Merge pull request 'ci: add self-hosted runner tankstelle' (#198) from feat/add-tankstelle into main

Reviewed-on: pub-solar/infra#198
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
This commit is contained in:
teutat3s 2024-05-31 14:49:20 +00:00
commit 6d8d34123f
Signed by: pub.solar gitea
GPG key ID: F0332B04B7054873
15 changed files with 358 additions and 40 deletions

View file

@ -1,51 +1,13 @@
name: Flake checks name: Flake checks
on: [pull_request] on: [pull_request]
env:
USER: ci
jobs: jobs:
Check: Check:
runs-on: ubuntu-latest runs-on: self-hosted
steps: steps:
- name: Check out repository code - name: Check out repository code
uses: https://code.forgejo.org/actions/checkout@v4 uses: https://code.forgejo.org/actions/checkout@v4
- uses: https://github.com/nixbuild/nix-quick-install-action@v27
with:
load_nixConfig: false
nix_conf: |
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
keep-outputs = true
- name: Calculate flake.lock hash
id: flake-lock-hash
run: |
echo "hash=$(md5sum flake.lock | awk '{print $1}')" >> $GITHUB_OUTPUT
- name: Restore and cache Nix store
uses: https://github.com/nix-community/cache-nix-action@v4.0.3
id: nix-store-cache
with:
key: cache-${{ runner.os }}-nix-store-${{ steps.flake-lock-hash.outputs.hash }}
restore-keys: |
cache-${{ runner.os }}-nix-store-
gc-linux: true
gc-max-store-size-linux: 10000000000
purge-caches: true
purge-key: cache-${{ runner.os }}-nix-store-
purge-created: true
purge-created-max-age: 42
- name: Prepare cachix
uses: https://github.com/cachix/cachix-action@v14
with:
name: pub-solar
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
useDaemon: false
- name: Check formatting - name: Check formatting
run: | run: |
nix --accept-flake-config --access-tokens '' develop --command treefmt --fail-on-change nix --accept-flake-config --access-tokens '' develop --command treefmt --fail-on-change
@ -54,6 +16,8 @@ jobs:
run: | run: |
set -exuo pipefail set -exuo pipefail
# Prevent cache garbage collection by creating GC roots # Prevent cache garbage collection by creating GC roots
mkdir -p /var/lib/gitea-runner/tankstelle/.local/state/nix/results
for target in $(nix flake show --json --all-systems | jq ' for target in $(nix flake show --json --all-systems | jq '
.["nixosConfigurations"] | .["nixosConfigurations"] |
to_entries[] | to_entries[] |
@ -61,7 +25,7 @@ jobs:
' | tr -d '"' ' | tr -d '"'
); do ); do
nix --print-build-logs --verbose --accept-flake-config --access-tokens '' \ nix --print-build-logs --verbose --accept-flake-config --access-tokens '' \
build --out-link ./result-"$target" ".#nixosConfigurations.${target}.config.system.build.toplevel" build --out-link /var/lib/gitea-runner/tankstelle/.local/state/nix/results/"$target" ".#nixosConfigurations.${target}.config.system.build.toplevel"
done done
nix --print-build-logs --verbose --accept-flake-config --access-tokens '' flake check nix --print-build-logs --verbose --accept-flake-config --access-tokens '' flake check

View file

@ -91,6 +91,7 @@
jq jq
]; ];
}; };
devShells.ci = pkgs.mkShell { buildInputs = with pkgs; [ nodejs ]; };
}; };
flake = flake =
@ -122,6 +123,10 @@
hostname = "10.7.6.2"; hostname = "10.7.6.2";
sshUser = username; sshUser = username;
}; };
tankstelle = {
hostname = "80.244.242.5";
sshUser = username;
};
}; };
}; };
}; };

View file

@ -58,6 +58,16 @@
self.nixosModules.loki self.nixosModules.loki
]; ];
}; };
tankstelle = self.nixos-flake.lib.mkLinuxSystem {
imports = [
self.inputs.agenix.nixosModules.default
self.nixosModules.home-manager
./tankstelle
self.nixosModules.overlays
self.nixosModules.core
];
};
}; };
}; };
} }

View file

@ -28,6 +28,15 @@
"fd00:fae:fae:fae:fae:2::/96" "fd00:fae:fae:fae:fae:2::/96"
]; ];
} }
{
# tankstelle.pub.solar
endpoint = "80.244.242.5:51820";
publicKey = "iRTlY1lB7nPXf2eXzX8ZZDkfMmXyGjff5/joccbP8Cg=";
allowedIPs = [
"10.7.6.4/32"
"fd00:fae:fae:fae:fae:4::/96"
];
}
]; ];
}; };
}; };

View file

@ -0,0 +1,13 @@
{ flake, ... }:
{
age.secrets."restic-repo-droppie" = {
file = "${flake.self}/secrets/restic-repo-droppie.age";
mode = "400";
owner = "root";
};
age.secrets."restic-repo-storagebox" = {
file = "${flake.self}/secrets/restic-repo-storagebox.age";
mode = "400";
owner = "root";
};
}

View file

@ -0,0 +1,16 @@
{
flake,
config,
pkgs,
...
}:
{
imports = [ ./hardware-configuration.nix ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
system.stateVersion = "23.11";
}

View file

@ -0,0 +1,13 @@
{ flake, ... }:
{
imports = [
./hardware-configuration.nix
./configuration.nix
./networking.nix
./forgejo-actions-runner.nix
./wireguard.nix
#./backups.nix
];
}

View file

@ -0,0 +1,62 @@
{
config,
lib,
pkgs,
flake,
...
}:
{
age.secrets.tankstelle-forgejo-actions-runner-token = {
file = "${flake.self}/secrets/tankstelle-forgejo-actions-runner-token.age";
mode = "440";
};
# Trust docker bridge interface traffic
# Needed for the docker runner to communicate with the act_runner cache
networking.firewall.trustedInterfaces = [ "br-+" ];
users.users.gitea-runner = {
home = "/var/lib/gitea-runner/tankstelle";
useDefaultShell = true;
group = "gitea-runner";
# Required to interact with nix daemon
extraGroups = [ "wheel" ];
isSystemUser = true;
};
users.groups.gitea-runner = { };
systemd.tmpfiles.rules = [ "d '/var/lib/gitea-runner' 0750 gitea-runner gitea-runner - -" ];
systemd.services."gitea-runner-tankstelle" = {
serviceConfig.DynamicUser = lib.mkForce false;
path = with pkgs; [
coreutils
bash
coreutils
curl
gawk
gitMinimal
gnused
nodejs
wget
cachix
jq
nix
];
};
# forgejo actions runner
# https://forgejo.org/docs/latest/admin/actions/
# https://docs.gitea.com/usage/actions/quickstart
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances."tankstelle" = {
enable = true;
name = config.networking.hostName;
url = "https://git.pub.solar";
tokenFile = config.age.secrets.tankstelle-forgejo-actions-runner-token.path;
labels = [ "self-hosted:host://-self-hosted" ];
};
};
}

View file

@ -0,0 +1,41 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/17531ffc-46bd-4259-8287-2dea73804b5b";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/AF98-AA5C";
fsType = "vfat";
};
swapDevices = [ { device = "/dev/disk/by-uuid/7aee04b5-1ef9-43de-acb4-70ac1238b58a"; } ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1,42 @@
{
config,
pkgs,
flake,
...
}:
{
networking = {
hostName = "tankstelle";
domain = "pub.solar";
enableIPv6 = true;
defaultGateway = {
address = "80.244.242.1";
interface = "enp1s0";
};
defaultGateway6 = {
address = "2001:4d88:1ffa:26::1";
interface = "enp1s0";
};
nameservers = [
"95.129.51.51"
"80.244.244.244"
];
interfaces."enp1s0" = {
ipv4.addresses = [
{
address = "80.244.242.5";
prefixLength = 29;
}
];
ipv6.addresses = [
{
address = "2001:4d88:1ffa:26::5";
prefixLength = 64;
}
];
};
};
# TODO: ssh via wireguard only
services.openssh.openFirewall = true;
}

View file

@ -0,0 +1,45 @@
{
config,
pkgs,
flake,
...
}:
{
networking.firewall.allowedUDPPorts = [ 51820 ];
age.secrets.wg-private-key.file = "${flake.self}/secrets/tankstelle-wg-private-key.age";
networking.wireguard.interfaces = {
wg-ssh = {
listenPort = 51820;
mtu = 1300;
ips = [
"10.7.6.4/32"
"fd00:fae:fae:fae:fae:4::/96"
];
privateKeyFile = config.age.secrets.wg-private-key.path;
peers = flake.self.logins.admins.wireguardDevices ++ [
{
# nachtigall.pub.solar
endpoint = "138.201.80.102:51820";
publicKey = "qzNywKY9RvqTnDO8eLik75/SHveaSk9OObilDzv+xkk=";
allowedIPs = [
"10.7.6.1/32"
"fd00:fae:fae:fae:fae:1::/96"
];
}
];
};
};
#services.openssh.listenAddresses = [
# {
# addr = "10.7.6.4";
# port = 22;
# }
# {
# addr = "[fd00:fae:fae:fae:fae:4::]";
# port = 22;
# }
#];
}

View file

@ -3,6 +3,7 @@ let
nachtigall-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7G0ufi+MNvaAZLDgpieHrABPGN7e/kD5kMFwSk4ABj root@nachtigall"; nachtigall-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7G0ufi+MNvaAZLDgpieHrABPGN7e/kD5kMFwSk4ABj root@nachtigall";
flora-6-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP1InpTBN4AlF/4V8HHumAMLJzeO8DpzjUv9Co/+J09 root@flora-6"; flora-6-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP1InpTBN4AlF/4V8HHumAMLJzeO8DpzjUv9Co/+J09 root@flora-6";
tankstelle-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJdF6cJKPDiloWiDja1ZtqkXDdXOCHPs10HD+JMzgeU4 root@tankstelle";
adminKeys = builtins.foldl' ( adminKeys = builtins.foldl' (
keys: login: keys ++ (builtins.attrValues login.secretEncryptionKeys) keys: login: keys ++ (builtins.attrValues login.secretEncryptionKeys)
@ -10,6 +11,8 @@ let
nachtigallKeys = [ nachtigall-host ]; nachtigallKeys = [ nachtigall-host ];
tankstelleKeys = [ tankstelle-host ];
flora6Keys = [ flora-6-host ]; flora6Keys = [ flora-6-host ];
in in
{ {
@ -17,6 +20,7 @@ in
"nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ adminKeys; "nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ adminKeys;
"nachtigall-wg-private-key.age".publicKeys = nachtigallKeys ++ adminKeys; "nachtigall-wg-private-key.age".publicKeys = nachtigallKeys ++ adminKeys;
"tankstelle-wg-private-key.age".publicKeys = tankstelleKeys ++ adminKeys;
"flora6-wg-private-key.age".publicKeys = flora6Keys ++ adminKeys; "flora6-wg-private-key.age".publicKeys = flora6Keys ++ adminKeys;
"mastodon-secret-key-base.age".publicKeys = nachtigallKeys ++ adminKeys; "mastodon-secret-key-base.age".publicKeys = nachtigallKeys ++ adminKeys;
@ -29,6 +33,7 @@ in
"keycloak-database-password.age".publicKeys = nachtigallKeys ++ adminKeys; "keycloak-database-password.age".publicKeys = nachtigallKeys ++ adminKeys;
"forgejo-actions-runner-token.age".publicKeys = flora6Keys ++ adminKeys; "forgejo-actions-runner-token.age".publicKeys = flora6Keys ++ adminKeys;
"tankstelle-forgejo-actions-runner-token.age".publicKeys = tankstelleKeys ++ adminKeys;
"forgejo-database-password.age".publicKeys = nachtigallKeys ++ adminKeys; "forgejo-database-password.age".publicKeys = nachtigallKeys ++ adminKeys;
"forgejo-mailer-password.age".publicKeys = nachtigallKeys ++ adminKeys; "forgejo-mailer-password.age".publicKeys = nachtigallKeys ++ adminKeys;
"forgejo-ssh-private-key.age".publicKeys = nachtigallKeys ++ adminKeys; "forgejo-ssh-private-key.age".publicKeys = nachtigallKeys ++ adminKeys;

View file

@ -0,0 +1,43 @@
age-encryption.org/v1
-> ssh-ed25519 1X0eLA g7MuhjaILdtN30lT0abiBuT2i2SxE4wzwHffPMbPaxA
5iZOxlFLUaKUhqvGSiyyVy7jrbGcN8Q4DX4xXImDDZM
-> ssh-ed25519 uYcDNw NUtdv3ykepvWklorbni0lMPb31hpHDhVktV6AkqY0Fs
anEK08Yr7WY6xmovVJjxXqy/Z47CU6sUFs/1tZHqHos
-> ssh-rsa f5THog
nCjbVlM7V+AT20HSV7Z9miLlFzVRruxIrPavIrDNLRLnjDn8dkgu2ZnymnXHf9El
GA/tmjF86OKCCOS7AjdSZ0RZIjgOfU/EseWdmaaS5iR6PjDJmuJuGtCwDKloddwO
wS2VeU3tQzF6ayGPFirWYQVOwMCVahe6DB3d+ataXSprhb9DtMxAb7FQ07zl3rrO
VXE82wA4qnwWyLAvZ96XdXYGBpO2vzxEgYzXa1gbHEY38BMUgELyhJJX0c2hEVwv
jT7h4ex4NUK3f3t2JXw/Waz5hHpRYFuzF7u4rZjXZbiW0sgcXHZKF11AEUxASsUl
yul5EEaPI34ISnwpWWuPAuDBskQzgJooeKGi9bQDed8otLy33NxyYgtR1Av4x1cC
PjtkDxuvIooGp1uKgMFdoyWMB+pyd5MOeyqKXl0drTzILBET1quLBDuyAntvGriS
c8Cj05YpLEh/gmPZ3KzLyGaKcELL8YYco+NkUwr1LNe/OEMbHcLc9q5fVfsN5BYz
w1hQ24c8JGW1/1DFG+R0+MfcF4jFVyiqk9ctRlKqoA8dnFmkMDlK6ETj191y8baZ
DtMNPTOeLDmxFc3O0vjAWFV3Is5X3EupcS4hlLpeNCW1DXF4R2+cmBQOewfeafI4
uVaMuNqTW60B+9j7c6asvSHcAVP8S6BTcrJiaLETiSU
-> ssh-rsa kFDS0A
ZBLNf1RAI2+dXsXR8ns3taqHIM2yqslWOvSUM93droVVN6fkq/O9QUx0f6iljQW6
wRY2iqqjzBYs6kysf21jsryGGhhVNB70QAeGDZWoeB2YmpnlvMRumqqG6S77K6kc
D0oKXkuYx9J62BBI6gJk3+yJgEK3WHBvgBzD5rqgW2kJVWFLyU7C/rJH78UKvX2r
r4PDQCEeJ4wnRyV0ox4z3f0XfLoHiwXE2oWGgrfs6/+Pw3AKdENbbNVRIyrzJci4
nhxDd1miMChsQylKnfB8C60J9rhVFfP0/G8EXqhi2KbHfPeC4fHPjUxVbi2v74Ag
NaRgxZOMpVPgGxlnHCz4ELuGn1LsMuBJCic/Z0PNMr86SC9hFnCyaWqXxKaYLj38
USJq+F9RC7529En7XT+jOifDB29DS4GL8gCvwizd8j8wfeFm4w6qXS8rS5+9BbcD
Ghf1Zzmbdm0R2lO4aV/APyCyK5NW0k068T7V710x+KvyRREvChkYEN87VvK5kYcC
uYZvbcGJgMQrEiwVN11H2oxHPpj4oB7NiSb3mpDkaniXS5ijhEl10C6OzuEk1Hm2
ybYXLspzlOZujVoGqrscoKTTzirvnO0B1YirPieTX6ym51rvnO6SPiT5bYGL5DNQ
E6PDUz5kOwD9IQyF/a88CxBg/BFqSrSlvli+bdgfM7c
-> piv-p256 vRzPNw AgAstuXfEQ+zPDSJmDRlieeY7h93S7AOX1LmWNZq8SOA
umkx7AnExb+OuxVtTnJsr0Vymhlt9PBYkRt+5FxgLA0
-> piv-p256 zqq/iw A8mFVtYM8mpj1iBqeQfvGavOahp0oNsT3j1i5YDYDfD2
dZrDkvAHopEFTQgCdUkDNHPjLVhMAO4YJJE+cLuaxd4
-> ssh-ed25519 YFSOsg 4h3HGQqPiwWUJkgZP9eMuiKxoZq9+YCDqj5L28mdIBE
ppHBGJJzaf0fJZ24MZBRQ3v561f3J+CuDX7tatfD3G4
-> ssh-ed25519 iHV63A rikUwY2DW9GQLopMcdPK8eZ1YjeKTp9z5cRqzDOs4mU
kYn3dNGNhIDr3KIPEFZZj9zsqHZn7JDT67jtdljOVyo
-> ssh-ed25519 BVsyTA 3GMMwNFuwx7ECwKWqS9GnIV5MuZY1jxi5KDKY1j3tSs
gWEkAMLnOI/7gKKfuJE3vU6+e6XpnNwQfIJQ0UFoC6w
-> ssh-ed25519 +3V2lQ YemOcrH319bbQJp+LnugOh2ed/Pwgfla+C3BU6cIaUQ
gFTDAi8TFTRCmGkcSN8lFJPQctHLUC75xl7oJOdsYuw
--- jd2QVeVcxn06ET1m3jMx8encjGlV51Vz7UO2MQq9weI
/L‡ÿµB­<08>&q-] îÿŽHe\niT¤Àˆ-z„ǵ·—v2Nl^à+äÁÁÈõWjç6 ®gieUÑk!—ÚÖÁú’³ïámxWõÌ

View file

@ -0,0 +1,45 @@
age-encryption.org/v1
-> ssh-ed25519 1X0eLA MwsWZb3girtAXvxgr3IBZhSthg5xzC2z88WIkG2GTDk
4yKFoIU/SbKcpSXYShUwEY6KV9o59bgIsDCJ0POOmZU
-> ssh-ed25519 uYcDNw 4CPU+vcJcXt+sVSD60ThkWWu87wEzo/TkFAfkJ7lAxU
K5ubfpowb/mBjRS9AaoEuPJEAy3jZQF9vBVK6+StrEE
-> ssh-rsa f5THog
GVZN3/Yl8OX+j8GuAp5ixsmz59HS+0z9OeGMoUl3m4S0kjpl39vY5+Fd5SXTtNLB
O5itG/nbo4lK/PVtH/s3UuzRlEvGzASkxTVGZAXBUgXlPf6hsUdxUhLn8G1DRTj9
qmZyk5ERH/uqA8LIH8kBWPE8OJ9qf5oVwttOuJLlkrmiojEvbK4Egf4pBAKxv1Vu
JUwoO2W5QxB9lOkOiGOfq6e++pWL+PN1URpGFxbvmM7N6OKNhix+HV9lBdTbS4tl
uP8n0nrM5h5yh7Waz+aAVb7Wu4YgsFCEmGlhEksM/tiHFun+9kFI3xUNTTO3PbYP
KH6KAV8mOA8tL/6PNbbLmaHp5v7//5Abgjmy1BCwNe/WfZiTVLmGDaOpW7qE0pcq
h+ooOk81MenF84FRQGEEMMBVHgckxxCGYYve7bEsWMJP+ua1BmZjQu/I2LpXN6OA
KtoPcnmCGyrZMWKLVdSjzeeEqKk7wtG6BISeLdguF4pEUN2Qoqppx33UQ0ztACf1
PHAsKbABkCG0yZz13M0bKSCP1O3HWzy2Cmw0EU+WbP6GEGCWmzZRDmjI9+CgtowH
9jz16+1k0PgO5EjV2s1Hijt0gEizl2Q07c2/BYx97951BOR9/LGVRKGtduXixf4a
qFt0Qw0JPZwP2XaXJmJ9x+4e1go5ydJFNnhcvTMUx3I
-> ssh-rsa kFDS0A
mM/LqZJl+5sDjDRhUZlPiFH43+BKkawgiPkQ6eNQmvS7fGjS6FWyGteiRdzxHax3
y2YE0GC0EmllMfXpjidHQHd4IBP82LrAlry2if9QYOdxtPg3577EZT1XFsR4Eegx
9xuG0+UYIYoEi4wUnnc58z/lV/iCJ4hTBsSMD69ciPdUVzeaA7RoFKImuLx3zhu4
Gc5ggAFKL9CYwMaJATB3e6+kTu3jkSUSa6vc4D0z7x7Sd2LjRN/THHlpvQQyMi4e
XREkhSNbOHp3mADLv7taFnjwUS/MltFDV8bPsemKmg+He0cVWc4JZynxaRXgdo4p
I3zkYcuWuUzWLgr6l8Aj4B7vd9tk9D0YyPmyMFWhq/IYjx62o/qTUSmBsluj2cqg
pg+45m/WTEAI7vnZXPcSlgbXyll1QE5TISqd7ugRyL3QhzR0h6TkRbMn5iCb15xy
zAgDCaN7z9Xhz9Y4zZG1zrKiF2qCNuZa6ZrgKRZLiFaVmhPvizCeYaZpRI2BfWwH
mo957eHh1//DIAbqWwRfblGZJUbuMK/vyvPoRsum3Pgft2LZLYF0U4vd8b0W5wBW
GBH3+zJBz5hhZVY96b5e70a6Uuwzub51RJlSJ07kNA/n5F1dN+8BFZlp52vCCSXQ
yzNnGZVnVF451CrsLtotzScO4r5KULpJaLK7Vkx20RE
-> piv-p256 vRzPNw AoFeX/N95u7AJHk3CEuFIf7tr0vYaGD+vFeh03kOmj2+
qBrMOjlgPdY9hDUeMBZ/oWkduTr2fyHkQWPzjU8wsKE
-> piv-p256 zqq/iw A6134rkgfZQCqdSsE4PtaAq8QfJP5h/+L9WxfvQ6nFSg
kz/3tibowB2x7akq8slScl3XW9OcOFqUaVMA5hP03CQ
-> ssh-ed25519 YFSOsg TjpLEHbKVX8eT5FJyj5OjoczjlbfE1QxrSQV7nmK3z8
+60JLcmaQEwEHkwRSD8ZxOVKfPfp+oCIxNz26h4EW4Q
-> ssh-ed25519 iHV63A /EMk1Hj4P0+VDBWneswmBE6rKRLuTBkcR42Y3NAGCxs
gFK/5AZAGptQ2GNbT25oiM1jENs70UYJVmBsH/9FRBE
-> ssh-ed25519 BVsyTA LwsnNWko4BLTMYIsW+iaagyTq1amhYfB+p0HUikzwT4
7rZengSXZzlTFh/FFVS8Jt+LMJZQ2wE7F3al1+DFe9Y
-> ssh-ed25519 +3V2lQ JGc07grd52VZSARjFBckyoA7D6686kSP/rhW6B8CiCg
R77Oha9dKKYX7YxHbeiVRwpSgxNeUQcQIld1v30xwaE
--- 8J1Hx/Cb3bTUm4llIEeQx+YUwHkX9XzTIAZm+YdJxVQ
}ÙÛKuØwˆe[ªºQ
s^p§xæÉ¡Éi·9a;Hݲ …ÑÃynÄÁ
QáÐÌëùóƒÈÂqöekµà;j¦ùôú7È©\„

View file

@ -19,6 +19,11 @@ resource "namecheap_domain_records" "pub-solar" {
type = "A" type = "A"
address = "80.71.153.210" address = "80.71.153.210"
} }
record {
hostname = "tankstelle"
type = "A"
address = "80.244.242.5"
}
record { record {
hostname = "alerts" hostname = "alerts"
type = "A" type = "A"