diff --git a/applications/skynet.ie.nix b/applications/skynet.ie.nix index 4277232..190366c 100644 --- a/applications/skynet.ie.nix +++ b/applications/skynet.ie.nix @@ -30,12 +30,12 @@ skynet_dns.records = [ # means root domain, so skynet.ie {record="@"; r_type="A"; value=cfg.host.ip;} - {record="2016"; r_type="CNAME"; value="@";} - {record="discord"; r_type="CNAME"; value="@";} + {record="2016"; r_type="CNAME"; value=cfg.host.name;} + {record="discord"; r_type="CNAME"; value=cfg.host.name;} ]; networking.firewall.allowedTCPPorts = [80 443]; - services.httpd = { + services.nginx = { enable = true; group = "acme"; @@ -44,17 +44,14 @@ "skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; - documentRoot = "${inputs.skynet_website.defaultPackage."x86_64-linux"}"; - # only on skynet.ie - # skynet.ie/~username - #enableUserDir = true; + root = "${inputs.skynet_website.defaultPackage."x86_64-linux"}"; }; # archive of teh site as it was ~2012 to 2016 "2016.skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; - documentRoot = "${inputs.skynet_website_2016.defaultPackage."x86_64-linux"}"; + root = "${inputs.skynet_website_2016.defaultPackage."x86_64-linux"}"; }; # archive of teh site as it was ~2012 to 2016 diff --git a/machines/earth.nix b/machines/earth.nix index b9d8507..f2eee16 100644 --- a/machines/earth.nix +++ b/machines/earth.nix @@ -18,7 +18,7 @@ let in { imports = [ - + ../applications/skynet.ie.nix ]; deployment = { @@ -42,4 +42,11 @@ in { }; }; + services.skynet = { + host = { + ip = ip_pub; + name = name; + }; + }; + } \ No newline at end of file diff --git a/secrets/backup/restic.age b/secrets/backup/restic.age index 944ad4b..30e05af 100644 Binary files a/secrets/backup/restic.age and b/secrets/backup/restic.age differ diff --git a/secrets/backup/restic_pw.age b/secrets/backup/restic_pw.age index 3ee1a8e..cefa981 100644 --- a/secrets/backup/restic_pw.age +++ b/secrets/backup/restic_pw.age @@ -1,13 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA 5icNZy9IB42T2Xnph6z0VGznaxiB0MHtC4yBUEOM534 -avacsmljAR4DA0pdHq42o2YunyLweTjaX91QiuO7/0U --> ssh-ed25519 rIwlvw r7IUmFs46NLNgITxj2hNMv2neldFI/OXlzpQOOZ/XD0 -MkBLRr4uXWXW/xTo0EtkX2y5nbSwEfc6ChkaiIu8VoM --> ssh-ed25519 q8eJgg jetnUDWCkX8P4fcvb3hA12TJolDKO2ZqcdmxUmx5myA -Ru2q2Y8+iIe7imaXeb9MTZyOoCv4P45SNgxGGxQlVRI --> ssh-ed25519 mKj+iw wwsRXk+Wn3u+y+b/b3Fg6hSmJiV38tmYgRJqsStMnU0 -avS7XgN/GYVi+2pjNTG+CZOLcKo+cPpCEPCVZV3DHF4 --> '$-grease y' -VGZ3E4+qHDVztqvY45Bo65M ---- u6b8TLW9fI2nKMvP1HCIRk8vIHWLrY3U1K8wse/s72s -vTK&|l4.~o C&0̤9Iƈwڐ^ sH=3|E-CoC8Mp 6kLoM \ No newline at end of file +-> ssh-ed25519 V1pwNA 5BxnKpNoGWuQG/pVytgKRpMkn/TwoqtVD3Fl/duEfic +D1VRvzTERMj+b3rbuzpf9MlkmqXhjL4pJ3j7ppDzlKM +-> ssh-ed25519 rIwlvw 3+5Nc2DgYFO1NRxcKFsEIAuchFswtR8XBnHfGzzB2BU +qc+ZQqno9KqTllicGnBLCnsl5ReSAEj57ZoMZpYqysI +-> ssh-ed25519 q8eJgg Rh/L7KPlDHIPCh/5KYkq0VWSikOK6iY0TPsNfQldR00 +818Q+MM49omroQlYSAg3bEvQtpkv0T8HOB/DI9bZ5xg +-> ssh-ed25519 mKj+iw Tv1DL5F5ouQiLJCtVJLH9AjHgg5sl6sl+JfAqFuuqHk +7CQBfJzeD1FyGrtV7ocZbltL9L3ckm097ldW/HqbPe0 +-> w({q@-grease g%? +9qeZNBaO +--- nwb+peiKCQNrSbgvFuCSP1OTkEFNRuqDDQ5H9F52Inc +۰a' ) +R`t ]zhtgyE =nZ%lz"ݺ H~LC| )wCռg C5 + \ No newline at end of file diff --git a/secrets/discord/ldap.age b/secrets/discord/ldap.age index df1fa6e..3a2ea88 100644 Binary files a/secrets/discord/ldap.age and b/secrets/discord/ldap.age differ diff --git a/secrets/discord/token.age b/secrets/discord/token.age index 767cc12..8fdcad3 100644 --- a/secrets/discord/token.age +++ b/secrets/discord/token.age @@ -1,14 +1,13 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA wF/IvDrcLFTxYAauDal7+Gz1V++n67HYmojv+NS2wwY -2JlEICPHzgXGSLT7t36htE46YZ0fJsdjrT6NnCFVLLc --> ssh-ed25519 rIwlvw tk13mY+KwEys50YTX9bbEv4324BXpWh+3G1y6MrQrRY -sOc+kY1qqtT99TbbxPFuMIpcn72may5fERhCWgV7RDU --> ssh-ed25519 q8eJgg YJpV/03pvcZdQjQBecnP4LZUG+2Qiz1/3COTmNBNOXw -7qRtCRYSaXzcx5xZ/I9xAdsKz9QRaObpFQdRkLDi9lQ --> ssh-ed25519 IzAMqA 5odTY81LRr8ZMmFbAB8K5xgaWBr/50xdDNPJ/n1URG8 -pYpYgKxnWQ4xXgudtS43yp+X/wf0pLiMgASsrT6QCRE --> P`-grease >u}h_O$ -aRLumKxsQDFmx3TQTp4UVJU4RdB3DdiikrHSKX44AVH3gk41CZXFPc7EiCcafONw -2yXUhseX6EdlUz+JfNuU5fTOfck ---- BlNT3gxZ877Ln8DVUtidwmekRUIKOjaU4lbJYd/NGFQ -Y O zD& ^\ nbqG6MdU)q|栀[<_y 5|<XU \K_tM0@C'[ɈYNJn \ No newline at end of file +-> ssh-ed25519 V1pwNA JcVt8mc8oJKHkvLqwI6eQtgiOYFHyjMINWh7AfGqYUY +HXS8IV0FzOX1+m693NwsDvusU+R3rITQK/SMf3+ojMo +-> ssh-ed25519 rIwlvw KA+all3CHwe8FKPLlaTOQx5+GQBDF5/XbdLyYkyoIBQ +YbNMLE3igtItkudpNZAm0IVKL/48tHP9vtDdAvF+W9c +-> ssh-ed25519 q8eJgg DetWRzi3dAKwxYnvwxGcUTaHVDvmDhJHMmLkzLjM9AI +1vlapxcrpGBvw5DbDElzNx+DNf/qiZdqama/nq6GuYY +-> ssh-ed25519 IzAMqA 7dKZyMuZLWmw1GjenP8MApA9V7RtTv+rpdgMFv6iBnc +BKxdWlq3sK2c5/7FXNasmPd63TlPgTfMtucyyIe0oqo +-> ^r&-grease jYT $_l < Ul<7BW + +--- tyAurEOEQftDXAAfOmg5CAaeX+RkiPM+pjKYWAZoSKA +eiacV}P <^L_8vjwP&^eb,Ev2 ېn\tVDm y퉜>piX :HDo um} \ No newline at end of file diff --git a/secrets/dns_certs.secret.age b/secrets/dns_certs.secret.age index 87966ac..7723479 100644 Binary files a/secrets/dns_certs.secret.age and b/secrets/dns_certs.secret.age differ diff --git a/secrets/dns_dnskeys.conf.age b/secrets/dns_dnskeys.conf.age index 2c44b75..ebd40c1 100644 Binary files a/secrets/dns_dnskeys.conf.age and b/secrets/dns_dnskeys.conf.age differ diff --git a/secrets/email/details.age b/secrets/email/details.age index 069b549..5755286 100644 --- a/secrets/email/details.age +++ b/secrets/email/details.age @@ -1,20 +1,21 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA j8XFmU0Z3BjgqNCkfkGFxSt1gAxxVr9iFGHXt/1iCk4 -g7iomVI50B+gDqUv5lmUufqGEUpcSqq9R1MiJsuhMMI --> ssh-ed25519 rIwlvw SYh2UV1EZynbMviPYw2kxw80zJuSggxbFlAQjH+UBgE -RWUQGKaeVaVSZ6hD4kUFL7YnSOvxyOXM1Ox3fKRcJ+c --> ssh-ed25519 q8eJgg uxyqTwxrafvZQ/HfUQ2Edmlr+8ogl2/3AuSQrhXrdSc -vtvcIrznaBxURp04vFnbK9Ub60DqOKExOjMQO7sQJfc --> ssh-ed25519 IzAMqA 9B3XvLvFKHumwsfxIsNLBPWS3bnpmvwJJjsx+bZ3wEc -uIf1IEAh2Antx1hlllo5+VmGHqln1AEwe94ZIukSDGU --> ssh-ed25519 uZzB3g IAL5COq6aK1S1Gc7iY8llTguXLeYHw1b527Qw5XvGV8 -lGdO2P4y9KEvo0D+JIeA8bvDrDpJo1BV8llAlVCkYR4 --> ssh-ed25519 Hb0ipQ 35nXPma9JeM8TCGJcNbYJxm9bIyoxVp3D6KLoJf4N3A -JfSNyOQ+76z6/0sYh2zgbYzhIeCeKU5Q+k0bFKHgo1o --> ssh-ed25519 IzAMqA huVJf1RnhlZmG2+zgw1kcBDlQyj6AK3iuPe4+63dhDI -4pKzMmdTY9jc1it4V5T1QbIS46SE0ByJBIts9qBBwVQ --> K~i#8-grease Cj3&8-; " -nr1dXH1Vn8mUXtGI ---- +23A15ysmDeSoUnTeKVIYouSDRjAp9uUbHPPVLM3U/8 -C4Hy{C$7,Ѥb3c@Pld0MI܄͙`'L'4_$,Qx -oG2>d[3, p}$m 83x'H~JO0\FT\ \ No newline at end of file +-> ssh-ed25519 V1pwNA spQf5oCQRAoyJLb8Wq9cErj4qFj+QId/ys67Had2kxg +cPPYFx2dR80YO2KdyuY/AosyMOx9clhLJoeccTpPC+0 +-> ssh-ed25519 rIwlvw xAa7x2i9mo1N+t+OxGTf/GaeQY4u5XH8Do05ttkSNkM +zSRUYIwphS5fgJ6U3t8aFiz4Iv6UIBI1ryHU9tFsM+8 +-> ssh-ed25519 q8eJgg +d9fWOcWcHD4vsz8+ZtBl9SsmEgs5znDs7/nDcY3ii4 +5mtaV89yy0D2nD5Zuq3hy9+2dnLIY7vKyp/h7rUStoM +-> ssh-ed25519 IzAMqA JZ/JHVH1SzapEZafmwcl79wzaIosUBpusOvIyqVLtBw +qBPjkftgOv34UFGagJdxWnEV4lHwk74s9RvGXmbAMnQ +-> ssh-ed25519 uZzB3g 9eZmtlV60jjnoqaIM4Bxo8ryCBgp05QeTG4pWkJtBUs +secthoMxhrG1PWu6YiaqdYe8WE1JpF3KegAEv4Hrwa8 +-> ssh-ed25519 Hb0ipQ HyzrqvhewmvrtHNyt7JLgscbRn2dC2w6t/J9n3PLczY +0G/ZiV7afnfv1Iv1fZ8k8a5R63N3ssqqrnhBusP5kvg +-> ssh-ed25519 IzAMqA 2xvnn64o2YvsDk0EF8KxCqh9ihGkNn0gBqEpZdyL1ww +8XR9wPOrDixfOrZvUVdDFKcFwXx6OPwG0x3cXz474lo +-> Yme2D,Gd-grease +YSlDoRK+90hE7lEFMFl9+OtPCiGspgVVJVg04uAxmzhhUrY4tKXnCGhSizFDL57j +474F +--- A0sroroLWAvldY2Ry21ctNIhA1WW3r3BJEveeNd2Qm8 +qoTDŽGM/} 大JyxEsm{q1SwFejK>F!D,ukKX5! rA + h]m {m"ƺɴ \ No newline at end of file diff --git a/secrets/gitlab/db_pw.age b/secrets/gitlab/db_pw.age index d030ca7..f26f2f4 100644 --- a/secrets/gitlab/db_pw.age +++ b/secrets/gitlab/db_pw.age @@ -1,15 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA TjC5DbimRqNNh0UQsk2YMgxoVZOQkWsNB10TmlPZLUM -H2H0Jpztcbn15L1Ff1teeWgZaoeKszVWG2GJKkBFuWA --> ssh-ed25519 rIwlvw 9wk9lmhZBsiM5ifMGxlo+8YAKy325ru7u/MZA6gEzng -cAZ0/OqScj9x6vt4gvsrtqi36iIbT+n+iTySssKh3Fg --> ssh-ed25519 q8eJgg Jn7hc5D6m/P7qxdpfQ2hRKKQPchrwtKhV6crxW05RTs -jM16eEteWG2ezgVnBB5t5JrhwnsAKr4cz8srqiWKzR8 --> ssh-ed25519 uZzB3g qC7Mr+9evdjoSka/x5criNYkuha4SuAp/yrCK6dcUWQ -JPHRq5iV9aP2/tBPAuq8wI3eQN2JHH6jNZfK2Fckshk --> ):,9TlwC-grease d?Jj?5>< -I0u2aN62wlBng0jlPPGRwXz5zJbcxW7PLOwHkRkLuHcNNtimd5QpRcr984eBa2hD -HF7n ---- 09T0lHOZiky+5dFYWvhtP6iEHrhHaub8bymCKwzOJmY -`>b_x+{1d%g5li]y܊!$h6AGn3SwNLR1LЊt -q]A arȎDד;Mnk 41W؟֌c2Ywo>}7PW()MWʺMʯls< )E{$j] \ No newline at end of file +-> ssh-ed25519 V1pwNA 6IrV0i7/PONl/4OUyCKwV8A0gao3b6OFNuDpMCJFphY +kldeDhXcpUZ5BGnvJWI30rolcxMiJKIE3vbNgX/o0aE +-> ssh-ed25519 rIwlvw MvBrTwknEme1pjq9pQHVxN9nGW/rCgini8jJ7PLn+Xw +38r9FrUoPbVI6QTZc1a/dskZVuAu8JNhl05J4G7Dqkg +-> ssh-ed25519 q8eJgg rIdtjhNPhDpyJCWvxNS4epmKSmBw+E+IgTFgxrKsZUI +lXxl0h5tEo5a/tXHjZVSao70JIHlSV50BihGiWCqK8Y +-> ssh-ed25519 uZzB3g ry4kzjUrw++lbesQ7LTJOUwVOe8JVwxVXmz65BruDWs +MHjoVNTTkl+B63I4aHYV9TSWIjI4ZzzsYmeCsHvbY3g +-> H#-grease +7j/og2Resq7mDcJ2saALdxFGNLj47TS9TLb6VrBX3ZDv6Q9tz547pvvRlhUEeqeV +We3M8IFvUYlGJpKheyxaxQ +--- KlxQa4U2lJoThWwv5aQSRA38Tv/lH+i+vvIE0SI9jH0 +"&.Hm\u.)Enli_<٪)yx8/7PgH ћf_s${0t8:ӠsHAI)}VeJAcˊΥB!7qZkJb#zP_ \ No newline at end of file diff --git a/secrets/gitlab/ldap_pw.age b/secrets/gitlab/ldap_pw.age index 6fba186..ce4d04f 100644 Binary files a/secrets/gitlab/ldap_pw.age and b/secrets/gitlab/ldap_pw.age differ diff --git a/secrets/gitlab/pw.age b/secrets/gitlab/pw.age index 1f96682..059c456 100644 Binary files a/secrets/gitlab/pw.age and b/secrets/gitlab/pw.age differ diff --git a/secrets/gitlab/runners/runner01.age b/secrets/gitlab/runners/runner01.age index 81f1aca..f4ff3b3 100644 Binary files a/secrets/gitlab/runners/runner01.age and b/secrets/gitlab/runners/runner01.age differ diff --git a/secrets/gitlab/runners/runner02.age b/secrets/gitlab/runners/runner02.age index 2413980..1818fb5 100644 Binary files a/secrets/gitlab/runners/runner02.age and b/secrets/gitlab/runners/runner02.age differ diff --git a/secrets/gitlab/secrets_db.age b/secrets/gitlab/secrets_db.age index 6934358..9954973 100644 Binary files a/secrets/gitlab/secrets_db.age and b/secrets/gitlab/secrets_db.age differ diff --git a/secrets/gitlab/secrets_jws.age b/secrets/gitlab/secrets_jws.age index 5ec637e..fc42335 100644 Binary files a/secrets/gitlab/secrets_jws.age and b/secrets/gitlab/secrets_jws.age differ diff --git a/secrets/gitlab/secrets_otp.age b/secrets/gitlab/secrets_otp.age index aa25623..5d1a92b 100644 --- a/secrets/gitlab/secrets_otp.age +++ b/secrets/gitlab/secrets_otp.age @@ -1,15 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA n+nAfsTposX7lyNEDSYfPrAEdLEgLx4Jj2Y00yVfk3E -NrtcL/FaaFKpXgUITbNby6ePXCeKALdhsAY/wIYji3g --> ssh-ed25519 rIwlvw x3e5S+n59DmdjRoRwwnPrnCjJU86s21f+sGM8ACczgk -r4ucjan1nqdJ8oMC/AGGxDYLQKNllCSNUJHvXTYzkEQ --> ssh-ed25519 q8eJgg buPBic/APo3xcrUaGlxdtOyzV5I3fSZ9xL/+SXgcDWY -lMe216HpOdOSQ+7bdrFASmCP1kEeW7viOpqEerBrWUs --> ssh-ed25519 uZzB3g vugTWgwhcrJFVLdKLzOX/Q5VgLpShPd2AEP9/G2QPnE -YXeFw3C+fdC9V0iMxq+QdEllG6AsRi3j0YaoRKCZFXA --> v4gvO-grease '9WE x$#:\zh 2 `/< -uz9eGfsOZoXGI5CS4SuVsgbX2T32Xb6dNIAgR0LPQq+cuUDRMHITAGnI5uMTykOp -lU9KufA/IBIRrIKar8Ke16N2AuJMjrLjV/w ---- Ovf178SvMCjueE2y1Wc2ABfTdYX0xXyKJjKvjfle0L8 -/^Y} U6as2Eٖw^g.wټ" 2 -% E72 #3b \ No newline at end of file +-> ssh-ed25519 V1pwNA vlOKBZSGYTKaBrR9LH9j6XDIFaC0QdTcqoKb29jZH28 +Y8PP5MGzYa6gZI2UZI/1oEkJn9mrlMEopIFdjRRay4Y +-> ssh-ed25519 rIwlvw QsURw9Wh5wzsuWx5cQ+0mQlEgf9+16GlxtadK75V3QE +JqWvq+mW/sUD+8mxH61wL55IXUqMrPdtRyXNsbElUHs +-> ssh-ed25519 q8eJgg FTcsAMC68txZ9KecDLry/Pj2T9B/uRWLPbarxmdasXY +CrvQ4JwMb+NNXEJpNf9MxJ5yqtY7hnHq+63Y52S+/4Y +-> ssh-ed25519 uZzB3g L/hV6+Ahz/ubJMgTA2FtheMnt//IQwaVkgFe8gM/oRY +EOD4EFmtJfQov9Q1NM4nFfO2oOdtQjn4JjTceNmMv0U +-> 8XJhbl-grease 8=-Z^L; ItoN/ TH> +Oe8DdlSevaLkILk4CKA5rxSibIXMXoaH1ha5Of2lVQUfkzeY/SWMHCzmjjQv7GKM +TK/aXM12QS7LXqSnfhE +--- 4CD+VyrWBs8D/yZ9Knyxs2S0pXttSf4gJiHCWvDSBjE +|q.&)ïX0})"8Y_]&wqdy?o.O2l;lS.oh߰5=&#Tb3Q]S -̫XBwD ظR5$MN%Xj6&6?r]tBm(ޟ= \ No newline at end of file diff --git a/secrets/gitlab/secrets_secret.age b/secrets/gitlab/secrets_secret.age index 3bf916e..4017337 100644 Binary files a/secrets/gitlab/secrets_secret.age and b/secrets/gitlab/secrets_secret.age differ diff --git a/secrets/ldap/details.age b/secrets/ldap/details.age index 51b031c..0099846 100644 Binary files a/secrets/ldap/details.age and b/secrets/ldap/details.age differ diff --git a/secrets/ldap/pw.age b/secrets/ldap/pw.age index 7a10dd4..4a2d904 100644 Binary files a/secrets/ldap/pw.age and b/secrets/ldap/pw.age differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 4639eb7..f2b09cf 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -12,7 +12,6 @@ let # change this when its properly set up agentjones = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAbqYQrdVHmGgXZJoMWWRDGVEIj775Zrf4PxB5hoth+k root@agentjones"; - ash = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJDVQGjIwMQmkElGshgKDAlChM2xdNN6iI5Ap2IbAs5"; # dns servers vendetta = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINxTrUPZPqttuxfmmP8BTACTAkv1yY1nfzEd64hN4LT+ root@vendetta"; vigil = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICDsz1bjNAThqwF48dKIJGOECsCKHTj/Gn5Gh9XyzoSO root@vigil"; @@ -32,9 +31,10 @@ let skynet = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAIFPXJswth8H1k8+zrg8vCnPkfG1hIIa3wR9DBmjpB5 root@skynet"; + earth = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMpvgQcvK7iAm0QrIp5qSvUJzDhOrSBN9MJn9JUSI31I root@earth"; + systems = [ agentjones - ash vendetta vigil galatea @@ -45,6 +45,7 @@ let gir neuromancer skynet + earth ]; dns = [ @@ -76,8 +77,10 @@ let galatea # Games optimus - # skynet is a webserver + # skynet is a webserver for users skynet + # our offical server + earth ] # ldap servers are web facing ++ ldap diff --git a/secrets/stream_ulfm.age b/secrets/stream_ulfm.age index 7b1ad93..5d0f536 100644 Binary files a/secrets/stream_ulfm.age and b/secrets/stream_ulfm.age differ