forked from DGNum/infrastructure
feat(radius): Move configuration from compute01 to vaul01
This commit is contained in:
parent
e8fde45fbf
commit
ccfbc4be42
25 changed files with 39 additions and 65 deletions
|
@ -14,7 +14,6 @@ lib.extra.mkConfig {
|
|||
"ds-fr"
|
||||
"grafana"
|
||||
"hedgedoc"
|
||||
"k-radius"
|
||||
"kanidm"
|
||||
"librenms"
|
||||
"mastodon"
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,31 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 tDqJRg R3h8Ph1ooMaR/bmz09yRzVRq1mR3L7o87wMhsysC5kU
|
||||
Go50Us/u8CgZS7Up20RH8NlRS0+ESBw30wa8SZ5dqoo
|
||||
-> ssh-ed25519 jIXfPA gMaMIQvUIu5bK5mRWP6SSZQArMzhg4bDZDcjwx9dyDY
|
||||
Vv8H7oTBvogaoW4dhdm81TOe995CSGeBxB8LtFgJqwc
|
||||
-> ssh-ed25519 QlRB9Q 1CxZ2F8EMykWDzrAzN6NSPtjLmMJ99zf8UWLyV3e+Ag
|
||||
ak7M8/mCeQOMKFPllTsA79glffS/vu51vHIRT3F8qLE
|
||||
-> ssh-ed25519 r+nK/Q qcuIACZn+1ofDpWW1IBmY0IIj4WZNQhxtUJlHgh11ws
|
||||
OJhEfDQHkg3s5CCBcVfba9S4OG4hBjJIYkCoLAIFwOI
|
||||
-> ssh-rsa krWCLQ
|
||||
1XseIDq7c94X7Dpp1sC3oBLhZSd4w7UJ7QI03SGmqVTd3VVwP5IV430vrSIFETMI
|
||||
LopkMvCtF1XpIJQ+nHoxsukG/0kefh5Iodmd6anQNp0iVU/tWkQzWbkHlVlkxJ2M
|
||||
o3fMRAaVyH5GvQkIT5ndWma34vqwydAinM2mchi0hy0ibP5lkk8K7OtafNP4eYNh
|
||||
m7necRRI8yCuE1wBRy8sBpo5mEqGj1uINxXiF6yUI05pCBXHG1qDiFkDHfw8va9k
|
||||
Qitfwv2Clkk/hQG6aEYuruoXwq4SZxSCswMpP5Nz70I+e5YkZw8G50ICaVBXxuAP
|
||||
ABByGBZ/QKLw66NpE7rbSA
|
||||
-> ssh-ed25519 /vwQcQ 1P92WFx8+9DaL2dPwmX+Bva+h7Hy9qXszDTyPvd81kc
|
||||
gLVhBlE4lAMcod32/Y8xzypVCDu4vRca3aem3OHiocU
|
||||
-> ssh-ed25519 0R97PA rZblJRi2bYJig4HyzOXdtpUEEkGDlHS456aKlqxwGX4
|
||||
qjIkEyHjDxzmf34bS7qWJ9lexMXu2QMmcD9RP4MpkYQ
|
||||
-> ssh-ed25519 JGx7Ng IbCSvxAUY1gDTny5KurzONVaQwX/VgvNs1hAQ9iUQRE
|
||||
5ivoGkzEHAyTl3gUE+9nVYclF8/aqnyOF3a81fZfbW0
|
||||
-> t|-grease (u /1\q}65 ]@
|
||||
Dd2SJgnQFUSDlS4eSkKUaGwve8Rsv/4MNEwGRJftdtTvxv80bRuNBEFe+ah4YhiV
|
||||
LA3n6c+Te9Q
|
||||
--- wWhpJpx4IHeC1Qo4nH6iuEB3e9l5b8U5xOnsX8BoBgQ
|
||||
5¥t·Œ °ÒxÚ@<1E>`zÈÔgC’à Ѭ:4Œó¾&‡Spi8ñŸuæ"lÕ‚×)<29>:ìaŒÁÄ,4ÃsÌ*uÿ€ƒ±v#ÿ*ÎàÜÊ^ݶ‚Ø«%´Ñº98¾,yB‚Ù
|
||||
"¶%Ç㤄†NÎÓ· íò¬} [Ñ¿Ó(äØ{<11>ý0ô—f²<66>„|Šà-—&qF kÖ¶¹µùÔÎLì,¹À„žD™áΩQÍ—½è<C2BD>4N}<7D>ÙÐJ´·‹ÇÓˆpç€]dUÏø¿<C3B8>I—:ÌôÑÉ
öì’°¦£‘sý¨õB#}¹
|
||||
ÞÃXzð‰N4·>ñ5iSan`‰¹.‚õÃPcHØÉAéßÈÿµH=¥ËæÂ~ö(Pçô±Š$ ,¡ã‹ù¯ZЬÆwçÚ /×
|
||||
Á–+rC$†ýê&ØJñ ; ÉvÞjæ‰ÎY¹,š*`ºGå=ã¯M¼ƒƒeäAQö<51>\D˜ÿ@¥j¾$gö{Q´lhIoÊÏ‚IM)};@ìNü½b‰<62>k5Dgüoþ'ItW(Ïk
|
||||
ê6)ËŒä0£<30>tM¶É
Ó(Ûê¡<C3AA>n²k®Zu%m<17>¡bzÚõ–Š¿ÁìÍÿ
|
Binary file not shown.
|
@ -1,26 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 tDqJRg sTm4u+QVtvUqNgMJhufIljdH63oCmvfbRz6NRa2ZbwI
|
||||
ZYjAINMp/ds7g+7Wjg26YRpRV+nznQPB1r7NzAHGfW0
|
||||
-> ssh-ed25519 jIXfPA z4LS/Igwab0moIzxG9b06T5rZiODkdJyjaFepJVcxQ8
|
||||
qNkDc+prvr1bNTSWJyygJj7yb8MOz2nR+Z8EMHUVVOs
|
||||
-> ssh-ed25519 QlRB9Q 6TQ0Vp3KB5yDIEt029hIB3aCnDjTDP0JG6LN2J9gtjU
|
||||
fZXeSxb7GJOJYvCr2nVf6BKf8QjaqOOuoi0I/xXV1qc
|
||||
-> ssh-ed25519 r+nK/Q eW4wTH9PNd0mzVFsxwS4mEEn5gVUCpYA/g+ifeUB+00
|
||||
kqED+vZVHn0SXTpgbaiMseI6vPCyTt5Gfu4pHxPvKp0
|
||||
-> ssh-rsa krWCLQ
|
||||
axyFJ/zhMoZ1mJLzWAbXbHjlAlLj7HraHyY6ddZBVibgRSEufdXsa8ABmdR6+EuM
|
||||
ty37+/TZOBv11ew/D1C7vQ7B/1JXgej2TAAmYt4vN3lVZdgJI+tQGiOf1nsqfI64
|
||||
p4ZbMi9G0wlzb+Z7Z5SLKo6HwharYI+vDEgh3Ua9Q+6bpZeXxxJHmkACikAI4xJV
|
||||
3lLo1iTeyJy/9u/WoHmEOuqJLeZdhmPZBozxTdDTWz9wMHy+NotfXFaIFTyUpocu
|
||||
OU19N95fyVyTRwmrGFcWs34O631Ejpo3oVLDvjXrFtV4HISSweB/YbU84EveFbz5
|
||||
28gTWKdeOQcHJfmaeJV/Rg
|
||||
-> ssh-ed25519 /vwQcQ cXNRE5eLKNh4lL7S7cMDfp79+TQyiJK3gTzYCuHeRHo
|
||||
4bz0al2kf/S6VEhObpLxy8tvB1t/tBVdB1Gi/7XinD4
|
||||
-> ssh-ed25519 0R97PA iGdUtE7KDRBNSXv1w0dJNPQWxAeDpIAePUU8t0qURV8
|
||||
OUoeLNWl0rLt6+FNf5plNmQIgrULwIgEL/W4HFTYeB8
|
||||
-> ssh-ed25519 JGx7Ng tPkAPvVDZOcP06+mrD5uK03dUJi4aMAvkoz21y9L6Ak
|
||||
tcUItLMra+EIYH6MA1ULMpr8bkUql448jnurev8N5wk
|
||||
-> \<?_-grease (+d_8zF H
|
||||
|
||||
--- /CiW5jTjVkXDOdwmb4P80FswPEpgTt2GZnqT7KlOvC0
|
||||
›=þ%©»gæÆQ³-¼ffÄUC.qÅ͘·H<C2B7>µ—ìäÙ=Vý£žØú<C398>ŽRåN
|
|
@ -18,12 +18,6 @@ lib.setDefault { inherit publicKeys; } [
|
|||
"outline-oidc_client_secret_file"
|
||||
"outline-smtp_password_file"
|
||||
"outline-storage_secret_key_file"
|
||||
"radius-auth_token_file"
|
||||
"radius-ca_pem_file"
|
||||
"radius-cert_pem_file"
|
||||
"radius-dh_pem_file"
|
||||
"radius-key_pem_file"
|
||||
"radius-private_key_password_file"
|
||||
"satosa-env_file"
|
||||
"telegraf-environment_file"
|
||||
"vaultwarden-environment_file"
|
||||
|
|
|
@ -8,6 +8,7 @@ lib.extra.mkConfig {
|
|||
|
||||
enabledServices = [
|
||||
# List of services to enable
|
||||
"k-radius"
|
||||
"networking"
|
||||
];
|
||||
|
||||
|
|
BIN
machines/vault01/secrets/radius-auth_token_file
Normal file
BIN
machines/vault01/secrets/radius-auth_token_file
Normal file
Binary file not shown.
BIN
machines/vault01/secrets/radius-ca_pem_file
Normal file
BIN
machines/vault01/secrets/radius-ca_pem_file
Normal file
Binary file not shown.
BIN
machines/vault01/secrets/radius-cert_pem_file
Normal file
BIN
machines/vault01/secrets/radius-cert_pem_file
Normal file
Binary file not shown.
BIN
machines/vault01/secrets/radius-dh_pem_file
Normal file
BIN
machines/vault01/secrets/radius-dh_pem_file
Normal file
Binary file not shown.
BIN
machines/vault01/secrets/radius-key_pem_file
Normal file
BIN
machines/vault01/secrets/radius-key_pem_file
Normal file
Binary file not shown.
30
machines/vault01/secrets/radius-private_key_password_file
Normal file
30
machines/vault01/secrets/radius-private_key_password_file
Normal file
|
@ -0,0 +1,30 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 jIXfPA oTG4+leUhtu+taark5+znjTzfTPBjSgtJI5zNmLrxQw
|
||||
+xsiH/nNjeBckEn1bi3OVPo/vy6WGqJftfnNgrh+7eA
|
||||
-> ssh-ed25519 QlRB9Q dk3mYy/ziQL3Cx7XB+/IY8EkrEtBNZkvLf3iwAZtYFg
|
||||
42ABG0MdenXCfgeVoTvJ8XYyKd9OuH/KVZPOdpfLTkc
|
||||
-> ssh-ed25519 r+nK/Q 2nOZZkpvToMgbg66f/DYm2J4gfzhtGEAAzlqYM44V24
|
||||
GJlZ857IA1firt/6A7dTtdqGncJg4XnCBxSLlDeIUe8
|
||||
-> ssh-rsa krWCLQ
|
||||
Z2DScQA6a5+Wzl1cD6fMcWtQRM00PM24eO2bjqlSAy+wk3J+62nxYGQJEXp4y5Ws
|
||||
Rn6FENHllIoH1mXu7XbDpnmertZK1I6krf2jbC4LoUVdXf2czksqtITjwJqFEn9k
|
||||
i27LhROdQN61xnz1OWPbTaNJAEgo6A4gzRnD6SxZjNqF0EHaBgA/SlX9lFfKtp50
|
||||
yiy6rSncJbT7Kxya8Nll/YC8RC78shs6r0+JnuGdm+GstMnkEF8eOIQuNHCPWbdN
|
||||
oT2K6oWjITwQnuSzb9+fIW9Orcl3QjFJPMlVl37p3r5BBNiuaW5Jk1ky8mP6hHRX
|
||||
Hzqa0eHffbiUSTtFbNr6vA
|
||||
-> ssh-ed25519 /vwQcQ wVRPD49z8MeLNz0XGu9HWXBPdbJkegHNOY4chmgzeCU
|
||||
iABkdTWGE+ImvRA0N2mNuUdpqEWmPe0kWRf7yDGgkHs
|
||||
-> ssh-ed25519 0R97PA 79n3SCQbXkjlk/5+GLr1bjapHNhID33zieUF0X2eZgU
|
||||
5BX9Qw6hn1Ie97AaKtpkHnLD4aXEvJI29EwiuFOaDKY
|
||||
-> ssh-ed25519 JGx7Ng vTCpM2b8rMa9o/H/0jKkEf2DRyqCnOJP3+0m9LmV42k
|
||||
dyFkt3XtZDcGx4uiJni6tdXDNVEzlFZqqPHYD/A0g7k
|
||||
-> ssh-ed25519 5SY7Kg wAHGb5dG04fIBCKSOzwTagFMC0z2eGNGLbBGdqAaFH4
|
||||
RozSCdnelai3bOX+Ls2cl2go68mfQeKTlNMRiWGjJpk
|
||||
-> ssh-ed25519 p/Mg4Q zGKTV2Z6+VG1oajB9EGRe7SsDwCeSWDjuS3Wj7D333g
|
||||
7EartLedAduICpquQkN2a2dNy9u4KLm2d97heFrceqE
|
||||
-> ssh-ed25519 5rrg4g T1fAxr/RHvWf/vh2VL41tSH9Mpmq3eFyqzJf+MJIBEk
|
||||
eYJEC1pZ4xQeaXeDV5+gYtOftla9nSSnB/WQ3rLrXn0
|
||||
-> ssh-ed25519 +mFdtQ QtrOIfJz3j4US5STmAIXOS6TsckNtJ5FPO+KHomSVGM
|
||||
qWjtGdXHHNMGBP0qByAvka7YvWLYh+JPD9MqAU8Wuzs
|
||||
--- tD/2gendSlu4C9HG5VAwueB8NPCZWC63ATSB7sETutI
|
||||
›x¡Çßv+z²m<C2B2>2¶zZa>šF¿Þ=Oùøž(¤=¶ÿg
aèôx‘¡¿Ÿ#
|
|
@ -2,4 +2,11 @@ let
|
|||
lib = import ../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "vault01";
|
||||
in
|
||||
lib.setDefault { inherit publicKeys; } [ ]
|
||||
lib.setDefault { inherit publicKeys; } [
|
||||
"radius-auth_token_file"
|
||||
"radius-ca_pem_file"
|
||||
"radius-cert_pem_file"
|
||||
"radius-dh_pem_file"
|
||||
"radius-key_pem_file"
|
||||
"radius-private_key_password_file"
|
||||
]
|
||||
|
|
Loading…
Reference in a new issue