feat: setup elisabeth

hosts/elisabeth/default.nix

@@ -14,6 +14,7 @@
 
       ../../modules/config
       ../../modules/optional/initrd-ssh.nix
+      ../../modules/optional/secureboot.nix
 
       ../../modules/hardware/physical.nix
       ../../modules/hardware/zfs.nix

hosts/elisabeth/guests.nix

@@ -121,7 +121,11 @@ in {
           node.secretsDir = ./secrets/${guestName};
           systemd.network.networks."10-${config.guests.${guestName}.networking.mainLinkName}" = {
             DHCP = lib.mkForce "no";
-            address = [(ipOf guestName)];
+            address = [
+              (
+                lib.net.cidr.hostCidr config.secrets.secrets.global.net.ips."${config.guests.${guestName}.nodeName}" config.secrets.secrets.global.net.privateSubnet
+              )
+            ];
             gateway = [(lib.net.cidr.host 1 config.secrets.secrets.global.net.privateSubnet)];
           };
         }

hosts/elisabeth/net.nix

@@ -7,8 +7,8 @@
     inherit (config.secrets.secrets.local.networking) hostId;
   };
   systemd.network.networks = {
-    "lan01" = {
-      address = [(lib.net.cidr.host config.secrets.secrets.global.net.ips.${config.node.name} config.secrets.secrets.global.net.privateSubnet)];
+    "10-lan01" = {
+      address = [(lib.net.cidr.hostCidr config.secrets.secrets.global.net.ips.${config.node.name} config.secrets.secrets.global.net.privateSubnet)];
       gateway = [(lib.net.cidr.host 1 config.secrets.secrets.global.net.privateSubnet)];
       #matchConfig.MACAddress = config.secrets.secrets.local.networking.interfaces.lan01.mac;
       matchConfig.Name = "lan";
@@ -22,8 +22,8 @@
     enable = true;
     networks = {
       # redo the network cause the livesystem has macvlans
-      "lan01" = {
-        address = [(lib.net.cidr.host config.secrets.secrets.global.net.ips.${config.node.name} config.secrets.secrets.global.net.privateSubnet)];
+      "10-lan01" = {
+        address = [(lib.net.cidr.hostCidr config.secrets.secrets.global.net.ips.${config.node.name} config.secrets.secrets.global.net.privateSubnet)];
         gateway = [(lib.net.cidr.host 1 config.secrets.secrets.global.net.privateSubnet)];
         matchConfig.MACAddress = config.secrets.secrets.local.networking.interfaces.lan01.mac;
         networkConfig = {

hosts/elisabeth/secrets/adguardhome/host.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJrtGpaL39TCloyatv2MJ6H+IUwMBxwO/PdugyYwCPvN

hosts/elisabeth/secrets/gitea/host.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINHGEV0vuqSAvT07Sl56Lo3o5U6EU5uSrfTFe5BF5QnX

hosts/elisabeth/secrets/host.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/1vC6GL2Xb9eIQaNKnSOQgN5bglns2Nh5dykkFqYMC

hosts/elisabeth/secrets/nextcloud/host.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKlZoZI1rYOR8wLywWIjtLQLpnflXF7fHhYPZbgd0Gq1

hosts/elisabeth/secrets/samba/host.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINnHM1ElW8cdCZaC4D3q5wS0P9/6A6VvZ7V49suxNWaV

hosts/elisabeth/secrets/vaultwarden/host.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIHyOMSi8aRtXIEWoMuUfGQl2H6SGSdpl8VuxiEKD9F8

pkgs/deploy.nix

@@ -67,8 +67,8 @@
         if [[ $1 == *"@"* ]]; then
         	arr=()
         	echo -n "$1" | readarray -d "@" -t arr
-        	system=''${arr[0]}
-        	host=''${arr[1]}
+        	system="''${arr[0]}"
+        	host="root@''${arr[1]}"
         else
         	system=$1
         	host=$system

users/patrick/ssh.nix

@@ -47,10 +47,6 @@
         hostname = "valhalla.fs.tum.de";
         user = "grossmann";
       };
-      "elisabethprivate" = {
-        hostname = "lel.lol";
-        user = "patrick";
-      };
       "binex" = {
         hostname = "praksrv.sec.in.tum.de";
         user = "team402";