c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

freifunk: obtain flaky secrets

This commit is contained in:
Astro 2021-03-05 01:16:57 +01:00
parent 1d3568bfe6
commit 1a559b36e5
3 changed files with 15 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
flake.lock
View File

@ -39,11 +39,11 @@
}, },
"secrets": { "secrets": {
"locked": { "locked": {
"lastModified": 1614812093, "lastModified": 1614901575,
"narHash": "sha256-ca+4c4t4ALcXhlmrBGLZ+odG8QWGcJTMiyLZUe8gSkY=", "narHash": "sha256-aGKpOBH/3REMxsyGddq7Jd+uhCAj5hfHIFr3otJUZXo=",
"ref": "master", "ref": "master",
"rev": "169bddfd0cfea16ad74dc95187ca7c3ac40b6a11", "rev": "990543b60319b1d09d13c3e7506188a69f690c8e",
"revCount": 78, "revCount": 79,
"type": "git", "type": "git",
"url": "ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git" "url": "ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git"
}, },

10
flake.nix
View File

@ -89,8 +89,14 @@
}; };
freifunk = nixosSystem' { freifunk = nixosSystem' {
modules = modules = [
[ (import ./hosts/containers/freifunk { inherit secrets; }) ]; ./hosts/containers/freifunk
({ ... }: {
nixpkgs.overlays = with secrets.overlays; [
freifunk ospf
];
})
];
system = "x86_64-linux"; system = "x86_64-linux";
}; };

15
hosts/containers/freifunk/default.nix
View File

@ -1,4 +1,3 @@
{ secrets }:
{ config, pkgs, lib, modulesPath, hostRegistry, ... }: { config, pkgs, lib, modulesPath, hostRegistry, ... }:
let let
@ -7,8 +6,7 @@ let
meshInterface = "bmx"; meshInterface = "bmx";
meshLoopback = "bmx_prime"; meshLoopback = "bmx_prime";
ddmeshRegisterUrl = "https://register.freifunk-dresden.de/bot.php"; ddmeshRegisterUrl = "https://register.freifunk-dresden.de/bot.php";
secrets' = import "${secrets}/hosts/freifunk"; ddmeshRegisterKey = pkgs.c3d2-freifunk.ddmeshRegisterKey;
ddmeshRegisterKey = secrets'.ddmeshRegisterKey;
ddmeshNode = 51073; ddmeshNode = 51073;
ddmeshAddrPart = "200.74"; ddmeshAddrPart = "200.74";
rt_table = 7; rt_table = 7;
@ -198,9 +196,7 @@ in {
stubnet 10.200.0.0/15; stubnet 10.200.0.0/15;
interface "core" { interface "core" {
authentication cryptographic; authentication cryptographic;
password "${ password "${pkgs.zentralwerk-ospf-message-digest-key}";
import "${secrets}/shared/ospf/message-digest-key.nix"
}";
}; };
}; };
} }
@ -212,12 +208,7 @@ in {
2a02:8106:208:5200::/56; 2a02:8106:208:5200::/56;
2a02:8106:211:e900::/56; 2a02:8106:211:e900::/56;
}; };
interface "core" { interface "core" {};
#authentication cryptographic;
#password "${
import "${secrets}/shared/ospf/message-digest-key.nix"
}";
};
}; };
} }