalipso:dd0499d64d6781626615e2aa1783538e22c412b8
Branches Tags
kalipso:master kalipso:nextcloud_deck_derivation kalipso:vaultwarden kalipso:staging kalipso:script kalipso:zineshop kalipso:nextcloud_upgrade_31 kalipso:printer-module kalipso:microvm-dirs kalipso:sanoid kalipso:issue77 kalipso:reproducible-deployments kalipso:reproducible-deployments-filestructure kalipso:issue31 kalipso:microvm-module kalipso:issue47 kalipso:hostbuilder kalipso:better-workflows kalipso:issue51 kalipso:local-testing-v2 kalipso:gitea kalipso:fileserver
..
compare: kalipso:79082a5e4e7089bd1a1323c1696259f31e22a512
Branches Tags
kalipso:nextcloud_deck_derivation kalipso:vaultwarden kalipso:master kalipso:staging kalipso:script kalipso:zineshop kalipso:nextcloud_upgrade_31 kalipso:printer-module kalipso:microvm-dirs kalipso:sanoid kalipso:issue77 kalipso:reproducible-deployments kalipso:reproducible-deployments-filestructure kalipso:issue31 kalipso:microvm-module kalipso:issue47 kalipso:hostbuilder kalipso:better-workflows kalipso:issue51 kalipso:local-testing-v2 kalipso:gitea kalipso:fileserver

2 Commits
dd0499d64d ... 79082a5e4e

Author SHA1 Message Date
kalipso
79082a5e4e [microvm] fix use of same macaddr
All checks were successful
Evaluate Hydra Jobs / eval-hydra-jobs (push) Successful in 3m59s
Details
2024-12-17 16:24:34 +01:00
kalipso
074ad306ac [vpn] add sops key 2024-12-17 15:32:46 +01:00
3 changed files with 30 additions and 5 deletions
Expand all files Collapse all files

9
machines/.sops.yaml
View File

@@ -9,6 +9,7 @@ keys:
- &machine_moderatio 3b7027ab1933c4c5e0eb935f8f9b3c058aa6d4c2
- &machine_lucia 3474196f3adf27cfb70f8f56bcd52d1ed55033db
- &machine_durruti 4095412245b6efc14cf92ca25911def5a4218567
- &machine_vpn 66d360f3e1164bf664e8f2d9f90b44ccf8ff89a6
creation_rules:
- path_regex: moderatio/secrets/secrets.yaml$
key_groups:
@@ -34,6 +35,14 @@ creation_rules:
- *machine_durruti
age:
- *admin_atlan
- path_regex: vpn/secrets.yaml$
key_groups:
- pgp:
- *admin_kalipso
- *admin_kalipso_dsktp
- *machine_vpn
age:
- *admin_atlan
- path_regex: secrets/keys/wireguard/.*
key_groups:
- pgp:

8
machines/configuration.nix
View File

@@ -41,7 +41,7 @@ let
];
defaultModules = baseModules;
makeMicroVM = hostName: ipv4Addr: modules: [
makeMicroVM = hostName: ipv4Addr: macAddr: modules: [
inputs.microvm.nixosModules.microvm
{
microvm = {
@@ -75,7 +75,7 @@ let
{
type = "tap";
id = "vm-${hostName}";
mac = "02:00:00:00:00:01";
mac = "${macAddr}";
}
];
};
@@ -127,7 +127,7 @@ in
system = "x86_64-linux";
specialArgs.inputs = inputs;
specialArgs.self = self;
modules = makeMicroVM "durruti" "10.0.0.5" [
modules = makeMicroVM "durruti" "10.0.0.5" "13:12:AC:AB:23:00" [
./durruti/configuration.nix
];
};
@@ -136,7 +136,7 @@ in
system = "x86_64-linux";
specialArgs.inputs = inputs;
specialArgs.self = self;
modules = makeMicroVM "vpn" "10.0.0.10" [
modules = makeMicroVM "vpn" "10.0.0.10" "13:12:AC:AB:23:01" [
self.nixosModules.malobeo
./vpn/configuration.nix
];

16
machines/secrets/keys/hosts/vpn.asc Normal file
View File

@@ -0,0 +1,16 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
xsFNBAAAAAABEACzyM+e0odv6+r3/n2eFJN02f0WAQJAUFflB6c94gx5pGEC4Hme
6nzQktuCkJSres+DxIAxB0Vwjz4so8rC6mdvruCTOU6QF6ksMVOBouf0Rv25rmaj
oQO5vzWEcu2mTBQrV9tO+aDe37SJxZYS7Dr6y2J8hCehHWN2h7fIQdpiQExRImwj
ZFG0WgeqxxRiCp08aBAQB4xPiagjNLSU2BeaQwVcIPLKSfRYB/7LNrnPDFyG2pKZ
SCGFDb6aaKwYs+7WyhUxijf1vB+xavzzgEhdh4sW4qxF4tMJ7/8yQC3FxYICI2se
MpA6gxtFFGa9Aw+QG6iBEd8MN/ReBbA3PfuxhXBix7O4OsQ+KRFQ+yvhSDtLBe6Z
iPkbWZhAfKMVuw2vYx2tb38pxvEhP2CWQhBwmLyKE/8rg6K1hdXXseL/R2Qia27X
QuQ8FdBkGnRdOqjRDPhCqTFdLR8cqVO2uNGQEVQ3RSN99gCDND0C6dx0nhHsGIRZ
2zh8ts2jc9gJ/hXPxgXDlMg5y/OESEoOgEpxyftVMnvFDSXyF/Iz5eyhLFROv50p
/poJmdBazkR6glh+KZuLQvt7QU74Y/5yn90d+oAizCWt9taHAlGdpFFv7zjZASea
Y4GS0Y/C9+4YPcNB5w/hmO/DKkGOoWXaye6XekJ6BcOwq6+KwBSqcRYNGwARAQAB
zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0Pg==
=770m
-----END PGP PUBLIC KEY BLOCK-----