Add a nix box managed by June
Every admin can login as its own user with the keys listed here: https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/src/branch/trunk/authorized_keys
This commit is contained in:
parent
3aae597752
commit
7c7da0db05
7
config/hosts/nix-box-june/configuration.nix
Normal file
7
config/hosts/nix-box-june/configuration.nix
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
networking.hostName = "nix-box-june";
|
||||||
|
|
||||||
|
system.stateVersion = "23.11";
|
||||||
|
}
|
9
config/hosts/nix-box-june/default.nix
Normal file
9
config/hosts/nix-box-june/default.nix
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./configuration.nix
|
||||||
|
./networking.nix
|
||||||
|
./users.nix
|
||||||
|
];
|
||||||
|
}
|
22
config/hosts/nix-box-june/networking.nix
Normal file
22
config/hosts/nix-box-june/networking.nix
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
# Networking configuration for the host.
|
||||||
|
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
networking.interfaces.net0 = {
|
||||||
|
ipv4.addresses = [
|
||||||
|
{
|
||||||
|
address = "172.31.17.158";
|
||||||
|
prefixLength = 25;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
networking.defaultGateway = "172.31.17.129";
|
||||||
|
networking.nameservers = [ "212.12.50.158" "192.76.134.90" ];
|
||||||
|
networking.search = [ "hamburg.ccc.de" ];
|
||||||
|
|
||||||
|
systemd.network.links."10-net0" = {
|
||||||
|
matchConfig.MACAddress = "BC:24:11:6A:33:5F";
|
||||||
|
linkConfig.Name = "net0";
|
||||||
|
};
|
||||||
|
}
|
59
config/hosts/nix-box-june/users.nix
Normal file
59
config/hosts/nix-box-june/users.nix
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
{ lib, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
users.users = {
|
||||||
|
chaos.openssh.authorizedKeys.keys = lib.mkForce [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOqCxniUEAZAYqL5zbisFfYcQx+7iDRrMo4Pz4uWXq5b julian@01_id_ed25519" ];
|
||||||
|
colmena-deploy.openssh.authorizedKeys.keys = lib.mkForce [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOqCxniUEAZAYqL5zbisFfYcQx+7iDRrMo4Pz4uWXq5b julian@01_id_ed25519" ];
|
||||||
|
|
||||||
|
djerun = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGWXk9N9GoDyvaB0mnX448IvzKKsMv0eFZKvjqmsJ3In djerun@chaos.ferrum.local"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINQsu6WSAXsF45wGmw2spQUWopsgioUuFI8hKLBW/WVk djerun@chaos-noc.ferrum.local"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
june = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOqCxniUEAZAYqL5zbisFfYcQx+7iDRrMo4Pz4uWXq5b julian@01_id_ed25519" ];
|
||||||
|
};
|
||||||
|
jtbx = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBQgnQAq6FUSDK8bxtYPjx3oRCAKG+xy9J3Gas2ztJk jannik@Magrathea.local" ];
|
||||||
|
};
|
||||||
|
dario = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPZtJwNPEIfNsAxBfWgxAeoKX1ajORPvs6L5S+qipJ7J dario@ccchh" ];
|
||||||
|
};
|
||||||
|
yuri = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdk3FLQRoCWxdOxg4kHcPqAu3QQOs/rY9na2Al2ilGl yuri@violet"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEvM35w+UaSpDTuaG5pGPgfHcfwscr+wSZN9Z5Jle82 yuri@kiara"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
max = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINHNGDzZqmiFUH75oq1npZTyxV0B7eSJES/29UJxTXBc max@iridium" ];
|
||||||
|
};
|
||||||
|
haegar = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMhWTkvLI/rp6eyTemuFZRbt2xxRtal7fu668nnb/ekU haegar@aurora" ];
|
||||||
|
};
|
||||||
|
stb = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgVuX9phyXImxqvof+49UXhiSQ+VGizeU4LrPcZY1Hy stb@lassitu.de 20230418" ];
|
||||||
|
};
|
||||||
|
hansenerd = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBxujzHK49IBtYKPgnTCDQEiIxgzzlQ846tmU+6TcMIi hansenerd" ];
|
||||||
|
};
|
||||||
|
echtnurich = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWWxkGFje1CJbZTB2Kv8hxZpvRR8qyw2IarRIHnQj3+ echtnurich" ];
|
||||||
|
};
|
||||||
|
c6ristian = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOgfWcCrsVSXvYEssbfMOy2DnfkGSx+ZRnPLtjVNSxbf c6ristian" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
13
flake.nix
13
flake.nix
|
@ -237,6 +237,19 @@
|
||||||
./config/hosts/eh22-wiki
|
./config/hosts/eh22-wiki
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nix-box-june = {
|
||||||
|
deployment = {
|
||||||
|
targetHost = "nix-box-june-intern.hamburg.ccc.de";
|
||||||
|
targetPort = 22;
|
||||||
|
targetUser = "colmena-deploy";
|
||||||
|
};
|
||||||
|
imports = [
|
||||||
|
./config/common
|
||||||
|
./config/proxmox-vm
|
||||||
|
./config/hosts/nix-box-june
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
packages.x86_64-linux = {
|
packages.x86_64-linux = {
|
||||||
|
|
Loading…
Reference in a new issue