freifunk: obtain flaky secrets

This commit is contained in:
Astro 2021-03-05 01:16:57 +01:00
parent 1d3568bfe6
commit 1a559b36e5
3 changed files with 15 additions and 18 deletions

View File

@ -39,11 +39,11 @@
},
"secrets": {
"locked": {
"lastModified": 1614812093,
"narHash": "sha256-ca+4c4t4ALcXhlmrBGLZ+odG8QWGcJTMiyLZUe8gSkY=",
"lastModified": 1614901575,
"narHash": "sha256-aGKpOBH/3REMxsyGddq7Jd+uhCAj5hfHIFr3otJUZXo=",
"ref": "master",
"rev": "169bddfd0cfea16ad74dc95187ca7c3ac40b6a11",
"revCount": 78,
"rev": "990543b60319b1d09d13c3e7506188a69f690c8e",
"revCount": 79,
"type": "git",
"url": "ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git"
},

View File

@ -89,8 +89,14 @@
};
freifunk = nixosSystem' {
modules =
[ (import ./hosts/containers/freifunk { inherit secrets; }) ];
modules = [
./hosts/containers/freifunk
({ ... }: {
nixpkgs.overlays = with secrets.overlays; [
freifunk ospf
];
})
];
system = "x86_64-linux";
};

View File

@ -1,4 +1,3 @@
{ secrets }:
{ config, pkgs, lib, modulesPath, hostRegistry, ... }:
let
@ -7,8 +6,7 @@ let
meshInterface = "bmx";
meshLoopback = "bmx_prime";
ddmeshRegisterUrl = "https://register.freifunk-dresden.de/bot.php";
secrets' = import "${secrets}/hosts/freifunk";
ddmeshRegisterKey = secrets'.ddmeshRegisterKey;
ddmeshRegisterKey = pkgs.c3d2-freifunk.ddmeshRegisterKey;
ddmeshNode = 51073;
ddmeshAddrPart = "200.74";
rt_table = 7;
@ -198,9 +196,7 @@ in {
stubnet 10.200.0.0/15;
interface "core" {
authentication cryptographic;
password "${
import "${secrets}/shared/ospf/message-digest-key.nix"
}";
password "${pkgs.zentralwerk-ospf-message-digest-key}";
};
};
}
@ -212,12 +208,7 @@ in {
2a02:8106:208:5200::/56;
2a02:8106:211:e900::/56;
};
interface "core" {
#authentication cryptographic;
#password "${
import "${secrets}/shared/ospf/message-digest-key.nix"
}";
};
interface "core" {};
};
}