diff --git a/hosts/router.home.ts.hillion.co.uk/default.nix b/hosts/router.home.ts.hillion.co.uk/default.nix index acf7ddb..15ad914 100644 --- a/hosts/router.home.ts.hillion.co.uk/default.nix +++ b/hosts/router.home.ts.hillion.co.uk/default.nix @@ -108,8 +108,8 @@ ip daddr 10.64.50.20 udp dport 28968 counter accept comment "d0.tywin.storj" ip daddr 10.64.50.20 tcp dport 28969 counter accept comment "d1.tywin.storj" ip daddr 10.64.50.20 udp dport 28969 counter accept comment "d1.tywin.storj" - ip daddr 10.64.50.22 tcp dport 28970 counter accept comment "b.storj" - ip daddr 10.64.50.22 udp dport 28970 counter accept comment "b.storj" + ip daddr 10.64.50.20 tcp dport 28970 counter accept comment "d2.tywin.storj" + ip daddr 10.64.50.20 udp dport 28970 counter accept comment "d2.tywin.storj" } } @@ -126,8 +126,8 @@ iifname eth0 udp dport 28968 counter dnat to 10.64.50.20 iifname eth0 tcp dport 28969 counter dnat to 10.64.50.20 iifname eth0 udp dport 28969 counter dnat to 10.64.50.20 - iifname eth0 tcp dport 28970 counter dnat to 10.64.50.22 - iifname eth0 udp dport 28970 counter dnat to 10.64.50.22 + iifname eth0 tcp dport 28970 counter dnat to 10.64.50.20 + iifname eth0 udp dport 28970 counter dnat to 10.64.50.20 } chain postrouting { diff --git a/hosts/tywin.storage.ts.hillion.co.uk/default.nix b/hosts/tywin.storage.ts.hillion.co.uk/default.nix index 9302891..12f70fa 100644 --- a/hosts/tywin.storage.ts.hillion.co.uk/default.nix +++ b/hosts/tywin.storage.ts.hillion.co.uk/default.nix @@ -203,8 +203,8 @@ }; ## Storj - age.secrets."storj/zfs_auth" = { - file = ../../secrets/storj/tywin/zfs_auth.age; + age.secrets."storj/auth" = { + file = ../../secrets/storj/auth.age; owner = "storj"; group = "storj"; }; @@ -222,6 +222,7 @@ value = { configDir = "/mnt/d${toString index}/storj/config"; identityDir = "/mnt/d${toString index}/storj/identity"; + authorizationTokenFile = config.age.secrets."storj/auth".path; serverPort = 28967 + 1 + index; externalAddress = "d${toString index}.tywin.storj.hillion.co.uk:${toString (28967 + 1 + index)}"; @@ -230,7 +231,7 @@ storage = "1000GB"; }; }; - instances = builtins.genList (x: x) 2; + instances = builtins.genList (x: x) 3; in builtins.listToAttrs (builtins.map mkStorj instances) // { zfs = { @@ -240,7 +241,6 @@ consoleAddress = "100.115.31.91:14002"; serverPort = 28967; externalAddress = "zfs.tywin.storj.hillion.co.uk:28967"; - authorizationTokenFile = config.age.secrets."storj/zfs_auth".path; }; }; @@ -265,6 +265,7 @@ 14002 # Storj Dashboard (zfs.) 14003 # Storj Dashboard (d0.) 14004 # Storj Dashboard (d1.) + 14005 # Storj Dashboard (d1.) ]; }; } diff --git a/pkgs/storj.nix b/pkgs/storj.nix index 346f71f..67d737f 100644 --- a/pkgs/storj.nix +++ b/pkgs/storj.nix @@ -7,7 +7,7 @@ let owner = "JakeHillion"; repo = "storj"; rev = "f75ec5ba34b2ccce005ebdb6fae697e0224998d9"; - hash = "sha256-DPWSQv4TKdOYfwsXokev42UfoxJLmC/OWLk48JnThUU="; + hash = "sha256-zUpzkdiAbE10fq1KDXEarPURqByD8JV0NkQ9iNxPlWI="; }; meta = with lib; { description = "Storj is building a distributed cloud storage network."; diff --git a/secrets/secrets.nix b/secrets/secrets.nix index ac7e06f..75eaa49 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -83,7 +83,7 @@ in "chia/farmer.key.age".publicKeys = jake_users ++ [ ts.storage.tywin ]; # Storj Secrets - "storj/tywin/zfs_auth.age".publicKeys = jake_users ++ [ ts.storage.tywin ]; + "storj/auth.age".publicKeys = jake_users ++ [ ts.storage.tywin ]; # Version tracker secrets "version_tracker/ssh.key.age".publicKeys = jake_users ++ [ ts.strangervm.vm ]; diff --git a/secrets/storj/auth.age b/secrets/storj/auth.age new file mode 100644 index 0000000..3d0163f --- /dev/null +++ b/secrets/storj/auth.age @@ -0,0 +1,21 @@ +age-encryption.org/v1 +-> ssh-rsa GxPFJQ +DZtFDbu+m9TvH7c4Y3D8MxW/5VyMMJQi2O7cXi5YcmhvjEtGdvCGBquuWQfEttTH +zLjLOXqKN9aNn6wCBrg+qwvIelzDIgIgiqRXuKzt06bOKHRyHi54iIdHnePK9KEL +k77x4fSdsRXwWxUN9Gv/NIpjzYRPwi6B01yUdhvnu3faq0slKu3FQWl37RB3JUl7 +pUFdkziCHrBeOOv4jh7ArMYyz8l+btgGYY3xI+8K5v0X6TI8krSqga/cOfbZfR2q +1LxIpN1uQ23eQWvutFQqnkOi6uymOv9LNegg908Iz2ODU1siMl8km/5KXj7YDJJF +seT9GaGU/mXC0x5wIVfQNQ +-> ssh-rsa K9mW1w +RNdCa2Ex3v38BDDYmOiK2GYdbBiXw/quo9rPbZwMvueVl5fMSqKJaec/qarSzFiS +EJw3tqNkS6eP0qlHEY1K+mhJPysrta91fmJpLbzCUaZbUr7j6NbOh12H/z0nq7Xs +drF8LUip9g16MCu/ppsFT7LRHPRwDR2Eufj2a7uvFo27/8wghO/WfOFFOHteTdjD +FrIsDVb1uS4bA2Ul9jXwZPYf1qIX45b+xFr0Uh5li4HmBCRCZ4UzaPClYpE2Butx +QJWvUuMZTm6b8bYo4B8/qQAaq09xECSkbivhH61n56pBDuhzTP9ibCBRJNE5AELC ++3E7pV2o1q3vLyluuKC5FA +-> ssh-ed25519 nWv9MA kNz1lnFgbK+ltfQuifaFwpPncE4dq+7gUZPhcLrJ/RU +07vmRq1qSX/t9xUHlSznu3EGE2nqOLTSwhUkMw5oIRU +-> |u{Vl90]-grease wJ 5JD.e( {MsG=> +D4CP1nfJ2SEAHu1x0Z49qkXA0brtsVJ1Fij3NvoCkWPU +--- sTsEzxwprA0kDEKuvdnTOdw9ou10xkzyVKA3YAUV8Jo +"u99yߤK"Xbd`BY˒4mKl ʘ8F9w,M5 4.P؋6dJ&Aɪ$ĥ0L2m?XTS_- f̡_ \ No newline at end of file diff --git a/secrets/storj/tywin/zfs_auth.age b/secrets/storj/tywin/zfs_auth.age deleted file mode 100644 index eae1123..0000000 --- a/secrets/storj/tywin/zfs_auth.age +++ /dev/null @@ -1,22 +0,0 @@ -age-encryption.org/v1 --> ssh-rsa GxPFJQ -H8DuH/VcW6DNBt64Ci5XWzmfxHNBZS0THUWhM/CmvW8IL3kCHuwNSTr2CsYPRBpQ -bSrAM2fmwuwPsTAeukkIwF6Umt2/xUDi4rbf/+q7nP36a5mPkNyVCOJ1GANwU0Gr -AtTfU+V8WDT1gB6qD8Ldw9eIomFS9SNr7nPRQ6O4ISCGrkKQF/XzFL4vXkjYlsFv -96UbvOEFpV9GzK+5STNOZ4WpuqQGozXP+JXHkXL5FjBURhClUKxtEtcyr+QYup/e -X+RAuloUvh1wKqXRr59BTEtqntJ3kKUX/S97CMYzS0r17AC6IFLtTSpcWLNuzFzI -tzUxJA1401z3cC1dwhoYvA --> ssh-rsa K9mW1w -xfcFazRdW6kIqmPDKzDmlpDkx0grzmsvvTOo1rA/cTUVJzqPIY5spz5f51iFm8CX -0KxslTWBzD2jGQ+mcgf/7a4Dx7RZiVWncgEZTeufiCBKfYTvj2iABwcz5rg7fT5P -iU2kDhHB37OkaEiJqG/qJRCdH7/jXUqx/zCQtU1sTP4KX3KAz9jeV75UysFMQG5w -q27WUZDzgI6r/ceHsiWEKqODzHiBqEvYpbOg4ArHycBYgNG8NfTet4pVQsC9H1PL -yXn7SLlwfD4rZaSRfvxDExI5r/URl5ycxRhUczp+8ak96J/Fyt2qa6n4YEgnx67m -tNEiz53xZQluDPUDJLPGFA --> ssh-ed25519 nWv9MA 58EVNX9E+ZVog6RZiXLxJcxBocfblq3TVWKXHSXsaTI -PElhg1xHV+AwP6YxU99KwQIl+rWVDjOaV3gaCC+IrwM --> 2-grease bZ?fb]c + -5lZWHejAOCn74H2Xu922YMTJO8tnY3tYjcUiMLT1GuKjxIRFtpKGVkLDa9ubIoRR -psPl/0vDY7qdk+HPvxjAUlmBnQ ---- dWrPZo+vQ7qEjmG+wr3/74+c4oCVqekxZLw3s3t0eUo -zo} HjݟcP< |D`S'6|\:g4P{Zp X.jCn%)a≧ \ No newline at end of file