Add a nix box managed by June
Every admin can login as its own user with the keys listed here: https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/src/branch/trunk/authorized_keys
This commit is contained in:
parent
3aae597752
commit
7c7da0db05
5 changed files with 110 additions and 0 deletions
7
config/hosts/nix-box-june/configuration.nix
Normal file
7
config/hosts/nix-box-june/configuration.nix
Normal file
|
@ -0,0 +1,7 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
networking.hostName = "nix-box-june";
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
}
|
9
config/hosts/nix-box-june/default.nix
Normal file
9
config/hosts/nix-box-june/default.nix
Normal file
|
@ -0,0 +1,9 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./networking.nix
|
||||
./users.nix
|
||||
];
|
||||
}
|
22
config/hosts/nix-box-june/networking.nix
Normal file
22
config/hosts/nix-box-june/networking.nix
Normal file
|
@ -0,0 +1,22 @@
|
|||
# Networking configuration for the host.
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
networking.interfaces.net0 = {
|
||||
ipv4.addresses = [
|
||||
{
|
||||
address = "172.31.17.158";
|
||||
prefixLength = 25;
|
||||
}
|
||||
];
|
||||
};
|
||||
networking.defaultGateway = "172.31.17.129";
|
||||
networking.nameservers = [ "212.12.50.158" "192.76.134.90" ];
|
||||
networking.search = [ "hamburg.ccc.de" ];
|
||||
|
||||
systemd.network.links."10-net0" = {
|
||||
matchConfig.MACAddress = "BC:24:11:6A:33:5F";
|
||||
linkConfig.Name = "net0";
|
||||
};
|
||||
}
|
59
config/hosts/nix-box-june/users.nix
Normal file
59
config/hosts/nix-box-june/users.nix
Normal file
|
@ -0,0 +1,59 @@
|
|||
{ lib, ... }:
|
||||
|
||||
{
|
||||
users.users = {
|
||||
chaos.openssh.authorizedKeys.keys = lib.mkForce [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOqCxniUEAZAYqL5zbisFfYcQx+7iDRrMo4Pz4uWXq5b julian@01_id_ed25519" ];
|
||||
colmena-deploy.openssh.authorizedKeys.keys = lib.mkForce [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOqCxniUEAZAYqL5zbisFfYcQx+7iDRrMo4Pz4uWXq5b julian@01_id_ed25519" ];
|
||||
|
||||
djerun = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGWXk9N9GoDyvaB0mnX448IvzKKsMv0eFZKvjqmsJ3In djerun@chaos.ferrum.local"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINQsu6WSAXsF45wGmw2spQUWopsgioUuFI8hKLBW/WVk djerun@chaos-noc.ferrum.local"
|
||||
];
|
||||
};
|
||||
june = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOqCxniUEAZAYqL5zbisFfYcQx+7iDRrMo4Pz4uWXq5b julian@01_id_ed25519" ];
|
||||
};
|
||||
jtbx = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBQgnQAq6FUSDK8bxtYPjx3oRCAKG+xy9J3Gas2ztJk jannik@Magrathea.local" ];
|
||||
};
|
||||
dario = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPZtJwNPEIfNsAxBfWgxAeoKX1ajORPvs6L5S+qipJ7J dario@ccchh" ];
|
||||
};
|
||||
yuri = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdk3FLQRoCWxdOxg4kHcPqAu3QQOs/rY9na2Al2ilGl yuri@violet"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEvM35w+UaSpDTuaG5pGPgfHcfwscr+wSZN9Z5Jle82 yuri@kiara"
|
||||
];
|
||||
};
|
||||
max = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINHNGDzZqmiFUH75oq1npZTyxV0B7eSJES/29UJxTXBc max@iridium" ];
|
||||
};
|
||||
haegar = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMhWTkvLI/rp6eyTemuFZRbt2xxRtal7fu668nnb/ekU haegar@aurora" ];
|
||||
};
|
||||
stb = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgVuX9phyXImxqvof+49UXhiSQ+VGizeU4LrPcZY1Hy stb@lassitu.de 20230418" ];
|
||||
};
|
||||
hansenerd = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBxujzHK49IBtYKPgnTCDQEiIxgzzlQ846tmU+6TcMIi hansenerd" ];
|
||||
};
|
||||
echtnurich = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWWxkGFje1CJbZTB2Kv8hxZpvRR8qyw2IarRIHnQj3+ echtnurich" ];
|
||||
};
|
||||
c6ristian = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOgfWcCrsVSXvYEssbfMOy2DnfkGSx+ZRnPLtjVNSxbf c6ristian" ];
|
||||
};
|
||||
};
|
||||
}
|
13
flake.nix
13
flake.nix
|
@ -237,6 +237,19 @@
|
|||
./config/hosts/eh22-wiki
|
||||
];
|
||||
};
|
||||
|
||||
nix-box-june = {
|
||||
deployment = {
|
||||
targetHost = "nix-box-june-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/nix-box-june
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
packages.x86_64-linux = {
|
||||
|
|
Loading…
Reference in a new issue