Commit 7cecfc1b8081
Changed files (5)
home
common
shell
systems
okinawa
sakhalin
home/common/shell/openssh.nix
@@ -32,8 +32,8 @@ in
"demeter.home".identityFile = "~/.ssh/id_critical_infra_sk";
"demeter.vpn".identityFile = "~/.ssh/id_critical_infra_sk";
"demeter.sbr.pm".identityFile = "~/.ssh/id_critical_infra_sk";
- "kerkouane.vpn".identityFile = "~/.ssh/id_critical_infra_sk";
- "kerkouane.sbr.pm".identityFile = "~/.ssh/id_critical_infra_sk";
+ "carthage.vpn".identityFile = "~/.ssh/id_critical_infra_sk";
+ "carthage.sbr.pm".identityFile = "~/.ssh/id_critical_infra_sk";
};
# Kyushu uses service-specific FIDO2 keys
kyushuOverrides = lib.optionalAttrs hasFido2Keys {
@@ -105,8 +105,8 @@ in
"demeter.home"
"demeter.vpn"
"demeter.sbr.pm"
- "kerkouane.vpn"
- "kerkouane.sbr.pm"
+ "carthage.vpn"
+ "carthage.sbr.pm"
];
isCriticalInfra = id: builtins.elem id criticalInfraHosts;
mkShpoolAliases =
systems/okinawa/extra.nix
@@ -166,7 +166,7 @@
"okinawa" # Self (desktop/build server)
"kyushu" # Work laptop
"sakhalin" # Server
- "kerkouane" # VPS server
+ "carthage" # VPS server (Hetzner)
# aarch64-linux systems
"rhea" # Main media server
systems/sakhalin/extra.nix
@@ -261,7 +261,7 @@ in
job_name = "caddy";
static_configs = [
{
- targets = [ "${builtins.head globals.machines.kerkouane.net.vpn.ips}:2019" ];
+ targets = [ "${builtins.head globals.machines.carthage.net.vpn.ips}:2019" ];
}
];
}
@@ -348,7 +348,7 @@ in
};
# Local SOCKS5 proxy for SearXNG round-robin (exits through sakhalin's IP)
- # Paired with kerkouane's proxy for 50/50 request distribution
+ # Paired with carthage's proxy for 50/50 request distribution
microsocks = {
enable = true;
ip = "127.0.0.1";
@@ -384,10 +384,8 @@ in
"all://" = [
# sakhalin (local) โ exits through sakhalin's IP
"socks5h://127.0.0.1:1080"
- # kerkouane (DigitalOcean VPS) โ exits through kerkouane's IP
- "socks5h://${builtins.head globals.machines.kerkouane.net.vpn.ips}:1080"
- # Add more proxies here for additional exit IPs:
- # "socks5h://${builtins.head globals.machines.carthage.net.vpn.ips}:1080"
+ # carthage (Hetzner VPS) โ exits through carthage's IP
+ "socks5h://${builtins.head globals.machines.carthage.net.vpn.ips}:1080"
];
};
extra_proxy_timeout = 10;
systems/sakhalin/prometheus-alerts.nix
@@ -213,8 +213,8 @@
severity = "critical";
};
annotations = {
- summary = "Caddy web server down on kerkouane";
- description = "Caddy reverse proxy has been down for more than 2 minutes - external access may be broken";
+ summary = "Caddy web server down on carthage";
+ description = "Caddy reverse proxy on carthage has been down for more than 2 minutes - external access may be broken";
};
}
flake.nix
@@ -427,7 +427,7 @@
voxtype.url = "github:peteonrails/voxtype/main";
voxtype.inputs.nixpkgs.follows = "nixpkgs";
- daneel.url = "git+ssh://kerkouane.vpn/home/vincent/git/public/daneel.git";
+ daneel.url = "git+ssh://carthage.vpn/home/vincent/git/public/daneel.git";
daneel.inputs.nixpkgs.follows = "nixpkgs";
};
}