tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 9 Pull requests Releases Activity

WIP: Add hetzner config

Browse source
This commit is contained in:
Tristan Daniël Maat 2024-03-02 02:27:24 +01:00
parent 3e1c95797c
commit 5b6983bc56
Signed by: tlater
GPG key ID: 49670FD774E43268
8 changed files with 288 additions and 287 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.sops.yaml
View file

@ -1,6 +1,7 @@
keys: keys:
- &tlater 535B61015823443941C744DD12264F6BBDFABA89 - &tlater 535B61015823443941C744DD12264F6BBDFABA89
- &server_tlaternet 8a3737d48f1035fe6c3a0a8fd6a1976ca74c7f3b - &server_tlaternet 8a3737d48f1035fe6c3a0a8fd6a1976ca74c7f3b
- &server_hetzner1 0af7641adb8aa843136cf6d047f71da3e5ad79f9
- &server_staging 2f5caa73e7ceea4fcc8d2881fde587e6737d2dbc - &server_staging 2f5caa73e7ceea4fcc8d2881fde587e6737d2dbc
creation_rules: creation_rules:
@ -9,6 +10,7 @@ creation_rules:
- pgp: - pgp:
- *tlater - *tlater
- *server_tlaternet - *server_tlaternet
- *server_hetzner1
- path_regex: keys/staging.yaml - path_regex: keys/staging.yaml
key_groups: key_groups:
- pgp: - pgp:

1
configuration/default.nix
View file

@ -7,6 +7,7 @@
... ...
}: { }: {
imports = [ imports = [
flake-inputs.disko.nixosModules.disko
flake-inputs.sops-nix.nixosModules.sops flake-inputs.sops-nix.nixosModules.sops
flake-inputs.tlaternet-webserver.nixosModules.default flake-inputs.tlaternet-webserver.nixosModules.default

38
configuration/hardware-specific/hetzner/default.nix Normal file
View file

@ -0,0 +1,38 @@
{
imports = [
./hardware-configuration.nix
./disko.nix
];
systemd.network.networks."eth0" = {
matchConfig.MACAddress = "90:1b:0e:c1:8c:62";
addresses = [
# IPv4
{
addressConfig = {
Address = "116.202.158.55";
Peer = "116.202.158.1/32"; # Gateway
};
}
# IPv6
{
addressConfig.Address = "2a01:4f8:10b:3c85::2/64";
}
];
networkConfig = {
Gateway = [
"116.202.158.1"
"fe80::1"
];
DNS = [
"185.12.64.1"
"185.12.64.2"
"2a01:4ff:ff00::add:1"
"2a01:4ff:ff00::add:2"
];
};
};
}

82
configuration/hardware-specific/hetzner/disko.nix Normal file
View file

@ -0,0 +1,82 @@
{
disko.devices.disk = let
bootPartition = {
size = "1M";
type = "EF02";
};
swapPartition = {
# 8G is apparently recommended for this much RAM, but we set up
# 4G on both disks for mirroring purposes.
#
# That'll still be 8G during normal operation, and it's probably
# not too bad to have slightly less swap if a disk dies.
size = "4G";
content = {
type = "swap";
randomEncryption = true;
};
};
mountOptions = ["compress=zstd" "noatime"];
in {
sda = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
boot = bootPartition;
swap = swapPartition;
disk1 = {
size = "100%";
# Empty partition to combine in RAID0 with the other disk
};
};
};
};
sdb = {
type = "disk";
device = "/dev/sdb";
content = {
type = "gpt";
partitions = {
boot = bootPartition;
swap = swapPartition;
disk2 = {
size = "100%";
content = {
type = "btrfs";
# Hack to get multi-device btrfs going
# See https://github.com/nix-community/disko/issues/99
extraArgs = ["-d" "raid1" "-m" "raid1" "--runtime-features" "quota" "/dev/sda3"];
subvolumes = {
"/volume" = {};
"/volume/root" = {
inherit mountOptions;
mountpoint = "/";
};
"/volume/home" = {
inherit mountOptions;
mountpoint = "/home";
};
"/volume/var" = {
inherit mountOptions;
mountpoint = "/var";
};
"/volume/nix-store" = {
mountpoint = "/nix";
mountOptions = mountOptions ++ ["noxattr" "noacl"];
};
"/snapshots" = {};
};
};
};
};
};
};
};
}

25
configuration/hardware-specific/hetzner/hardware-configuration.nix Normal file
View file

@ -0,0 +1,25 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

358
flake.lock
View file

@ -1,39 +1,5 @@
{ {
"nodes": { "nodes": {
"all-cabal-json": {
"flake": false,
"locked": {
"lastModified": 1665552503,
"narHash": "sha256-r14RmRSwzv5c+bWKUDaze6pXM7nOsiz1H8nvFHJvufc=",
"owner": "nix-community",
"repo": "all-cabal-json",
"rev": "d7c0434eebffb305071404edcf9d5cd99703878e",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "hackage",
"repo": "all-cabal-json",
"type": "github"
}
},
"crane": {
"flake": false,
"locked": {
"lastModified": 1681175776,
"narHash": "sha256-7SsUy9114fryHAZ8p1L6G6YSu7jjz55FddEwa2U8XZc=",
"owner": "ipetkov",
"repo": "crane",
"rev": "445a3d222947632b5593112bb817850e8a9cf737",
"type": "github"
},
"original": {
"owner": "ipetkov",
"ref": "v0.12.1",
"repo": "crane",
"type": "github"
}
},
"deploy-rs": { "deploy-rs": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
@ -54,47 +20,38 @@
"type": "github" "type": "github"
} }
}, },
"devshell": { "disko": {
"flake": false, "inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1663445644, "lastModified": 1709286488,
"narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=", "narHash": "sha256-RDpTZ72zLu05djvXRzK76Ysqp9zSdh84ax/edEaJucs=",
"owner": "numtide", "owner": "nix-community",
"repo": "devshell", "repo": "disko",
"rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66", "rev": "bde7dd352c07d43bd5b8245e6c39074a391fdd46",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "numtide", "owner": "nix-community",
"repo": "devshell", "repo": "disko",
"type": "github" "type": "github"
} }
}, },
"dream2nix": { "dream2nix": {
"inputs": { "inputs": {
"all-cabal-json": "all-cabal-json",
"crane": "crane",
"devshell": "devshell",
"drv-parts": "drv-parts",
"flake-compat": "flake-compat_3",
"flake-parts": "flake-parts",
"flake-utils-pre-commit": "flake-utils-pre-commit",
"ghc-utils": "ghc-utils",
"gomod2nix": "gomod2nix",
"mach-nix": "mach-nix",
"nix-pypi-fetcher": "nix-pypi-fetcher",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgsV1": "nixpkgsV1", "purescript-overlay": "purescript-overlay",
"poetry2nix": "poetry2nix", "pyproject-nix": "pyproject-nix"
"pre-commit-hooks": "pre-commit-hooks",
"pruned-racket-catalog": "pruned-racket-catalog"
}, },
"locked": { "locked": {
"lastModified": 1686064783, "lastModified": 1702457430,
"narHash": "sha256-qyptOk4vDut2JkRMJ+815eJNqqd8gIfjpz3l4WCCtMY=", "narHash": "sha256-8NQiXtYCOiC7XFayy6GPGDudCBrPROry3mfWjpdVj5g=",
"owner": "nix-community", "owner": "nix-community",
"repo": "dream2nix", "repo": "dream2nix",
"rev": "0c064fa9dd025069cc215b0a8b4eb5ea734aceb0", "rev": "262198033e23e9ee832f0cc8133d38f07598f555",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -103,38 +60,6 @@
"type": "github" "type": "github"
} }
}, },
"drv-parts": {
"inputs": {
"flake-compat": [
"tlaternet-webserver",
"dream2nix",
"flake-compat"
],
"flake-parts": [
"tlaternet-webserver",
"dream2nix",
"flake-parts"
],
"nixpkgs": [
"tlaternet-webserver",
"dream2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1680698112,
"narHash": "sha256-FgnobN/DvCjEsc0UAZEAdPLkL4IZi2ZMnu2K2bUaElc=",
"owner": "davhau",
"repo": "drv-parts",
"rev": "e8c2ec1157dc1edb002989669a0dbd935f430201",
"type": "github"
},
"original": {
"owner": "davhau",
"repo": "drv-parts",
"type": "github"
}
},
"fenix": { "fenix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -144,11 +69,11 @@
"rust-analyzer-src": "rust-analyzer-src" "rust-analyzer-src": "rust-analyzer-src"
}, },
"locked": { "locked": {
"lastModified": 1686637310, "lastModified": 1704003651,
"narHash": "sha256-sGfKyioVsxQppDM0eDO62wtFiz+bZOD0cBMMIEjqn4I=", "narHash": "sha256-bA3d4E1CX5G7TVbKwJOm9jZfVOGOPp6u5CKEUzNsE8E=",
"owner": "nix-community", "owner": "nix-community",
"repo": "fenix", "repo": "fenix",
"rev": "6fbeedcd2fc1fba77152e13fd7492824d77a4060", "rev": "c6d82e087ac96f24b90c5787a17e29a72566c2b4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -189,44 +114,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"tlaternet-webserver",
"dream2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1675933616,
"narHash": "sha256-/rczJkJHtx16IFxMmAWu5nNYcSXNg1YYXTHoGjLrLUA=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "47478a4a003e745402acf63be7f9a092d51b83d7",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_2"
@ -245,21 +132,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils-pre-commit": {
"locked": {
"lastModified": 1644229661,
"narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"foundryvtt": { "foundryvtt": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -280,69 +152,6 @@
"type": "github" "type": "github"
} }
}, },
"ghc-utils": {
"flake": false,
"locked": {
"lastModified": 1662774800,
"narHash": "sha256-1Rd2eohGUw/s1tfvkepeYpg8kCEXiIot0RijapUjAkE=",
"ref": "refs/heads/master",
"rev": "bb3a2d3dc52ff0253fb9c2812bd7aa2da03e0fea",
"revCount": 1072,
"type": "git",
"url": "https://gitlab.haskell.org/bgamari/ghc-utils"
},
"original": {
"type": "git",
"url": "https://gitlab.haskell.org/bgamari/ghc-utils"
}
},
"gomod2nix": {
"flake": false,
"locked": {
"lastModified": 1627572165,
"narHash": "sha256-MFpwnkvQpauj799b4QTBJQFEddbD02+Ln5k92QyHOSk=",
"owner": "tweag",
"repo": "gomod2nix",
"rev": "67f22dd738d092c6ba88e420350ada0ed4992ae8",
"type": "github"
},
"original": {
"owner": "tweag",
"repo": "gomod2nix",
"type": "github"
}
},
"mach-nix": {
"flake": false,
"locked": {
"lastModified": 1634711045,
"narHash": "sha256-m5A2Ty88NChLyFhXucECj6+AuiMZPHXNbw+9Kcs7F6Y=",
"owner": "DavHau",
"repo": "mach-nix",
"rev": "4433f74a97b94b596fa6cd9b9c0402104aceef5d",
"type": "github"
},
"original": {
"id": "mach-nix",
"type": "indirect"
}
},
"nix-pypi-fetcher": {
"flake": false,
"locked": {
"lastModified": 1669065297,
"narHash": "sha256-UStjXjNIuIm7SzMOWvuYWIHBkPUKQ8Id63BMJjnIDoA=",
"owner": "DavHau",
"repo": "nix-pypi-fetcher",
"rev": "a9885ac6a091576b5195d547ac743d45a2a615ac",
"type": "github"
},
"original": {
"owner": "DavHau",
"repo": "nix-pypi-fetcher",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1702272962, "lastModified": 1702272962,
@ -391,21 +200,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgsV1": {
"locked": {
"lastModified": 1678500271,
"narHash": "sha256-tRBLElf6f02HJGG0ZR7znMNFv/Uf7b2fFInpTHiHaSE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5eb98948b66de29f899c7fe27ae112a47964baf8",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.11",
"type": "indirect"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1703467016, "lastModified": 1703467016,
@ -424,17 +218,18 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1665580254, "lastModified": 1702272962,
"narHash": "sha256-hO61XPkp1Hphl4HGNzj1VvDH5URt7LI6LaY/385Eul4=", "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "f634d427b0224a5f531ea5aa10c3960ba6ec5f0f", "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "nixpkgs", "owner": "NixOS",
"ref": "nixos-unstable", "ref": "nixpkgs-unstable",
"type": "indirect" "repo": "nixpkgs",
"type": "github"
} }
}, },
"nvfetcher": { "nvfetcher": {
@ -459,70 +254,50 @@
"type": "github" "type": "github"
} }
}, },
"poetry2nix": { "purescript-overlay": {
"flake": false,
"locked": {
"lastModified": 1666918719,
"narHash": "sha256-BkK42fjAku+2WgCOv2/1NrPa754eQPV7gPBmoKQBWlc=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "289efb187123656a116b915206e66852f038720e",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "1.36.0",
"repo": "poetry2nix",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": { "inputs": {
"flake-utils": [
"tlaternet-webserver",
"dream2nix",
"flake-utils-pre-commit"
],
"nixpkgs": [ "nixpkgs": [
"tlaternet-webserver", "tlaternet-webserver",
"dream2nix", "dream2nix",
"nixpkgs" "nixpkgs"
] ],
"slimlock": "slimlock"
}, },
"locked": { "locked": {
"lastModified": 1646153636, "lastModified": 1696022621,
"narHash": "sha256-AlWHMzK+xJ1mG267FdT8dCq/HvLCA6jwmx2ZUy5O8tY=", "narHash": "sha256-eMjFmsj2G1E0Q5XiibUNgFjTiSz0GxIeSSzzVdoN730=",
"owner": "cachix", "owner": "thomashoneyman",
"repo": "pre-commit-hooks.nix", "repo": "purescript-overlay",
"rev": "b6bc0b21e1617e2b07d8205e7fae7224036dfa4b", "rev": "047c7933abd6da8aa239904422e22d190ce55ead",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "cachix", "owner": "thomashoneyman",
"repo": "pre-commit-hooks.nix", "repo": "purescript-overlay",
"type": "github" "type": "github"
} }
}, },
"pruned-racket-catalog": { "pyproject-nix": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1672537287, "lastModified": 1702448246,
"narHash": "sha256-SuOvXVcLfakw18oJB/PuRMyvGyGG1+CQD3R+TGHIv44=", "narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=",
"owner": "nix-community", "owner": "davhau",
"repo": "pruned-racket-catalog", "repo": "pyproject.nix",
"rev": "c8b89557fb53b36efa2ee48a769c7364df0f6262", "rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "davhau",
"ref": "catalog", "ref": "dream2nix",
"repo": "pruned-racket-catalog", "repo": "pyproject.nix",
"type": "github" "type": "github"
} }
}, },
"root": { "root": {
"inputs": { "inputs": {
"deploy-rs": "deploy-rs", "deploy-rs": "deploy-rs",
"disko": "disko",
"foundryvtt": "foundryvtt", "foundryvtt": "foundryvtt",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
@ -534,11 +309,11 @@
"rust-analyzer-src": { "rust-analyzer-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1686586902, "lastModified": 1703965384,
"narHash": "sha256-+zfBFBmUxWutKbhdntI9uvF4D5Rh7BhcByM2l+ReyTw=", "narHash": "sha256-3iyouqkBvhh/E48TkBlt4JmmcIEyfQwY7pokKBx9WNg=",
"owner": "rust-lang", "owner": "rust-lang",
"repo": "rust-analyzer", "repo": "rust-analyzer",
"rev": "1f1fe81f0db301124b3026bd2940294526cdd852", "rev": "e872f5085cf5b0e44558442365c1c033d486eff2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -548,6 +323,29 @@
"type": "github" "type": "github"
} }
}, },
"slimlock": {
"inputs": {
"nixpkgs": [
"tlaternet-webserver",
"dream2nix",
"purescript-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688610262,
"narHash": "sha256-Wg0ViDotFWGWqKIQzyYCgayeH8s4U1OZcTiWTQYdAp4=",
"owner": "thomashoneyman",
"repo": "slimlock",
"rev": "b5c6cdcaf636ebbebd0a1f32520929394493f1a6",
"type": "github"
},
"original": {
"owner": "thomashoneyman",
"repo": "slimlock",
"type": "github"
}
},
"sops-nix": { "sops-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -608,11 +406,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1686688441, "lastModified": 1704840002,
"narHash": "sha256-rcqAQzExGu0uV9Din8yy+Nn8FQvG/Itm8hp66amDj6o=", "narHash": "sha256-ik2LeuRjcnRXwBLoRSOyGEMXscE+coO8G79IFhZhdJk=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "c573a6f81827594ceeffbfa058659e2fc20e4a1e", "rev": "d14f50c8dcc8ab30a5e5fa907b392ac0df6c7b52",
"revCount": 66, "revCount": 73,
"type": "git", "type": "git",
"url": "https://gitea.tlater.net/tlaternet/tlaternet.git" "url": "https://gitea.tlater.net/tlaternet/tlaternet.git"
}, },

41
flake.nix
View file

@ -4,6 +4,10 @@
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.url = "github:serokell/deploy-rs";
sops-nix = { sops-nix = {
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
@ -47,21 +51,44 @@
./configuration/hardware-specific/linode ./configuration/hardware-specific/linode
]; ];
}; };
hetzner-1 = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs.flake-inputs = inputs;
modules = [
./configuration
./configuration/hardware-specific/hetzner
];
};
}; };
############################ ############################
# Deployment configuration # # Deployment configuration #
############################ ############################
deploy.nodes.tlaternet = { deploy.nodes = {
hostname = "tlater.net"; tlaternet = {
hostname = "tlater.net";
profiles.system = { profiles.system = {
user = "root"; user = "root";
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.tlaternet; path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.tlaternet;
};
sshUser = "tlater";
sshOpts = ["-p" "2222" "-o" "ForwardAgent=yes"];
}; };
sshUser = "tlater"; hetzner-1 = {
sshOpts = ["-p" "2222" "-o" "ForwardAgent=yes"]; hostname = "116.202.158.55";
profiles.system = {
user = "root";
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.tlaternet;
};
sshUser = "root";
};
}; };
######### #########

28
keys/hosts/hetzner.asc Normal file
View file

@ -0,0 +1,28 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
xsFNBAAAAAABEADQWw0P407m704eEqPWA2SxNYdVIOAWPFPS1AJBOQycDMW3Mgv3
v26H5Oan4t1ZD4yLYsJu6HcrGsIY3Xnhd/JGHVd8eazxl092rdAWUaLRPXusUKxY
KbtBij1U4dkV5npcWyzBN3pzNbU8iItyYS9aOTO6N51QJ3sNIflp+tSf+0Yg26DM
cXZsAQLERdCgttnbd8hoYE3ge02FDwKIY/pr7cVvdOnrsFcOugNTCvCsJQPVknUz
sE/BOtFEBnV5Hw7S5ahO4EEvdQpW+VJLa6XRrH8vXB/LJIoPtw11AKA6Rpb/AvG9
JOKxhSEODVLcdmg5y2dZDrSg5tSzWikCkhPgxcDdhYK+kYwOOCZCwijMmD+cm2J9
aDPuQho0LBwnwbTsQuXrPNMSGMFP9F1LVbr4X64x0J2E/70ic96xI3F5E+KHpTFL
kBOr66IFfd91gWLIbxYYtwyx19dPQ7LgZ0GWAMgfHnOdtMwO0Tduubhvq8m7to5B
wD3VN2Tz/2OUa0gbJrnznaMrSOIj1nOU3FLBjT9/wh9DpXMbZw6D2fzqdt03Kpw9
XjqJzXN1iRkcMpYkxic1Eq2yoAEtLr13cLv+9Dlkvi01kwN/MxwgnQGuc7/R4ZyA
Z4aQtviPhT7geIOtY1jH9ZKosEVg2eXyI7YSxHvdXY+vCcwqzh8x+gRJowARAQAB
zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT
AQgAFgUCAAAAAAkQR/cdo+WtefkCGw8CGQEAAHNAEACZcvbykefvO1cYp3VEGyHI
rjCdA+docXXpyZOe9OcNzB1HBjOLwe9cJgkPnTtDZMYhrN6vnb2td7xiX8LVvhgZ
npSCWtdqXo/EbkN88CP4GraT/9aaB6Joa2RSlZz5jSv3kuq+Q1QXxQqly5/qYhpS
Ibz3ZWcovI1tMcdvA/u74oQ+4m0Mgqbyg9G2vwAygsexdHQMY+L0SDXI1GMX8z0A
zFmtIlYkgqMoJY8qeJniwkmrHoLyFLIjnjQERV0FtQJ3S3sL63JVDNiA4OmwxIlR
M+6LcRDcVqPDEOJxgCKkd6Cg9vOGyCdMTsI42pMuQOflhntx6Ez9tkyQQtkH1dS6
n9wqmBL47GaZE32GepzvJw3aix87UouuZr8NlzsIr937rp9s3kW4+WpzakimBNjs
kRWNhMaty2az171g3rvnL8yDejibE1OCHMakq7RUtYWC7Z8pNm2eHtHfTnH9qAZe
mRcTiiY308ZI046muN9BAg1/m7v/sD3uEI8YXz7kb3lTWb0iioyUZqo0bqNhADEG
5WLka2RK5fPnsyEalZ8mumUdGCH5iXKmXjK85GUaRwHgJUjhTdnpuqiuwVS3fxvN
KlPP59q/kbWXL6bnVokvzBuW5GRl8im7qw8ggrEuxmSFD1WQLkvswLum6mVvDFpS
HX938nRTHMgZfPW/gvR2aA==
=nrXn
-----END PGP PUBLIC KEY BLOCK-----