diff --git a/domains/fudo.org.nix b/domains/fudo.org.nix index 86ded17..1b2dee6 100644 --- a/domains/fudo.org.nix +++ b/domains/fudo.org.nix @@ -24,9 +24,10 @@ postgresql-server = "nutboy3"; log-aggregator = "nutboy3"; chat-server = "legatus"; - backplane = { - nameserver = "legatus"; - dns-service = "nutboy3"; - domain = "fudo.link"; - }; + # backplane = { + # nameserver = "legatus"; + # dns-service = "nutboy3"; + # domain = "fudo.link"; + # }; + nexus.domains = [ "fudo.link" ]; } diff --git a/domains/informis.land.nix b/domains/informis.land.nix index 1e4d8b4..b141baf 100644 --- a/domains/informis.land.nix +++ b/domains/informis.land.nix @@ -21,4 +21,5 @@ dns-service = "nutboy3"; domain = "fudo.link"; }; + nexus.domains = [ "fudo.link" ]; } diff --git a/domains/sea.fudo.org.nix b/domains/sea.fudo.org.nix index b190e47..723350c 100644 --- a/domains/sea.fudo.org.nix +++ b/domains/sea.fudo.org.nix @@ -8,10 +8,16 @@ admin-email = "niten@fudo.org"; zone = "sea.fudo.org"; + gssapi-realm = "SEA.FUDO.ORG"; ldap-servers = [ "nutboy3" "legatus" ]; +<<<<<<< HEAD postgresql-server = "nostromo"; +======= + kerberos-master = "nostromo"; + # kerberos-slaves = [ "lambda" ]; +>>>>>>> 45f0457328e0bdf5dbc6c103af0d703d46d9a2b2 prometheus-hosts = [ "limina" ]; grafana-hosts = [ "nostromo" ]; @@ -20,4 +26,5 @@ dns-service = "nutboy3"; domain = "fudo.link"; }; + nexus.domains = [ "fudo.link" ]; } diff --git a/entities.nix b/entities.nix index 78ab754..f650af7 100644 --- a/entities.nix +++ b/entities.nix @@ -1,10 +1,10 @@ { helper-lib, ... }: -let - import-by-basename = helper-lib.fs.import-by-basename; +let import-by-basename = helper-lib.fs.import-by-basename; in { domains = import-by-basename ./domains; hosts = import-by-basename ./hosts; + nexus.domains = import-by-basename ./nexus; sites = import-by-basename ./sites; zones = import-by-basename ./zones; } diff --git a/flake.nix b/flake.nix index 96a8fe9..5534086 100644 --- a/flake.nix +++ b/flake.nix @@ -1,19 +1,19 @@ { description = "Fudo Entities"; - inputs = { - fudo-lib.url = "git+https://git.fudo.org/fudo-nix/lib.git"; - }; + inputs = { fudo-lib.url = "git+https://git.fudo.org/fudo-nix/lib.git"; }; outputs = { self, nixpkgs, fudo-lib, ... }: { - nixosModule = { - imports = [ - ./module.nix - ]; + nixosModule = { imports = [ ./module.nix ]; }; + + entities = let helper-lib = fudo-lib.lib { pkgs = nixpkgs; }; + in import ./entities.nix { inherit helper-lib; }; + + lib = import ./lib.nix { + inherit (nixpkgs) lib; + inherit (self) entities; }; - entities = let - helper-lib = fudo-lib.lib { pkgs = nixpkgs; }; - in import ./entities.nix { inherit helper-lib; }; + overlays.default = (final: prev: { lib = prev.lib // self.lib; }); }; } diff --git a/hosts/jazz.nix b/hosts/jazz.nix new file mode 100644 index 0000000..cfca48b --- /dev/null +++ b/hosts/jazz.nix @@ -0,0 +1,17 @@ +{ + description = "Jasper's gaming desktop."; + rp = "niten"; + admin-email = "niten@fudo.org"; + enable-gui = true; + profile = "desktop"; + domain = "sea.fudo.org"; + site = "seattle"; + arch = "x86_64-linux"; + nixos-system = true; + machine-id = "2f6c424858f5401098f79cee215e3268"; + master-key = { + public-key = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPw2lRIAf7aC5bPO1AALAx9FPEFNJr1Qn5rxB1ahmX8p"; + key-path = "/state/master-key/key"; + }; +} diff --git a/hosts/toothless.nix b/hosts/toothless.nix new file mode 100644 index 0000000..311729e --- /dev/null +++ b/hosts/toothless.nix @@ -0,0 +1,17 @@ +{ + description = "sea.fudo.org compute server."; + rp = "niten"; + admin-email = "niten@fudo.org"; + enable-gui = false; + profile = "server"; + domain = "sea.fudo.org"; + site = "seattle"; + arch = "x86_64-linux"; + nixos-system = true; + machine-id = "39ebe622cf40413b950d832105e0bb2e"; + master-key = { + public-key = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIQrT/X6qvurQ6GJ450PZaKLyolOVWqMXjRozLq9Gy/O"; + key-path = "/state/master-key/key"; + }; +} diff --git a/hosts/wormhole0.nix b/hosts/wormhole0.nix index 1d08c31..12121ad 100644 --- a/hosts/wormhole0.nix +++ b/hosts/wormhole0.nix @@ -14,4 +14,5 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGb+mT3UyDIKow36CVQJlJCyJqJfmReWFWAS2ZVpaB6p"; key-path = "/state/master-key/key"; }; + hardened = true; } diff --git a/lib.nix b/lib.nix new file mode 100644 index 0000000..5ce67c2 --- /dev/null +++ b/lib.nix @@ -0,0 +1,37 @@ +{ lib, entities, ... }: + +with lib; +let + getHostSite = hostname: + let site-name = entities.hosts."${hostname}".site; + in entities.sites."${site-name}"; + getHostDomain = hostname: + let domain-name = entities.hosts."${hostname}".domain; + in entities.domains."${domain-name}"; + getHostRealm = hostname: (getHostDomain hostname).gssapi-realm; + getHostFqdn = hostname: + let hostDomain = entities.hosts."${hostname}".domain; + in "${hostname}.${hostDomain}"; + + getHostNetworkSettings = hostname: + let + hostDomain = entities.hosts."${hostname}".domain; + hostNetwork = entities.zones."${hostDomain}"; + in hostNetwork.hosts."${hostname}"; + + getIfAttr = as: a: if hasAttr as a then getAttr as a else null; + + getHostIpv4 = hostname: + getIfAttr "ipv4-address" (getHostNetworkSettings hostname); + getHostIpv6 = hostname: + getIfAttr "ipv6-address" (getHostNetworkSettings hostname); + getHostIps = hostname: + filter (o: o != null) [ (getHostIpv4 hostname) (getHostIpv6 hostname) ]; + + getDomainPostgresqlServer = domain: + getHostFqdn entities.domains."${domain}".postgresql-server; + +in { + inherit getHostSite getHostDomain getHostRealm getHostFqdn getHostIpv4 + getHostIpv6 getHostIps getDomainPostgresqlServer; +} diff --git a/nexus/fudo.link.nix b/nexus/fudo.link.nix new file mode 100644 index 0000000..4c46957 --- /dev/null +++ b/nexus/fudo.link.nix @@ -0,0 +1,5 @@ +{ + servers = [ "nutboy3" "legatus" ]; + dns-servers = [ "legatus" ]; + gssapi-realm = "FUDO.ORG"; +} diff --git a/sites/joes-datacenter-0.nix b/sites/joes-datacenter-0.nix index 615f7d0..ca7ba6b 100644 --- a/sites/joes-datacenter-0.nix +++ b/sites/joes-datacenter-0.nix @@ -6,6 +6,8 @@ deploy-pubkeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZ62rYnn1pMY5pgOak4I0Go9VJmiYuK1GOMhVDf94glowiiMx1qzieyNhgBXGXb9Eo7c2TchiGNnQJM8OHPmMwBSUdEJ9+BZLKlY6LMzZlWanr7V9WWZb7hGK42woZiSZBBvzrRJ+Skeo2/6/ZOB6PnUAbl9Z0X3IWvTK8da6GWZlNUfDaTqpeu/9+YvqJpb/xJCr7/LC6Y3yjnKrchhmz1MguN4XOOhhLwcpuhyBIUSnU24RScGAgXBAdJL2IrE6yDmRwmNIVaEPlp/sV5UG8M74r/pBDI+VKsKFOzr3xeEQYMU8+As4ufLEqLW7n1IP2frIXCV+jkErqNONDAhD5+B9mdoTjifF57B48Re7+o/3W/1dXV6qWhEj6vgTinsKLr/QBLkXVggjZUeXZ4wkStEh/ab0K4QnHEfg8F+PHyCBKXyNqCib4GCa7pxvUYXgokZGRMCVRXf4o0UsK7PeAjYRgB79LLKFt4X2xyJLhMhxsTHTfIQRHMAUpfavzo+0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGVez4of30f+j0cWKj5kYCKeFjyNsYvG9UbOMxF5hImD2lP5MSbFBv31gFgHjx3yCG4zQRZlpuyU5uWo0qIwe9N84/LcZcB9WrWKZXDmuof7zPFy0J+Hj+LVLDQI/mVXHNwkMhBMHpPrdwA05EYDAYCYklWT4cSByu10pHtST+olF8i+A+UQgUzgNZzdJVeiYZv6MBDTYsJWptGeDUkl2B0Es3gtbGYcCCfnyS3RC7DIXlDo3NBbAr7WaHY2MBbT+R/+jicn9E3IY3NCM5jENxqmvHy9MDsxEEYgFNm7IDwq4V1VRUWy277YsvRbmEaHb+osOA5u1VNN4z3UftOZcSZgR5C/vR71cENXoPt1YQpCzu7i38ojtvL+tDVEKT7sIovrQw8q1sszNlW2nXh8RSPiIq5TMnrV73MP0egKcr9n3tfxwi1BIkLjvfom/02BkTK9R9v+VMNhYU1YwROhORCiMIgoxUGiUvtH8u38JGr7E0hhMoAjCE5k80WPUivl0=" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILkbTj6x4GmbqcAhs01wBBz+uP7BHbLgFpeUx18zLy7t" ]; mail-server = "mail.informis.land"; + nexus.domains = [ "fudo.link" ]; } diff --git a/sites/nuttyclub.nix b/sites/nuttyclub.nix index 8b6490c..2981350 100644 --- a/sites/nuttyclub.nix +++ b/sites/nuttyclub.nix @@ -7,6 +7,8 @@ deploy-pubkeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZ62rYnn1pMY5pgOak4I0Go9VJmiYuK1GOMhVDf94glowiiMx1qzieyNhgBXGXb9Eo7c2TchiGNnQJM8OHPmMwBSUdEJ9+BZLKlY6LMzZlWanr7V9WWZb7hGK42woZiSZBBvzrRJ+Skeo2/6/ZOB6PnUAbl9Z0X3IWvTK8da6GWZlNUfDaTqpeu/9+YvqJpb/xJCr7/LC6Y3yjnKrchhmz1MguN4XOOhhLwcpuhyBIUSnU24RScGAgXBAdJL2IrE6yDmRwmNIVaEPlp/sV5UG8M74r/pBDI+VKsKFOzr3xeEQYMU8+As4ufLEqLW7n1IP2frIXCV+jkErqNONDAhD5+B9mdoTjifF57B48Re7+o/3W/1dXV6qWhEj6vgTinsKLr/QBLkXVggjZUeXZ4wkStEh/ab0K4QnHEfg8F+PHyCBKXyNqCib4GCa7pxvUYXgokZGRMCVRXf4o0UsK7PeAjYRgB79LLKFt4X2xyJLhMhxsTHTfIQRHMAUpfavzo+0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGVez4of30f+j0cWKj5kYCKeFjyNsYvG9UbOMxF5hImD2lP5MSbFBv31gFgHjx3yCG4zQRZlpuyU5uWo0qIwe9N84/LcZcB9WrWKZXDmuof7zPFy0J+Hj+LVLDQI/mVXHNwkMhBMHpPrdwA05EYDAYCYklWT4cSByu10pHtST+olF8i+A+UQgUzgNZzdJVeiYZv6MBDTYsJWptGeDUkl2B0Es3gtbGYcCCfnyS3RC7DIXlDo3NBbAr7WaHY2MBbT+R/+jicn9E3IY3NCM5jENxqmvHy9MDsxEEYgFNm7IDwq4V1VRUWy277YsvRbmEaHb+osOA5u1VNN4z3UftOZcSZgR5C/vR71cENXoPt1YQpCzu7i38ojtvL+tDVEKT7sIovrQw8q1sszNlW2nXh8RSPiIq5TMnrV73MP0egKcr9n3tfxwi1BIkLjvfom/02BkTK9R9v+VMNhYU1YwROhORCiMIgoxUGiUvtH8u38JGr7E0hhMoAjCE5k80WPUivl0=" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILkbTj6x4GmbqcAhs01wBBz+uP7BHbLgFpeUx18zLy7t" ]; mail-server = "mail.fudo.org"; + nexus.domains = [ "fudo.link" ]; } diff --git a/sites/portage.nix b/sites/portage.nix index 79d2207..4f2825e 100644 --- a/sites/portage.nix +++ b/sites/portage.nix @@ -7,6 +7,8 @@ deploy-pubkeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZ62rYnn1pMY5pgOak4I0Go9VJmiYuK1GOMhVDf94glowiiMx1qzieyNhgBXGXb9Eo7c2TchiGNnQJM8OHPmMwBSUdEJ9+BZLKlY6LMzZlWanr7V9WWZb7hGK42woZiSZBBvzrRJ+Skeo2/6/ZOB6PnUAbl9Z0X3IWvTK8da6GWZlNUfDaTqpeu/9+YvqJpb/xJCr7/LC6Y3yjnKrchhmz1MguN4XOOhhLwcpuhyBIUSnU24RScGAgXBAdJL2IrE6yDmRwmNIVaEPlp/sV5UG8M74r/pBDI+VKsKFOzr3xeEQYMU8+As4ufLEqLW7n1IP2frIXCV+jkErqNONDAhD5+B9mdoTjifF57B48Re7+o/3W/1dXV6qWhEj6vgTinsKLr/QBLkXVggjZUeXZ4wkStEh/ab0K4QnHEfg8F+PHyCBKXyNqCib4GCa7pxvUYXgokZGRMCVRXf4o0UsK7PeAjYRgB79LLKFt4X2xyJLhMhxsTHTfIQRHMAUpfavzo+0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGVez4of30f+j0cWKj5kYCKeFjyNsYvG9UbOMxF5hImD2lP5MSbFBv31gFgHjx3yCG4zQRZlpuyU5uWo0qIwe9N84/LcZcB9WrWKZXDmuof7zPFy0J+Hj+LVLDQI/mVXHNwkMhBMHpPrdwA05EYDAYCYklWT4cSByu10pHtST+olF8i+A+UQgUzgNZzdJVeiYZv6MBDTYsJWptGeDUkl2B0Es3gtbGYcCCfnyS3RC7DIXlDo3NBbAr7WaHY2MBbT+R/+jicn9E3IY3NCM5jENxqmvHy9MDsxEEYgFNm7IDwq4V1VRUWy277YsvRbmEaHb+osOA5u1VNN4z3UftOZcSZgR5C/vR71cENXoPt1YQpCzu7i38ojtvL+tDVEKT7sIovrQw8q1sszNlW2nXh8RSPiIq5TMnrV73MP0egKcr9n3tfxwi1BIkLjvfom/02BkTK9R9v+VMNhYU1YwROhORCiMIgoxUGiUvtH8u38JGr7E0hhMoAjCE5k80WPUivl0=" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILkbTj6x4GmbqcAhs01wBBz+uP7BHbLgFpeUx18zLy7t" ]; mail-server = "mail.fudo.org"; + nexus.domains = [ "fudo.link" ]; } diff --git a/sites/seattle.nix b/sites/seattle.nix index f980154..6fc9d5a 100644 --- a/sites/seattle.nix +++ b/sites/seattle.nix @@ -6,8 +6,10 @@ deploy-pubkeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZ62rYnn1pMY5pgOak4I0Go9VJmiYuK1GOMhVDf94glowiiMx1qzieyNhgBXGXb9Eo7c2TchiGNnQJM8OHPmMwBSUdEJ9+BZLKlY6LMzZlWanr7V9WWZb7hGK42woZiSZBBvzrRJ+Skeo2/6/ZOB6PnUAbl9Z0X3IWvTK8da6GWZlNUfDaTqpeu/9+YvqJpb/xJCr7/LC6Y3yjnKrchhmz1MguN4XOOhhLwcpuhyBIUSnU24RScGAgXBAdJL2IrE6yDmRwmNIVaEPlp/sV5UG8M74r/pBDI+VKsKFOzr3xeEQYMU8+As4ufLEqLW7n1IP2frIXCV+jkErqNONDAhD5+B9mdoTjifF57B48Re7+o/3W/1dXV6qWhEj6vgTinsKLr/QBLkXVggjZUeXZ4wkStEh/ab0K4QnHEfg8F+PHyCBKXyNqCib4GCa7pxvUYXgokZGRMCVRXf4o0UsK7PeAjYRgB79LLKFt4X2xyJLhMhxsTHTfIQRHMAUpfavzo+0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGVez4of30f+j0cWKj5kYCKeFjyNsYvG9UbOMxF5hImD2lP5MSbFBv31gFgHjx3yCG4zQRZlpuyU5uWo0qIwe9N84/LcZcB9WrWKZXDmuof7zPFy0J+Hj+LVLDQI/mVXHNwkMhBMHpPrdwA05EYDAYCYklWT4cSByu10pHtST+olF8i+A+UQgUzgNZzdJVeiYZv6MBDTYsJWptGeDUkl2B0Es3gtbGYcCCfnyS3RC7DIXlDo3NBbAr7WaHY2MBbT+R/+jicn9E3IY3NCM5jENxqmvHy9MDsxEEYgFNm7IDwq4V1VRUWy277YsvRbmEaHb+osOA5u1VNN4z3UftOZcSZgR5C/vR71cENXoPt1YQpCzu7i38ojtvL+tDVEKT7sIovrQw8q1sszNlW2nXh8RSPiIq5TMnrV73MP0egKcr9n3tfxwi1BIkLjvfom/02BkTK9R9v+VMNhYU1YwROhORCiMIgoxUGiUvtH8u38JGr7E0hhMoAjCE5k80WPUivl0=" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILkbTj6x4GmbqcAhs01wBBz+uP7BHbLgFpeUx18zLy7t" ]; enable-distributed-builds = false; mail-server = "mail.fudo.org"; local-gateway = "limina"; + nexus.domains = [ "fudo.link" ]; } diff --git a/sites/worldstream.nix b/sites/worldstream.nix index edeb3d6..e701df5 100644 --- a/sites/worldstream.nix +++ b/sites/worldstream.nix @@ -7,6 +7,8 @@ deploy-pubkeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZ62rYnn1pMY5pgOak4I0Go9VJmiYuK1GOMhVDf94glowiiMx1qzieyNhgBXGXb9Eo7c2TchiGNnQJM8OHPmMwBSUdEJ9+BZLKlY6LMzZlWanr7V9WWZb7hGK42woZiSZBBvzrRJ+Skeo2/6/ZOB6PnUAbl9Z0X3IWvTK8da6GWZlNUfDaTqpeu/9+YvqJpb/xJCr7/LC6Y3yjnKrchhmz1MguN4XOOhhLwcpuhyBIUSnU24RScGAgXBAdJL2IrE6yDmRwmNIVaEPlp/sV5UG8M74r/pBDI+VKsKFOzr3xeEQYMU8+As4ufLEqLW7n1IP2frIXCV+jkErqNONDAhD5+B9mdoTjifF57B48Re7+o/3W/1dXV6qWhEj6vgTinsKLr/QBLkXVggjZUeXZ4wkStEh/ab0K4QnHEfg8F+PHyCBKXyNqCib4GCa7pxvUYXgokZGRMCVRXf4o0UsK7PeAjYRgB79LLKFt4X2xyJLhMhxsTHTfIQRHMAUpfavzo+0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGVez4of30f+j0cWKj5kYCKeFjyNsYvG9UbOMxF5hImD2lP5MSbFBv31gFgHjx3yCG4zQRZlpuyU5uWo0qIwe9N84/LcZcB9WrWKZXDmuof7zPFy0J+Hj+LVLDQI/mVXHNwkMhBMHpPrdwA05EYDAYCYklWT4cSByu10pHtST+olF8i+A+UQgUzgNZzdJVeiYZv6MBDTYsJWptGeDUkl2B0Es3gtbGYcCCfnyS3RC7DIXlDo3NBbAr7WaHY2MBbT+R/+jicn9E3IY3NCM5jENxqmvHy9MDsxEEYgFNm7IDwq4V1VRUWy277YsvRbmEaHb+osOA5u1VNN4z3UftOZcSZgR5C/vR71cENXoPt1YQpCzu7i38ojtvL+tDVEKT7sIovrQw8q1sszNlW2nXh8RSPiIq5TMnrV73MP0egKcr9n3tfxwi1BIkLjvfom/02BkTK9R9v+VMNhYU1YwROhORCiMIgoxUGiUvtH8u38JGr7E0hhMoAjCE5k80WPUivl0=" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILkbTj6x4GmbqcAhs01wBBz+uP7BHbLgFpeUx18zLy7t" ]; mail-server = "mail.fudo.org"; + nexus.domains = [ "fudo.link" ]; } diff --git a/zones/fudo.org.nix b/zones/fudo.org.nix index b5a0750..6f34b46 100644 --- a/zones/fudo.org.nix +++ b/zones/fudo.org.nix @@ -128,10 +128,13 @@ usashi.ipv4-address = "209.177.109.150"; }; - verbatim-dns-records = [ - '' - mail._domainkey IN TXT ( "v=DKIM1; k=rsa; "\n"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwulTvtxhB2UD1aWmey"\n"B63gZyhU2wWl8zhkQYePOpOMY0l2Qew6Dw+neYNTaEUBRtbeoVHhVwI28/kH8HqRte9mQGyQR4JphW7sr4osuD603cdzJMpptYbr2XPRkOxDmY9iBBSNgXjp103TQL8HA/7HlLGUsPWYDxjh94Mbb/KzGfBiVLBc3vUIVXZdnlLJa/xzIZAT1NXnT3hRHyt7on+6x+uIQ2FOTvyQvTfAASwJa012LzqxlZXykGE7WnHkNFDeyCiSepr4LroW9"\n"+Dt+AYKWDu1gvF75jy6enewHse06doJoRkvFq+h1ZIymkFfRacYTK43X2ZOXTMLEOrf5lQIDAQAB" ) ; ----- DKIM key mail for fudo.org'' - ]; + verbatim-dns-records = ['' + mail._domainkey IN TXT ( "v=DKIM1; k=rsa; " + "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwulTvtxhB2UD1aWmeyB63gZyhU2wWl8zhkQYePOpOMY0l2" + "Qew6Dw+neYNTaEUBRtbeoVHhVwI28/kH8HqRte9mQGyQR4JphW7sr4osuD603cdzJMpptYbr2XPRkOxDmY9iBBSNgXjp1" + "03TQL8HA/7HlLGUsPWYDxjh94Mbb/KzGfBiVLBc3vUIVXZdnlLJa/xzIZAT1NXnT3hRHyt7on+6x+uIQ2FOTvyQvTfAAS" + "wJa012LzqxlZXykGE7WnHkNFDeyCiSepr4LroW9+Dt+AYKWDu1gvF75jy6enewHse06doJoRkvFq+h1ZIymkFfRacYTK4" + "3X2ZOXTMLEOrf5lQIDAQAB" ) ; ----- DKIM key mail for fudo.org'']; subdomains = { test = { diff --git a/zones/sea.fudo.org.nix b/zones/sea.fudo.org.nix index 5a3a470..b1e46b3 100644 --- a/zones/sea.fudo.org.nix +++ b/zones/sea.fudo.org.nix @@ -1,9 +1,11 @@ let local-domain = "sea.fudo.org"; in { aliases = { + chat = "nostromo"; deploy = "socrates"; #dns-hole = "limina"; #gateway = "limina"; + factorio = "toothless"; #hole = "limina"; home = "lambda"; home-assist = "wormhole0"; @@ -11,6 +13,8 @@ in { # kadmin = "nostromo"; # kdc = "nostromo"; minecraft = "nostromo"; + survival = "toothless"; + creative = "nostromo"; music = "doraemon"; #panopticon = "lambda"; #panopticon-od = "lambda"; @@ -77,6 +81,10 @@ in { ipv4-address = "10.0.0.7"; mac-address = "7C:D9:5C:9F:6F:E9"; }; + cam-switch = { + ipv4-address = "10.0.0.8"; + mac-address = "94:18:65:7F:9E:18"; + }; nostromo = { ipv4-address = "10.0.0.10"; mac-address = "02:14:25:55:ee:5a"; @@ -85,6 +93,10 @@ in { ipv4-address = "10.0.0.11"; mac-address = "02:f5:fe:8c:22:fe"; }; + toothless = { + ipv4-address = "10.0.0.12"; + mac-address = "02:ee:76:17:99:ed"; + }; socrates = { ipv4-address = "10.0.0.20"; mac-address = "02:f2:30:b8:71:42"; @@ -95,15 +107,15 @@ in { cam-entrance = { ipv4-address = "10.0.0.31"; - mac-address = "9c:8e:cd:0e:99:7b"; + mac-address = "9C:8E:CD:3B:A0:F1"; }; cam-driveway = { ipv4-address = "10.0.0.32"; - mac-address = "9c:8e:cd:0d:3b:09"; + mac-address = "9C:8E:CD:3B:A1:70"; }; - cam-deck = { + cam-steps = { ipv4-address = "10.0.0.33"; - mac-address = "9c:8e:cd:0e:98:c8"; + mac-address = "9C:8E:CD:3B:A0:70"; }; cam-patio = { ipv4-address = "10.0.0.34"; @@ -161,6 +173,10 @@ in { ipv4-address = "10.0.0.111"; mac-address = "02:0d:df:2d:46:90"; }; + jazz = { + ipv4-address = "10.0.0.112"; + mac-address = "02:57:9a:a4:10:d3"; + }; ubiquiti-wifi = { ipv4-address = "10.0.0.126"; mac-address = "04:18:d6:20:48:fb"; diff --git a/zones/selby.ca.nix b/zones/selby.ca.nix index fdd0c62..d768abe 100644 --- a/zones/selby.ca.nix +++ b/zones/selby.ca.nix @@ -9,9 +9,13 @@ webmail = "webmail.fudo.org."; }; - verbatim-dns-records = [ - ''mail._domainkey IN TXT ( "v=DKIM1; k=rsa; "\n"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68IHVXbgnu0rqAvsM3mKT9WmlvYM22COWh5Fzl"\n"FOUguZ3nWCrcZGt8l5G004tDjCwgdCz4e0eUq3VqtPIcGfMd56jK61XAqN7wz"\n"RXTjEjiaGSENjBX+geoUM+DIS84jeZOFtB7Sm1kqMKfkEarygtNTtibqvFzk34vREVhwcgF3bTl5BjhU9D+7lWwt6VBKCUvMFcJPCHuuM/jMkZb+unllsu8LbtbhWT2TcnHhup/7Yfu4Z79RhdxnL8jbwIPbiCLBkOEbN/"\n"624EYHRhtEAPYuQKOjWt1IemQtE6BCxEsHhaSB4W1l1Ji21Q3vDyf0s+LM2ETjT2jxmcYR7G+e10QIDAQAB" ) ; ----- DKIM key mail for selby.ca'' - ]; + verbatim-dns-records = ['' + mail._domainkey IN TXT ( "v=DKIM1; k=rsa; " + "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68IHVXbgnu0rqAvsM3mKT9WmlvYM22COWh5FzlFOUguZ3n" + "WCrcZGt8l5G004tDjCwgdCz4e0eUq3VqtPIcGfMd56jK61XAqN7wzRXTjEjiaGSENjBX+geoUM+DIS84jeZOFtB7Sm1k" + "qMKfkEarygtNTtibqvFzk34vREVhwcgF3bTl5BjhU9D+7lWwt6VBKCUvMFcJPCHuuM/jMkZb+unllsu8LbtbhWT2TcnH" + "hup/7Yfu4Z79RhdxnL8jbwIPbiCLBkOEbN/624EYHRhtEAPYuQKOjWt1IemQtE6BCxEsHhaSB4W1l1Ji21Q3vDyf0s+L" + "M2ETjT2jxmcYR7G+e10QIDAQAB" ) ; ----- DKIM key mail for selby.ca'']; srv-records.tcp = { http = [{