ptr.pet / ark
this repo has no description
4
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat(wolumonde): setup netbird proper [skip ci]

dusk 6e801036 d540bfe9

+129 -61
+8 -4
deploy.nu
··· 44 44 return {result: $result, elapsed: ($end - $start)} 45 45 } 46 46 47 + let ips = { 48 + wolumonde: "23.88.101.188", 49 + } 50 + 47 51 def deploy [hostname: string] { 48 52 log info $"start deploy host ($hostname)" 49 53 let hooktitle = $"/($hostname)/deploy" ··· 66 70 let result_link = readlink $result_dir 67 71 68 72 # TODO: dont hardcode user 69 - let target = $"root@($hostname)" 73 + let target = $"root@($ips | get $hostname)" 70 74 let copy_cmd = {nix copy --to $"ssh://($target)" $result_link} 71 75 if (run_step "copy to" $copy_cmd) { 72 76 return ··· 114 118 } 115 119 } 116 120 117 - def main [] { 121 + def main [hostname: string = "wolumonde"] { 118 122 webhook "deploy" "=== started deploying all ===" 119 123 120 124 ["blog" "skeetdeck" "brl" "limbusart"] ··· 127 131 webhook "dns" $"=== error pushing dns ===\n\n($err.msg | to text)" 1 128 132 } 129 133 130 - deploy "wolumonde" 131 - } 134 + deploy $hostname 135 + }
+75 -57
dns/dnsconfig.js
··· 1 1 var DSP_CLOUDFLARE = NewDnsProvider("cloudflare"); 2 2 var REG_NONE = NewRegistrar("none"); 3 3 4 - var WOLUMONDE_IP = "23.88.101.188" 4 + var WOLUMONDE_IP = "23.88.101.188"; 5 5 6 - D("gaze.systems", REG_NONE, 7 - DnsProvider(DSP_CLOUDFLARE), 8 - DefaultTTL(1), 9 - A("@", WOLUMONDE_IP, CF_PROXY_OFF), 10 - A("dawn", WOLUMONDE_IP, CF_PROXY_OFF), 11 - A("doc", WOLUMONDE_IP, CF_PROXY_OFF), 12 - A("git", WOLUMONDE_IP, CF_PROXY_OFF), 13 - A("guestbook", WOLUMONDE_IP, CF_PROXY_OFF), 14 - A("limbus", WOLUMONDE_IP, CF_PROXY_OFF), 15 - A("pmart", WOLUMONDE_IP, CF_PROXY_OFF), 16 - A("webhook", WOLUMONDE_IP, CF_PROXY_OFF), 17 - A("dash", WOLUMONDE_IP, CF_PROXY_OFF), // perses 18 - A("knot", WOLUMONDE_IP, CF_PROXY_OFF), 19 - A("spindle", WOLUMONDE_IP, CF_PROXY_OFF), 20 - A("skeetdeck", WOLUMONDE_IP, CF_PROXY_OFF), 21 - A("likes", WOLUMONDE_IP, CF_PROXY_OFF), 22 - // A("bird", WOLUMONDE_IP, CF_PROXY_OFF), 23 - A("id", WOLUMONDE_IP, CF_PROXY_OFF), 24 - // thing 25 - // TXT("id", "a data endpoint for entity with serial id /90008/."), 26 - // TXT("id", "entity linked here uses it/they pronouns. it can be referred to as /dusk/ or /dawn/."), 27 - // TXT("id", "this one is not a human, try to refer to it in third person. use /this one/, /this thing/, etc."), 28 - // TXT("id", "try connecting to https://gaze.systems/about for more information."), 29 - // github pages 30 - CNAME("dev", "90-008.github.io."), 31 - // fastmail 32 - CNAME("fm1._domainkey", "fm1.gaze.systems.dkim.fmhosted.com."), 33 - CNAME("fm2._domainkey", "fm2.gaze.systems.dkim.fmhosted.com."), 34 - CNAME("fm3._domainkey", "fm3.gaze.systems.dkim.fmhosted.com."), 35 - MX("@", 10, "in1-smtp.messagingengine.com."), 36 - MX("@", 20, "in2-smtp.messagingengine.com."), 37 - TXT("@", "v=spf1 include:spf.messagingengine.com ?all"), 38 - TXT("_dmarc", "v=DMARC1; p=none;"), 39 - // resend 40 - MX("send.poke", 10, "feedback-smtp.us-east-1.amazonses.com."), 41 - TXT("resend._domainkey.poke", "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8/06F14LZgg7l6eko9GXasUwCBUGHe1Abd5hMg0Xf9ufdUj7lAUB746DS1ErS04oxGEbCdjamkAGqRsYWvk5KGRIXmeYuKyMPFM44U0dt6caHOIr8pHoDj9ytAJD/RS/p1xQZoFXHBxKgAeEY3TUZy7iNLvGxCLkxuPnO7nlWKwIDAQAB"), 42 - TXT("send.poke", "v=spf1 include:amazonses.com ~all"), 43 - // atproto 44 - // TXT("_atproto", "did=did:plc:dfl62fgb7wtjj3fcbb72naae", TTL(60)), 45 - TXT("_atproto.dusk", "did=did:plc:dfl62fgb7wtjj3fcbb72naae", TTL(60)), 6 + D( 7 + "gaze.systems", 8 + REG_NONE, 9 + DnsProvider(DSP_CLOUDFLARE), 10 + DefaultTTL(1), 11 + A("@", WOLUMONDE_IP, CF_PROXY_OFF), 12 + A("dawn", WOLUMONDE_IP, CF_PROXY_OFF), 13 + A("doc", WOLUMONDE_IP, CF_PROXY_OFF), 14 + A("git", WOLUMONDE_IP, CF_PROXY_OFF), 15 + A("guestbook", WOLUMONDE_IP, CF_PROXY_OFF), 16 + A("limbus", WOLUMONDE_IP, CF_PROXY_OFF), 17 + A("pmart", WOLUMONDE_IP, CF_PROXY_OFF), 18 + A("webhook", WOLUMONDE_IP, CF_PROXY_OFF), 19 + A("dash", WOLUMONDE_IP, CF_PROXY_OFF), // perses 20 + A("knot", WOLUMONDE_IP, CF_PROXY_OFF), 21 + A("spindle", WOLUMONDE_IP, CF_PROXY_OFF), 22 + A("skeetdeck", WOLUMONDE_IP, CF_PROXY_OFF), 23 + A("likes", WOLUMONDE_IP, CF_PROXY_OFF), 24 + A("bird", WOLUMONDE_IP, CF_PROXY_OFF), 25 + A("id", WOLUMONDE_IP, CF_PROXY_OFF), 26 + // thing 27 + // TXT("id", "a data endpoint for entity with serial id /90008/."), 28 + // TXT("id", "entity linked here uses it/they pronouns. it can be referred to as /dusk/ or /dawn/."), 29 + // TXT("id", "this one is not a human, try to refer to it in third person. use /this one/, /this thing/, etc."), 30 + // TXT("id", "try connecting to https://gaze.systems/about for more information."), 31 + // github pages 32 + CNAME("dev", "90-008.github.io."), 33 + // fastmail 34 + CNAME("fm1._domainkey", "fm1.gaze.systems.dkim.fmhosted.com."), 35 + CNAME("fm2._domainkey", "fm2.gaze.systems.dkim.fmhosted.com."), 36 + CNAME("fm3._domainkey", "fm3.gaze.systems.dkim.fmhosted.com."), 37 + MX("@", 10, "in1-smtp.messagingengine.com."), 38 + MX("@", 20, "in2-smtp.messagingengine.com."), 39 + TXT("@", "v=spf1 include:spf.messagingengine.com ?all"), 40 + TXT("_dmarc", "v=DMARC1; p=none;"), 41 + // resend 42 + MX("send.poke", 10, "feedback-smtp.us-east-1.amazonses.com."), 43 + TXT( 44 + "resend._domainkey.poke", 45 + "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8/06F14LZgg7l6eko9GXasUwCBUGHe1Abd5hMg0Xf9ufdUj7lAUB746DS1ErS04oxGEbCdjamkAGqRsYWvk5KGRIXmeYuKyMPFM44U0dt6caHOIr8pHoDj9ytAJD/RS/p1xQZoFXHBxKgAeEY3TUZy7iNLvGxCLkxuPnO7nlWKwIDAQAB", 46 + ), 47 + TXT("send.poke", "v=spf1 include:amazonses.com ~all"), 48 + // atproto 49 + // TXT("_atproto", "did=did:plc:dfl62fgb7wtjj3fcbb72naae", TTL(60)), 50 + TXT("_atproto.dusk", "did=did:plc:dfl62fgb7wtjj3fcbb72naae", TTL(60)), 46 51 ); 47 52 48 - D("9.0.0.0.8.e.f.1.5.0.7.4.0.1.0.0.2.ip6.arpa", REG_NONE, 49 - DnsProvider(DSP_CLOUDFLARE), 50 - DefaultTTL(1), 51 - A("@", WOLUMONDE_IP, CF_PROXY_ON), 52 - TXT("@", "a data endpoint for entity with serial id /90008/."), 53 - TXT("@", "entity linked here uses it/they pronouns. it can be referred to as /dusk/ or /dawn/."), 54 - TXT("@", "this one is not a human, try to refer to it in third person. use /this one/, /this thing/, etc."), 55 - TXT("@", "try connecting to https://gaze.systems/about for more information."), 56 - // atproto 57 - // TXT("_atproto", "did=did:plc:dfl62fgb7wtjj3fcbb72naae"), 53 + D( 54 + "9.0.0.0.8.e.f.1.5.0.7.4.0.1.0.0.2.ip6.arpa", 55 + REG_NONE, 56 + DnsProvider(DSP_CLOUDFLARE), 57 + DefaultTTL(1), 58 + A("@", WOLUMONDE_IP, CF_PROXY_ON), 59 + TXT("@", "a data endpoint for entity with serial id /90008/."), 60 + TXT( 61 + "@", 62 + "entity linked here uses it/they pronouns. it can be referred to as /dusk/ or /dawn/.", 63 + ), 64 + TXT( 65 + "@", 66 + "this one is not a human, try to refer to it in third person. use /this one/, /this thing/, etc.", 67 + ), 68 + TXT( 69 + "@", 70 + "try connecting to https://gaze.systems/about for more information.", 71 + ), 72 + // atproto 73 + // TXT("_atproto", "did=did:plc:dfl62fgb7wtjj3fcbb72naae"), 58 74 ); 59 75 60 - D("poor.dog", REG_NONE, 61 - DnsProvider(DSP_CLOUDFLARE), 62 - DefaultTTL(1), 63 - A("@", WOLUMONDE_IP, CF_PROXY_OFF), 64 - TXT("@", "v=spf1 -all"), 65 - TXT("_dmarc", "v=DMARC1; p=reject;"), 76 + D( 77 + "poor.dog", 78 + REG_NONE, 79 + DnsProvider(DSP_CLOUDFLARE), 80 + DefaultTTL(1), 81 + A("@", WOLUMONDE_IP, CF_PROXY_OFF), 82 + TXT("@", "v=spf1 -all"), 83 + TXT("_dmarc", "v=DMARC1; p=reject;"), 66 84 );
+25
hosts/wolumonde/modules/netbird-client.nix
··· 1 + {config, ...}: { 2 + age.secrets.netbirdClientKey = { 3 + file = ../../../secrets/netbirdClientKey.age; 4 + mode = "660"; 5 + owner = "netbird-wt0"; 6 + group = "netbird-wt0"; 7 + }; 8 + 9 + services.netbird.clients.wt0 = let 10 + mgmtUrl = { 11 + Scheme = "https"; 12 + Host = "${config.services.netbird.server.domain}:443"; 13 + }; 14 + in { 15 + port = 51820; 16 + config = { 17 + ManagementURL = mgmtUrl; 18 + AdminURL = mgmtUrl; 19 + }; 20 + }; 21 + systemd.services.netbird-wt0.postStart = '' 22 + /run/current-system/sw/bin/netbird-wt0 login --setup-key-file ${config.age.secrets.netbirdClientKey.path} 23 + ''; 24 + users.users.root.extraGroups = ["netbird-wt0"]; 25 + }
hosts/wolumonde/modules/netbird.disabled hosts/wolumonde/modules/netbird.nix
hosts/wolumonde/modules/tailscale.nix hosts/wolumonde/modules/tailscale.disabled
+17
secrets/netbirdClientKey.age
··· 1 + age-encryption.org/v1 2 + -> ssh-rsa Abmvag 3 + JrlX9rZWe5KxHucIJCXELGgx551wDYeN7zYhER3tsbfNnslj4uIKx4RZUearln4X 4 + GyGve6DWACACpcDrdT3qlwDZKh2ErFTKJIguHjFxkUYTRNjIjALGJbi8DU809S7b 5 + 9x3CM3UJYvej89X/rVcCYtRpb2lxRepD+/gXzknL5l7YJ1XkeadNI8JBDF7AnB1n 6 + VfP7pCgj+/JLohBgSJRF2hDCTdM06568rpQ0WEPBxYhYlkc6ZZVo35iYMWNN0z+X 7 + fpu8L0FnsHAQXvVuxPqp5/NYeR3G5nFcVE3BBvmuo69t6LWz1fPeOBaskWOow3EV 8 + mN55837oiOEVYlrr6uIB3QdoO8PT/ShJlDZ3mRgkQvpKN09rVrdUgVmn866jskOZ 9 + 7NroMKIwX6eoJ4J/ybo1CrrAOb0CyJm/8lA/kGJabCflSe+tJmVtjJryS3p8SRqw 10 + W3FTT73In0QvtXHmmoQcZ0yknn0hKC8ZqxsHpHZKiBCSWDSuTiTBanHnQ8I7R7Ih 11 + JOkQtuUIis6WnSCcyGgrnTEiU1UX2XxXTlkZQqyjAUQ8/FBvo0jOjKu618HDnX9V 12 + um4qgZHAjWLqF7PTwJQksded+gQofoEZYdnAbQBv/0DifxAgeXyXhUUpu10dlxXG 13 + yGFST8hkVidvsl8TgdTVJ/k06AWeo8tdGllkDwig64E 14 + -> ssh-ed25519 KjIL7g rACRQT54o4a7aNcFBHIG9nnWT5Kw/wXbVT3KlQTUuHk 15 + WWX36nXHWyNz6NV5tI0JegnUuFZLg63ch+huM23kRNo 16 + --- 5wNxiV1zfWyZHBw20ouVbn4CgfkhkwtZUXfu4Jizovo 17 + ��W����M}�)���>���`��S�Lc�TP� Y��k/퍨7\i랿D��QjF�YSuV�?i�0���U�
+4
secrets/secrets.nix
··· 65 65 yusdacra 66 66 wolumonde 67 67 ]; 68 + "netbirdClientKey.age".publicKeys = [ 69 + yusdacra 70 + wolumonde 71 + ]; 68 72 }