configs/networks.nix

{ pkgs, config, lib, ... }:
let sshPort = 22022;
in {
  networking.hosts = lib.mapAttrs (_: value: [ (value + ".local") ]) {
    "192.168.178.1" = "router";
    "192.168.178.21" = "scardanelli";
    "192.168.178.22" = "homeros";
    "192.168.178.24" = "lestrade";
    "192.168.178.27" = "printer";
  } // {
    "42:0:ca48:f98f:63d7:31ce:922b:245d" = [ "go" ];
  };

  networking.wireless = {
    enable = true;
    userControlled.enable = true;
    networks = {
      Aether = { pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a"; };
      EasyBox-927376 = { pskRaw = "dbd490ab69b39bd67cfa06daf70fc3ef3ee90f482972a668ed758f90f5577c22"; };
      "Asoziales Netzwerk" = { pskRaw = "8e234041ec5f0cd1b6a14e9adeee9840ed51b2f18856a52137485523e46b0cb6"; };
      c-base-public = {};
    };
  };

  # for kdeconnect
  networking.firewall = {
    allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
    allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
  };

  home-manager.users.kfm = {
    services.kdeconnect = {
      enable = true;
      indicator = true;
    };

    programs.ssh = {
      enable = true;
      matchBlocks = {
        lestrade = {
          hostname = "lestrade.local";
          user = "pi";
        };
        scardanelli = {
          hostname = "scardanelli.local";
          user = "kfm";
          port = sshPort;
        };
        homeros = {
          hostname = "homeros.local";
          user = "kfm";
          port = sshPort;
        };
      };
    };
  };

  programs.ssh = {
    startAgent = true;
    knownHosts = [];
    forwardX11 = true;
  };

  services.openssh = {
    ports = [ sshPort ];
    enable = true;
    forwardX11 = true;
    passwordAuthentication = false;
  };

  users.users.kfm.openssh.authorizedKeys.keys = [
    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDn13Y6CznabMvKJPIrr/dj1TX4boe8F98yc3FDElJeprQo2RXlDzjg/po9/lHTHaoC5yQUjlRg/AnI4vizYkn2sqJebAeSPahmpS+l0eFnjZgsqds2cCFqSPB6Qc5YEkGRhN4aq/ABz0jdFJLBYOYGxuuXowYxyNrqrItxDR7tF7upG+kVjYiDoP/qFm8C7zv6Zy8aoehNbzf8HlIJd0ITbMr/vUftNsQ8C84QmbZljReHmchPgE8GUfVLTlCORkhndbvNX3jXo+75y7JOIZZ6193FZHM4seg/VSDWYLJtpnhttD1w6qmiLrlimqbJB9ihoXq2eDmQ+4zo6hxQ6pFH6P0xQClJ0hxVWn6hEM3rkMwoMfbq4v54gKJsYxcGdnwjAX6d9DQv/QVjmVZffKWsGGoC7uz7bdmc0akVKi+GLSPOx8sJwXqvyvFStfqLaweVcuikUqQ72JLK7pZyliA7na6KuQ1PE3LTpfSr0lbBJ73xtS2rU1nF/Oe5zwA4LX5s/QeDVmS86D8acUrSCO62pBB3Yv8go0KR4mEvfxLiUWV6gR2uTeIPXvo4ouYFZqyABAGybjUATlGCXJaeHd/y/VWkpIB8ocqNESlRMCEe4TrYjw91AEmYBL6kWIeop3dyhovm3dTB3fQvC97kbL16wuXBrOcN4lEc+56ShhmvdQ== kieran.meinhardt@gmail.com" # homeros
    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com" # scardanelli
  ];

  networking.retiolum = {
    scardanelli = {
      ipv4 = "10.243.2.2";
      ipv6 = "42:0:3c46:4007:5bce:f1bc:606b:2b18";
    };
    homeros = {
      ipv4 = "10.243.2.1";
      ipv6 = "42:0:3c46:53e:e63d:e62a:56ea:c705";
    };
  }.${config.networking.hostName};

  environment.etc."tinc/retiolum/rsa_key.priv" = {
    text = (import ../secrets.nix).retiolum.${config.networking.hostName}.privateKey;
    mode = "400";
  };
}
pimp network/ssh config 2019-01-27 11:16:11 +01:00			`{ pkgs, config, lib, ... }:`
remove ssh password auth 2019-01-27 15:50:46 +01:00			`let sshPort = 22022;`
			`in {`
pimp network/ssh config 2019-01-27 11:16:11 +01:00			`networking.hosts = lib.mapAttrs (_: value: [ (value + ".local") ]) {`
			`"192.168.178.1" = "router";`
remove ssh password auth 2019-01-27 15:50:46 +01:00			`"192.168.178.21" = "scardanelli";`
pimp network/ssh config 2019-01-27 11:16:11 +01:00			`"192.168.178.22" = "homeros";`
remove ssh password auth 2019-01-27 15:50:46 +01:00			`"192.168.178.24" = "lestrade";`
			`"192.168.178.27" = "printer";`
add "go" to hosts 2019-01-27 11:34:50 +01:00			`} // {`
			`"42:0:ca48:f98f:63d7:31ce:922b:245d" = [ "go" ];`
. + Bluetooth audio ~ Move more consequently to configs/graphics + configs/networks ~ Make battery info platform neutral + xautolock: killer ~ redshift: manual location ~ unclutter: increase timeout + packages 2018-09-22 20:26:42 +02:00			`};`

+ typora libertine 2018-12-18 23:40:58 +01:00			`networking.wireless = {`
			`enable = true;`
			`userControlled.enable = true;`
			`networks = {`
			`Aether = { pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a"; };`
merge 2019-01-08 18:24:32 +01:00			`EasyBox-927376 = { pskRaw = "dbd490ab69b39bd67cfa06daf70fc3ef3ee90f482972a668ed758f90f5577c22"; };`
+ typora libertine 2018-12-18 23:40:58 +01:00			`"Asoziales Netzwerk" = { pskRaw = "8e234041ec5f0cd1b6a14e9adeee9840ed51b2f18856a52137485523e46b0cb6"; };`
merge 2019-01-08 18:24:32 +01:00			`c-base-public = {};`
35c3 + scripts as derivations ~ move home-mananger stuff to the right modules / dot + home-manager ssh config - vim: powerline symbols ~ toggle keyboard with alt+shift + ssh agent at startup ~ retiolum ipv6 ~ texlive packages ~ shell: vim mode + THEMING ~ i3 minimaler + q ~ terminal: use urxvt 2018-12-30 14:34:39 +01:00			`};`
			`};`

			`# for kdeconnect`
			`networking.firewall = {`
			`allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];`
			`allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];`
			`};`

			`home-manager.users.kfm = {`
			`services.kdeconnect = {`
			`enable = true;`
			`indicator = true;`
+ typora libertine 2018-12-18 23:40:58 +01:00			`};`
Move SSH config to network 2019-01-14 15:20:30 +01:00
			`programs.ssh = {`
			`enable = true;`
pimp network/ssh config 2019-01-27 11:16:11 +01:00			`matchBlocks = {`
add local ssh hosts 2019-01-27 11:33:36 +01:00			`lestrade = {`
pimp network/ssh config 2019-01-27 11:16:11 +01:00			`hostname = "lestrade.local";`
			`user = "pi";`
			`};`
add local ssh hosts 2019-01-27 11:33:36 +01:00			`scardanelli = {`
			`hostname = "scardanelli.local";`
			`user = "kfm";`
remove ssh password auth 2019-01-27 15:50:46 +01:00			`port = sshPort;`
add local ssh hosts 2019-01-27 11:33:36 +01:00			`};`
			`homeros = {`
			`hostname = "homeros.local";`
			`user = "kfm";`
remove ssh password auth 2019-01-27 15:50:46 +01:00			`port = sshPort;`
add local ssh hosts 2019-01-27 11:33:36 +01:00			`};`
pimp network/ssh config 2019-01-27 11:16:11 +01:00			`};`
Move SSH config to network 2019-01-14 15:20:30 +01:00			`};`
			`};`

			`programs.ssh = {`
			`startAgent = true;`
			`knownHosts = [];`
pimp network/ssh config 2019-01-27 11:16:11 +01:00			`forwardX11 = true;`
			`};`

			`services.openssh = {`
remove ssh password auth 2019-01-27 15:50:46 +01:00			`ports = [ sshPort ];`
pimp network/ssh config 2019-01-27 11:16:11 +01:00			`enable = true;`
			`forwardX11 = true;`
remove ssh password auth 2019-01-27 15:50:46 +01:00			`passwordAuthentication = false;`
. + Bluetooth audio ~ Move more consequently to configs/graphics + configs/networks ~ Make battery info platform neutral + xautolock: killer ~ redshift: manual location ~ unclutter: increase timeout + packages 2018-09-22 20:26:42 +02:00			`};`
VPN ~ move ghci dotfile + vim: black as python formatter + openvpn + wpa_supplicant_gui + dot2tex + graphviz + hlint ~ nix-shell: use zsh ~ zsh: show whether in nix-shell ~ ghci: hoogle with haddock links ~ ssh: login with hu id (no passphrase) ~ terminal: Source Code Pro 2018-10-31 00:48:32 +01:00
remove ssh password auth 2019-01-27 15:50:46 +01:00			`users.users.kfm.openssh.authorizedKeys.keys = [`
			"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDn13Y6CznabMvKJPIrr/dj1TX4boe8F98yc3FDElJeprQo2RXlDzjg/po9/lHTHaoC5yQUjlRg/AnI4vizYkn2sqJebAeSPahmpS+l0eFnjZgsqds2cCFqSPB6Qc5YEkGRhN4aq/ABz0jdFJLBYOYGxuuXowYxyNrqrItxDR7tF7upG+kVjYiDoP/qFm8C7zv6Zy8aoehNbzf8HlIJd0ITbMr/vUftNsQ8C84QmbZljReHmchPgE8GUfVLTlCORkhndbvNX3jXo+75y7JOIZZ6193FZHM4seg/VSDWYLJtpnhttD1w6qmiLrlimqbJB9ihoXq2eDmQ+4zo6hxQ6pFH6P0xQClJ0hxVWn6hEM3rkMwoMfbq4v54gKJsYxcGdnwjAX6d9DQv/QVjmVZffKWsGGoC7uz7bdmc0akVKi+GLSPOx8sJwXqvyvFStfqLaweVcuikUqQ72JLK7pZyliA7na6KuQ1PE3LTpfSr0lbBJ73xtS2rU1nF/Oe5zwA4LX5s/QeDVmS86D8acUrSCO62pBB3Yv8go0KR4mEvfxLiUWV6gR2uTeIPXvo4ouYFZqyABAGybjUATlGCXJaeHd/y/VWkpIB8ocqNESlRMCEe4TrYjw91AEmYBL6kWIeop3dyhovm3dTB3fQvC97kbL16wuXBrOcN4lEc+56ShhmvdQ== kieran.meinhardt@gmail.com" # homeros
			"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com" # scardanelli
			`];`

Add retiolum config 2018-12-04 21:08:12 +01:00			`networking.retiolum = {`
			`scardanelli = {`
			`ipv4 = "10.243.2.2";`
35c3 + scripts as derivations ~ move home-mananger stuff to the right modules / dot + home-manager ssh config - vim: powerline symbols ~ toggle keyboard with alt+shift + ssh agent at startup ~ retiolum ipv6 ~ texlive packages ~ shell: vim mode + THEMING ~ i3 minimaler + q ~ terminal: use urxvt 2018-12-30 14:34:39 +01:00			`ipv6 = "42:0:3c46:4007:5bce:f1bc:606b:2b18";`
Add retiolum config 2018-12-04 21:08:12 +01:00			`};`
			`homeros = {`
			`ipv4 = "10.243.2.1";`
35c3 + scripts as derivations ~ move home-mananger stuff to the right modules / dot + home-manager ssh config - vim: powerline symbols ~ toggle keyboard with alt+shift + ssh agent at startup ~ retiolum ipv6 ~ texlive packages ~ shell: vim mode + THEMING ~ i3 minimaler + q ~ terminal: use urxvt 2018-12-30 14:34:39 +01:00			`ipv6 = "42:0:3c46:53e:e63d:e62a:56ea:c705";`
Add retiolum config 2018-12-04 21:08:12 +01:00			`};`
			`}.${config.networking.hostName};`

35c3 + scripts as derivations ~ move home-mananger stuff to the right modules / dot + home-manager ssh config - vim: powerline symbols ~ toggle keyboard with alt+shift + ssh agent at startup ~ retiolum ipv6 ~ texlive packages ~ shell: vim mode + THEMING ~ i3 minimaler + q ~ terminal: use urxvt 2018-12-30 14:34:39 +01:00			`environment.etc."tinc/retiolum/rsa_key.priv" = {`
merge 2018-12-30 20:47:09 +01:00			`text = (import ../secrets.nix).retiolum.${config.networking.hostName}.privateKey;`
35c3 + scripts as derivations ~ move home-mananger stuff to the right modules / dot + home-manager ssh config - vim: powerline symbols ~ toggle keyboard with alt+shift + ssh agent at startup ~ retiolum ipv6 ~ texlive packages ~ shell: vim mode + THEMING ~ i3 minimaler + q ~ terminal: use urxvt 2018-12-30 14:34:39 +01:00			`mode = "400";`
			`};`
. + Bluetooth audio ~ Move more consequently to configs/graphics + configs/networks ~ Make battery info platform neutral + xautolock: killer ~ redshift: manual location ~ unclutter: increase timeout + packages 2018-09-22 20:26:42 +02:00			`}`