From 6527ec8b358585cb0bb53a6bcc6de63410d8dcb1 Mon Sep 17 00:00:00 2001 From: kat witch Date: Mon, 29 Mar 2021 05:35:21 +0100 Subject: [PATCH] project-wide: DNS testing --- hosts/athame/meta.nix | 15 +++++++++++++++ lib/deploy.nix | 43 +++++++++++++++++++------------------------ lib/unused | 23 +++++++++++++++++++++++ 3 files changed, 57 insertions(+), 24 deletions(-) create mode 100644 lib/unused diff --git a/hosts/athame/meta.nix b/hosts/athame/meta.nix index bc69e604..929346c1 100644 --- a/hosts/athame/meta.nix +++ b/hosts/athame/meta.nix @@ -8,11 +8,26 @@ host = "athame.kittywit.ch"; }; }; + + resources.athame_test_domain = { + provider = "dns"; + type = "a_record_set"; + inputs = { + zone = "kittywit.ch."; + name = "testy"; + addresses = [ + "168.119.126.111" + ]; + ttl = 300; + }; + }; + deploy.systems.athame = with config.resources; { nixosConfig = hosts.athame.config; connection = athame.connection.set; triggers.copy.athame = athame.refAttr "id"; triggers.secrets.athame = athame.refAttr "id"; + triggers.switch.athame = athame_test_domain.refAttr "id"; }; }; } diff --git a/lib/deploy.nix b/lib/deploy.nix index a5a032a4..641a9e46 100644 --- a/lib/deploy.nix +++ b/lib/deploy.nix @@ -52,8 +52,27 @@ let value.shellCommand = "bitw get infra/hcloud_token"; }; + variables.glauca_key = { + type = "string"; + value.shellCommand = "bitw get infra/rfc2136 -f username"; + }; + + variables.glauca_secret = { + type = "string"; + value.shellCommand = "bitw get infra/rfc2136 -f password"; + }; + providers.hcloud = { inputs.token = config.variables.hcloud_token.ref; }; + providers.dns = { + inputs.update = { + server = "45.129.95.255"; + key_name = config.variables.glauca_key.ref; + key_secret = config.variables.glauca_secret.ref; + key_algorithm = "hmac-sha512"; + }; + }; + resources = with config.resources; { hcloud_ssh_key = { provider = "hcloud"; @@ -64,30 +83,6 @@ let "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocjQqiDIvzq+Qu3jkf7FXw5piwtvZ1Mihw9cVjdVcsra3U2c9WYtYrA3rS50N3p00oUqQm9z1KUrvHzdE+03ZCrvaGdrtYVsaeoCuuvw7qxTQRbItTAEsfRcZLQ5c1v/57HNYNEsjVrt8VukMPRXWgl+lmzh37dd9w45cCY1QPi+JXQQ/4i9Vc3aWSe4X6PHOEMSBHxepnxm5VNHm4PObGcVbjBf0OkunMeztd1YYA9sEPyEK3b8IHxDl34e5t6NDLCIDz0N/UgzCxSxoz+YJ0feQuZtud/YLkuQcMxW2dSGvnJ0nYy7SA5DkW1oqcy6CGDndHl5StOlJ1IF9aGh0gGkx5SRrV7HOGvapR60RphKrR5zQbFFka99kvSQgOZqSB3CGDEQGHv8dXKXIFlzX78jjWDOBT67vA/M9BK9FS2iNnBF5x6shJ9SU5IK4ySxq8qvN7Us8emkN3pyO8yqgsSOzzJT1JmWUAx0tZWG/BwKcFBHfceAPQl6pwxx28TM3BTBRYdzPJLTkAy48y6iXW6UYdfAPlShy79IYjQtEThTuIiEzdzgYdros0x3PDniuAP0KOKMgbikr0gRa6zahPjf0qqBnHeLB6nHAfaVzI0aNbhOg2bdOueE1FX0x48sjKqjOpjlIfq4WeZp9REr2YHEsoLFOBfgId5P3BPtpBQ== cardno:000612078454"; }; }; - - athame-testing = { - provider = "hcloud"; - type = "server"; - inputs = { - name = "athame-testing"; - image = "ubuntu-20.04"; - server_type = "cpx21"; - location = "nbg1"; - backups = false; - ssh_keys = [ (hcloud_ssh_key.refAttr "id") ]; - }; - connection = { host = config.lib.tf.terraformSelf "ipv4_address"; }; - provisioners = [ - { - remote-exec.command = - "curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NO_REBOOT=true PROVIDER=hetznercloud NIX_CHANNEL=nixos-20.09 bash 2>&1 | tee /tmp/infect.log"; - } - { - remote-exec.command = "reboot"; - onFailure = "continue"; - } - ]; - }; }; })) { }; in { diff --git a/lib/unused b/lib/unused new file mode 100644 index 00000000..dc24ce76 --- /dev/null +++ b/lib/unused @@ -0,0 +1,23 @@ + athame-testing = { + provider = "hcloud"; + type = "server"; + inputs = { + name = "athame-testing"; + image = "ubuntu-20.04"; + server_type = "cpx21"; + location = "nbg1"; + backups = false; + ssh_keys = [ (hcloud_ssh_key.refAttr "id") ]; + }; + connection = { host = config.lib.tf.terraformSelf "ipv4_address"; }; + provisioners = [ + { + remote-exec.command = + "curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NO_REBOOT=true PROVIDER=hetznercloud NIX_CHANNEL=nixos-20.09 bash 2>&1 | tee /tmp/infect.log"; + } + { + remote-exec.command = "reboot"; + onFailure = "continue"; + } + ]; + };