fedora-csb-system-manager
1_: {
2 ssh = {
3 vincent = [
4 # Yubikeys
5 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFT5Rx+4Wuvd8lMBkcHxb4oHdRhm/OTg+p5tvPzoIN9enSmgRw5Inm/SlS8ZzV87G1NESTgzDRi6hREvqDlKvxs="
6 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGHMa4rHuBbQQYv+8jvlkFCD2VYRGA4+5fnZAhLx8iDirzfEPqHB60UJWcDeixnJCUlpJjzFbS4crNOXhfCTCTE="
7 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBFzxC16VqwTgWDQfw2YCiOw2JzpH3z9XgHtKoHhBdHi2i9m9XUc7fIUeEIIf7P8ARRNd8q5bjvl8JY7LtPkNCU="
8 # AOMI (only "trusted" one)
9 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJmTdMKYdgqpbQWBif58VBuwX+GqMGsMfB1ey1TKrM3 vincent@aomi"
10 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGThdcaPfIaB7d+K5uODqEusLKGI5ZCye0aNOCaMoInO Kyushu's ssh key"
11 ];
12 };
13 syncthingFolders = {
14 sync = {
15 id = "7dshg-r8zr6";
16 path = "/home/vincent/sync";
17 };
18 documents = {
19 id = "oftdb-t5anv";
20 path = "/home/vincent/desktop/documents";
21 };
22 org = {
23 id = "sjpsr-xfwdu";
24 path = "/home/vincent/desktop/org";
25 };
26 screenshots = {
27 id = "prpsz-azlz9";
28 path = "/home/vincent/desktop/pictures/screenshots";
29 };
30 wallpapers = {
31 id = "wpiah-ydwwx";
32 path = "/home/vincent/desktop/pictures/wallpapers";
33 };
34 claude-history = {
35 id = "j5zdn-6kq4t";
36 path = "/home/vincent/.claude/history";
37 };
38 };
39 net = {
40 dns = {
41 cacheNetworks = [
42 "192.168.1.0/24"
43 "10.100.0.0/24"
44 ];
45 };
46 vpn = {
47 endpoint = "167.99.17.238";
48 };
49 };
50 machines = {
51 athena = {
52 net = {
53 ips = [ "192.168.1.183" ];
54 vpn = {
55 pubkey = "RWqH7RdIXg+YE9U1nlsNiOC7jH8eWjWQmikqBVDGSXU=";
56 ips = [ "10.100.0.83" ];
57 };
58 names = [
59 "athena.home"
60 "athena.vpn"
61 "athena.sbr.pm"
62 ];
63 };
64 ssh = {
65 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/4KRP1rzOwyA2zP1Nf1WlLRHqAGutLtOHYWfH732xh";
66 # root = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQVlSrUKU0xlM9E+sJ8qgdgqCW6ePctEBD2Yf+OnyME root@aomiy";
67 # vincent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJmTdMKYdgqpbQWBif58VBuwX+GqMGsMfB1ey1TKrM3 vincent@aomi";
68 };
69 syncthing = {
70 id = "N3AMUVI-FM2BAOD-U3OMZDJ-UHMQE6J-ACMM5B7-S7BTK6P-PSM36NR-DVZHLQF";
71 folders = {
72 sync = {
73 type = "receiveonly";
74 };
75 };
76 };
77 };
78 demeter = {
79 net = {
80 ips = [ "192.168.1.182" ];
81 vpn = {
82 pubkey = "/bBh4gvDty/AA2qIiHc7K0OHoOXWmj2SFFXdDq8nsUU=";
83 ips = [ "10.100.0.82" ];
84 };
85 names = [
86 "demeter.home"
87 "demeter.vpn"
88 "demeter.sbr.pm"
89 ];
90 };
91 ssh = {
92 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGqQfEyHyjIGglayB9FtCqL7bnYfNSQlBXks2IuyCPmd";
93 };
94 syncthing = {
95 id = "TXCV3TS-TUEOTH6-ETB3LBV-KCIHT4L-RCCOIE3-VPBCNJB-VHQEAYI-WOXK5A5";
96 folders = {
97 sync = {
98 type = "receiveonly";
99 };
100 };
101 };
102 };
103 nagoya = {
104 net = {
105 ips = [ "192.168.1.80" ];
106 vpn = {
107 pubkey = "NCj5pwShre/xyRCK800ybjso1zIYUZ08YvFA2qGzhAI=";
108 ips = [ "10.100.0.80" ];
109 };
110 names = [
111 "nagoya.home"
112 "nagoya.vpn"
113 "nagoya.sbr.pm"
114 ];
115 };
116 ssh = {
117 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfep1SkMsAPHggXFLfEJNzZb7eoihtkqDeQruG+TbhF";
118 };
119 # syncthing = {
120 # id = "HZDLS5A-LKCEIYQ-DDMDYDF-DBTSRYH-HUNQSII-TVCDACT-DIYIO7V-G4K2EQV";
121 # folders = {
122 # sync = {
123 # type = "receiveonly";
124 # };
125 # };
126 # };
127 };
128 aix = {
129 net = {
130 vpn = {
131 pubkey = "D1HoBqrqBchHOOi8mjKpVg5vZtt+iFy8wj4o3kGYwkc=";
132 ips = [ "10.100.0.89" ];
133 };
134 names = [
135 "aix.vpn"
136 "aix.sbr.pm"
137 ];
138 };
139 syncthing = {
140 id = "GHE6XF4-YCKEMZS-JEZYXA6-ETJI3SS-BQFFOCS-ZJAWN4D-Q33IQ46-OYL7BQM";
141 folders = {
142 sync = {
143 type = "receiveonly";
144 };
145 };
146 };
147 ssh = {
148 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEoUicDySCGETPAgmI0P3UrgZEXXw3zNsyCIylUP0bML";
149 };
150 };
151 kyushu = {
152 net = {
153 ips = [
154 "192.168.1.36"
155 "192.168.1.68"
156 ];
157 vpn = {
158 pubkey = "KVRzoPUw8UTQblYtbs/NLYLIVmtQehrc4Hacbpf5Ugs=";
159 ips = [ "10.100.0.19" ];
160 };
161 names = [
162 "kyushu.home"
163 "kyushu.vpn"
164 "kyushu.sbr.pm"
165 ];
166 };
167 ssh = {
168 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINd795m+P54GlGJdMaGci9pQ9N942VUz8ri2F14+LWxg";
169 };
170 syncthing = {
171 id = "SBLRZF4-NOMC7QO-S6UW7OH-VK7KHQS-LZCESY6-USBJ5Z5-RIVIRII-XS7DGQS";
172 folders = {
173 org = { };
174 documents = { };
175 sync = { };
176 screenshots = { };
177 wallpapers = { };
178 claude-history = { };
179 # TODO: implement paused or filter theses
180 # photos = {
181 # type = "receiveonly";
182 # paused = true; # TODO: implement this, start as paused
183 # };
184 # music = {
185 # type = "receiveonly";
186 # paused = true; # TODO: implement this, start as paused
187 # };
188 };
189 };
190 };
191 aomi = {
192 net = {
193 ips = [ "192.168.1.23" ];
194 vpn = {
195 pubkey = "XT4D9YLeVHwMb9R4mhBLSWHYF8iBO/UOT86MQL1jnA4=";
196 ips = [ "10.100.0.17" ];
197 };
198 names = [
199 "aomi.home"
200 "aomi.vpn"
201 "aomi.sbr.pm"
202 ];
203 };
204 ssh = {
205 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQVlSrUKU0xlM9E+sJ8qgdgqCW6ePctEBD2Yf+OnyME";
206 };
207 syncthing = {
208 id = "CN5P3MV-EJ65J4I-OHB7OBI-LD7JBWT-7SZCZD3-Z6NAASI-UCMKOAU-X2TNNAP";
209 folders = {
210 org = { };
211 documents = { };
212 sync = { };
213 screenshots = { };
214 wallpapers = { };
215 claude-history = { };
216 # photos = {
217 # type = "receiveonly";
218 # paused = true; # TODO: implement this, start as paused
219 # };
220 };
221 };
222 };
223 shikoku = {
224 net = {
225 ips = [ "192.168.1.24" ];
226 vpn = {
227 pubkey = "foUoAvJXGyFV4pfEE6ISwivAgXpmYmHwpGq6X+HN+yA=";
228 ips = [ "10.100.0.2" ];
229 };
230 names = [
231 "shikoku.home"
232 "shikoku.vpn"
233 "shikoku.sbr.pm"
234 ];
235 };
236 ssh = {
237 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH18c6kcorVbK2TwCgdewL6nQf29Cd5BVTeq8nRYUigm";
238 };
239 # syncthing = {
240 # id = "ZKUNKBI-N2K2LTG-AWLDAEX-NE6NALQ-DLFO6YV-FU4A7IE-KCF5ZCD-IEYSKAH";
241 # folders = {
242 # org = { };
243 # documents = { };
244 # sync = { };
245 # screenshots = { };
246 # wallpapers = { };
247 # };
248 # };
249 ssh = {
250 vincent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGxstR3xEf87leVVDS3GVPx8Ap9+eP+OfkSvM26V54XP vincent@shikoku";
251 };
252 };
253 kerkouane = {
254 net = {
255 vpn = {
256 pubkey = "+H3fxErP9HoFUrPgU19ra9+GDLQw+VwvLWx3lMct7QI=";
257 ips = [ "10.100.0.1" ];
258 };
259 names = [
260 "kerkouane.vpn"
261 "kerkouane.sbr.pm"
262 ];
263 };
264 ssh = {
265 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJguVoQYObRLyNxELFc3ai2yDJ25+naiM3tKrBGuxwwA";
266 };
267 syncthing = {
268 id = "QGD6ICB-EPSGCEN-IQWKN77-BCRWE67-56HX5IA-E4IDBCI-WE46DK3-EC63DQ7";
269 folders = {
270 sync = { };
271 };
272 };
273 };
274 sakhalin = {
275 net = {
276 ips = [ "192.168.1.70" ];
277 vpn = {
278 pubkey = "OAjw1l0z56F8kj++tqoasNHEMIWBEwis6iaWNAh1jlk=";
279 ips = [ "10.100.0.16" ];
280 };
281 names = [
282 "sakhalin.home"
283 "sakhalin.vpn"
284 "sakhalin.sbr.pm"
285 ];
286 };
287 ssh = {
288 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/PMBThi4DhgZR8VywbRDzzMVh2Qp3T6NJAcPubfXz6";
289 };
290 syncthing = {
291 id = "3L2KCXM-D75XCVU-5JLMV6V-FKQID2K-LJA6GFB-R2G77LD-5WXFHJT-BB4B7Q5";
292 folders = {
293 org = { };
294 documents = { };
295 sync = { };
296 screenshots = { };
297 wallpapers = { };
298 # photos = {
299 # type = "receiveonly";
300 # paused = true; # TODO: implement this, start as paused
301 # };
302 };
303 };
304 };
305 kobe = {
306 net = {
307 ips = [ "192.168.1.77" ];
308 vpn = {
309 pubkey = "B9jLGtXGZEfvBrgyEKrFRrsCsTsarfpFeyXqqq1NOWg=";
310 ips = [ "10.100.0.77" ];
311 };
312 names = [
313 "kobe.home"
314 "kobe.vpn"
315 "kobe.sbr.pm"
316 ];
317 };
318 ssh = {
319 # hostKey = "";
320 };
321 # syncthing = {
322 # id = "";
323 # folders = {
324 # org = { };
325 # documents = { };
326 # sync = { };
327 # };
328 # };
329 };
330 rhea = {
331 net = {
332 ips = [ "192.168.1.50" ];
333 vpn = {
334 pubkey = "QBGdlPgtaLIh+WDLbuIWPL+Nr08mtfIqs6RwgVDAGjA=";
335 ips = [ "10.100.0.50" ];
336 };
337 names = [
338 "rhea.home"
339 "rhea.vpn"
340 "rhea.sbr.pm"
341 ];
342 };
343 ssh = {
344 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFH3Lk4bRgNyFRK/Hzg1PvVbL/dpyI1SmLJFkb6VQDw";
345 };
346 syncthing = {
347 id = "73YP3XV-X3YLVBD-4KL77TS-DCFFXJ7-AYJDF3R-CJDRZNP-7YFPQNT-FKHJ7QW";
348 folders = {
349 org = { };
350 documents = { };
351 sync = { };
352 screenshots = {
353 path = "/neo/pictures/vincent/screenshots";
354 };
355 wallpapers = {
356 path = "/neo/pictures/vincent/wallpapers";
357 };
358 };
359 };
360 };
361 aion = {
362 net = {
363 ips = [ "192.168.1.49" ];
364 vpn = {
365 pubkey = "USTpNYlBri+ebsbg63ohDilFF/cbHytjI0W9t13VVng=";
366 ips = [ "10.100.0.49" ];
367 };
368 names = [
369 "aion.home"
370 "aion.vpn"
371 "aion.sbr.pm"
372 ];
373 };
374 ssh = {
375 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAXDNi2KtoRU83y/V5OWnMbFWmxwBknPmrNWV4RChE7R";
376 };
377 syncthing = {
378 id = "YBQ6U6T-TMCZVUG-JNHGLRH-CZNZMHG-GQICVTK-LUXJR3H-KR2SXS7-CTNQCAU";
379 folders = {
380 org = { };
381 sync = { };
382 };
383 };
384 };
385 synodine = {
386 net = {
387 ips = [ "192.168.1.20" ];
388 names = [
389 "synodine.home"
390 "synodine.sbr.pm"
391 ];
392 };
393 ssh = {
394 hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWdnPJg0Y4kd4lHPAGE4xgMAK2qvMg3oBxh0t+xO+7O";
395 };
396 };
397 wakasu = {
398 net = {
399 vpn = {
400 ips = [ "10.100.0.8" ];
401 };
402 names = [
403 "wakasu.vpn"
404 "wakasu.sbr.pm"
405 ];
406 };
407 # syncthing = {
408 # id = "WM23THJ-ECXRLXA-HE5TIKO-VPLSMRY-Y2EWZI7-Q7JMLPX-5Q5UNEN-QMB7ZQJ";
409 # folders = {
410 # org = { };
411 # documents = { };
412 # sync = { };
413 # screenshots = { };
414 # wallpapers = { };
415 # };
416 # };
417 };
418 # Home Assistant
419 hass = {
420 net = {
421 ips = [ "192.168.1.181" ];
422 vpn = {
423 ips = [ "10.100.0.81" ];
424 };
425 names = [
426 "hass.home"
427 "hass.vpn"
428 "hass.sbr.pm"
429 ];
430 };
431 };
432 okinawa = {
433 net = {
434 ips = [ "192.168.1.19" ];
435 vpn = {
436 # pubkey = "";
437 ips = [ "10.100.0.14" ];
438 };
439 names = [
440 "okinawa.home"
441 "okinawa.vpn"
442 "okinawa.sbr.pm"
443 ];
444 };
445 # syncthing = {
446 # id = "2RWT47Z-UGSH4QO-G4W6XN7-3XY722R-ZKGDN5U-4MDGHMA-6SM26QM-7VCQIAZ";
447 # folders = {
448 # sync = { };
449 # org = { };
450 # };
451 # };
452 };
453 # iPhone
454 hokkaido = {
455 net = {
456 ips = [ "192.168.1.115" ];
457 vpn = {
458 pubkey = "rN5ekYI/k3Ymd76vudCZtcaNNu6HmMLzB61uRXakV0M=";
459 ips = [ "10.100.0.5" ];
460 };
461 names = [
462 "hokkaido.home"
463 "hokkaido.vpn"
464 "hokkaido.sbr.pm"
465 ];
466 };
467 syncthing = {
468 id = "XD4XYNZ-DT3PJEY-UJYBHWX-6OQPPUI-HTW752L-FYTX3TW-GVHDTKW-PT336QV";
469 folders = {
470 documents = { };
471 sync = { };
472 org = { };
473 };
474 };
475 };
476 # Light Phone
477 suzu = {
478 net = {
479 vpn = {
480 ips = [ "10.100.0.65" ];
481 pubkey = "ufKLXzLkmYx1z7/VZJs9Ix6aXL3rYzP5B73QQP2WNx8=";
482 };
483 names = [
484 # "suzu.home"
485 "suzu.vpn"
486 "suzu.sbr.pm"
487 ];
488 };
489 };
490 # Boox tablet
491 osaka = {
492 net = {
493 vpn = {
494 ips = [ "10.100.0.64" ];
495 pubkey = "C12Ch3LasZ9Dvc1+X+IMSmKdip0l1n/aNNPvmQzzPFY=";
496 };
497 names = [
498 # "oksaka.home"
499 "osaka.vpn"
500 "osaka.sbr.pm"
501 ];
502 };
503 };
504 };
505 services = {
506 # Media services on rhea
507 immich = {
508 host = "rhea";
509 aliases = [ "photos" ];
510 };
511 jellyfin.host = "rhea";
512 jellyseerr.host = "rhea";
513 sonarr.host = "rhea";
514 radarr.host = "rhea";
515 lidarr.host = "rhea";
516 bazarr.host = "rhea";
517 prowlarr.host = "rhea";
518 transmission = {
519 host = "rhea";
520 aliases = [ "t" ];
521 };
522 transmission-music = {
523 host = "rhea";
524 aliases = [ "tm" ];
525 };
526 syncthing = {
527 host = "rhea";
528 aliases = [ "s" ];
529 };
530 homepage.host = "rhea";
531 # Linkwarden bookmark manager (runs on sakhalin, proxied via rhea/Traefik)
532 linkwarden = {
533 host = "rhea";
534 aliases = [ "links" ];
535 };
536 # Traefik dashboard
537 traefik.host = "rhea";
538 # Music streaming on aion (routed through rhea/traefik)
539 music.host = "rhea";
540 navidrome.host = "rhea";
541 # Podcast and audiobook management on aion (routed through rhea/traefik)
542 audiobookshelf.host = "rhea";
543 podcasts.host = "rhea";
544 # Ebook library management on rhea
545 calibre.host = "rhea";
546 books.host = "rhea";
547 # WebDAV on rhea
548 dav.host = "rhea";
549 # MQTT on demeter (routed through rhea/traefik)
550 mqtt.host = "rhea";
551 # Home Assistant on hass (routed through rhea/traefik)
552 home.host = "rhea";
553 # Services on sakhalin (routed through rhea/traefik)
554 kiwix.host = "rhea";
555 n8n.host = "rhea";
556 paperless.host = "rhea";
557 grafana.host = "rhea";
558 # Ollama LLM service on aomi (routed through rhea/traefik)
559 ollama = {
560 host = "rhea";
561 aliases = [ "llm" ];
562 };
563 # XMPP messaging server on aion (VPN-only, direct access)
564 xmpp.host = "aion";
565 };
566}