diff options
Diffstat (limited to 'data.d')
44 files changed, 1048 insertions, 138 deletions
diff --git a/data.d/etc-nixos/.gitignore b/data.d/etc-nixos/.gitignore new file mode 100644 index 0000000..2ee4098 --- /dev/null +++ b/data.d/etc-nixos/.gitignore @@ -0,0 +1,2 @@ +configuration.nix +hardware-configuration.nix diff --git a/data.d/etc-nixos/README.md b/data.d/etc-nixos/README.md new file mode 100644 index 0000000..798fe0c --- /dev/null +++ b/data.d/etc-nixos/README.md @@ -0,0 +1,119 @@ +# Set variables + +```sh +disk=... +zfs_pool=... +swap_ratio=1.5 +``` + +# Partition disk + +```sh +parted -s "$disk" mklabel gpt +``` + +## boot + +### MBR + +We don't do MBR anymore! + +### EFI + +```sh +parted -a optimal "$disk" mkpart primary fat32 1MiB 1001MiB +parted "$disk" set 1 esp on + +mkfs.vfat -F32 "${disk}1" +``` + +## swap + +```sh +swap_end=$(awk '/MemTotal/ { print int($2 / 1000 * '"$swap_ratio"') + 1001 }' /proc/meminfo) +parted -a optimal "$disk" mkpart primary linux-swap 1001MiB "$swap_end" + +mkswap "${disk}2" +swapon "${disk}2" +``` + +## zpool + +```sh +parted -a optimal "$disk" mkpart primary "$swap_end" 100% + +zpool create \ + -O mountpoint=none \ + -O encryption=on \ + -O keyformat=passphrase \ + -O keylocation=prompt \ + -O acltype=posixacl \ + -O xattr=sa \ + -O compression=zstd \ + -O dnodesize=auto \ + -O normalization=formD \ + -o ashift=12 \ + -o autotrim=on \ + -R /mnt \ + "$zfs_pool" "${disk}3" +``` + +### zfs volumes + +```sh +zfs create -o mountpoint=none "$zfs_pool/rootfs" +zfs create -o mountpoint=legacy "$zfs_pool/rootfs/nixos" +zfs create -o mountpoint=legacy "$zfs_pool/homefs" +zfs create -o mountpoint=legacy "$zfs_pool/homefs/root" +zfs create -o mountpoint=legacy "$zfs_pool/homefs/tyil" +``` + +# Mount partitions/volumes + +```sh +mount -t zfs "$zfs_pool/rootfs/nixos" /mnt + +mkdir -pv -- /mnt/boot +mount -t vfat "${disk}1" /mnt/boot + +mkdir -pv -- /mnt/home +mount -t zfs "$zfs_pool/homefs" /mnt/home + +mkdir -pv -- /mnt/root +mkdir -pv -- /mnt/home/tyil +mount -t zfs "$zfs_pool/homefs/root" /mnt/root +mount -t zfs "$zfs_pool/homefs/tyil" /mnt/home/tyil +``` + +# Install NixOS + +## Configure + +```sh +nixos-generate-config --root /mnt +``` + +Apply configs in `/mnt/etc/nixos` + +```nix +{ + boot.supportedFilesystems = [ "zfs" ]; + boot.zfs.devNodes = ... + boot.zfs.forceImportRoot = false; + networking.hostId = $(head -c4 /dev/urandom | od -A none -t x4) + networking.hostName = ... +} +``` + +## Install + +```sh +cd /mnt && nixos-install +``` + +## Reboot + +```sh +umount -lR /mnt +zpool export "$zfs_pool" +``` diff --git a/data.d/etc-nixos/apps/vpn-tinc.nix b/data.d/etc-nixos/apps/vpn-tinc.nix new file mode 100644 index 0000000..0634ecc --- /dev/null +++ b/data.d/etc-nixos/apps/vpn-tinc.nix @@ -0,0 +1,283 @@ +{ config, pkgs, ... }: + +# To have this node join the network, generate keys, add the new host with its +# public keys to the list in this file, then rebuild. +# +# - mkdir -pv -- /etc/tinc/tyilnet +# - nix-shell -p tinc_pre --run "tinc -n tyilnet generate-keys 4096" +# - $EDITOR /etc/nixos/configuration.nix +# ? networking.interfaces."tinc.tyilnet".address +# - services.tinc.networks.tyilnet.name +# - imports += [ "./apps/vpn-tinc.nix" ] +# - cat /etc/tinc/tyilnet/*.pub +# - $EDITOR /etc/nixos/apps/vpn-tinc.nix + +{ + environment = { + etc = { + # This part should be written to configuration.nix while I try to learn + # how to do it cleanly with a simple variable + # + #"tinc/tyilnet/tinc-up".source = pkgs.writeScript "tinc-up" '' + # #!${pkgs.stdenv.shell} + # ${pkgs.nettools}/bin/ifconfig $INTERFACE 10.57.50.50 netmask 255.255.0.0 + #''; + "tinc/tyilnet/tinc-down".source = pkgs.writeScript "tinc-down" '' + #!${pkgs.stdenv.shell} + /run/wrappers/bin/sudo ${pkgs.nettools}/bin/ifconfig $INTERFACE down + ''; + }; + }; + + networking = { + firewall = { + allowedUDPPorts = [ 655 ]; + allowedTCPPorts = [ 655 ]; + }; + }; + + security.sudo.extraRules = [ + { + users = [ "tinc.tyilnet" ]; + commands = [ + { + command = "${pkgs.nettools}/bin/ifconfig"; + options = [ "NOPASSWD" ]; + } + ]; + } + ]; + + services = { + tinc = { + networks = { + tyilnet = { + debugLevel = 3; + chroot = false; + interfaceType = "tap"; + + extraConfig = '' + ConnectTo = caeghi_tyil_net + ConnectTo = denahnu_tyil_net + ConnectTo = faiwoo_tyil_net + ConnectTo = gaeru_tyil_net + ConnectTo = hurzak_tyil_net + ConnectTo = jaomox_tyil_net + + Ed25519PrivateKeyFile = /etc/tinc/tyilnet/ed25519_key.priv + PrivateKeyFile = /etc/tinc/tyilnet/rsa_key.priv + ''; + + hosts = { + anoia_tyil_net = '' + Subnet = 10.57.100.3/32 + + Ed25519PublicKey = 04G6200IYDzDT3H0Yj6ZjQUIUc8tCIvzPaXmyk36e2M + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAt+7D3zRySAfd9cYnMSNhp/yRnBygmnfLdKm/dH9X7QbJ1BNcQpTP + I1RmC9lNlWABhB46DJUqQAQeGlZPUHxbCnmdDN6HyDaSA45m/yGUbVhN/ClK7iap + EXfNmxZbtE4eBHDz5DsFe7i2nla4gogyiUQsvRgIP2b2v9qzBhqf2kXwv0X+n7hv + HvQOdN60x/xm1+Vh6wsdX2HYatEh3dy1pfj+1RCQIWV1FDS1YVbFZFb1UJz917G/ + DIpM/Cb/3txH0ffVh2NVqFBW3kd60Cs42/6htpHucBQ1dRVZUCKKWz1sgi5H4nty + HdPDPwOphrvNE7kXjvhkPIif1KtCr2SLwOK0UXR9iZtWuDH/Uxn2v7ofa0a3zKGf + yPrVwzhciv2cdbXPiTFyAS8YbpQUQTcuqDVi1AxE8Z0KmuvgBtTtAzMDyoTLOfzS + yZ3a0qQhX3nvLkXWh7cA7cquuP4LgP5iY1vJSRO2EZA61/WdKs8asl0EN8Zn8EEz + opnvcM3M0ptBZy1Dz2X6Lz0QliQrzajmSRhfUMTOq3ARvnLsES14ZqehavH5Ntms + G1OVdVnd7fqibMhWz/dKiB3uG+1e39isTPW3+22MEm4R0ngfF6olZ8SdHrIWFPW8 + bvdzf7ebFrjuqi6qN/NdUwrzWdDGU83W2xEBsHHbHcoKaB2uwcCKvjcCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + bast_tyil_net = '' + Subnet = 10.57.50.50/32 + + Ed25519PublicKey = De60ft6TStf9oJ060kxpSmX7xJ/ZVO9EFXgQdqWcWaO + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAwvOYvgciXHsrqMHIWKDUcJjCF1ARjAxqb3s/BzRlz0XcynzpYDV/ + EtiZWRkKmDveUILe8pk3gFlu2vwen9DGVydg+tW4G0z4NIejoC9FR8a/NpjTzMvw + gNCihTFpPqoqn7loy+OdHIWv34v26zUFY8r0W1XUX0O0vtUcWTHwkV6DggujFPxG + SM9yGyl7MxuDbr9EP520dsklWGQT93RlUizr1dm2QNLgQN6+FMTpVPJN/2uaHSMo + 9xx3vLltqweyvMrIWCPQQSu+vj9Dqq+4ToC2rXkEfMsjkDyVJViOzSarZfAHCdJL + S/aZh4PC9EMsc+DmoIQwN7fKG3CQkm3QZ2P1WKG0jNZ2jdC50G7G9QypKdPFh5Al + Oy6z/+VG05+ouRmfQTi12Kap7aakMOw9vjL1BSGgoTxToS7m+O5Q9ByodhVhRBMc + pp0ZHvPhZjM0jmtqrTtTkQDGonCiN/IxOdneTkiM0lW9UnROWqYJHL1B92sVyADw + S9ddyfUbUFLnOdJkF/JBFR3d5GxIcY1HVfYbugbIBGnal5koALFfhDkYJqQbbuAz + z1rSm4yYFWKKFThpZA1oRvEh9UJNbFOepreImCmUKZurgQZFMUjRMRtTcRXy07fR + /EctKPyzDKmQOHlnR4hNd3laefwL0vMO7Wra4NqoJx4MMmnPtl5s8okCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + caeghi_tyil_net = '' + Address = 116.202.102.33 + Subnet = 10.57.20.2/32 + + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA2abFKFB1Dr1YMcAIWcy/2+jJn+suPyiQjz6vgt476P9a/I7SUCta + P5QUPxvS9pZxFVTFKzpmdKxG1pbCAkhArtNg2R1VFEiYCxS+iey+F11pMPEZFVpC + EIXeVDQeBm9UXjrOpcTRIwEO7Q2J2lzRrhGm6Rpb6XbdmtQ3S8XgVsXYwWoV7muf + TE/d5fgtz8Hghti8w86FP9q61iH6AHCREwbHEUyat5hwznmbiNJHyjx+otI63sQo + FS37EazhqCEvt9jyvVSmB7kVTOLnIVATWDaUlPCLLvps09eRsz6aAa7RHCGd3x/W + mRHxDCbeKL4ilpo/FPZhANdQImLmFovOtwZ6xawRWKPcRXhkaL24qQC0MLH9wmnY + oM6EMioWUa0F11iFM99DTK+NF2Pk8vHNzm0Ep5g0SHzqnAIDDzeNTC9ogwsETqL5 + t7VY1GXuKWgta9L2q03X7FMEgjIc3lPgVLc0Ccx11MTgVzcIaLxFQ58oo+xFuc9I + rBqjZgJwg5MTdZiyZesLJuV+YP+yRat3LifAwIZhloSBVPU6YKx/y30BHjDM8FP1 + OM2IzJLrafZDy034XyD4s62YsKrHMcQ3CeoQ80QjvSyWvSlvn2vEqrbWIZADi0d/ + 8vgl44gF9g9yN++G6S7BsTJ5PNgv0jrRFu/RpEN1hVOuo+nBqFsvxW8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + denahnu_tyil_net = '' + Address = 81.2.254.110 + Subnet = 10.57.20.4/32 + + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEApFXqCta82BLknLg9jI4ZLmjROl9S9worvIo4hQeDFtZrKlelfx8f + RwfT9xF4YwI688FAlmZcGc1iRUTuCt+Pfbc+Lws6Kw1U/QIqAnga80chLzOkwPxV + idZyMPpZ0nWc/XCj63znozr6KGPVgibNKB3p/qGI7f00CVWJHlff7knAmCiShxyK + z+d7WglolSv7H7QE0Qz5tyMq7zkeide2MINd8Es+UpM4RpJHNIjFZmXm+lmfk/mW + fYYIi0z7dbOv+9fKdgljyAahL+sKIH1lfVTIaywY50eq7rAuG0UrA6/HXrNS9Hs2 + LNPfUcDVQLwqM+ZTCbVykQ29/EyU28RRwDM/L85NY6YFSvCv35lqaeo+PokTFMI4 + Dzro+IyEI4VvCQ4CeA8085HVTErnVMCRI4hwooyuBBmiKVB62KfHDD6D5J49dg8A + NzSkjmx1tqF+B8bOpk+gHJsk2ZXc1oU44S+1ydG7SdbqF2KWufpr9DIVIkTL64Cl + 9ymrmdW86NYTpsvUJVdqw+RW+hE55vUPr+/0mMkNVFdWy56EICxKqhW+wN80CxNE + raiNuFWqKPxw3yrAomsgPIuH/a3bmqsTzHb5Rmkw5nArWqSENagF5tVFSBUcZkWb + 6wwu/ourq6q1HXwP3Z9/03quelwKqmjPxwUCkl7CYeo8um1tjANeZvUCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + edephas_tyil_net = '' + Subnet = 10.57.100.7/32 + + Ed25519PublicKey = 4ABczlbBBLs5WMztIzafWw1ozwKZVkj4/of3Jc6awiO + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEApxmzAXv4Mch5FP5AxHmpvHjkJGxcegbFzdFzHjhdLDJ9MQQZdM1p + PomhyYXB9Gsq4oJIOcjqJJdbp4dchYGJ++eS3V1wwstLMTl/+kWZ4ojI9sb/J5rl + a3gknTjipdUuoOpdkAkXKCbq9AXyFsvLr4Q6WaFpeTuIjNb2QgPOLUmcD1eNCdnn + KcHQAGR3zRh3uu8zMkaJZwQDZAdRLV6b77OLe7PXCsYgQ68qw3uti3JENv8VC80T + UxUmv8He7xgAqRCJbD3FH3WT2O63mK9jpnFj/BKDTm5k4hUDtZRY1O92JUqQAruw + gq3I8mhSqFMkvt+S67u950hRzN4/ZGs7lzxRkDqDqLy+ZISN2cDpbX1i4WmZFfex + zj7ZbmfsVzwSF/+K31AOQrODt79bGGFwjZgAVn9Cny/bysBxrOJy39D2Awioynpc + mjICtRP7utpo959YmSNsEcjfamIHVfUOTsEoIYhYASmWRjrSF6v7j2bbC+aFOWsf + yIRZc0EtH803/Ks++ieIDWFmhB0ydtkqFm8HK2eyqOqnlHTepmrDflkxfao3JTXP + CbldDpUGKBcLZ5FNaJ5hlQHnJGzU+wbnc133cdYtg9vvhFVgameme8ElcOjZZxMJ + fPWXMAWc2Szx3Hs/jlaTSIH2GoX1Rr2HdrrNg0qOG/qhLPNrtmrxH/sCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + faiwoo_tyil_net = '' + Address = 65.21.5.254 + Subnet = 10.57.20.5/32 + + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA3nBf2UWehfNWNrR6i4HJp64aPYI5SpV/7LplRwqXcmnJuHmQJ8Ht + Tozv5RHGGUNoSigbDxJSe16RQ0ESAzGNPSUEV6kntySXLvHSYb+SdjFm2wRpL8FI + 8t69ZnRF0x+4ZShfa0rgco8sDdkhuPMNrPu8U6bMs+o4Lh8sVTRhDThv2+VfQkxG + T4G9kgdsxP0yi8sq1uflSYY3mYlVl9OPZwSO+vcVO9JFPvkVYFrqDHtvFGFqziQ/ + KvKcjwDTjpNVkFfJD6SIheeVrhysGk8qQIVMYc8yW9I8HGD7uP1BccZ0C/+b310i + y3qkNz/qqtgy0AxrrzbmFsVDgVyiPlwsD2SL+C4m6uEvB0FvYeL2/7vL8fI4RqcJ + ORAcA5G4FgzZRgHdZoZ1W4OB6eUCV4g9l425qbP3VVngJjX9PjPA/puz0i1IB0ZW + 6ijGccgYtyj5+ibt3if0+inepT2BJba7pyQ4A92ogfsQKlSg1x27CfvsGKuMZjdo + y/akxYPEqKHQK37smpjcQTLVmLTTbGnf30ObTNW5LOJUmBue9B4fqBA/NV4fM1Gj + Omw/lazjwrJuenwEeGegRQhvjKlBLdjOnzsLoVrCCIe90KK/+RVSC0Mi2D0dzEPE + BNSbD4EJYs+6dJVT7+sneS8iwg9kG9wZ+UjeO4vraEjMrKj9BaKiJ1cCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + gaeru_tyil_net = '' + Address = 37.48.120.26 + Subnet = 10.57.20.6/32 + + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA9NUrWO0L8lqrfs4BgZsLdfJZPfKx+Fi8P4k79CIBuVfkQ4OzJmoV + ahupoOo5edjYLJK09epa9zFRc1DuaotYC7Wm9DdIF82WNZXN9x/Mvuq06WaKXBdj + iTJKbYfVN/yv8Xfjzfp4DH3txwsq+9AuICHJkHOmb0lsDinpfbmP8C8ozBnutrLM + XGaIzXzkV2NbunyjaiR7dho5+4P6wedck+IV63KRzepbX36OW9xImmEEpBPeMPzd + VOgWs35FIgnE5uumXXfIax9CA9wFahvMYUlQbxA6kCg9PTteM3C44udFx8DxzGcR + giKEbfxjcZ4pK9JG+LTxNZC2BK1gsUNw8sX6mEEY496cs0T10RWzRZM/HvMIpj1W + 5i72yh6kc8ieSr9hGIkm/oM/gwrFeC11PZQKis1P/0O5j7Lv6S7u6Edrpy/+WziV + Yk10eZXzHcFuVAh9+wQUeD3v4bMQA/mE8RPI9JX4Xkpbu1LOhtglEwFU1CWlG179 + B990cfr3cjJkTqS7qEfWuNh2lQd4iwpgqyPZB7Dd7tHT5EKEZSZ+4+w9Xo8xfy0v + 7pdfImVHZ1PGVEsRk6AZZqcVcCRrjbKfqqL0m9JmB8vV5L3oZL/mXhFkh52aRMeZ + tzODNlBH0LW2TVVrBw3DJxFyRCRYjk4At8jagVe9fYM4ERkTQxqCFi0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + hurzak_tyil_net = '' + Address = 178.162.131.11 + Subnet = 10.57.20.7/32 + + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAmL0UOj+pMAV7R1Lq0rj3D+oGRnp5fz1q+jtbK3janX7gz0lFcXA8 + k6nOAzwksihQ9QfPLa0NEFpZ8PbLZP1mTFCf4f+1RWy9S2o4hLEzi+Ka8h/X54oH + jOcEZQd7hGpwDGvU/lTG+1Iofh4NAsuiKIS/pT58fZ8WIGDIbL5PHYGas44MEJX6 + BXn9CJx8kzktFGJ27isCrl93kueSqp9ajNCCsmoisJxxdyxG8L+iWktuusTOoi31 + IhmKqhA9wf87p5bYJ7Ae1079OXT7RxjExG+z2C9s6UouxDEmI2oXtmn5luRQkikw + T/nV29NJoUETcgVgrW3LHKr25cbXoaeosIgRsD6bLs0plOzECNrpl+/7ZKhr86M0 + ZynJyfoAWFVKaCHSqD9Js5HH13U7oOpTPMIZgZO0CwtESeUE1z7j4xNPMF8x9Ajg + E7zny0SVO5JJNPqy6WFa1s5fWjU4YlFZKPG2jpIBqgw/unOCywQlQlrJH26Oo8RF + 5l9ccLmdQY2HWIpeY/BCEBCAZnsEt1/dV82HvgDeULXDyUOmpPgaNzCH445lzsg6 + xKtAyWt32VWS9x/OdAflmeHvKk+GM7g0X7g7IxCzkLRMYSn3M87IBKQ/cjE7yg50 + CbaLBdiDc3tVmR90fRalt/7PCccPychrFRFzE7E1/RIJKzqh6JTHUVkCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + ivdea_tyil_net = '' + Subnet = 10.57.100.8/32 + + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA1cPD37/K8EHfro9L/qmEGcG7Ivu6Lvc9K9ry2f6YAjvLQHAwFrf3 + WXOHwg+x6aaE8Us7f2gHs8tU4NMNz4ggSIOesDOSUrVPOrrvZJnDaPzl8+bIOCrq + WOlgmo3RJv4w9G0QGmE7QGK2nX/gA05zaAMDP7Jd+yh7ohtYosth3/j/hetRdLD4 + j6D9tuwGKoQND3rlc7P4QV9bMM1wvKw63hj08YowBzD5GkYN+J833ZN2wmRqAvLp + cRnELg/UqSp0wu0l5VJImi8oz59zGzWPzxFBakemjCkM7xVe5LKK3ZkjwojWDTqG + BQXnhInrFplDm6j+A+jM1iOLwhwg1LbWthhzvrvZd68Dl3oBAsmRM8YmY7RjDpNW + nhqPWen5fum9kURwczY9GLj5GcRkBjEXVTU3KTpYKXeTZrRc3HT69WbbzdfXNKYj + aKRdL/OJZG4hNZFRgPHJP1svNrf4DLZiWIoAjeAdgXcHih1cUi2rP530YvRaajwT + FFDgcfRdWp00WQUkJ8Fcl//rynnZWjHSi4NXTsB7qVvdFClNqglxVewzBgBkriEO + n7SIXz6iNTaKLD63YaUY4oiqg4yY12P6ggY6U2atcXmK1g9syaYTIVD6MAA7XDxY + uI88cs2AZnjLsfpW4p7TD90r1qRZjbkguLhy71cEaIZMbH+H/8eAyD0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + jaomox_tyil_net = '' + Address = 163.172.218.246 + Subnet = 10.57.21.1/32 + + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA1hTIMQha2vUVy0c8Ci5jF06T62IDDj9FhBtDBKOsvlZ1Lzh9OsqH + x7blL0WNBDoqmgyX0RdDwUIqnMOttMFK4y6ARY50Yw+s8m2uy3i9FgRUn2Y+Qjc8 + SmFh1fKt9yThKfBFDhUmTW0vjXlWR3jf77QB1PAJzk8wRmDx0GbBzcrsRMBrKc9a + rUN5mXz96xjkzq4vsAQ8W8aa4OmTR+oZcSe5iGzksXoh5BxmV8WjHK5ZpjuNi6qt + t1pWWanq3DG44/5pfvobULDh2Z1b8dV4oTGZW9CFFHmjOve5f+AQuy6nnFX9FH6R + dQ41GRCt3FFGMiCmej1BErPW2dE53A618vmcdd0J5Tt41TXX3oJo+gw3F1R5pNV7 + rd6hg634Iyx5y3JIJh9gQXbygCAnq32vtI6/j60MyGHk2Iu6KjfhtN56X/PRnJxa + G2swLdJtUi11WgEhEdBd2x3l3P46eVj4YS48d3J++9mFKZ+ejoKosc7u5Xaj055I + q0fQudOZswD4i8JT5cn7VFYAZSM+Po9Yxq9tfaIm5jld4f/XJGYL39lXBrUTFBWh + PFXDrb35MstSVgHWlKtsLJj+Por4K5NxHdUHRIsOaMGem5GgOYos0AvkLYiQngey + noZ41YSSyJwitHefW46+PKmx5MVlcMcwDOSpvZImTphnlKEttg9/RwMCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + + ludifah_tyil_net = '' + Subnet = 10.57.100.9/32 + + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA2pXuIIPoQhWLzTSsO0bvgkQ1+7RgqPVv8b6zNfmRUfj2uKy3OZEn + HS5TfmukDtHev/Z2p/UmBSHtaMT2/G+Nz7ogT0rMRBtjAk+DR9FYFz75zmsjQuFQ + U+deh/fQgrpsEDiNmapRtM6EwYYH/A/0MJ2eN9HPVUB864mN79ZfEhTWMbv6khbq + VwqAd+9GbjfRPLqifRpS9LuspXNpCBOl+r5l7+T1llN/BUgs71BVWbssaRUH7B2I + rS9qjhWfUN9RC3PX98yVbzTOeL/jxNn57eOr/KUDtRpqQwy2zFTAxT+d+X37abYK + OyHXBs3rLtpleoh6Hw9UNwLDUVfjpcrxwgFEogJosiA+CBG26b5H6mm+updkyKTE + 4r5y1+8dLQpmaLIaI7KFbPJTUaJvfGRwzulA/lDRdmZaetrHKrMqZyQ4M1Yq67Ba + 0cqDQEvnY/XoKTJTgNxn8cWMKm+biB7zs/92pKKPRmv6DQ+gjrDTepn5XzVbIFS9 + GM30AqQiqoNL0PbTYWMPQmznEJo8LyehWr621/GARLTMFa3Pp7eGm7Afwy4zA4hG + AZLNXdEE7YMVoQUHWfiTGUl9yxX7o6g3gdZloAwGjeGB7BHOmi4SJEg1hUJ8wOn8 + wtnjybxDTxdRkQ2RMdlsfSGZsu7jUxSjnPvwLWH/2cHXSmencQXOhTUCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + }; + }; +} diff --git a/data.d/etc-nixos/env/global.nix b/data.d/etc-nixos/env/global.nix new file mode 100644 index 0000000..9bf9882 --- /dev/null +++ b/data.d/etc-nixos/env/global.nix @@ -0,0 +1,72 @@ +{ config, pkgs, ... }: + +{ + boot = { + supportedFilesystems = [ "zfs" ]; + zfs = { + forceImportRoot = false; + }; + }; + + environment = { + binsh = "${pkgs.dash}/bin/dash"; + shells = with pkgs; [ + bash + dash + zsh + ]; + systemPackages = with pkgs; [ + borgbackup + git + gnupg + jq + mosh + silver-searcher + tmux + vim + ]; + }; + + i18n = { + defaultLocale = "en_US.UTF-8"; + supportedLocales = [ + "C.UTF-8/UTF-8" + "en_US.UTF-8/UTF-8" + "nl_NL.UTF-8/UTF-8" + ]; + }; + + networking = { + domain = "tyil.net"; + }; + + programs = { + zsh = { + enable = true; + }; + }; + + services = { + openssh = { + enable = true; + }; + }; + + system = { + copySystemConfiguration = true; + }; + + time = { + timeZone = "Europe/Amsterdam"; + }; + + users = { + users = { + tyil = { + extraGroups = [ "wheel" ]; + isNormalUser = true; + shell = pkgs.zsh; + }; + }; + }; +} diff --git a/data.d/etc-nixos/env/laptop.nix b/data.d/etc-nixos/env/laptop.nix new file mode 100644 index 0000000..2681547 --- /dev/null +++ b/data.d/etc-nixos/env/laptop.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ./workstation.nix + ]; + + environment = { + systemPackages = with pkgs; [ + acpi + ]; + }; +} diff --git a/data.d/etc-nixos/env/server.nix b/data.d/etc-nixos/env/server.nix new file mode 100644 index 0000000..b04af8d --- /dev/null +++ b/data.d/etc-nixos/env/server.nix @@ -0,0 +1,7 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ./global.nix + ]; +} diff --git a/data.d/etc-nixos/env/workstation.nix b/data.d/etc-nixos/env/workstation.nix new file mode 100644 index 0000000..93cef52 --- /dev/null +++ b/data.d/etc-nixos/env/workstation.nix @@ -0,0 +1,74 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ./global.nix + ]; + + environment = { + systemPackages = with pkgs; [ + # CLI programs + kubectl + kubernetes-helm + neomutt + notmuch + ntfy-sh + pass + plantuml + shellcheck + tree + + # GUI utils + xclip + xdotool + xprintidle + + # GUI programs + alacritty + chromium + feh + mpv + nextcloud-client + pavucontrol + qutebrowser + scrot + yt-dlp + zathura + signal-desktop + ]; + }; + + fonts.fonts = with pkgs; [ + open-sans + liberation_ttf + ]; + + hardware = { + pulseaudio = { + enable = true; + }; + }; + + programs = { + gnupg = { + agent = { + enable = true; + enableSSHSupport = true; + }; + }; + }; + + services = { + pcscd = { + enable = true; + }; + }; + + users = { + users = { + tyil = { + extraGroups = [ "audio" "video" ]; + }; + }; + }; +} diff --git a/data.d/etc-nixos/wm/awesome.nix b/data.d/etc-nixos/wm/awesome.nix new file mode 100644 index 0000000..b427f4a --- /dev/null +++ b/data.d/etc-nixos/wm/awesome.nix @@ -0,0 +1,30 @@ +{ config, pkgs, ... }: + +{ + environment = { + systemPackages = with pkgs; [ + dunst + physlock + redshift + rofi + sxhkd + xcompmgr + ]; + }; + + services = { + xserver = { + enable = true; + displayManager = { + startx = { + enable = true; + }; + }; + windowManager = { + awesome = { + enable = true; + }; + }; + }; + }; +} diff --git a/data.d/etc-nixos/wm/herbstluftwm.nix b/data.d/etc-nixos/wm/herbstluftwm.nix new file mode 100644 index 0000000..5dd884b --- /dev/null +++ b/data.d/etc-nixos/wm/herbstluftwm.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: + +{ + environment = { + systemPackages = with pkgs; [ + redshift + xcompmgr + rofi + ]; + }; + + services = { + xserver = { + enable = true; + windowManager = { + herbstluftwm = { + enable = true; + }; + }; + }; + }; +} diff --git a/data.d/etc-nixos/wm/kde.nix b/data.d/etc-nixos/wm/kde.nix new file mode 100644 index 0000000..6f60249 --- /dev/null +++ b/data.d/etc-nixos/wm/kde.nix @@ -0,0 +1,55 @@ +{ config, pkgs, ... }: + +{ + environment = { + systemPackages = with pkgs; [ + arc-kde-theme + kmymoney + plasma-pass + pinentry-qt + libsForQt5.kaccounts-integration + libsForQt5.kaccounts-providers + libsForQt5.kweather + libsForQt5.kalendar + libsForQt5.kmail + thunderbird + ]; + }; + + networking = { + firewall = { + allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; # kdeconnect + allowedUDPPortRanges = [ { from = 1714; to = 1764; } ]; # kdeconnect + }; + }; + + programs = { + dconf = { + enable = true; + }; + gnupg = { + agent = { + pinentryFlavor = "qt"; + }; + }; + kdeconnect = { + enable = true; + }; + }; + + services = { + xserver = { + enable = true; + displayManager = { + sddm = { + enable = true; + }; + }; + desktopManager = { + plasma5 = { + enable = true; + }; + }; + }; + }; +} diff --git a/data.d/etc-portage/.gitignore b/data.d/etc-portage/.gitignore new file mode 100644 index 0000000..72e8ffc --- /dev/null +++ b/data.d/etc-portage/.gitignore @@ -0,0 +1 @@ +* diff --git a/data.d/etc-portage/make.conf/00-defaults.conf b/data.d/etc-portage/make.conf/00-defaults.conf new file mode 100644 index 0000000..21c3c58 --- /dev/null +++ b/data.d/etc-portage/make.conf/00-defaults.conf @@ -0,0 +1,15 @@ +# These settings were set by the catalyst build script that automatically +# built this stage. +# Please consult /usr/share/portage/config/make.conf.example for a more +# detailed example. +COMMON_FLAGS="-O2 -pipe" +CFLAGS="${COMMON_FLAGS}" +CXXFLAGS="${COMMON_FLAGS}" +FCFLAGS="${COMMON_FLAGS}" +FFLAGS="${COMMON_FLAGS}" + +# NOTE: This stage was built with the bindist Use flag enabled + +# This sets the language of build output to English. +# Please keep this setting intact when reporting bugs. +LC_MESSAGES=C.utf8 diff --git a/data.d/etc-portage/make.conf/10-global.conf b/data.d/etc-portage/make.conf/10-global.conf new file mode 100644 index 0000000..deff7d8 --- /dev/null +++ b/data.d/etc-portage/make.conf/10-global.conf @@ -0,0 +1,54 @@ +USE=" + bash-completion + introspection + vim-syntax + zsh-completion +" + +FEATURES=" + $FEATURES + buildpkg + network-sandbox + parallel-fetch + parallel-install + sandbox + sign + userfetch + userpriv + usersandbox + usersync +" + +EMERGE_DEFAULT_OPTS=" + $EMERGE_DEFAULT_OPTS + --alert + --ask + --binpkg-changed-deps=y + --binpkg-respect-use=y + --buildpkg-exclude */*-bin + --buildpkg-exclude acct-*/* + --buildpkg-exclude sys-kernel/*-sources + --buildpkg-exclude virtual/* + --keep-going + --tree + --usepkg-exclude */*-bin + --usepkg-exclude acct-*/* + --usepkg-exclude sys-kernel/*-sources + --usepkg-exclude virtual/* + --verbose +" + +PKGDIR="/var/portage/packages" +DISTDIR="/var/portage/distfiles" + +ACCEPT_LICENSE=" + -* + @FREE +" + +LC_MESSAGES=C.UTF8 + +L10N=" + en + nl +" diff --git a/data.d/etc-portage/package.accept_keywords/15-vpn.accept_keywords b/data.d/etc-portage/package.accept_keywords/15-vpn.accept_keywords new file mode 100644 index 0000000..2376e42 --- /dev/null +++ b/data.d/etc-portage/package.accept_keywords/15-vpn.accept_keywords @@ -0,0 +1 @@ +net-vpn/tinc ~* diff --git a/data.d/etc-portage/package.license b/data.d/etc-portage/package.license new file mode 100644 index 0000000..348558e --- /dev/null +++ b/data.d/etc-portage/package.license @@ -0,0 +1 @@ +sys-kernel/linux-firmware linux-fw-redistributable diff --git a/data.d/etc-portage/package.use/15-apcupsd.use b/data.d/etc-portage/package.use/15-apcupsd.use new file mode 100644 index 0000000..91eeffb --- /dev/null +++ b/data.d/etc-portage/package.use/15-apcupsd.use @@ -0,0 +1 @@ +sys-apps/util-linux tty-helpers diff --git a/data.d/etc-portage/repos.conf/gentoo.conf b/data.d/etc-portage/repos.conf/gentoo.conf new file mode 100644 index 0000000..6cb6e3b --- /dev/null +++ b/data.d/etc-portage/repos.conf/gentoo.conf @@ -0,0 +1,19 @@ +[DEFAULT] +main-repo = gentoo + +[gentoo] +location = /var/db/repos/gentoo +sync-type = rsync +sync-uri = rsync://rsync.gentoo.org/gentoo-portage +auto-sync = yes +sync-rsync-verify-jobs = 1 +sync-rsync-verify-metamanifest = yes +sync-rsync-verify-max-age = 24 +sync-openpgp-key-path = /usr/share/openpgp-keys/gentoo-release.asc +sync-openpgp-keyserver = hkps://keys.gentoo.org +sync-openpgp-key-refresh-retry-count = 40 +sync-openpgp-key-refresh-retry-overall-timeout = 1200 +sync-openpgp-key-refresh-retry-delay-exp-base = 2 +sync-openpgp-key-refresh-retry-delay-max = 60 +sync-openpgp-key-refresh-retry-delay-mult = 4 +sync-webrsync-verify-signature = yes diff --git a/data.d/vpn-tinc/hosts/anoia_tyil_net b/data.d/vpn-tinc/hosts/anoia_tyil_net index 4856c95..ff46bf7 100644 --- a/data.d/vpn-tinc/hosts/anoia_tyil_net +++ b/data.d/vpn-tinc/hosts/anoia_tyil_net @@ -1,16 +1,17 @@ Subnet = 10.57.100.3/32 +Subnet = fd68:1057:1992:3381:0:3317:0:2/128 +Ed25519PublicKey = 04G6200IYDzDT3H0Yj6ZjQUIUc8tCIvzPaXmyk36e2M -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEAvcW/20fxgdGdNelD/eMwEpLChI03rvDbPHAp9en3cwlYaND40udO -VxjRXj0rE9IA4N0f+o8oJdmG+mzl5Dd3rKXVnBnRymKzpNJ2w+cILPm1sQa6IO85 -F+7Q5v7lb5yFuy3JVi+tg4nqL+xHSZL6w/oPX667bR90oBJEd7C+U7p7r8DXvyHq -cg9U1maDmZ0IzZtl6BxsjyfUr0o6xBtw+pCSIvOXW5xd4mfBPgvp+3nIcux6nek3 -VR6SJ85aXlYZxER23N13Vi3dGUJSIaBPN5MuS3IHBbAP/Feeyo8p4SCzl0AMfo/K -+ZGcheL/NX7EVGg4XcZNgFaTBpusScOfxiRlzAeImomiQwKIywXp1otCn6dKIDj0 -jj146Dodf2nHRbTQj7H/2zyiRDjY/tpis/xTVA5AJu+p5aaXBA/eSb4H1OKL5qYs -38/bUiUJTSbpWvC9WiHq/xi5GSs+3ehDara89yXXhunWLsqvSZOZacqeZQw8k+ip -pNcnXbbtS0zqNQie3OEKY9qqOGKzjUiYu8yWJ4eo370XzlQ9sUgGfKmwCcc2c2jX -Rrhjck+4DGeRA10oJpoxKArPaWrGWezIHJ49Jrc+xiTJ5EMVqOpuGvL5lrKn7g6y -qYk1u6x0We1nCkMNN2LxrmL6j3p6PKRbWg7bczqPO4uEyT/575Ih2ssCAwEAAQ== +MIICCgKCAgEAt+7D3zRySAfd9cYnMSNhp/yRnBygmnfLdKm/dH9X7QbJ1BNcQpTP +I1RmC9lNlWABhB46DJUqQAQeGlZPUHxbCnmdDN6HyDaSA45m/yGUbVhN/ClK7iap +EXfNmxZbtE4eBHDz5DsFe7i2nla4gogyiUQsvRgIP2b2v9qzBhqf2kXwv0X+n7hv +HvQOdN60x/xm1+Vh6wsdX2HYatEh3dy1pfj+1RCQIWV1FDS1YVbFZFb1UJz917G/ +DIpM/Cb/3txH0ffVh2NVqFBW3kd60Cs42/6htpHucBQ1dRVZUCKKWz1sgi5H4nty +HdPDPwOphrvNE7kXjvhkPIif1KtCr2SLwOK0UXR9iZtWuDH/Uxn2v7ofa0a3zKGf +yPrVwzhciv2cdbXPiTFyAS8YbpQUQTcuqDVi1AxE8Z0KmuvgBtTtAzMDyoTLOfzS +yZ3a0qQhX3nvLkXWh7cA7cquuP4LgP5iY1vJSRO2EZA61/WdKs8asl0EN8Zn8EEz +opnvcM3M0ptBZy1Dz2X6Lz0QliQrzajmSRhfUMTOq3ARvnLsES14ZqehavH5Ntms +G1OVdVnd7fqibMhWz/dKiB3uG+1e39isTPW3+22MEm4R0ngfF6olZ8SdHrIWFPW8 +bvdzf7ebFrjuqi6qN/NdUwrzWdDGU83W2xEBsHHbHcoKaB2uwcCKvjcCAwEAAQ== -----END RSA PUBLIC KEY----- -Ed25519PublicKey = 7jy41lK2S4BzhUVSAmULDSiZ9NQM4eQ0Geg2+F9pTpG diff --git a/data.d/vpn-tinc/hosts/caeghi_tyil_net b/data.d/vpn-tinc/hosts/caeghi_tyil_net index c5d5b05..4638c16 100644 --- a/data.d/vpn-tinc/hosts/caeghi_tyil_net +++ b/data.d/vpn-tinc/hosts/caeghi_tyil_net @@ -1,16 +1,19 @@ Address = 116.202.102.33 -Subnet = 10.57.20.2/32 +Address = 2a01:4f8:c010:ca5::1 + +Subnet = 10.57.1.3/32 +Subnet = fd68:1057:1992:3381:0:1:1:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA2abFKFB1Dr1YMcAIWcy/2+jJn+suPyiQjz6vgt476P9a/I7SUCta -P5QUPxvS9pZxFVTFKzpmdKxG1pbCAkhArtNg2R1VFEiYCxS+iey+F11pMPEZFVpC -EIXeVDQeBm9UXjrOpcTRIwEO7Q2J2lzRrhGm6Rpb6XbdmtQ3S8XgVsXYwWoV7muf -TE/d5fgtz8Hghti8w86FP9q61iH6AHCREwbHEUyat5hwznmbiNJHyjx+otI63sQo -FS37EazhqCEvt9jyvVSmB7kVTOLnIVATWDaUlPCLLvps09eRsz6aAa7RHCGd3x/W -mRHxDCbeKL4ilpo/FPZhANdQImLmFovOtwZ6xawRWKPcRXhkaL24qQC0MLH9wmnY -oM6EMioWUa0F11iFM99DTK+NF2Pk8vHNzm0Ep5g0SHzqnAIDDzeNTC9ogwsETqL5 -t7VY1GXuKWgta9L2q03X7FMEgjIc3lPgVLc0Ccx11MTgVzcIaLxFQ58oo+xFuc9I -rBqjZgJwg5MTdZiyZesLJuV+YP+yRat3LifAwIZhloSBVPU6YKx/y30BHjDM8FP1 -OM2IzJLrafZDy034XyD4s62YsKrHMcQ3CeoQ80QjvSyWvSlvn2vEqrbWIZADi0d/ -8vgl44gF9g9yN++G6S7BsTJ5PNgv0jrRFu/RpEN1hVOuo+nBqFsvxW8CAwEAAQ== +MIICCgKCAgEA7fatifnB0LfafcNiKG+cZDeBkFynsFSTMA9dDSQOXYoowLSUOcWj +5WW7b0m6ltM3mq2sAB8fTDJcageycjli8e0b6MzrAhmvzdCMlOBJXuE7iIRJU/IR +cHjpLzG3tBNtO1NudbeGccC7uzmJuPrmBqX0lsy7FQqIad447FzkwOK5oqs1AEOk +tgCFoEScQjPVRVG6JhH2DaBMAQ7rXbGmu2+SnZvxmHTA0Daiv0mthv9D4Mm4MIPJ +QnyMVU85t72D1I/xlugjQI64PvAiROi6Ftm0il/YMiTWC9cxbR8hdpaxJJUoci38 +9KylJ87EpNDsgstlRw+MBvOTeL55pnPQXliQRrhpukAjHpTU38kQXRl5D613jzCy +o8YGT6midMXnAk3ppr9DQX5113gCLXAwkUpy5pS/PpdQ7tqe1DcCsegYuomeVs1w +pQlCPH7TJOj+vRaxVbDCvJq3u9wA7mzxoFdS0TiTq9fGIRE0hcCy+iFUEaOA54Fv +g5Q6p5urtrw0AZueF/UCg+A6C1ag0pTOyoVb8VgcMnN80w+QVrxxB+k4VBzIbg7S +gp1IgPkKKavTCbUb8cu4q5sidr8xz2diXanwSUjRwRbd6AcZgHU8rIjnUiYokw8E +5Y2FEYaS4sN6jbZ56AbjmWmTWwo2uYndq4VG4CWYnX38t47HJRQFBtkCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/denahnu_tyil_net b/data.d/vpn-tinc/hosts/denahnu_tyil_net deleted file mode 100644 index acc2038..0000000 --- a/data.d/vpn-tinc/hosts/denahnu_tyil_net +++ /dev/null @@ -1,16 +0,0 @@ -Address = 81.2.254.110 -Subnet = 10.57.20.4/32 - ------BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEApFXqCta82BLknLg9jI4ZLmjROl9S9worvIo4hQeDFtZrKlelfx8f -RwfT9xF4YwI688FAlmZcGc1iRUTuCt+Pfbc+Lws6Kw1U/QIqAnga80chLzOkwPxV -idZyMPpZ0nWc/XCj63znozr6KGPVgibNKB3p/qGI7f00CVWJHlff7knAmCiShxyK -z+d7WglolSv7H7QE0Qz5tyMq7zkeide2MINd8Es+UpM4RpJHNIjFZmXm+lmfk/mW -fYYIi0z7dbOv+9fKdgljyAahL+sKIH1lfVTIaywY50eq7rAuG0UrA6/HXrNS9Hs2 -LNPfUcDVQLwqM+ZTCbVykQ29/EyU28RRwDM/L85NY6YFSvCv35lqaeo+PokTFMI4 -Dzro+IyEI4VvCQ4CeA8085HVTErnVMCRI4hwooyuBBmiKVB62KfHDD6D5J49dg8A -NzSkjmx1tqF+B8bOpk+gHJsk2ZXc1oU44S+1ydG7SdbqF2KWufpr9DIVIkTL64Cl -9ymrmdW86NYTpsvUJVdqw+RW+hE55vUPr+/0mMkNVFdWy56EICxKqhW+wN80CxNE -raiNuFWqKPxw3yrAomsgPIuH/a3bmqsTzHb5Rmkw5nArWqSENagF5tVFSBUcZkWb -6wwu/ourq6q1HXwP3Z9/03quelwKqmjPxwUCkl7CYeo8um1tjANeZvUCAwEAAQ== ------END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/edephas_tyil_net b/data.d/vpn-tinc/hosts/edephas_tyil_net index 6e095bb..3dc161a 100644 --- a/data.d/vpn-tinc/hosts/edephas_tyil_net +++ b/data.d/vpn-tinc/hosts/edephas_tyil_net @@ -1,16 +1,17 @@ -Subnet = 10.57.100.7/32 +Subnet = 10.57.0.1/32 +Subnet = fd68:1057:1992:3381:0:0:3317:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEApxmzAXv4Mch5FP5AxHmpvHjkJGxcegbFzdFzHjhdLDJ9MQQZdM1p -PomhyYXB9Gsq4oJIOcjqJJdbp4dchYGJ++eS3V1wwstLMTl/+kWZ4ojI9sb/J5rl -a3gknTjipdUuoOpdkAkXKCbq9AXyFsvLr4Q6WaFpeTuIjNb2QgPOLUmcD1eNCdnn -KcHQAGR3zRh3uu8zMkaJZwQDZAdRLV6b77OLe7PXCsYgQ68qw3uti3JENv8VC80T -UxUmv8He7xgAqRCJbD3FH3WT2O63mK9jpnFj/BKDTm5k4hUDtZRY1O92JUqQAruw -gq3I8mhSqFMkvt+S67u950hRzN4/ZGs7lzxRkDqDqLy+ZISN2cDpbX1i4WmZFfex -zj7ZbmfsVzwSF/+K31AOQrODt79bGGFwjZgAVn9Cny/bysBxrOJy39D2Awioynpc -mjICtRP7utpo959YmSNsEcjfamIHVfUOTsEoIYhYASmWRjrSF6v7j2bbC+aFOWsf -yIRZc0EtH803/Ks++ieIDWFmhB0ydtkqFm8HK2eyqOqnlHTepmrDflkxfao3JTXP -CbldDpUGKBcLZ5FNaJ5hlQHnJGzU+wbnc133cdYtg9vvhFVgameme8ElcOjZZxMJ -fPWXMAWc2Szx3Hs/jlaTSIH2GoX1Rr2HdrrNg0qOG/qhLPNrtmrxH/sCAwEAAQ== +MIICCgKCAgEAoxlT2zGSu5YwG5sgZc5u1ulntwLwqTwjx3jAL1ys8ZMVtzkBu9UZ +2CjLA8XsdwwEnflgO4HpNzXtLwNiNBo6D5NrL+XMZj/XxsIbGMyfumYNhCJEEyTM +5aROf3vuggKKzr5RYdoe7GxNcoIwnse0JZeBA+hhzIGgyWJwyzIzQ5EGioesFIc7 +2wPRloE4sprvP14mOvoZkUSQvrhfnAYw/xTHyjLvQUjrrh1EMj78bcs72qzdFNqd +TbV860+2AXvc2ZU8gV40AfWuNL0fIsGCVXUhWX8+gOD75zLd41jJFqRLgLQmUXC1 +h3wMXe0ckXMMFmiFVXOKnZDZwBYHwFEsU2nt0WPkbzMgzcprvkWXg0xPomtyQ7lF +8Zavohsz/+AjKKNKt+vPNlRQ3kBOdOvlwdcgWAOnVnF75Vct/X7vNxa7kjNdSgGe +bEuLsCvJe/uRgvE9Dl6Ostkf5V/XLIUtXqt7kdizrhAPaUL7D2Y9K9qJ08qzQCpY +yY+STnJ0uKzWI/5sbPmEgY+UTJAnC8bCUN3nZ0xNJwxg8VdELYJ36Z8T5sWHLzcW +pz0jh9OeCAsM6YwapWVX7mqDN1ZF44mb26gfSpOw1Zg3kSoomVg8BNuhl4f/KX8O +7CsF6lxhjyLRtCoFgTpOWfpSa+57yAMWDc5H8KSmahXWMTYYdfD3IXECAwEAAQ== -----END RSA PUBLIC KEY----- -Ed25519PublicKey = 4ABczlbBBLs5WMztIzafWw1ozwKZVkj4/of3Jc6awiO +Ed25519PublicKey = h85o5piU40cj89zoEPcMq3H5ycn2VbNGKOmtLUnVG/M diff --git a/data.d/vpn-tinc/hosts/faiwoo_tyil_net b/data.d/vpn-tinc/hosts/faiwoo_tyil_net index f5eb8f3..869bd4b 100644 --- a/data.d/vpn-tinc/hosts/faiwoo_tyil_net +++ b/data.d/vpn-tinc/hosts/faiwoo_tyil_net @@ -1,16 +1,19 @@ Address = 65.21.5.254 -Subnet = 10.57.20.5/32 +Address = 2a01:4f9:c010:e20c::1 + +Subnet = 10.57.1.4/32 +Subnet = fd68:1057:1992:3381:0:1:1:2/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA3nBf2UWehfNWNrR6i4HJp64aPYI5SpV/7LplRwqXcmnJuHmQJ8Ht -Tozv5RHGGUNoSigbDxJSe16RQ0ESAzGNPSUEV6kntySXLvHSYb+SdjFm2wRpL8FI -8t69ZnRF0x+4ZShfa0rgco8sDdkhuPMNrPu8U6bMs+o4Lh8sVTRhDThv2+VfQkxG -T4G9kgdsxP0yi8sq1uflSYY3mYlVl9OPZwSO+vcVO9JFPvkVYFrqDHtvFGFqziQ/ -KvKcjwDTjpNVkFfJD6SIheeVrhysGk8qQIVMYc8yW9I8HGD7uP1BccZ0C/+b310i -y3qkNz/qqtgy0AxrrzbmFsVDgVyiPlwsD2SL+C4m6uEvB0FvYeL2/7vL8fI4RqcJ -ORAcA5G4FgzZRgHdZoZ1W4OB6eUCV4g9l425qbP3VVngJjX9PjPA/puz0i1IB0ZW -6ijGccgYtyj5+ibt3if0+inepT2BJba7pyQ4A92ogfsQKlSg1x27CfvsGKuMZjdo -y/akxYPEqKHQK37smpjcQTLVmLTTbGnf30ObTNW5LOJUmBue9B4fqBA/NV4fM1Gj -Omw/lazjwrJuenwEeGegRQhvjKlBLdjOnzsLoVrCCIe90KK/+RVSC0Mi2D0dzEPE -BNSbD4EJYs+6dJVT7+sneS8iwg9kG9wZ+UjeO4vraEjMrKj9BaKiJ1cCAwEAAQ== +MIICCgKCAgEAz2BqK568OVNM3JWfeFzw4+GYMbXHZH/AiLrAABq5IhW+pAMtsKtS ++7EYGt0n0DpGo/J6XNNbduHbAlYdZa3ybhAaaGzUnHDbygdisSXBm0nZ/7vD4YUe +IoreWyr5VcB8mfegQZRIxbs03ZqI2GGNFAxvT+Ot6HxkpBMq/iVcOkWWzANtP6S7 +njieoLyCTgt3JBX0UCIC2Pnne88HBlgJatbQNRTT+0ltDKNHozUJ6csKYiraWqEw +yF0Khp+nro+XTn19Aj/V16kIL90oJJKVPwWElXUhooPh87PGoQ4d27DPOofkrE30 +cfv8PI+vHc1H4Eclyy81DwYFp3BKlWACHFOswN8F9bjCOS4aEJajHHEVfGCss140 +rsoNCWkR0GB/KnTzNpu5xpa5o7mllu1LfNU8ICdbhI74zOyZurPIhzH34BZLOROw +jqvmnyNMX4jSCNCFhP4IZhL1QlpkA93AjNKIE3KyHWHTSgor+k5RvecSCzo22CDA +5AUaB6lwr//T5XhfB8R94RwMe/zbL0HrtCVXo2tX61czDX22Z+f949LoklAQEtrW +649hcHJhrUev/QLl2FQ+w1C//9P5JpNjByN1ifgJfVukoxsjnaggygvdn5uHIL4V +BsmRe3cZoEGmyyxTTJr9CjyqsO0wC/ID/b0Qzc2TVcKMfe/RuYQOlXUCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/gaeru_tyil_net b/data.d/vpn-tinc/hosts/gaeru_tyil_net index eba305b..28cd86b 100644 --- a/data.d/vpn-tinc/hosts/gaeru_tyil_net +++ b/data.d/vpn-tinc/hosts/gaeru_tyil_net @@ -1,16 +1,18 @@ Address = 37.48.120.26 -Subnet = 10.57.20.6/32 + +Subnet = 10.57.1.2/32 +Subnet = fd68:1057:1992:3381:0:1:2:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA9NUrWO0L8lqrfs4BgZsLdfJZPfKx+Fi8P4k79CIBuVfkQ4OzJmoV -ahupoOo5edjYLJK09epa9zFRc1DuaotYC7Wm9DdIF82WNZXN9x/Mvuq06WaKXBdj -iTJKbYfVN/yv8Xfjzfp4DH3txwsq+9AuICHJkHOmb0lsDinpfbmP8C8ozBnutrLM -XGaIzXzkV2NbunyjaiR7dho5+4P6wedck+IV63KRzepbX36OW9xImmEEpBPeMPzd -VOgWs35FIgnE5uumXXfIax9CA9wFahvMYUlQbxA6kCg9PTteM3C44udFx8DxzGcR -giKEbfxjcZ4pK9JG+LTxNZC2BK1gsUNw8sX6mEEY496cs0T10RWzRZM/HvMIpj1W -5i72yh6kc8ieSr9hGIkm/oM/gwrFeC11PZQKis1P/0O5j7Lv6S7u6Edrpy/+WziV -Yk10eZXzHcFuVAh9+wQUeD3v4bMQA/mE8RPI9JX4Xkpbu1LOhtglEwFU1CWlG179 -B990cfr3cjJkTqS7qEfWuNh2lQd4iwpgqyPZB7Dd7tHT5EKEZSZ+4+w9Xo8xfy0v -7pdfImVHZ1PGVEsRk6AZZqcVcCRrjbKfqqL0m9JmB8vV5L3oZL/mXhFkh52aRMeZ -tzODNlBH0LW2TVVrBw3DJxFyRCRYjk4At8jagVe9fYM4ERkTQxqCFi0CAwEAAQ== +MIICCgKCAgEAukTWaVQYkx45hOQiXS3XPaEU2HM/FHfqgsW3/0eHkAFPJk642dm6 +IO3xiiF0zEDQMjj2f/t+nLIQ6SgTtH3ajT9OODpvCyixpNPOWbiGeXK0fgDCd/52 +buf+9TJGq5BSqqKYNGWFX36BbZ9AnIJU0Y7lrEGwPUiG/utNJLlXlwfj1u8C0W3T +sg6eEX0WoP+IqnBXE4NA5Hl2wXQj4jMsU0c0ZHkEdU9Y2jnCl5C6H5NLFykc2qmU +TMZzCth989TuyfrKQ+XMJjlueWrDA3x9TRJKuJLc7fEr6MpJiJAGkh/cDHR+o693 +9R3ry4Wt4EjQiJFg4/OhtWXv5v/ELiA6BHNBB68X6x7ByYjvtkIXy1lzbFjR2DhY +dNzZjSbGUjQpIqJUlLWi+/iLQRy93TjxLTqhUwDS0sde7qsxZnzaM5Owc/G/sZ7e +VroltC2b5DZRMs3EbERdYs3RkpwE1quHFrzwVcCy8D1GEROKle/yg5Ksb3TLVs2c +oPoq7rHsP6kud7r3HzNO+BUi0FzuZdCqQiVyp1H5L+ZfWZzGOJksbntb9GYDIOYC +eWZurL8BdajY0zpSyGRcrwzcKFBq6GVdVoCLX5GQFY6rCQey+b0iTlF0rIcZxPtk +q4dZ4DuBeq75HF9plWVoVMmq6LQfkLLphWHO/EP2ux0zRnBvXSSFtFMCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/hurzak_tyil_net b/data.d/vpn-tinc/hosts/hurzak_tyil_net deleted file mode 100644 index d55cf55..0000000 --- a/data.d/vpn-tinc/hosts/hurzak_tyil_net +++ /dev/null @@ -1,16 +0,0 @@ -Address = 178.162.131.11 -Subnet = 10.57.20.7/32 - ------BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEAmL0UOj+pMAV7R1Lq0rj3D+oGRnp5fz1q+jtbK3janX7gz0lFcXA8 -k6nOAzwksihQ9QfPLa0NEFpZ8PbLZP1mTFCf4f+1RWy9S2o4hLEzi+Ka8h/X54oH -jOcEZQd7hGpwDGvU/lTG+1Iofh4NAsuiKIS/pT58fZ8WIGDIbL5PHYGas44MEJX6 -BXn9CJx8kzktFGJ27isCrl93kueSqp9ajNCCsmoisJxxdyxG8L+iWktuusTOoi31 -IhmKqhA9wf87p5bYJ7Ae1079OXT7RxjExG+z2C9s6UouxDEmI2oXtmn5luRQkikw -T/nV29NJoUETcgVgrW3LHKr25cbXoaeosIgRsD6bLs0plOzECNrpl+/7ZKhr86M0 -ZynJyfoAWFVKaCHSqD9Js5HH13U7oOpTPMIZgZO0CwtESeUE1z7j4xNPMF8x9Ajg -E7zny0SVO5JJNPqy6WFa1s5fWjU4YlFZKPG2jpIBqgw/unOCywQlQlrJH26Oo8RF -5l9ccLmdQY2HWIpeY/BCEBCAZnsEt1/dV82HvgDeULXDyUOmpPgaNzCH445lzsg6 -xKtAyWt32VWS9x/OdAflmeHvKk+GM7g0X7g7IxCzkLRMYSn3M87IBKQ/cjE7yg50 -CbaLBdiDc3tVmR90fRalt/7PCccPychrFRFzE7E1/RIJKzqh6JTHUVkCAwEAAQ== ------END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/ivdea_tyil_net b/data.d/vpn-tinc/hosts/ivdea_tyil_net deleted file mode 100644 index 17f8c89..0000000 --- a/data.d/vpn-tinc/hosts/ivdea_tyil_net +++ /dev/null @@ -1,16 +0,0 @@ -Subnet = 10.57.100.8/32 - - ------BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA1cPD37/K8EHfro9L/qmEGcG7Ivu6Lvc9K9ry2f6YAjvLQHAwFrf3 -WXOHwg+x6aaE8Us7f2gHs8tU4NMNz4ggSIOesDOSUrVPOrrvZJnDaPzl8+bIOCrq -WOlgmo3RJv4w9G0QGmE7QGK2nX/gA05zaAMDP7Jd+yh7ohtYosth3/j/hetRdLD4 -j6D9tuwGKoQND3rlc7P4QV9bMM1wvKw63hj08YowBzD5GkYN+J833ZN2wmRqAvLp -cRnELg/UqSp0wu0l5VJImi8oz59zGzWPzxFBakemjCkM7xVe5LKK3ZkjwojWDTqG -BQXnhInrFplDm6j+A+jM1iOLwhwg1LbWthhzvrvZd68Dl3oBAsmRM8YmY7RjDpNW -nhqPWen5fum9kURwczY9GLj5GcRkBjEXVTU3KTpYKXeTZrRc3HT69WbbzdfXNKYj -aKRdL/OJZG4hNZFRgPHJP1svNrf4DLZiWIoAjeAdgXcHih1cUi2rP530YvRaajwT -FFDgcfRdWp00WQUkJ8Fcl//rynnZWjHSi4NXTsB7qVvdFClNqglxVewzBgBkriEO -n7SIXz6iNTaKLD63YaUY4oiqg4yY12P6ggY6U2atcXmK1g9syaYTIVD6MAA7XDxY -uI88cs2AZnjLsfpW4p7TD90r1qRZjbkguLhy71cEaIZMbH+H/8eAyD0CAwEAAQ== ------END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/jaomox_tyil_net b/data.d/vpn-tinc/hosts/jaomox_tyil_net index c1b7faa..0ba1c21 100644 --- a/data.d/vpn-tinc/hosts/jaomox_tyil_net +++ b/data.d/vpn-tinc/hosts/jaomox_tyil_net @@ -1,16 +1,18 @@ Address = 163.172.218.246 -Subnet = 10.57.21.1/32 + +Subnet = 10.57.3.2/32 +Subnet = fd68:1057:1992:3381:0:3:3:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA1hTIMQha2vUVy0c8Ci5jF06T62IDDj9FhBtDBKOsvlZ1Lzh9OsqH -x7blL0WNBDoqmgyX0RdDwUIqnMOttMFK4y6ARY50Yw+s8m2uy3i9FgRUn2Y+Qjc8 -SmFh1fKt9yThKfBFDhUmTW0vjXlWR3jf77QB1PAJzk8wRmDx0GbBzcrsRMBrKc9a -rUN5mXz96xjkzq4vsAQ8W8aa4OmTR+oZcSe5iGzksXoh5BxmV8WjHK5ZpjuNi6qt -t1pWWanq3DG44/5pfvobULDh2Z1b8dV4oTGZW9CFFHmjOve5f+AQuy6nnFX9FH6R -dQ41GRCt3FFGMiCmej1BErPW2dE53A618vmcdd0J5Tt41TXX3oJo+gw3F1R5pNV7 -rd6hg634Iyx5y3JIJh9gQXbygCAnq32vtI6/j60MyGHk2Iu6KjfhtN56X/PRnJxa -G2swLdJtUi11WgEhEdBd2x3l3P46eVj4YS48d3J++9mFKZ+ejoKosc7u5Xaj055I -q0fQudOZswD4i8JT5cn7VFYAZSM+Po9Yxq9tfaIm5jld4f/XJGYL39lXBrUTFBWh -PFXDrb35MstSVgHWlKtsLJj+Por4K5NxHdUHRIsOaMGem5GgOYos0AvkLYiQngey -noZ41YSSyJwitHefW46+PKmx5MVlcMcwDOSpvZImTphnlKEttg9/RwMCAwEAAQ== +MIICCgKCAgEAwy7NrCkjxHY3kUJB0l+cbhDWmxkPsj8fT57cgP/a2QFUc/N4uqdX +ban2P04KDVzAed9myZ+bRfLNS4umR8TKPY+EB2SbexYowgAaGWzEEfS01YIcGKqf +Cc/CJeSlHo5X3DWong+K4StqZXcqrjJvApzW/Hdg1F5bLC9ENbC1lTR1ppKUELOJ +zosbGKmtNDiaGAg+8qOvIXNjf7B+FcWTpL8PtLWXmoSbd4QundNPsD2lfcz2F8cu +GIbKaV0k0JJGtDdw5XYFgJDGgTewChuvUKYM2q/XP3AtExoGVEMNm440udv/WASE +4oFs+Dk/aUXI92kkcArbG6pCbzTUI26THlc6ukQZgglxNFhkZae6hqXn3GvVl6Ht +aZ3DG32VdNls/mgk857O+xk5aY46Nexcc9UYVpAqmUixb+FOtklsOb9ynD0J91qB +ajL+a3CzDKGC7ICILaZVNSkhP5heOqb/KIIqPk3tRBNmD3uRouo74Leh14EVyA/H +TP+fRVf5fFAp1Qmaq16tZws9QQj7wte/UhOx1IG2A93FygutwcgAHBokCjRhlgZm +V9YkVLcdZr58Os1vrocQyu772XgslVUZXDAUh6cieLbv06cvB5wVdL3MoTSSalyo +cPIrjXsLrWA43OuCGiUKMEUG5ZGQ4/HXX60ajZma1EyAbTwsi3po1VkCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/krohxe_tyil_net b/data.d/vpn-tinc/hosts/krohxe_tyil_net deleted file mode 100644 index 0655f39..0000000 --- a/data.d/vpn-tinc/hosts/krohxe_tyil_net +++ /dev/null @@ -1,16 +0,0 @@ -Subnet = 10.57.20.8/32 - - ------BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA0kL+MH9xOLAKrwUF17a642QLnU+72xbxiFtbWFXGIj17hlcqiOAv -NqWFO1EzroRgaNzqdufMik7G7MFzrGG+7/fziC5Vj7A7UMi+8F8ig1tKLpqe0/+f -DqQfbU0tPaPPPc95lEYOU4j50ALBNAZLNaP5a0BIN7N+Bj0JQNTah1u45mdIMQh2 -LpIkbe5MWaVcVvh61l5mxM/+rsU8lJE4+SmOuFJZ+7bzsbtQf5mPc4kF8aqPoMle -XuizHguphe3CrZgOvvmAVvrV9O7FvpFHlJcmt4FkyEZ0e8l0h9/YKHx94py4STa2 -O3zFJFHf4zVAIzSx+1mVV08aulcIGjTpHLSIlAuQ1kqEI8lGfcCawyMCPdcRzWKJ -eo7fo8/slzg9O/Id/uZwlDltnBXI4053bhjsglEfm/zZHog00IR/rSXuiqJLV+Th -8uNRGXezB/frVn58w8dbOuPDzsVTLNeDeZJHrKRxTn/bwVFLrG25ow9qMgr/mqaP -sA6PjBnw01SkBUJY6fmowip9YcQTOjlauUR6w/F70aOIqT65M1ralSVmWAUFCKRz -KYOaOPHfpQQVxQaDnUKPiDyF8YoP9zoocyh5BnBEKP6ctYZkZd3i5naJ1SG16R5j -U9iMnzo/uKG1CAP7jnM7IGZ6XhlHchst5LxVAm2cGT8apEWJOvFnqOMCAwEAAQ== ------END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/ludifah_tyil_net b/data.d/vpn-tinc/hosts/ludifah_tyil_net index 6796f17..c236163 100644 --- a/data.d/vpn-tinc/hosts/ludifah_tyil_net +++ b/data.d/vpn-tinc/hosts/ludifah_tyil_net @@ -1,5 +1,5 @@ Subnet = 10.57.100.9/32 - +Subnet = fd68:1057:1992:3381:0:3317:0:4/128 -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEA2pXuIIPoQhWLzTSsO0bvgkQ1+7RgqPVv8b6zNfmRUfj2uKy3OZEn diff --git a/data.d/vpn-tinc/hosts/mieshu_tyil_net b/data.d/vpn-tinc/hosts/mieshu_tyil_net new file mode 100644 index 0000000..33d0a50 --- /dev/null +++ b/data.d/vpn-tinc/hosts/mieshu_tyil_net @@ -0,0 +1,17 @@ +Subnet = 10.57.3.1/32 +Subnet = fd68:1057:1992:3381:0:3:3317:1/128 + +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEAiH7/vpM4Fq2q9MXgirEX/jy72N56xGViuKwo7plT8ObmFxkhL4pI +RifRqv2Oal/VNKfECR5IaHzrLxWA7aunw22sFoUTnvQl6wCApPb1us2fn50J9ei/ +9gxrbQbVAX0VNlGzICk9zgKl+qfPtj/7ANoqE8Oo0cHrucfW+HdDpN3PyeDwhUk+ +GjoGFQuQboZNUzGnmIgcqPK2m3yJEy2l9SK2p5Uub0RZMDJrt8RJip4OesqpwIvX +JGrU4jL2qIVzkhdkV2NyMd3chCdoHIXjXALreSoyZHkSOdJB2d1X/s6QD+aGFicv +bIokJQWdO9hRh6P0lUEv44IABIj5oat6KU/uLtcr4pycnXMeJ73+CGA8hjG0M2uh +Urn+hoi7y1h0G3vcoYz4oaxX2wqczEbJTTQmwxsx4XftCy7Fg6cnNCva/ML1hOwj +1Urs0jfyPZjVzxqBqsia9duKINPnVkhdxWFma/23tEIjzUy4bbFX8T72Y/IcEi6C +88Q59bgIzDKv1nBzM0/OXbNn5A/zI4FB26xd+NkuwYO9vecRE1DMm+kJiY/L9M4q +657gy73FRykDPogS8dvoTEDbGuYQYClKNIt50iqBX7mAPGZ9ajEcCaXkd5ZUpKE/ +koYegL06MnryGeiODgSXAiTOxB5zSYaJIjIsSW6O15kXe3OkVHTKesECAwEAAQ== +-----END RSA PUBLIC KEY----- +Ed25519PublicKey = z753yL+MnHAouuUKv1pgA40i9dzHp3QIbCHKVNi1NNH diff --git a/data.d/vpn-tinc/hosts/nouki_tyil_net b/data.d/vpn-tinc/hosts/nouki_tyil_net new file mode 100644 index 0000000..cdf93a4 --- /dev/null +++ b/data.d/vpn-tinc/hosts/nouki_tyil_net @@ -0,0 +1,17 @@ +Subnet = 10.57.2.1/32 +Subnet = fd68:1057:1992:3381:0:2:3317:1/128 + +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEAu08q7S2MuqMEPeuTBJw6aFcJRF/8FlbxhNrUlHhfhc7N+4FnmQht +gqr5I20V4BZKkgYI2KUB1+vHGCswy+ReMUtD2njM5BZbNBAOSrVcLtNAuCrCwDev +Adbf58Mx3IJJSZdvYsOQD6MzNkfvCviaBBue89f8tI0Voh06uJT2AEijQBepindj +b5hs75npMgkXVlDocgNnt6vN1ZSILK17cllvInrIi1tuA7+0XWTBYxroILYRIhWO +m4IbnO/tP08e7cEnhCea+/Z5R/ZWlatsYom/gROo6s/ZcwhW1HKVx558Sjynuu92 +GE3o+bxqUD5shPyIo2BOl5h9kGNUtjTpX5rcpRHNr/NX1Zn2ss3bMRTxGGlIU1jI +R4ZTWqzFNH8wZPNywQcbrxBcYj0xSDrq8u3ZO3mo4YXIv2X7PBBzq3+tyxQfWdcK +u1AWxIV83W+eBcPQAdIF45yP1EOU7D53Jghe8KrXMnSSyHsghSInnLjqC4dWzveo +5bQa4koKmMnW5SkvZuihyTWnMs+xgXXxznmUJKUoddgFCpzRhHckQ7KVQmosXthS +a4njMXzAv/C1gVV0VR3LNSw+ZKOug5Sb7vTeQekOFEv3X98GEy5VKgbq9ebedXh8 +BBJuvClzuWGO3xiRjAwtHWhwOSt0Am1aPq2jEDhxynOGJqXR2Zeqh2UCAwEAAQ== +-----END RSA PUBLIC KEY----- +Ed25519PublicKey = ZJkCNlpDKYYzTYl0UfyQMYjAApwbQ5oYgMpnxGXOB+H diff --git a/data.d/vpn-tinc/hosts/oolah_tyil_net b/data.d/vpn-tinc/hosts/oolah_tyil_net new file mode 100644 index 0000000..26d59a3 --- /dev/null +++ b/data.d/vpn-tinc/hosts/oolah_tyil_net @@ -0,0 +1,16 @@ +Subnet = 10.57.1.1/32 +Subnet = fd68:1057:1992:3381:0:1:3317:1/128 + +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEAiWbWMo9fujW67rWelrMaxPP3qNHrWUIzg2Z4R4MZegZ2GWVYym3u +EzboiDO9MOBh7bXSrQavjkecv40d8PDmbcwNy3hYFS2WH+bJCtjHl4xkxEsE2cvA +1rLW7KEnBfbkKTbVMI/Di9jo4CoVIWNYRU8Ebw+nMWzGcYA1CvtkgzX7gaDio1kk +0EhZ1BqWnExOEA/ChQEazv1kbFjSUW1Aok/aM95JkZ5h2OmGXxCy3MhvaLd78YC9 +cCc2R53FHsBgmufqqAN2kd96BeW0ZxZUrmzTtbz4ucS41O6hz4yBmz2sQt5TAx9K +yQcLm2YL11xKkSdc8+LbhnMubYtUSfQcmUW92lxIYy/Odi+OIXjDzk3EconN8nHL +GFWQJQsuIG9/LsEhR7kNd77becG/QscoV7PnjoxL77QMmlYGOTtS+eeVT8Yn55Lu +qH4plZso2HL7UJv4cy97ZdTw29SHNz4wZNsDlBT+r8OmnANQShznzboddeY+bbZK +aBEkwG1IWR719zNLbbeg84MpHx9z+VyS1RWO4Z+xd/g9f8oEWHFKUJRCCmmCGgJU +qEswMAjPeCsVk31kB+yZujNJnrLCHxUHBHULJVXwcfvOyjZDU+vOgvcjBTOxlzV8 +wPDK2QZyuHNASYnLedyK3b1IRvuSNl5JepuvvwA2JZLlnqU5GLV0l5kCAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/plarabe_tyil_net b/data.d/vpn-tinc/hosts/plarabe_tyil_net new file mode 100644 index 0000000..91acd8c --- /dev/null +++ b/data.d/vpn-tinc/hosts/plarabe_tyil_net @@ -0,0 +1,18 @@ +Port = 657 + +Subnet = 10.57.0.3/32 +Subnet = fd68:1057:1992:3381:0:0:3317:3/128 + +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEAsasMofIk6AxtX7wsNYf1rZy+tpnnrRrQMX6/kXri+DhMByURJ1HI +i7jhKBjQBfIcj5FijHHUQHiiKx0bNR0ekpXQFPcsRrspXdQEUnYkc1Pb1J0OMNQ+ +9CT/DH2sun+Zk3qHE+GLdDoWe6gz4uT8Eh+c1/6Z5VwxFpSYKRwT5T/wU9OOEqJi +svoLZSZUh57Xq2y+3JJvfPx3LS6UP9mwz6cmvLWAkRBn18WG81ZBXvN/4ida23o8 +qhaxDhYIO20lDKY+in2oiN1qztLPcQKiXdn/R3ATr8dZ3pPm8YMclnH4Uil10IAw +sl7B7Zt/As/LxklCdwWvPLcRMPC7bAMTGRMFW89C9APY3FsfRD5oiX3jqUMDLw6p +UIVt6/gxnXBjyfgVFouG2ThrqGJp+sC3TfEEjBQ38/W8zk7S3IwMEqLd0gBc8Yq7 +QUWbORloNvv4CtwkeYFonM0eoYn9euxuXJ7RSBGzXadqkKiwtsG4rsvaLU+LKQnQ +xRdzyiEZFcACU5/bdydHXYWWX1xfD2dPsW0nOelvJukgJvNWn0HyCZ1uClTdcAOr +/m3Wh4clCiYgDfvurdVKRmgzzG/5U+xih+SUjgDnf/zgfOViY30BzRxoeWvJ+bCH +TfMKk85a/Zdxxqosasoq6tMlt7EKhPDX5FmL/T102BB40Wtz4U3b81cCAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/qohrei_tyil_net b/data.d/vpn-tinc/hosts/qohrei_tyil_net new file mode 100644 index 0000000..decdcfa --- /dev/null +++ b/data.d/vpn-tinc/hosts/qohrei_tyil_net @@ -0,0 +1,19 @@ +Address = 37.27.37.131 +Address = 2a01:4f9:c012:6273::1 + +Subnet = 10.57.1.6/32 +Subnet = fd68:1057:1992:3381:0:1:1:3/128 + +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEApbLsMPasXP2g/gJzxo40aayVPH7rDrxuiOaKfm4R0LKVnDuRGQDj +V+ksZgM5UNxBsJdchzo8BfwtSASFeqlNu4cM9SqMvnKnFOe/W5TCu8+VUx2syrcp +AhTnZ9yzEsHKMqdup7hOExQ+QXQXWPLbSsKEK6Jel4Kw5gQNc/fOq+sPQQPFb/Y+ +gQvaBrylHnM8oGlohutZjbnZdOaLFWLr4/3xgvzawWgudXOLa5lEmdkMJF0KjsJ0 +NuCVTf8TzzTZf/vdlE/ODYL7dAKuDWUScqpK4RE5+mqS1qHcmXl0hCuu5HecnT3t +q5S5d4YuatacSI5PaAmGZgD2YoXK4L3LMfvqcO5z5EAKx+GaR+ePY2AB6kljy909 +zyAHW3uRsYA33QqUXQovPBJ4J9hiwDXgsHUUJ5OO1ZTpUJaT1n3Z3TmDwvYA6ZmF +6LMqu4Mgs2Uvb8kR4xVPuw1dNzsOo9SeN9pQsypYwPatluJVjRwMVibH04ory0uQ +5gzh+ixNbnEwhYCru8gh5raxgtXJe4WoIunX/G/0L23Jr331oLMHAXXkHKsd63/7 +cwVIvcLN/3bYpraG7tzHCfW2EcGMn1zEoWx6sXooXEgo7qcylHfPIjEpWiq153VY +VFLwEyd+CHz8uDx57k4grHE4ggjCAJ6LYBUhl2Nk3lY9f4+Gl/I+D2ECAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/ricui_tyil_net b/data.d/vpn-tinc/hosts/ricui_tyil_net new file mode 100644 index 0000000..30866a2 --- /dev/null +++ b/data.d/vpn-tinc/hosts/ricui_tyil_net @@ -0,0 +1,18 @@ +Address = 2a01:4f8:1c1b:67d7::1 + +Subnet = 10.57.1.7/32 +Subnet = fd68:1057:1992:3381:0:1:1:4/128 + +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEAqtSWcbWqGvmpwQuFaLhTXIxr1j2mVApKhV0Bw8UyggszBsEsZiZd +b3eAbJOrklLhedZVendcjPhK8PPBJCWABW9Jm100xDaHc5HfMp/O5J2cSWD7vQVu +iRVonHWaJRYAGeOUnG7mkIfAaHLIOnVzIVEpyuV9z8SCl48Bx7pU351WqYGwk75X +VEIexX8C8vtHneeZJnF5p79kHCQuzwv1DlrAShjmh7qjr4rB97sZYnuwt9g2W9s9 +4wKUk+CJdmrARWyDxXQaS7P5VyqcJw7FpLefe+9B8Hq4ruU1HbqIxjKPFG1Kvtdf +19KATOjEAlbeIlEvyiJnOi8Bedxo+MmeX2B3rE2aQyZTHEnkAImILLEgvDf8GnFx +N6JWAnHELkrPOvQhFRhjQeQz4uk4WAEY2aSCqxnx0iQiqEjrHF38tntqZuahSknX +3nXKiy5qeBi/4a6QcAEBn0L1WaJr12kbviqortg/ltSv1qwmWEnVw+Wdl3sF7uxw +5fz2ciDrqOQE75jz7ouz28FhinGiLYXOddqWKWhE5J2hW2y+XfClXn0Z6uvCbSe+ +XZzmF3Yz6u/PEib8JWteaYkU2M3DVVvl/UDOuYP+lG6xISCIyCOGEFPtRq6VHHwD +ReFPww8iAT8lD1/8zmPI0f2Ktm1Jnpf3aIHhBu2NugRTkDqj0djnafkCAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-wireguard/.gitignore b/data.d/vpn-wireguard/.gitignore new file mode 100644 index 0000000..ae60a25 --- /dev/null +++ b/data.d/vpn-wireguard/.gitignore @@ -0,0 +1 @@ +privkey diff --git a/data.d/vpn-wireguard/hooks/post-up b/data.d/vpn-wireguard/hooks/post-up new file mode 100755 index 0000000..edbcd50 --- /dev/null +++ b/data.d/vpn-wireguard/hooks/post-up @@ -0,0 +1,47 @@ +#!/usr/bin/env bash + +readonly COLOR_RESET="\033[0m" +readonly COLOR_OK="\033[32;1m" +readonly COLOR_NOK="\033[31;1m" +readonly BUFFER="$(mktemp)" + +main() { + printf "Verifying connectability...\n" + + # Ping all known hosts, as it seems that the wireguard interface comes up when + # only after it gets used on the machine itself. + while read -r addr; + do + check "$addr" & + done < <(awk -F= '/vpn-wireguard.ipv(4|6)=/ { print $NF }' /etc/bashtard/hosts.d/*) + + wait + + sort -- "$BUFFER" >&2 +} + +check() { + local addr="$1" + + if ping -c 1 -q -w 1 "$addr" > /dev/null + then + log OK "$addr" + else + log NOK "$addr" + fi +} + +log() { + local state="$1" + local addr="$2" + local color="$COLOR_NOK" + + if [[ $state == "OK" ]] + then + color="$COLOR_OK" + fi + + printf "%b%3s%b: %s\n" "$color" "$state" "$COLOR_RESET" "$addr" >> "$BUFFER" +} + +main "$@" diff --git a/data.d/vpn-wireguard/peers/faiwoo.tyil.net b/data.d/vpn-wireguard/peers/faiwoo.tyil.net new file mode 100644 index 0000000..631f39a --- /dev/null +++ b/data.d/vpn-wireguard/peers/faiwoo.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:1:1:2/128,10.58.1.2/32,fd00:8:0:3::/64,172.28.3.0/24 +Endpoint = [2a01:4f9:c010:e20c::1]:51820 +PublicKey = Rrl9qa09Gc8LM3CIr0BIMTnkCMhL1GZFVKCh1P2okWg= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/gaeru.tyil.net b/data.d/vpn-wireguard/peers/gaeru.tyil.net new file mode 100644 index 0000000..4b65f52 --- /dev/null +++ b/data.d/vpn-wireguard/peers/gaeru.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:1:2:1/128,10.58.1.5/32 +Endpoint = [37.48.120.26]:51820 +PublicKey = np17FGeZB0N77/SfaHfKTbsD/oV0LnjdOUeIMePGQG4= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/jaomox.tyil.net b/data.d/vpn-wireguard/peers/jaomox.tyil.net new file mode 100644 index 0000000..15c3dc2 --- /dev/null +++ b/data.d/vpn-wireguard/peers/jaomox.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:3:3:1/128,10.58.3.1/32 +Endpoint = [163.172.218.246]:51820 +PublicKey = VBqMAsZkCNVlqaMZGT7SKDuCkjXcVrwZNCxVKBRII0Q= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/mieshu.tyil.net b/data.d/vpn-wireguard/peers/mieshu.tyil.net new file mode 100644 index 0000000..0b9001f --- /dev/null +++ b/data.d/vpn-wireguard/peers/mieshu.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:3:3317:2/128,10.58.3.2/32 +Endpoint = [2a10:3781:2453:1:4950:47ce:f8db:1fed]:51820 +PublicKey = hrVjitF/wpaNvL9/hlswTL/G8hhKcpMmqGsinU34IBA= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/nouki.tyil.net b/data.d/vpn-wireguard/peers/nouki.tyil.net new file mode 100644 index 0000000..0986864 --- /dev/null +++ b/data.d/vpn-wireguard/peers/nouki.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:2:3317:1/128,10.58.2.1/32 +Endpoint = [2a10:3781:2453:1:c8cb:d1a:bc0:dc38]:51820 +PublicKey = Mo2jVPUCIX3o5fY+H2rrVMWAKatVrF9nF75OCZZhRGM= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/oolah.tyil.net b/data.d/vpn-wireguard/peers/oolah.tyil.net new file mode 100644 index 0000000..2951f1f --- /dev/null +++ b/data.d/vpn-wireguard/peers/oolah.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:1:3317:1/128,10.58.1.4/32,fd00:8:0:0::/64,172.28.0.0/24 +Endpoint = [2a10:3781:2453:1:7aaf:8ff:fe7a:9ba8]:51820 +PublicKey = 8UkQ71m0xVPJbQ4zySRqH/WXJm479zj5xcgeJVoBWi8= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/qohrei.tyil.net b/data.d/vpn-wireguard/peers/qohrei.tyil.net new file mode 100644 index 0000000..2a206d6 --- /dev/null +++ b/data.d/vpn-wireguard/peers/qohrei.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:1:1:1/128,10.58.1.1/32,fd00:8:0:2::/64,172.28.2.0/24 +Endpoint = [2a01:4f9:c012:6273::1]:51820 +PublicKey = cD1NveEPXKKNdGcx9bO4+91b1abDwoUSGnF4dI1m0R4= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/ricui.tyil.net b/data.d/vpn-wireguard/peers/ricui.tyil.net new file mode 100644 index 0000000..a8cfdd7 --- /dev/null +++ b/data.d/vpn-wireguard/peers/ricui.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:1:1:3/128,10.58.1.3/32,fd00:8:0:4::/64,172.28.4.0/24 +Endpoint = [2a01:4f8:1c1b:67d7::1]:51820 +PublicKey = Rv41YhKkhAVKefwlKtD0Uywv7r6a2/uhsdhWVcZUYyU= +PersistentKeepalive = 10 |