--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIF2jCCA8KgAwIBAgIIVogyQTSIzc8wDQYJKoZIhvcNAQELBQAwgYYxGDAWBgNV
+BAMTD1Jpc2V1cCBOZXR3b3JrczEYMBYGA1UEChMPUmlzZXVwIE5ldHdvcmtzMRAw
+DgYDVQQHEwdTZWF0dGxlMQswCQYDVQQIEwJXQTELMAkGA1UEBhMCVVMxJDAiBgkq
+hkiG9w0BCQEWFWNvbGxlY3RpdmVAcmlzZXVwLm5ldDAiGA8yMDE2MDEwMjIwMjU0
+MFoYDzIwMjYwMzMwMjAyNjAxWjCBhjEYMBYGA1UEAxMPUmlzZXVwIE5ldHdvcmtz
+MRgwFgYDVQQKEw9SaXNldXAgTmV0d29ya3MxEDAOBgNVBAcTB1NlYXR0bGUxCzAJ
+BgNVBAgTAldBMQswCQYDVQQGEwJVUzEkMCIGCSqGSIb3DQEJARYVY29sbGVjdGl2
+ZUByaXNldXAubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw2VV
+uoz4xqeB1ROIwXBRaj0prOqEFX89A7+2rslGRfjM8NPHyBLGleoHTK3DPwadtQeg
+ulaEOAjM5EMXTEX/o9H46L6h729HUWPCwVssvvOjyxTyGJDf7Ihd/Ab7ODtlJSyc
+g31aXMioA5pGz5QnS3VGz4nE9+NL+jobc/NbhaacsEPR/7xO7meRNu/1S+YiHK1y
+BSVrfap3XItlcNHDGNQkPyyJbS3pAS1lQs2HCBTzcFCamCkDOC7cRh9wZ4GH8U2f
+2s0mDD5zhRpheNW4gFBtGpqHiRXv7WJW612aaXzKQQoIq2loGNvOpnyBPKL3jjUT
+Rxv5IzWMV0nAofMCy25u/S4J65uSEd9mLNXFJ3rl+cFaybcOUXktTbS7bZy6cMyf
+/gO28bEXIWr5WfZf8jCbPyOVfExZquG3aS+0YPWmIJCheXQzgiwplZy93oND1GGQ
+f+1R2F7GPwNXQdefv2xm7PTWhHbSWHHmeY89qYED+yFJrX5ChoFoBbYs1lMmdU/C
+2MnQBFtvcVockXFAUONyMKiq8ZP6sQ1lu0rO9Bvkhx55sJLZOmjN3g4S1K97PbbI
+5DzHKcR0JQSt8ZtCY/MuMbwvlNYo98bFWvlfKET0KPtogNNH0PNfJmStKR8jWGjE
+HnUNXo7YDfK90iEKTjLz2K5CYzH5Dm6iYJNaaykCAwEAAaNGMEQwEgYDVR0TAQH/
+BAgwBgEB/wIBADAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTGek7ebtq2Ibm+
+2K6je1IMobvEkzANBgkqhkiG9w0BAQsFAAOCAgEAO2B3jnL+8LeoRkc282qUpHyu
+xYj0Qd68l0CJ0FjfA2OCR/6h1W4gZVH+fTd/mhgrNXj28GRT53JEh1jdRC7ENTXu
+W9O8I9gCbWQ6V4nkZ9lpq8UEmKTFGnngVu8VCmSDF+y0kFuEtmt0jyd2UkJfC/vy
+Gh78OCHEdGAeOTYHXamiuA9Z7wMuncPjP476gSW2kfWTdxV25ad4tT5dA5d42xDm
+YE2UKzHeB9amOmvyh08LPD0idT5oROCIHsHBhQC9oltJXO5j6GyHRg88C1inyv6R
+xk+w9ek4wSBpoJg5t3hdbZr3JTUsuu4WPtAET0fMQpJC+niaBbegwtvdLZFM+d8x
+ead3ZpMO+XrpazDFGtdPTQdi5EIYmr2RL9eTeQbVPwMB9TgFpBXP+iYIuTpNo8jn
+8zS4EcPRmz6PQJVK4zkHczfvquyU9RuOwEgb8qN4tSNxF0Z94uSVUoXCG9WZLf8q
+MfsGesYiR/qLnLn3MfAyWm3OVOUvGzczDE2T8VvY7rXc2+8ra5aK0TNAgEz9ey6D
+/dGzM1JCCe1A08s+2+eRX//pmqmOCoGrY7zwIVS2T249h6iIMM9yT0C3ZXRoTnVN
+osyidOkVuQr0YK6shJ0WaK4F1MktdjOZKPoIc9QLw+TrSU2hfyla36T0bNWMC/TJ
+YtxDI+d1jIFZ7zMmts4=
+-----END CERTIFICATE-----
--- /dev/null
+*.clear filter=git-crypt-sourcephile diff=git-crypt-sourcephile
+*.cred filter=git-crypt-sourcephile diff=git-crypt-sourcephile
+*.gpg filter=git-crypt-sourcephile diff=git-crypt-sourcephile
+*.pem filter=git-crypt-sourcephile diff=git-crypt-sourcephile
+*.pub filter=git-crypt-sourcephile diff=git-crypt-sourcephile
+*.crt filter=git-crypt-sourcephile diff=git-crypt-sourcephile
+.gpg-id filter=git-crypt-sourcephile diff=git-crypt-sourcephile
systemd.services."nebula@${domain}" = {
stopIfChanged = false;
serviceConfig.LoadCredentialEncrypted = [
- "${hostName}.key:${builtins.path { path = inputs.self + "/hosts/${hostName}/nebula/${hostName}.key.cred"; }}"
+ "${hostName}.key:${builtins.path { path = inputs.self + "/hosts/${hostName}/nebula/${domain}/${hostName}.key.cred"; }}"
];
};
install.target = lib.mkDefault "\"\${NIXOS_TARGET:-root@${config.networking.hostName}.sp}\"";
};
services.nebula.networks.${domain} = {
enable = true;
- ca = lib.mkDefault (./. + "/${domain}/ca.crt");
- cert = lib.mkDefault (builtins.path { path = inputs.self + "/share/nebula/${domain}/${hostName}.crt"; });
+ ca = lib.mkDefault (builtins.path { path = inputs.self + "/domains/${domain}/nebula/ca.crt"; });
+ cert = lib.mkDefault (builtins.path { path = inputs.self + "/hosts/${hostName}/nebula/${domain}/${hostName}.crt"; });
key = "/run/credentials/nebula@${domain}.service/${hostName}.key";
listen.host = lib.mkDefault "0.0.0.0";
tun.device = lib.mkDefault "neb-sourcephile";
];
in
unions [
+ (fileFilter (file: lib.any file.hasExt exts) ./domains)
(fileFilter (file: lib.any file.hasExt exts) ./home-manager)
(fileFilter (file: lib.any file.hasExt exts) ./homes)
(fileFilter (file: lib.any file.hasExt exts) ./hosts)
(fileFilter (file: lib.any file.hasExt exts) ./nixos)
(fileFilter (file: lib.any file.hasExt exts) ./nixpkgs)
- (fileFilter (file: lib.any file.hasExt exts) ./share)
(fileFilter (file: lib.any file.hasExt exts) ./users)
./shell.nix
];
in
{
imports = [
- ../../share/nebula/sourcephile.fr.nix
+ ../../domains/sourcephile.fr/nebula.nix
];
services.nebula.networks.${domain} = {
listen.port = 10006;
in
{
imports = [
- ../../share/nebula/sourcephile.fr.nix
+ ../../domains/sourcephile.fr/nebula.nix
];
services.nebula.networks.${domain} = {
listen.port = 10008;
in
{
imports = [
- ../../share/nebula/sourcephile.fr.nix
+ ../../domains/sourcephile.fr/nebula.nix
];
services.nebula.networks.${domain} = {
listen.port = 10007;
in
{
imports = [
- ../../share/nebula/sourcephile.fr.nix
+ ../../domains/sourcephile.fr/nebula.nix
];
services.nebula.networks.${domain} = {
listen.port = 10003;
in
{
imports = [
- ../../share/nebula/sourcephile.fr.nix
+ ../../domains/sourcephile.fr/nebula.nix
];
services.nebula.networks.${domain} = {
listen.port = 10004;
+++ /dev/null
-*.clear filter=git-crypt-share diff=git-crypt-share
-*.cred filter=git-crypt-share diff=git-crypt-share
-*.gpg filter=git-crypt-share diff=git-crypt-share
-*.pem filter=git-crypt-share diff=git-crypt-share
-*.pub filter=git-crypt-share diff=git-crypt-share
-*.crt filter=git-crypt-share diff=git-crypt-share
-.gpg-id filter=git-crypt-share diff=git-crypt-share
+++ /dev/null
------BEGIN NEBULA CERTIFICATE-----
-CokBChhhdWJlcmdpbmUuc291cmNlcGhpbGUuZnISCYaAgFCAgPz/DyILc291cmNl
-cGhpbGUiBWludHJhKLWO3K8GMO/ouI8SOiAccxX8Jzi9FI2e/Yh5VkURDdELD4Nf
-nHrUlz/g7zSDW0ogT12XQtGmo1KYFJld9fyI2ODJNOU53FVGucTkOsv4w+MSQOjA
-LfKVl+3/oc+n4dAcfL8pShHYjhMLjBQYEUko8ULDvva+3pBMu3krz+vd1r87AKTI
-m3PUaTpgoGERoiNUXAc=
------END NEBULA CERTIFICATE-----
+++ /dev/null
------BEGIN NEBULA CERTIFICATE-----
-CooBChlibGFja2JlcnJ5LnNvdXJjZXBoaWxlLmZyEgmIgIBQgID8/w8iC3NvdXJj
-ZXBoaWxlIgVpbnRyYSj1g/i1BjDv6LiPEjogx+muhsdSLTpROSA5kOcRpWSACdW7
-90+ue4gxz7wSPVhKIE9dl0LRpqNSmBSZXfX8iNjgyTTlOdxVRrnE5DrL+MPjEkBu
-HbCVxDIxAAALUPFKBdmEk4xcQwAfWqOr3EQSDGF1KKBsVv7Hq10REcPySLchivrR
-CjKWCKUA6rYrr3FUyWYK
------END NEBULA CERTIFICATE-----
+++ /dev/null
------BEGIN NEBULA CERTIFICATE-----
-CkAKDnNvdXJjZXBoaWxlLmZyKPCs2K8GMPDouI8SOiD4GC2UVf1R5eLLNEFlmHof
-sp4byvgQMM59Ri2wnbHvYUABEkBX2XOp6Pcnc4PuYqsHCHK7Tq4IcpFrBx5HfnRB
-/glWVOZ0Hi+ArCpAhmmB1eKUoFipLHNSi9LzWoCx76Phcx8H
------END NEBULA CERTIFICATE-----
+++ /dev/null
------BEGIN NEBULA CERTIFICATE-----
-CoYBChVjb3VyZ2Uuc291cmNlcGhpbGUuZnISCYeAgFCAgPz/DyILc291cmNlcGhp
-bGUiBWludHJhKPiE3q8GMO/ouI8SOiCdZFVrNr9Ah4qHKcdbqwZBsShwfNYDVfuQ
-OS4BI9LASEogT12XQtGmo1KYFJld9fyI2ODJNOU53FVGucTkOsv4w+MSQP9BwoV6
-2YaWOU5rAZgkykk3+4MqXttJXO5qiKEb677N201Y4S0FoCHKYZQSfhqBNBaZlB1q
-ZZW9kNEJpEfalQ0=
------END NEBULA CERTIFICATE-----
+++ /dev/null
------BEGIN NEBULA CERTIFICATE-----
-CoYBChVvaWdub24uc291cmNlcGhpbGUuZnISCYOAgFCAgPz/DyILc291cmNlcGhp
-bGUiBWludHJhKPyd2a8GMO/ouI8SOiDHOKijOiCGarZ3vs5L9FFx2p+KRuOSRdpu
-6TrD+X8yFEogT12XQtGmo1KYFJld9fyI2ODJNOU53FVGucTkOsv4w+MSQGO+sm1Q
-tCt+mvE7KTuwPfxHZeBr3NF4FbFeQ/m3Lp2BxfLABc8ApbVtN1PmZYCeZxaQDVZe
-/SItzcNjsNGa0A8=
------END NEBULA CERTIFICATE-----
sourcephile / git / julm / julm-nix.git / commitdiff