DGNum/infrastructure
12
6
Fork 3
Code Issues 19 Pull requests 8 Projects 1 Releases Packages Wiki Activity Actions

Compare commits

base: DGNum:2a388f53ac929e326a8518a0993ddefff1a0d416
Branches Tags
DGNum:main
DGNum:npins-update
DGNum:declarative-buckets
DGNum:victoria-metrics
DGNum:netbox-agent
DGNum:mattermost
DGNum:init-dgnum-page
DGNum:takumi-can-do-ollama
DGNum:ds-fr
DGNum:colmena-liminix
...
compare: DGNum:3bccda09dbf8295639158867f7ed26b858e3101f
Branches Tags
DGNum:npins-update
DGNum:main
DGNum:declarative-buckets
DGNum:victoria-metrics
DGNum:netbox-agent
DGNum:mattermost
DGNum:init-dgnum-page
DGNum:takumi-can-do-ollama
DGNum:ds-fr
DGNum:colmena-liminix

3 commits
2a388f53ac ... 3bccda09db

Author SHA1 Message Date
Tom Hubrecht
3bccda09db feat(infra): Enable recording of deployments
All checks were successful
build configuration / build_vault01 (push) Successful in 1m5s
Details
build configuration / build_rescue01 (push) Successful in 1m6s
Details
build configuration / build_web02 (push) Successful in 1m7s
Details
build configuration / build_storage01 (push) Successful in 1m11s
Details
lint / check (push) Successful in 23s
Details
build configuration / build_web01 (push) Successful in 1m32s
Details
build configuration / build_compute01 (push) Successful in 1m59s
Details
2024-03-08 23:11:31 +01:00
Tom Hubrecht
5f899bc0e7 feat(lib): Add machineKeys 2024-03-08 23:11:10 +01:00
Tom Hubrecht
1d40e44399 feat(keys): Add rescue01 and web02 2024-03-08 23:10:47 +01:00
8 changed files with 68 additions and 3 deletions
Show stats Expand all files Collapse all files

1
keys/machines/rescue01.keys Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEJa02Annu8o7ggPjTH/9ttotdNGyghlWfU9E8pnuLUf

1
keys/machines/web02.keys Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE020zqMJTlJ73czVxWVNmRof6il+N9dS4Knm43bJSpm

3
lib/default.nix
View file

@ -28,4 +28,7 @@ lib.extra
rootKeys ++ (getAllKeys names); rootKeys ++ (getAllKeys names);
rootKeys = getAllKeys meta.organization.groups.root; rootKeys = getAllKeys meta.organization.groups.root;
machineKeys =
rootKeys ++ (getAllKeys (builtins.map (n: "machines/${n}") (builtins.attrNames meta.nodes)));
} }

1
modules/default.nix
View file

@ -44,6 +44,7 @@
"dgn-fail2ban" "dgn-fail2ban"
"dgn-hardware" "dgn-hardware"
"dgn-network" "dgn-network"
"dgn-records"
"dgn-ssh" "dgn-ssh"
"dgn-web" "dgn-web"
"dgn-vm-variant" "dgn-vm-variant"

42
modules/dgn-records/__arkheon-token_file Normal file
View file

@ -0,0 +1,42 @@
age-encryption.org/v1
-> ssh-ed25519 jIXfPA tUYFIHRHhzoovCj2787gimUlzImJoDMJ+tjeyKbTaWM
4v3uHBMWy7bW42R3QuMcasrZjuCGMAlvtLZc+7Lw/JE
-> ssh-ed25519 QlRB9Q kCvthexHuAgXFERWq2TSt5B2NlgIT8+mrf9YYn19llo
aGr7qXX0SMMu6CERsrRUVlNi67XvI8B8M5mDW7TFDJI
-> ssh-ed25519 r+nK/Q ob+ELcG6qX8fcQWH7diMgezHEYwqazMck8cSBXVvjXc
LPvtCVIdX3UDWGdg9O+uDGunpl/J6FeuLVJvD2m4S7I
-> ssh-rsa krWCLQ
m7Dt57o6Oc0Bfp1goSaxo950nRr1kcsMZv2uQJ9E06oD9g1PjEnAyqW/AECCE5Si
2Do7zBXYJ+cZeFdPU/W0ZPSrdFZCuF3Q4S/BgjUG7BQabnH8EgQbKJN6TJ+mUYxM
AhCPwtEKEQwEI1J6TkCq8f1cw2VAcZkBdoWZGrtZx54ZqLXmFvxYWZoRbP+1MFsH
xmQHTE6Ihkmx6Q33PnvHkdD5MprxkIkhk/QQ0TmNgPr/Hw0PLvb9J64C1l+BpuDq
NelCAymS2p55QmwZLWGafiB/1hkJJY9vgIINzTT2p8z8hD0ADnBNU5BkN6PDHD8i
orH+z13/tqYXuGiPKUXSWQ
-> ssh-ed25519 /vwQcQ GZFfbjS7SxHv4ZViDN+KIXBrpX+i721yJd9ePS5OhzQ
HBbHTWXun/Ehk9yYHqWX+Rrw3y5qfRfe4pKCGlRvwdU
-> ssh-ed25519 0R97PA rhHVQ0ANLsmpsHnxKhOVJxRyPFnxy7zFnda9B/6oj28
1UOkeN3At/AJoD8rO3WSHtIm62JpO1uTZfFw5okMg/4
-> ssh-ed25519 JGx7Ng BXg2NNukqSm5q3oAYzk3Du4osxjIonX0Qks0gWGlYz4
QbhcXti1Ql1037+IBkJdMQJ2g82u7N7uu4W1ojQJFXk
-> ssh-ed25519 5SY7Kg ubt2DTgzwjr9jFsHsESiKaq8cPBRP1hCfIIQG1mjhzE
05sIp5Pj3nj1UIgaui9a0onU8qP32GHhlMMMNGtSxa4
-> ssh-ed25519 p/Mg4Q 7NRJtGVrvvhI96FFH0B15zmoiQ4mRHiKT+9neMhRkBQ
OPXyboQRVDGjoLc2/87rhNB44p+Dj6yrH0ux3Q0368k
-> ssh-ed25519 tDqJRg xX53lCPHRDVDpOYpas9ftBrrxsdRBUTJjwjI2fnFqT4
jChHvbDJtheO0FTH0chTIdEXKE4kBHDENm5BEli4JZc
-> ssh-ed25519 9pVK7Q tdiuNARpFCpdU9W+3/YsVZZK8Xt/NdYjqt8kxtVFLTo
pPKF2IlFzObEu5UtZ7deSOcxh9OTSK87scsgTNop1fQ
-> ssh-ed25519 /BRpBQ YsJ5p4xcU35+q0EVsERg/vh2Z4uVzFJVm6BgipH4CVs
Yz7m7pfbj6+DHT1Pa/mhcroZG4qQaV24krBaPP9JsHY
-> ssh-ed25519 +MNHsw v4XqeQR30iMCc9EzGA8IdGLoENsXx7Mfvvx4JGVV0GA
GTR9j6nMikwUuOn4Bj2PAiqxiVDw+D7dtrrJVCsEf0Y
-> ssh-ed25519 rHotTw 0CNrOIAlpnNtQEtlm0RyOrz+0ondvqY+oqM0QtwNYU0
J2lHzfBPueh2LKt5d7QjaiPQdh/ih5lrngUGng3qWVY
-> ssh-ed25519 +mFdtQ 365dIp+r+Yhj2o0V4YhgUgMNf3AonjzQ55nnKN1g6l8
C0wurXGyS0aVcsCJwVSkDVN0cHGFVxdHgvfP0y/AwQQ
-> ssh-ed25519 0IVRbA GGL4OdqkjGP5eoVhWtUwQSfV2f+qmoUZo+U6uaYLr00
loMKTjt1UDgtkEsfyooqh0tfUYsyx2VlOKWmWAwzoAU
-> ssh-ed25519 8V9fnQ dMzN/gaZxUnpSCVd4vDAWd5+0Q7y67zOpEtk6Dx7dl8
P3FsjOmuc8E0AoAbd36vfHtd61yAvCSR0qyfLhhm+kY
--- oVEtjzZ4tPxxTCrvBBbFXC0XYp08devKq78Y7evtdak
eÅ¡-ìc´µô¢P®F¦ .þùê<C3B9> =Où6x^M×Æ×ô¦•ò4Ã@9ÅàhÒÈM™´

16
modules/dgn-records/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, ... }:
{
services.arkheon.record = {
enable = true;
tokenFile = config.age.secrets."__arkheon-token_file".path;
url = "https://arkheon.dgnum.eu";
};
age-secrets.sources = [ ./. ];
# Allow using agenix for the token file
system.activationScripts.arkheon-record.deps = [ "agenix" ];
}

1
modules/dgn-records/secrets.nix Normal file
View file

@ -0,0 +1 @@
{ __arkheon-token_file.publicKeys = (import ../../lib { }).machineKeys; }

6
npins/sources.json
View file

@ -22,9 +22,9 @@
"repo": "arkheon" "repo": "arkheon"
}, },
"branch": "main", "branch": "main",
"revision": "a75356f4d0c569da30698874dd07b29cd59d7d7d", "revision": "c4b1b8efde35e16f6d07dc5c0d0d8d267a04e460",
"url": "https://github.com/RaitoBezarius/arkheon/archive/a75356f4d0c569da30698874dd07b29cd59d7d7d.tar.gz", "url": "https://github.com/RaitoBezarius/arkheon/archive/c4b1b8efde35e16f6d07dc5c0d0d8d267a04e460.tar.gz",
"hash": "10xvhfhji67i0c0vcvgsx2yrdwrf6sp71vhjdwnrbxmaqv0dz94f" "hash": "0ba3m9714yi3lxlydwm41ixqq0yq6qjfq86jcl2szqzh68kwvcwf"
}, },
"attic": { "attic": {
"type": "Git", "type": "Git",