feat(radius): Move configuration from compute01 to vaul01
Some checks failed
build configuration / build_rescue01 (push) Successful in 1m7s
build configuration / build_storage01 (push) Successful in 1m9s
build configuration / build_web02 (push) Successful in 1m8s
build configuration / build_compute01 (push) Successful in 1m29s
lint / check (push) Successful in 26s
build configuration / build_web01 (push) Successful in 1m36s
build configuration / build_vault01 (push) Failing after 8m54s

This commit is contained in:
Tom Hubrecht 2024-04-08 22:20:53 +02:00
parent e8fde45fbf
commit ccfbc4be42
25 changed files with 39 additions and 65 deletions

View file

@ -14,7 +14,6 @@ lib.extra.mkConfig {
"ds-fr"
"grafana"
"hedgedoc"
"k-radius"
"kanidm"
"librenms"
"mastodon"

View file

@ -1,31 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 tDqJRg R3h8Ph1ooMaR/bmz09yRzVRq1mR3L7o87wMhsysC5kU
Go50Us/u8CgZS7Up20RH8NlRS0+ESBw30wa8SZ5dqoo
-> ssh-ed25519 jIXfPA gMaMIQvUIu5bK5mRWP6SSZQArMzhg4bDZDcjwx9dyDY
Vv8H7oTBvogaoW4dhdm81TOe995CSGeBxB8LtFgJqwc
-> ssh-ed25519 QlRB9Q 1CxZ2F8EMykWDzrAzN6NSPtjLmMJ99zf8UWLyV3e+Ag
ak7M8/mCeQOMKFPllTsA79glffS/vu51vHIRT3F8qLE
-> ssh-ed25519 r+nK/Q qcuIACZn+1ofDpWW1IBmY0IIj4WZNQhxtUJlHgh11ws
OJhEfDQHkg3s5CCBcVfba9S4OG4hBjJIYkCoLAIFwOI
-> ssh-rsa krWCLQ
1XseIDq7c94X7Dpp1sC3oBLhZSd4w7UJ7QI03SGmqVTd3VVwP5IV430vrSIFETMI
LopkMvCtF1XpIJQ+nHoxsukG/0kefh5Iodmd6anQNp0iVU/tWkQzWbkHlVlkxJ2M
o3fMRAaVyH5GvQkIT5ndWma34vqwydAinM2mchi0hy0ibP5lkk8K7OtafNP4eYNh
m7necRRI8yCuE1wBRy8sBpo5mEqGj1uINxXiF6yUI05pCBXHG1qDiFkDHfw8va9k
Qitfwv2Clkk/hQG6aEYuruoXwq4SZxSCswMpP5Nz70I+e5YkZw8G50ICaVBXxuAP
ABByGBZ/QKLw66NpE7rbSA
-> ssh-ed25519 /vwQcQ 1P92WFx8+9DaL2dPwmX+Bva+h7Hy9qXszDTyPvd81kc
gLVhBlE4lAMcod32/Y8xzypVCDu4vRca3aem3OHiocU
-> ssh-ed25519 0R97PA rZblJRi2bYJig4HyzOXdtpUEEkGDlHS456aKlqxwGX4
qjIkEyHjDxzmf34bS7qWJ9lexMXu2QMmcD9RP4MpkYQ
-> ssh-ed25519 JGx7Ng IbCSvxAUY1gDTny5KurzONVaQwX/VgvNs1hAQ9iUQRE
5ivoGkzEHAyTl3gUE+9nVYclF8/aqnyOF3a81fZfbW0
-> t|-grease (u /1\q}65 ]@
Dd2SJgnQFUSDlS4eSkKUaGwve8Rsv/4MNEwGRJftdtTvxv80bRuNBEFe+ah4YhiV
LA3n6c+Te9Q
--- wWhpJpx4IHeC1Qo4nH6iuEB3e9l5b8U5xOnsX8BoBgQ
5¥t·Œ °ÒxÚ@<1E>`zÈÔgCà Ѭ:4Œó¾&‡Spi8ñŸuæ"lÕ×)<29>aŒÁÄ,4ÃsÌ*uÿ€ƒ±v#ÿ*ÎàÜÊ^ݶ‚Ø«%´Ñº98¾,yBÙ
"¶%Ç㤄†NÎÓ· íò¬} [Ñ¿Ó(äØ{<11>ý0ô—f²<66>„|Š à-—&qF k Ö¶¹µùÔÎLì,¹À„žD™áΩ­QÍ—½è<C2BD>4N}<7D>ÙÐJ´·ÇÓˆ€]dU Ïø¿<C3B8>I—:ÌôÑÉ öì°¦£sý¨õB #}¹
ÞÃXzð‰N4·>ñ5iSan`‰¹.õÃPcHØÉAéßÈÿµH=¥ËæÂ~ö(Pçô±Š$ ,¡ã‹ù¯ZЬÆwçÚ /×
Á–+rC$†ýê&ØJñ ; ÉvÞjæ‰ÎY¹,š*`ºGå=ã¯M¼ƒƒeäA<51>\D˜ÿ@¥j¾$gö{Q´lhIoÊÏIM)};@ìNü½b‰<62>k5Dgüoþ'ItW(Ïk
ê6)ËŒä0£<30>tM¶É Ó(Ûê¡<C3AA>n²k®Zu%m<17>¡ bzÚõŠ¿ÁìÍÿ

View file

@ -1,26 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 tDqJRg sTm4u+QVtvUqNgMJhufIljdH63oCmvfbRz6NRa2ZbwI
ZYjAINMp/ds7g+7Wjg26YRpRV+nznQPB1r7NzAHGfW0
-> ssh-ed25519 jIXfPA z4LS/Igwab0moIzxG9b06T5rZiODkdJyjaFepJVcxQ8
qNkDc+prvr1bNTSWJyygJj7yb8MOz2nR+Z8EMHUVVOs
-> ssh-ed25519 QlRB9Q 6TQ0Vp3KB5yDIEt029hIB3aCnDjTDP0JG6LN2J9gtjU
fZXeSxb7GJOJYvCr2nVf6BKf8QjaqOOuoi0I/xXV1qc
-> ssh-ed25519 r+nK/Q eW4wTH9PNd0mzVFsxwS4mEEn5gVUCpYA/g+ifeUB+00
kqED+vZVHn0SXTpgbaiMseI6vPCyTt5Gfu4pHxPvKp0
-> ssh-rsa krWCLQ
axyFJ/zhMoZ1mJLzWAbXbHjlAlLj7HraHyY6ddZBVibgRSEufdXsa8ABmdR6+EuM
ty37+/TZOBv11ew/D1C7vQ7B/1JXgej2TAAmYt4vN3lVZdgJI+tQGiOf1nsqfI64
p4ZbMi9G0wlzb+Z7Z5SLKo6HwharYI+vDEgh3Ua9Q+6bpZeXxxJHmkACikAI4xJV
3lLo1iTeyJy/9u/WoHmEOuqJLeZdhmPZBozxTdDTWz9wMHy+NotfXFaIFTyUpocu
OU19N95fyVyTRwmrGFcWs34O631Ejpo3oVLDvjXrFtV4HISSweB/YbU84EveFbz5
28gTWKdeOQcHJfmaeJV/Rg
-> ssh-ed25519 /vwQcQ cXNRE5eLKNh4lL7S7cMDfp79+TQyiJK3gTzYCuHeRHo
4bz0al2kf/S6VEhObpLxy8tvB1t/tBVdB1Gi/7XinD4
-> ssh-ed25519 0R97PA iGdUtE7KDRBNSXv1w0dJNPQWxAeDpIAePUU8t0qURV8
OUoeLNWl0rLt6+FNf5plNmQIgrULwIgEL/W4HFTYeB8
-> ssh-ed25519 JGx7Ng tPkAPvVDZOcP06+mrD5uK03dUJi4aMAvkoz21y9L6Ak
tcUItLMra+EIYH6MA1ULMpr8bkUql448jnurev8N5wk
-> \<?_-grease (+d_8zF H
--- /CiW5jTjVkXDOdwmb4P80FswPEpgTt2GZnqT7KlOvC0
=þ%©»gæÆQ³-¼ffÄUC.qÅ͘·H<C2B7>µ—ìäÙ=Vý£žØú<C398>ŽRåN

View file

@ -18,12 +18,6 @@ lib.setDefault { inherit publicKeys; } [
"outline-oidc_client_secret_file"
"outline-smtp_password_file"
"outline-storage_secret_key_file"
"radius-auth_token_file"
"radius-ca_pem_file"
"radius-cert_pem_file"
"radius-dh_pem_file"
"radius-key_pem_file"
"radius-private_key_password_file"
"satosa-env_file"
"telegraf-environment_file"
"vaultwarden-environment_file"

View file

@ -8,6 +8,7 @@ lib.extra.mkConfig {
enabledServices = [
# List of services to enable
"k-radius"
"networking"
];

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View file

@ -0,0 +1,30 @@
age-encryption.org/v1
-> ssh-ed25519 jIXfPA oTG4+leUhtu+taark5+znjTzfTPBjSgtJI5zNmLrxQw
+xsiH/nNjeBckEn1bi3OVPo/vy6WGqJftfnNgrh+7eA
-> ssh-ed25519 QlRB9Q dk3mYy/ziQL3Cx7XB+/IY8EkrEtBNZkvLf3iwAZtYFg
42ABG0MdenXCfgeVoTvJ8XYyKd9OuH/KVZPOdpfLTkc
-> ssh-ed25519 r+nK/Q 2nOZZkpvToMgbg66f/DYm2J4gfzhtGEAAzlqYM44V24
GJlZ857IA1firt/6A7dTtdqGncJg4XnCBxSLlDeIUe8
-> ssh-rsa krWCLQ
Z2DScQA6a5+Wzl1cD6fMcWtQRM00PM24eO2bjqlSAy+wk3J+62nxYGQJEXp4y5Ws
Rn6FENHllIoH1mXu7XbDpnmertZK1I6krf2jbC4LoUVdXf2czksqtITjwJqFEn9k
i27LhROdQN61xnz1OWPbTaNJAEgo6A4gzRnD6SxZjNqF0EHaBgA/SlX9lFfKtp50
yiy6rSncJbT7Kxya8Nll/YC8RC78shs6r0+JnuGdm+GstMnkEF8eOIQuNHCPWbdN
oT2K6oWjITwQnuSzb9+fIW9Orcl3QjFJPMlVl37p3r5BBNiuaW5Jk1ky8mP6hHRX
Hzqa0eHffbiUSTtFbNr6vA
-> ssh-ed25519 /vwQcQ wVRPD49z8MeLNz0XGu9HWXBPdbJkegHNOY4chmgzeCU
iABkdTWGE+ImvRA0N2mNuUdpqEWmPe0kWRf7yDGgkHs
-> ssh-ed25519 0R97PA 79n3SCQbXkjlk/5+GLr1bjapHNhID33zieUF0X2eZgU
5BX9Qw6hn1Ie97AaKtpkHnLD4aXEvJI29EwiuFOaDKY
-> ssh-ed25519 JGx7Ng vTCpM2b8rMa9o/H/0jKkEf2DRyqCnOJP3+0m9LmV42k
dyFkt3XtZDcGx4uiJni6tdXDNVEzlFZqqPHYD/A0g7k
-> ssh-ed25519 5SY7Kg wAHGb5dG04fIBCKSOzwTagFMC0z2eGNGLbBGdqAaFH4
RozSCdnelai3bOX+Ls2cl2go68mfQeKTlNMRiWGjJpk
-> ssh-ed25519 p/Mg4Q zGKTV2Z6+VG1oajB9EGRe7SsDwCeSWDjuS3Wj7D333g
7EartLedAduICpquQkN2a2dNy9u4KLm2d97heFrceqE
-> ssh-ed25519 5rrg4g T1fAxr/RHvWf/vh2VL41tSH9Mpmq3eFyqzJf+MJIBEk
eYJEC1pZ4xQeaXeDV5+gYtOftla9nSSnB/WQ3rLrXn0
-> ssh-ed25519 +mFdtQ QtrOIfJz3j4US5STmAIXOS6TsckNtJ5FPO+KHomSVGM
qWjtGdXHHNMGBP0qByAvka7YvWLYh+JPD9MqAU8Wuzs
--- tD/2gendSlu4C9HG5VAwueB8NPCZWC63ATSB7sETutI
x¡Çßv+z²m<C2B2>zZa>šF¿Þ=Oùøž(¤=¶ÿg aèôx¡¿Ÿ#

View file

@ -2,4 +2,11 @@ let
lib = import ../../../lib { };
publicKeys = lib.getNodeKeys "vault01";
in
lib.setDefault { inherit publicKeys; } [ ]
lib.setDefault { inherit publicKeys; } [
"radius-auth_token_file"
"radius-ca_pem_file"
"radius-cert_pem_file"
"radius-dh_pem_file"
"radius-key_pem_file"
"radius-private_key_password_file"
]